Assessment type: Practical and Written Assessment. Individual assignment (1.000 words).
Purpose: The purpose of this assignment is to assess student understanding on firewall design and configuration and students ability to exercise the operational, analytical and critical skills needed to reduce the potential security risks. Analyse and evaluate the organizational adoption of security controls.
Design solutions for concrete security problems for distributed applications This assessment contributes to learning outcomes a. b.
Value: 20% (Report 16%; Demonstration 4%)
Due Date: Report submission Week 6; Demonstration Week 7
Submission requirements details: All work must be submitted on Moodle by the due date.
Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using Harvard Anglia referencing style.
Assessment topic: Firewall Setup and Configuration
Task Details: This Assignment requires you to perform a security testing on the network to identify the threats, prepare a Risk Mitigation report and configure some of the firewall settings using Kali Linux to secure the network and the distributed applications.
The assignment consists of two parts:
Part A: Use Nmap - a security testing in Kali Linux to perform penetration testing on the network (features of Nmap listed below). Prepare a short Risk Mitigation plan to identify the threats for the assets. This plan will guide you to proceed with the firewall settings required for the organization as you focus on the second part of the assignment.
Part B: Configure a few settings on the firewall for the network using Kali Linux commands to achieve a required level of security. The initial set of commands are given to you to start with. You may need to perform online search to complete the rest of the requirements for the firewall settings.
Case Study for the Assignment: Canadian Cafe is a small business enterprise comprising franchise at different geographical locations with appropriate network facilities to reach their business requirements. A secure network across their geographical locations is one of the objectives of a business organization. The System and Network administrator of the organization realizes that the security of the network has to be vulnerabilities that the network may pose. After risk analysis, designing a set of security policies is very important to provide high level of security.
The executive management of Canadian Cafe urges you to design the necessary security requirements. Looking into the requirements of the security and adhering to information security policy as a security team decides to configure firewall to secure the network from different types of possible threats and attacks that can harm the business network.
Part A: Perform the following task.
1. Use Nmap from Kali on your Virtual Box
2. Write an introduction to include the description of the tool
Features of Nmap:
• Host discovery: useful for identifying hosts in any network
• Port scanning: lets you enumerate open ports on the local or remote host
• OS detection: useful for fetching operating system and hardware information about any connected device
• App version detection: allows you to determine application name and version number
• Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting Engine (NSE)
3. Demonstrate four tasks Nmap can perform. Discuss on how this tool can be used for mitigating differ types of threats. The discussion should include the name and bnef description of the threat and must be supported by screenshots.
4. Discuss the performance of the tools based on the following:
a. Security features and
b. Time taken to detect any threat
5. Perform the firewall testing using Nmap
6. From the report generated from the above tasks write a short Risk Mitigation Plan to identity the type of threats on the organisation's assets.
Part B: Configure the following setting on the firewall using the appropriate commands in Kali Linux. The list of commands is provided below:
Ufw status To check firewall status
Ufw enable Enable f rewall
Ufw allow Allow services, port range and network
Ufw deny Blocking a service
1. Check the firewall status
2. Enable or disable the firewall accordingly
3. Allow services such as TCP. SSH and samba using their port number or name
4. Verify the firewall rules after adding the above services
5. Secure a web server by blocking HTTP service and allowing HTTPS service only
6. Allow a range of ports from 20 to 80 and deny a range of ports from 100 to 500
7. Verify the firewall rules
8. Allow HTTP from a specific subnet to access your web services
9. Block connections to a network interface
The assignment should be submitted on Moodle on or before the deadline as a word document that includes all the details of the task completed in Part A and Part B. The report should address the requirements mentioned in the Marking Criteria section of the assignment.
Sections Descnpton of the section Marks
Executive Summary Summary on what the report is address, ng 2
Outline Outline of the whole report inducing tool descr ption 2
Risk Mitigation Plan DetaJs of the threats n the mitigaton report 2
Analysis Critical analysis of the scenario 2
Firewall setup Details of the firewall settngs wth screenshots 6
Conclusion Informaton on what has been addressed in the report - discuss on of the findings is important 2
Demonstration Details of the tests performed wth screenshots 4