New World Consulting Services (NWCS) provides security consulting and services to over 200 clients across a wide range of enterprises in Australia. A new initiative at NWCS is for its two offices in Sydney and Melbourne to provide internships to students who are pursuing their studies in reputed institutes in Sydney

 
 

Assessment Details and Submission Guidelines
Trimester T1, 2019
Unit Code BN200
Unit Title Network Security Fundamentals
Assessment Type Group Assignment (3 Students in a group)
Assessment
Title
Security Threats and Countermeasures in Networked Systems  (Assignment 2)
Purpose of the assessment
(with           ULO
Mapping)
The purpose of this assignment is to develop skills to independently think of innovation. Students will be able to complete the following ULOs:
c.                   Explain the major methodologies for secure networks and what threats they address;
d.                  Identify and report network threats, select and implement appropriate countermeasures for network security.
Weight 20%
Total Marks 60
Word limit 1500 – 2000
Due Date 23:55PM, Tuesday 28/05/2019
Submission Guidelines •     All work must be submitted on Moodle by the due date along with a title Page.
•     The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2.54 cm margins on all four sides of your page with appropriate section headings.
•     Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.
Extension  If an extension of time to submit work is required, a Special Consideration Application must be submitted directly to the School’s Administration Officer, in Melbourne on Level 6 or in Sydney on Level 7.  You must submit this application three working days prior to the due date of the assignment.
Further information is available at:
http://www.mit.edu.au/aboutmit/institutepublications/policiesproceduresandguidelines/specialconsiderationdeferment  
Academic
Misconduct  
 
 Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/aboutmit/institutepublications/policiesproceduresandguidelines/PlagiarismAcademicMisconductPolicyProcedure. For further information, please refer to the Academic Integrity Section in your Unit Description.

 
 
 
 
SM Farhad                           April, 2019
 

Assignment Description

New World Consulting Services (NWCS) provides security consulting and services to over 200 clients across a wide range of enterprises in Australia. A new initiative at NWCS is for its two offices in Sydney and Melbourne to provide internships to students who are pursuing their studies in reputed institutes in Sydney and Melbourne in the field of Networking.
To evaluate suitable candidates for this prestigious internship program, NWCS has asked applicants to prepare a detailed report and a presentation addressing the following sections:

A. Preventing Vishing Attacks (maximum 500 Words)

Vishing, or voice phishing, continues to increase as an attack against users. What would you do to help prevent users from becoming victims? First, access the online SoundCloud repository by NumberCop that contains several different recordings for vishing attacks (https://soundcloud.com/numbercop). After listening to several of the recordings, based on your analysis address following:

  1. What attackers typically ask and how they craft their attacks?
  2. What messages do the attacker commonly use?
  3. How do they trick users into entering the information?
  4. Write your recommendations that would help users resist these attacks.

B. Lightweight Cryptography (maximum 500 Words)

Cryptography can provide protection to data in three states: data-in-use, data-in-transit and data-at-rest. Due to the importance of incorporating cryptography in low-power devices, a new “subfield” of cryptography is being developed called lightweight cryptography. This has goal of providing cryptographic solutions that are uniquely tailored for low power devices that need to manage resource vs. security constraints. Research lightweight cryptography and address following:

  1. What are its goals? Who is behind it?
  2. Will it be standardised? When will it appear?
  3. One practical networked application area that will use lightweight cryptography.

C. Network Firewall Comparison (maximum 500 Words)

Research two network firewalls. Your discussion must include

  1. the importance of the Firewall from information security point of view.
  2. comparison of features of selected firewalls (using Table)
  3. additional features they include (IDS, content Filtering, etc.)
  4. your recommendation based on your analysis

D. Compare Port Scanners (maximum 500 Words)

Most communication in TCP/IP networks involves the exchange of information between a program running on one system (known as a process) and the same, or a corresponding process, running on a remote system. TCP/IP uses numeric value as an identifier to the application and services on these systems. This value is known as the port number.
Use the library resources to locate two port scanner applications that you can download to your/lab computer on Virtual machine (Kali Linux /Windows 8.1 Professional) in Virtual Box. Install and run each application and examine the results. Based on your study, address following in this report

  1. Analyse and discuss the importance of port scanners
  2. Include the snap shots related to port scanning using both applications
  3. Identify and discuss the strengths and weakness of each scanner
  4. Which scanner would you recommend? Justify your recommendation.

E. References

Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style.
 
Note: Every group will create a 7-10 minutes presentation and present their work front of your class fellows and tutor during the Lab in Week 12.
 
[Source: M. Ciampa, Security+ Guide to Network Security Fundamentals, 6th ed. Cengage, 2018.]
 

Submission Guidelines

  • The assignment should be submitted on the Moodle in two separate files:

o The report should be submitted as a Word file o The presentation should be submitted as a PPT file  Do not use Wikipedia as a source or a reference.

  • Make sure you properly reference any diagram/graphics used in the assignment.

 

Marking criteria for Assignment #2

Section to be included  Description of the section Marks
Preventing Vishing
Attacks
 
Based on your analysis address following:
1.      What attackers typically ask and how they craft their attacks?
2.      What messages do the attacker commonly use?
3.      How do they trick users into entering the information?
4.      Write your recommendations that would help users resist these attacks.
12
Lightweight Cryptography Research lightweight cryptography and address following:
1.      What are its goals? Who is behind it?
2.      Will it be standardised? When will it appear?
12
  3. One practical networked application area that will use lightweight cryptography.
 
 
Network Firewall Comparison Research two network firewalls. Your discussion must include
1.      the importance of the Firewall from information security point of view.
2.      comparison of features of selected firewalls (using Table)
3.      additional features they include (IDS, content Filtering, etc.)
4.      your recommendation based on your analysis
12
 
Compare Port Scanners Based on your study, address following in this report
1.      Analyse and discuss the importance of port scanners
2.      Include the snap shots related to port scanning using both applications
3.      Identify and discuss the strengths and weakness of each scanner
4.      Which scanner would you recommend?
Justify your recommendation.
12
References Must consider at least five current references from journal/conference papers and books. Must follow IEEE Transactions on Networking style. 2
Oral Presentation Delivery of the presentation (quality of the presentation, depth of knowledge on the material presented and ability to answer questions asked by the audience) 10
  Total Marks 60

 

Marking Rubric for Assignment #2

Grade Mark HD 80% + D 70%-79% CR 60%-69% P
50%-59%
Fail
<50%
  Excellent Very Good Good Satisfactory Unsatisfactory
Preventing
Vishing Attacks
/12
A very detailed and very clear discussion A  well written and clear discussion . Generally good discussion . Very brief discussion. Poor discussion with irrelevant details
Lightweight
Cryptography
/12
A very clear and in-depth discussion about Lightweight cryptography Very clear discussion about Lightweight cryptography Generally good discussion about Lightweight cryptography Brief discussion about the Lightweight cryptography Poor discussion about Lightweight cryptography with irrelevant information
Network
Firewall
Comparison
A very detailed and very clear discussion Very clear discussion about
Network
Generally good discussion about
Network
Brief discussion about Network
Firewall
Poor discussion with irrelevant information
Grade Mark HD 80% + D 70%-79% CR 60%-69% P
50%-59%
Fail
<50%
/12 about Network Firewall comparison Firewall comparison Firewall comparison comparison  
Compare Port
Scanners
/12
An in-depth and very clear discussion about the  Port scanners Very clear discussion about the  Port scanners Generally good discussion about the  Port scanners Brief discussion about the  Port scanners Irrelevant discussion about the  Port scanners
References
/2
Clear styles with excellent source of references. Clear
referencing style
Generally good referencing style Unclear referencing style Lacks consistency with many errors.
Oral
Presentation
/10
Good delivery, easy to follow and good interaction Delivered, easy to follow and provided a level of interaction Delivered and provided a level of interaction Delivered No oral presentation

 

Posted in Uncategorized