Recent Question/Assignment
Assignment 2
(Security and Support in IT, UG/G, S2, 2015)
Assignment 2 weights 15% of the total marks of this unit and is due on 06/11/2015, at 23:55pm, the latest. The deadline is the local time of Canberra, ACT, Australia. It is your responsibility to correctly adjust your clocks, including the one in Moodle personalized user interface.
Submissions are through Moodle (http://learnonline.canberra.edu.au/). Please familiarize yourself with Moodle submissions before the deadline. After you upload your assignment, please DO NOT FORGET clicking the submit button; otherwise, your submitted assignment remains as a draft. Please see http://learnonline.canberra.edu.au/mod/book/view.php?id=623872 for the detailed instructions on how to use Moodle.
No other forms of submission will be accepted.
Please be reminded the following statements from the subject outline about assignment submission.
Late submission of assignments
Late submission of assignments without an approved extension will result in the assignment not being marked and zero being recorded for that particular assignment.
In extenuating circumstances a late submission may be considered upon the production of supporting documentation and at the discretion of the unit convener.
Extensions: Extensions must be applied for before the due date.
Students can apply for an extension to the due date for submission of an assessment item on the grounds of illness or other unavoidable and verifiable personal circumstances. Documentary evidence will be expected in order that an extension be granted.
It should be noted that such documentation will be considered but will not guarantee that the application will be successful. The Unit Convenor will decide whether to grant an extension and the length of the extension.
Should an extension to the submission deadline is needed, please fill in the Assignment Extension Form, available on Moodle, and submit the filled form together with the evidences needed. If a medical certificate is your evidence, the original copy is required. A scanned copy sent via an email is not acceptable. For the other types of evidences, the original or its certified equivalent is required.
If a student chooses to submit his/her assignment via the Internet off the campus, it is the responsibility of the student to guarantee the accessibility of the Internet. Not being able to access to the Internet at the location which is off the campus is not an excuse for extension.
You are allowed to use the materials from the text book and also any materials produced by your lecturer, Dr Wanli Ma, without formal referencing. The materials quoted from any other sources should be properly referenced. Your own writing in your report should account for at least 70% of the content. After reading your report, one should have a basic understanding on the relevant topics without referring to any other sources. Please write concisely and clearly. A report with just a collection of key words or phrases won’t attract any mark.
Please note:
• The textbooks are your primary sources of information.
• Paraphrasing from the other sources without the correct context won’t attract any mark.
• Copying from any sources will be reported as a plagiarism attempt, and upon being proven, a proper disciplinary action will be taken.
1. [5 marks] An organization has 2 server computers and a number of desktop computers and a few printers. All of them are connected together via an internal network, and the network is connected to the Internet via the border router of the organization. From the outside of the organization, on the Internet, only these 2 server computers are visible. One of them is the email server (IP address: e1.e2.e3.e4), and the other one is the web server (IP address: w1.w2.w3.w4). In other words, only these 2 server computers accept requesting incoming network traffic. All desktop computers are allowed to access the Internet, without any restriction. Therefore, they accept responding incoming network traffic, but not accepting any requesting incoming network traffic.
• [3 marks] Please design the network and draw the network diagram. You have the freedom to assume the internal network structure. In the diagram, in addition to the 2 servers, you should also include a few desktop computers and a printer. Please explain the rationale on why you put a computer or a printer in its designated location, 1 example for each location. A subnet (or a segment) is regarded as the same location. (hint: a firewall or a few firewalls, depending on your design, are needed to regulate the network traffic)
• [2 marks] Please write down the firewall rules to fulfil the access requirement of the organization. Please also explain the meaning of each firewall rule. If you have multiple firewalls, you should explain to which firewall each of the rules belongs. Below is a set of sample firewall rules. Please follow the sample firewall rule format to write down your firewall rules. Please also be advised that the order of the rules matters.
The meaning of the columns of the sample firewall rules in the screen dump is as follows. Please use only the information provided here and the textbook for your assignment. The information provided here is overly simplified from iptables manual to make the assignment manageable.
• action – ACCEPT means accepting the connection, and REJECT means not.
• prot – the protocol of the connection, e.g., tcp, udp, icmp, and all etc.;
• opt – please ignore;
• source – source IP address of the packet;
• destination – destination IP address of the packet, plus extra information, for example: o “tcp dpt: https” means that the TCP port of the destination host is https.
o state lists the connection state for the firewall to match on to perform the action of the rule. RELATED: the connection is new, but is related to another. connection already permitted; ESTABLISHED: the connection is already established.
o reject-with: please ignore. No need to include it in your assignment.
The textbooks are your reference: Week 1 slides; Stallings: Chapter 9.
2. [10 marks] Please write a summary to briefly explain to senior managers, who know very little on computer security but have a general understanding of IT, on what a buffer overflow problem is and what the consequences of a buffer overflow problem could cause [3 marks]. What programming techniques the software development team should adopt to avoid buffer overflow problems in the software it develops [2 marks].
Below is from a Nessus report on a computer.
• [1 marks] pretending that the application is developed by the software development team of this organization, how to fix the problem.
• [2 marks] Accepting the recommendations given by the report, what action you should take? Assuming that this computer is one of the many desktop computers, and an automatic system for software updating is in operation. Write down the operational steps, by following the principle of “one, some, and many”.
• [2 marks] Assuming that this computer is a server computer, please write a brief report to the senior managers, who know very little on computer security but have a general understanding of IT, explaining why the software Firefox (a web browser) should not be installed on the computer. In your report, you should use trusted information sources to explain to your senior managers on the best practices of operating system security administration. The senior managers trust only the text books of this unit, nothing else.
The textbook is your reference: Limoncelli: Chapter 1; Stallings: Chapter 9, 10, 11, 12.
(Security and Support in IT, UG/G, S2, 2015)
Assignment 2 weights 15% of the total marks of this unit and is due on 06/11/2015, at 23:55pm, the latest. The deadline is the local time of Canberra, ACT, Australia. It is your responsibility to correctly adjust your clocks, including the one in Moodle personalized user interface.
Submissions are through Moodle (http://learnonline.canberra.edu.au/). Please familiarize yourself with Moodle submissions before the deadline. After you upload your assignment, please DO NOT FORGET clicking the submit button; otherwise, your submitted assignment remains as a draft. Please see http://learnonline.canberra.edu.au/mod/book/view.php?id=623872 for the detailed instructions on how to use Moodle.
No other forms of submission will be accepted.
Please be reminded the following statements from the subject outline about assignment submission.
Late submission of assignments
Late submission of assignments without an approved extension will result in the assignment not being marked and zero being recorded for that particular assignment.
In extenuating circumstances a late submission may be considered upon the production of supporting documentation and at the discretion of the unit convener.
Extensions: Extensions must be applied for before the due date.
Students can apply for an extension to the due date for submission of an assessment item on the grounds of illness or other unavoidable and verifiable personal circumstances. Documentary evidence will be expected in order that an extension be granted.
It should be noted that such documentation will be considered but will not guarantee that the application will be successful. The Unit Convenor will decide whether to grant an extension and the length of the extension.
Should an extension to the submission deadline is needed, please fill in the Assignment Extension Form, available on Moodle, and submit the filled form together with the evidences needed. If a medical certificate is your evidence, the original copy is required. A scanned copy sent via an email is not acceptable. For the other types of evidences, the original or its certified equivalent is required.
If a student chooses to submit his/her assignment via the Internet off the campus, it is the responsibility of the student to guarantee the accessibility of the Internet. Not being able to access to the Internet at the location which is off the campus is not an excuse for extension.
You are allowed to use the materials from the text book and also any materials produced by your lecturer, Dr Wanli Ma, without formal referencing. The materials quoted from any other sources should be properly referenced. Your own writing in your report should account for at least 70% of the content. After reading your report, one should have a basic understanding on the relevant topics without referring to any other sources. Please write concisely and clearly. A report with just a collection of key words or phrases won’t attract any mark.
Please note:
• The textbooks are your primary sources of information.
• Paraphrasing from the other sources without the correct context won’t attract any mark.
• Copying from any sources will be reported as a plagiarism attempt, and upon being proven, a proper disciplinary action will be taken.
1. [5 marks] An organization has 2 server computers and a number of desktop computers and a few printers. All of them are connected together via an internal network, and the network is connected to the Internet via the border router of the organization. From the outside of the organization, on the Internet, only these 2 server computers are visible. One of them is the email server (IP address: e1.e2.e3.e4), and the other one is the web server (IP address: w1.w2.w3.w4). In other words, only these 2 server computers accept requesting incoming network traffic. All desktop computers are allowed to access the Internet, without any restriction. Therefore, they accept responding incoming network traffic, but not accepting any requesting incoming network traffic.
• [3 marks] Please design the network and draw the network diagram. You have the freedom to assume the internal network structure. In the diagram, in addition to the 2 servers, you should also include a few desktop computers and a printer. Please explain the rationale on why you put a computer or a printer in its designated location, 1 example for each location. A subnet (or a segment) is regarded as the same location. (hint: a firewall or a few firewalls, depending on your design, are needed to regulate the network traffic)
• [2 marks] Please write down the firewall rules to fulfil the access requirement of the organization. Please also explain the meaning of each firewall rule. If you have multiple firewalls, you should explain to which firewall each of the rules belongs. Below is a set of sample firewall rules. Please follow the sample firewall rule format to write down your firewall rules. Please also be advised that the order of the rules matters.
The meaning of the columns of the sample firewall rules in the screen dump is as follows. Please use only the information provided here and the textbook for your assignment. The information provided here is overly simplified from iptables manual to make the assignment manageable.
• action – ACCEPT means accepting the connection, and REJECT means not.
• prot – the protocol of the connection, e.g., tcp, udp, icmp, and all etc.;
• opt – please ignore;
• source – source IP address of the packet;
• destination – destination IP address of the packet, plus extra information, for example: o “tcp dpt: https” means that the TCP port of the destination host is https.
o state lists the connection state for the firewall to match on to perform the action of the rule. RELATED: the connection is new, but is related to another. connection already permitted; ESTABLISHED: the connection is already established.
o reject-with: please ignore. No need to include it in your assignment.
The textbooks are your reference: Week 1 slides; Stallings: Chapter 9.
2. [10 marks] Please write a summary to briefly explain to senior managers, who know very little on computer security but have a general understanding of IT, on what a buffer overflow problem is and what the consequences of a buffer overflow problem could cause [3 marks]. What programming techniques the software development team should adopt to avoid buffer overflow problems in the software it develops [2 marks].
Below is from a Nessus report on a computer.
• [1 marks] pretending that the application is developed by the software development team of this organization, how to fix the problem.
• [2 marks] Accepting the recommendations given by the report, what action you should take? Assuming that this computer is one of the many desktop computers, and an automatic system for software updating is in operation. Write down the operational steps, by following the principle of “one, some, and many”.
• [2 marks] Assuming that this computer is a server computer, please write a brief report to the senior managers, who know very little on computer security but have a general understanding of IT, explaining why the software Firefox (a web browser) should not be installed on the computer. In your report, you should use trusted information sources to explain to your senior managers on the best practices of operating system security administration. The senior managers trust only the text books of this unit, nothing else.
The textbook is your reference: Limoncelli: Chapter 1; Stallings: Chapter 9, 10, 11, 12.
Looking for answers ?
Recent Questions
Word limit: 1500 - 2000Objectives:The purpose of this assignment is to:1. Familiarise yourself with best practice in engineering sustainability in a particular field by conducting a thorough literature...Module code: BMA4005-20Module title: Professional PracticeAssignment: A1. Digital PosterWord count: 500Contribution to module mark: 40% of overall gradeAssessment type: IndividualWeight 40%Submission deadline:...Assessment Criteria for Written Report (20%)• Submission of a minimum 1500 to maximum 1800-words written report due from week 9. You will submit your written report one week after you have undertaken the...Assessment 2: (20%) Case Study Presentation Due Date weeks 10This assessment builds on your theoretical knowledge and tests your ability to apply this knowledge to practice.you are required to formulate...Assessment 2Assessment 2Report: 30%Word count: 1400 – 1600 wordsDue date: Sunday of Week 8DescriptionYou are playing the role of a community service worker supporting a young adult son who is 18 years...1500-1800 wordsInstructions From TutorPlease download the eTask3 spreadsheet from Canvas and save the eTask spread as an Excel file. The main content of the force method is taught in Lectures 6,7&8.eTask3.1 is a...Show All Questions