School of Business and Tourism Unit Securing Networks Unit code CSC72005 Assignment 1 Practical network security setup Mode Individual assignment Due Date 06 April XXXXXXXXXX:00 PM Learning Outcomes...

1 answer below »
School of Business and Tourism Unit Securing Networks Unit code CSC72005 Assignment 1 Practical network security setup Mode Individual assignment Due Date 06 April 2020 10:00 PM Learning Outcomes LO2 Graduate Attributes GA2, GA4 Weight 30% of overall unit assessment Suggestion This assignment is developmental and cumulative. You are strongly advised to start doing this assignment from Week-1 in your study. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit. Follow the provided guidelines to help you successfully direct your efforts. Task Description In this assignment, you will perform necessary setup to install, configure and troubleshoot an SME network. You must successfully implement the network on eNSP (or similar) network simulation software and perform important steps to manage the network security configuration. In particular, you will complete the following tasks:  Task 1: Install and connect the devices into a network as shown in the diagram.  Task 2: Set up and test the security  Task 3: Network testing and troubleshooting  Task 4: Network documentation Page 1 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ Scenario You are a junior network administrator and because of your ongoing experience your manager has assigned you a new client to assist them setup their new network. The design and requirements have been provided to you in a simple diagram and instruction set. You have been advised of the following criteria: 1. Routers and default gateways are always set to the first IP address in the range. 2. Switches will always get the second IP address in the range. 3. End devices (servers and workstations etc.) will get an IP address starting at 20 for the host address. 4. Servers will have their MAC address stored on the switch. The following networks will be set up:  DMZ – Used for placing internet facing devices to be able to be reached from the internet as well as the internal corporate network (CorpNet).  Server Network (ServerNet) – used for storing the internal company data that only the internal corporate users are able to access.  Corporate Network (CorpNet) – used by the normal users of the company in the head office that are able to access the internet, the internal servers network and the DMZ. There are multiple departments in the head office and each should not be able to communicate with computers in other departments.  Remote Network (RemoteNet) – is for a remote office that are able to access the DMZ, the Server Net and the internet. Your task is to configure the network in simulation software so that it can be tested before it is implemented. You must devise any security options you deem appropriate to meet the requirements and configure and document them so they can be used when the network is implemented. Page 2 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ Page 3 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ Assignment 1 marking guidelines The following are the major assessment criteria of this assignment. Task 1: Network environment setup  Set up the routers, switches and PC’s with the appropriate connections  Perform basic configuration of the devices  Test connectivity Task 2: Security setup and performance  Add the required security including any of the following: o Switch port security o VLAN’s o ACL’s (most likely basic ACL’s) o static or dynamic routing Task 3: Network testing and troubleshooting  Correctly propose the hypothesis to be tested at each step e.g. connectivity between devices, security is working to stop X from occuring.  Correctly identify the type of information that should be collected at each step  Test the configuration using correct methodology You must document what tests you will carry out, what the test is for and the result. Task 4: Network Documentation  Document the devices including: o Host Devices (PC’s and servers)  Name/ID  Link technology e.g. Ethernet  Port Address e.g. Eth0  Physical address e.g. MAC address Page 4 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________  IP Address  Subnet Mask  Default Gateway  DNS o Network Devices  Interface configuration  Name/ID  Link technology e.g. Ethernet  Port address e.g. G0/0/1  Physical address e.g. MAC address  Logical address e.g. IP Address / subnet mask  Security applied  Security Configuration  Switch port security  VLANs  ACLs  Routes o Save the configurations o Export the configurations (or copy/paste to a text file). Format and Presentation Task 1 and Task 2: Provide your eNSP saved topology (including all saved files and folders in the project topology) in a zip file. Your eNSP files (zipped) must be named in the format: filename = FirstInitialYourLastName_CSC72005_A1_eNSP.zip (i.e. FJones_CSC72005_A1_eNSP.zip) In the below screenshot the folder was zipped and the name changed. You must supply ALL files and folders in the project. Page 5 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ Note: All device names must include your name in the format of FirstInitialYourLastName (I.e. FJones Router 1) Note: All ACL’s or VLAN’s must include the last 2 digits of your student number in the configuration in the second and third place. The last place can be used for consecutive numbering. In the below screenshot your student number ends in 67. Page 6 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ e.g. Your student number ends in 67 so the first basic ACL becomes 2671. The second (2 nd ) ACL would be 2672 and the fifth (5 th ) would be 2675. Task 2 and Task 3: Use the template provided with this assignment for this task. Submission Format When you have completed the assignment, you are required to submit the following: 1. Your assignment in the PDF/DOC format. The file will be named using the following convention: filename = FirstInitialLastName_CSC72005_A1.pdf (i.e. FJones_CSC72005_A1.pdf) 2. Your eNSP files (zipped) with devices configured named in the format: filename = FirstInitialLastName_CSC72005_A1_eNSP.zip (i.e. FJones_CSC72005_A1_eNSP.zip) Original work It is a University requirement that a student’s work complies with the Academic Policy, Chapter 4.20 on Student Academic Integrity. It is a student’s responsibility to be familiar with the Policy. Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Chapter 4.20 on Student Academic Integrity at the following website: Page 7 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ http://www.scu.edu.au/governance/academicboard/policy/ As part of a University initiative to support the development of academic integrity, assessments may be checked for plagiarism, including through an electronic system, either internally or by a plagiarism checking service, and be held for future checking and matching purposes. Retain duplicate copy Before submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy. School Extension Policy In general, I will NOT give extensions unless where there are exceptional circumstances. Students wanting an extension must make a request at least 24 hours before the assessment item is due and the request must be received by Student Administration in writing via the MyEnrolment page. Extensions within 24 hours of submission or following the submission deadline will not be granted unless supported by a doctor’s certificate or where there are exceptional circumstances. This will be at the discretion of Student Services and the unit assessor’s discretion and will be considered on a case by case basis. Extensions will be for a maximum of 48 hours (longer extensions supported by a doctor’s certificate or alike to be considered on a case by case basis). Please see the Special Consideration page for more information available at https://www.scu.edu.au/current-students/studentadministration/special-consideration/ A penalty of 5% of the total available grade will accrue for each 24- hour period that an assessment item is submitted late. Therefore, an assessment item worth 30 marks will have 1 marks deducted for every 24-hour period and at the end of 15 days will receive a maximum of 15 marks or 50%. Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied until the specified submission guidelines are followed. Page 8 of 9 CSC72005 – Securing Networks Assignment 1, 2020 _______________________________________________________________________________________________ Marks and Feedback All assessment materials submitted during the semester will normally be marked and returned within two weeks of the required date of submission (provided that the assessment materials have been submitted by the due date). Marks will be made available to each student via the MySCU Grade book. Page 9 of 9
Answered Same DayMar 30, 2021CSC72005Southern Cross University

Answer To: School of Business and Tourism Unit Securing Networks Unit code CSC72005 Assignment 1 Practical...

Amaan answered on Apr 04 2021
144 Votes
CLOUD_INTERNET.txtCLOUD_INTERNET#SHow RUnning-config
Building configuration...
Current configuration : 891 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname CLOUD_INTERNET
!
!
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO2911/K9 sn FTX1524QC3O-
!
!
!
!
!

!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/2
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/3/0
no ip address
clock rate 2000000
shutdown
!
interface Serial0/3/1
ip address 67.21.12.5 255.255.255.252
clock rate 2000000
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 67.21.12.6
!
ip flow-export version 9
!
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
CORP NET SWITCH.txtCORP_NET_SWITCH#SHow RUnning-config
Building configuration...
Current configuration : 1427 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname CORP_NET_SWITCH
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
description CONNECTED TO THE ROUTER 1
switchport mode trunk
!
interface FastEthernet0/2
description CONNECTED TO THE FINANCE DEPT
switchport access vlan 251
switchport mode access
!
interface FastEthernet0/3
description CONNECTED TO THE HR DEPT
switchport access vlan 252
switchport mode access
!
interface FastEthernet0/4
description CONNECTED TO THE SALES DEPT
switchport access vlan 253
switchport mode access
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
!
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
!
!
end
DMZ SERVER.txtC:\>IPCONFIG /ALL
FastEthernet0 Connection:(default port)
Connection-specific DNS Suffix..:
Physical Address................: 0001.C745.655D
Link-local IPv6 Address.........: FE80::201:C7FF:FE45:655D
IP Address......................: 192.168.0.25
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.0.1
DMZ SWITCH.txtDMZ_SWITCH#SHow RUnning-config
Building configuration...
Current configuration : 1410 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname DMZ_SWITCH
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
description CONNECTED TO THE ROUTER 1
!
interface FastEthernet0/2
description CONNECTED TO THE DMZ SERVER
switchport mode access
switchport port-security
switchport port-security mac-address sticky
switchport port-security violation restrict
switchport port-security mac-address sticky 0001.C745.655D
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here