provide all the solutions of 202020_CRS180_VU21988_2of2_V8_LEARNER case study for networking?

for assessment

Satisfactory

Comment

Yes

No

The following has been submitted for assessment:

Part A - Background

Part B - Ransomware and DDoS

Part C - Network Security vs. Cyber Security

Part D - Security Policy

Part E - Test Configuration

Criteria

Part A - Background

Marking criteria for each product document/s supplied:

1.

Design a Physical AND Logical topology diagram

2.

Implement IPv4 or IPv6 addressing scheme.

3.

Prepare a list of security equipment, both hardware & software recommended in your network design

4.

Recommendations of software that increase the security of the business from cyber security attacks.

5.

List all external resources used in response to the case study

Part B - Ransomware and DDoS

Marking criteria for each product document/s supplied:

1

Research and current example of DDoS Attack

2

Research and current example of Ransomware Attack

Part C - Network Security vs. Cyber Security

Marking criteria for each product document/s supplied:

1

Network Security definitions with appropriate examples given

2

Cyber Security definitions with appropriate examples

3

Differences between the two concepts explained.

Part D - Security Policy

Marking criteria for each product document/s supplied:

1

Draft Security Policy covering three (3) elements.

Part E - Test Configuration

Marking criteria for each product document/s supplied:

1

Create x2 Virtual machines and configure both machines with IPv4 addresses.

2

Test connectivity of the virtual machines using CMD commands (Netstat/Ping)

3

Testing your machines for external connectivity by pinging a public IP Server. (8.8.8.8).

4

Identify and test the tools for network/Cyber security testing

-Nmap commands

5

Advise of any connectivity issues that you may have from an unsuccessful ping attempt.

6

Basic Configuration of a Router or Switch using Packet Tracer & script.

7

Connect the cables to network - Console & Straight Through

cabling

Section F - Feedback to Student

Has the student successfully completed this assessment task?

Yes

No

Additional Assessor comments (as appropriate):

Resubmission allowed:

Yes

No

Resubmission due date:

Assessor name:

Assessor signature:

Student signature:

Date assessed:

Metaploit Inc - Office Floor Plan

Supporting document

Assessment Task 2: Case Study Answers

Unit code:

VU21988

Unit title:

Utilise basic network concepts and protocols required in cyber security

Student ID:

Student name:

Date of submission:

Student signature:

Part A: Background

You are a consultant for a small IT Consulting firm and have been approached by Metasploit Inc to put forward a recommendation/solution to enhance their security stance.

The business currently has 16 open space workstations, 3 enclosed office spaces, reception area, conference room and a kitchenette plus a small storage room. The floor plan of the current premise is attached. The existing infrastructure is capable of ethernet connections but requires upgrading for wireless coverage.

Each open space workstation has its own desktop computer and is connected to the internal filing system. Every 3 months the organisation runs a trainee program where 4 new trainees join the firm for 2 weeks these 4 trainees must be seated together and have appropriate access levels given to them.

Management is concerned about internal security of files/data in general and does not want all staff members to have access to all areas of the network server, this includes trainees. They currently have x1 physical server that acts as a file server for all departments in the organisation.

Management have also noticed an increase in abnormal amount of suspected phishing emails. Complaints from staff regarding unusual/slow performance of computer network have also increased. Although Metasploit Inc have no plausible reason for the increase in suspect emails, Management is wanting to implement a suitable data backup system which backs up daily to the cloud and to an in-house physical device.

Further requirements for consideration are solid end-point solution which will check all end devices on the current network for unusual behaviour.

To ensure you meet the client's requirements, your report should include the following areas

1.Prepare a logical and physical topology of the premises

2.An IP design that meets the needs of their new office and business.

3.Prepare a list of any network and (if necessary) security equipment required to run the office, you must include a switch, router, wireless access point and firewall (hardware or software)

4.Recommendations for securing their business at a software level and how it protects from cyber-attacks.

Your client has also expressed concern regarding the firm's vulnerability to cybersecurity attacks. You are required to provide the following additional reports to the client:

Part B - Ransomware and DDoS

Research one (1) current DDoS & Ransomware Attack with focus on the following criteria.

-How was each attack conducted/started?

-How did the attack spread?

-List any specific targets, if none, who were the targets

-What were the effects/consequences of your chosen attack?

-Who was held responsible for the attacks - individual or group

-Were there any business consequences?

Part C - Network Security vs. Cyber Security

You client has significant confusion regarding the differences between 'Network & Cyber' Security. Conduct some research regarding the key differences between both and document your research accordingly.Consider reviewing the following resources as a start of your own research.

-www.nist.gov

-www.cisco.com

-www.acsc.gov.au

-www.sans.org

Part D - Security Policy

All organizations, particularly corporate organizations are required to have a policy document called a 'Security Policy' this policy document is generally a smaller section of a larger document called an Information Technology Policy.

Based on the Case Study Scenario above, you are required to conduct research into a security policy, create your own 'draft' SecPol. Your draft SecPol should cover three (3) of the following areas:

-Acceptable Use Policy

-Confidential data Policy

-Password Policy

-Email Policy

-Physical Security Policy

-BYOD Policy

Part E - Test Configuration

You are now required to 'test' a segment of your network solution as a demonstration to your client.

a)Create two (2) virtual machines using VMware Workstation or Oracle VirtualBox. Create a Windows Operating System & a Linux OS.

b)Assign both machines a host IPv4 address using a network address of your choice.

c)Test connectivity of each machine to each other by using different CMD commands

d)Using one (1) virtual machine, verify connectivity to a public server address.

e)Using Packet Tracer, build the PC - Switch - Router - PC topology. Cable the topology using the appropriate cables, this includes console cabling to the switch and router. You must identify the types of cabling you have used.

f)Use the following script to configure part of the initial basic settings. You are then required to finalise all other basic configurations. Other basic configurations include:

a.Line console

b.Vty console

c.IP addressing - router interface

#Script:

conf t

hostname TRS-80CoCo

enable secret class

no ip domain-lookup

banner motd $NO UNAUTHORISED ACCESS ALLOWED$

exit