this is an securing network assignment that worth 40% of my course It has two tasks one is report and the other one part is practical and report as well Thanks ! Details in the files below
COMP2003 – Securing Networks Assignment 1 _______________________________________________________________________________________________ Page 1 of 4 Faculty of Science and Engineering Unit Securing Networks Unit code COMP2003 Assignment 1 Case Study – Risk assessment exercise Mode Individual assignment Due Date Week 3 – Monday 21st March 2022 Learning Outcomes LO1, 2, 3 Weight 40% of overall unit assessment Suggestion This assignment is developmental and cumulative. You are strongly advised to start doing this assignment from Week-1 in your study. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit. Follow the provided guidelines to help you successfully direct your efforts. Task Description You need to complete the following tasks: • Task 1: Advise appropriate security strategies to the organisation. • Task 2: Scanning and Report on Network Vulnerabilities. Scenario You are a consultant at one of the Big 4 consulting firms. You have been recently assigned your first new client and you need to provide them services to help secure their network. A short time ago their network was breached, and they would like your assistance on ensuring this does not happen again. They have provided a network diagram of their current network which you can use in your analysis. You must provide a report to the Chief Information Security Officer of your recommendations to combat the current trend of security threats and the strategies that may assist them to combat them. COMP2003 – Securing Networks Assignment 1 _______________________________________________________________________________________________ Page 2 of 4 Task 1: Network Security Solutions The client would like you to provide them with a brief report (max 1000 words) of what you believe is the greatest threats to their organisation, why you think that and what they can do to combat this. For this task you must consider some suitable network security solutions for the network and justify the selection. Advise how each option you suggest provides an improvement to the security and how it will mitigate the threat. Provide any references or statistics to support your analysis. Task 2: Network vulnerability scanning Part 1 Provide a detailed solution (max 300 words) of what vulnerability analysis methods you recommend the customer to complete based on their network and advise why those are appropriate. Part 2 Complete a vulnerability scan on the breached server that has been provided. • Provide a copy of the OpenVAS report (screenshot or PDF) with the results for the server. • Determine the possible server that had the breach and what you believe was the attack vector. Explain why you think that was the attack vector and provide any references or statistics to support your analysis. (max 300 words) Assignment 1 marking guidelines Format and Presentation Use the template provided with this assignment for this task. The rubric for this assignment is available on the MySCU site and will give the criteria for marking. Generally, you need to not only concentrate on getting the document right, but also think about how you are presenting it, and how you are communicating your message, supported by the design and layout of the information. There are two parts of the marking criteria – the technical competency, and the level of professionalism shown. The difference between a “Pass” and higher grades will be based on how much you look at the whole assessment and consider security practices, and how well you follow best practices while keep your design cohesive and security robust. COMP2003 – Securing Networks Assignment 1 _______________________________________________________________________________________________ Page 3 of 4 Submission Format When you have completed the assignment, you are required to submit the following: 1. your assignment in the PDF/DOC format. The file will be named using the following convention: filename = FirstInitialYourLastName_COMP2003_A1.pdf (i.e. FJones_COMP2003_A1.pdf) Resubmit policy: As this task is the major task for a core unit, it is eligible for a resubmit under our resubmit policy. This means that if you fail the assessment then you will be given a chance to resubmit, if you are eligible. Eligible students are those who have • handed in all assessments. • not committed academic misconduct in the unit. • passed at least 50% of the other assessment in the unit. • failed this assessment and cannot pass the unit otherwise. If you fail this assessment and are eligible for a resubmit, your unit assessor will contact you in Week 7 with further instructions. Getting Help: This assignment, which is to be completed individually, is your chance to gain an understanding of the fundamental concepts of network security which later learning will be based. It is important that you master these concepts yourself. Since you are mastering fundamental skills, you are permitted to work from the examples in the MySCU site or other resources, but you must acknowledge assistance from other textbooks or classmates. In particular, you must be careful in the use online material or help from others, as this would prevent you from mastering these concepts. This diagram will help you understand where you can get help: Encouraged Attribution Required Not acceptable Ask tutor Lecturer Tutors Online Forums Relatives Students outside unit Hired worker Classmates Private Tutors Other COMP2003 – Securing Networks Assignment 1 _______________________________________________________________________________________________ Page 4 of 4 Be aware if you do get help from one of the red sources, you are at risk of failing the assignment, or the unit. Retain duplicate copy Before submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy. School Extension Policy Please see the Special Consideration page for more information available at https://www.scu.edu.au/current-students/student-administration/special- consideration/ A penalty of 5% of the total available grade will accrue for each 24-hour period that an assessment item is submitted late. Therefore, an assessment item worth 20 marks will have 1 marks deducted for every 24-hour period and at the end of 10 days will receive a maximum of 10 marks or 50%. Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied until the specified submission guidelines are followed. Marks and Feedback All assessment materials submitted during the semester will normally be marked and returned within 7 days of the required date of submission (provided that the assessment materials have been submitted by the due date). Marks will be made available to each student via the MySCU Grade book. https://www.scu.edu.au/current-students/student-administration/special-consideration/ https://www.scu.edu.au/current-students/student-administration/special-consideration/ Task / Score Poor Fair Good Great Excellent Task 1 Score: 15 Does not provide options for each problem. Does not have advise as to how it improves security. Does not have conclusion. Provides options and simple discussion. Does not advise well how it will improve security and/or provide conclusion. Poor or no references Has some discussion of threats but not mentioning enough or only mentions and does not discuss clearly. Has some options to improve security but needed more options and/or depth. Has limited or no references or poor sources. Provides great threat analysis with references. Great options with great discussion. Great advice on how it will improve security and provides conclusion but could be better. Provides excellent discussion with options and excellent description and analysis. Has at least 3 good options to improve security. Excellent advice how it will improve security and provide conclusion Task 2.1 Score: 10 No vulnerability analysis solution or discussion. Has some information but not clear or missing possible best solution Has some discussion but not mentioning enough or only mentions and does not discuss clearly. Good determination of the possible vulnerability analysis method. Has discussion and a conclusion with clear recommendation. Great determination of the possible vulnerability analysis method. Has discussion and a conclusion with clear recommendation. Task 2.2a Score: 5 No screenshot or PDF Has wrong screenshot but attempted Has screenshot or PDF but not with 5 results or missing some results Has PDF or screenshot but does not show 5 results or has results but not showing best options Has PDF or screenshot that shows at least 5 results showing best options. Task 2.2b Score: 10 No attack vector or discussion of how the breach occured. Has some information but not clear or missing possible attack vectors or method. Has some possible attack vectors but not mentioning enough or only mentions and does not discuss clearly. Good determination of the possible method of breach and what you believe was the attack vector. Has discussion and a conclusion of possible attack vector. Great determination of the possible method of breach and what you believe was the attack vector. Clear discussion and a conclusion and shows how the attack possibly worked. COMP2003 - Assignment 1 Rubric LO1: Identify and analyse common threats to enterprise networks. LO2: Apply standard network protection measures against the common threats LO3: Demonstrate ability to perform network security checking using available tools.