NWS Assignment Draft
CLO1
Design secure network based on scenario given. (C4, PLO3)
Group Assignment
CLO2
Choose appropriate security technologies to overcome the threats and risks presented to a computing system in a given realistic scenario. (A3, PLO6)
Group Assignment
CLO3
Participate in developing secure network diagram by integrating layer 2 security, layer 3 security and firewall technologies using appropriate simulation tool. (A2,PLO5)
Group Assignment
CLO4
Present the proposed security solution effectively to solve organization problems (A2, PL04)
Group Assignment
PLO3 – Problem Solving and Scientific Skills
PLO6 – Values, Attitudes and Professionalism
PLO5 – Social Skills, Team Skills and Responsibilities
PLO4 – Communication Skills
This assignment consists of TWO (2) sections: Section A and Section B. Section A is online practical test that contributes 30% of total 100% while Section B is the remaining 70%, consisting of 60% individual and 40% group marks.
Section A
1. Learning Outcomes
This assignment carries 30% of your total module assessment marks. At the end of this assignment, student would be able to apply security concepts with regards to Network Security
2. Assignment Questions
You are required to conduct research, design and develop your assignment.
3. Lab/tutorial activities
Each students need to complete all the exercises given and the overall marks will contribute 30% for total coursework marks.
Assessment Criteria
Student
Name:
TP. No:
Marks
PLO3: Problem Solving (Application) (30%)
Weight
Online theory test
10
Practical Skills 1
10
Practical Skills 2
10
Subtotal Marks (PLO3)
30
Grand Total (PLO3)
30
Section B
Instructions:
This group assignment carries 70% of your total module assessment marks, with 60% of the total contributed by an individual component. A group consist of maximum 4 students. (Minimum 2 students). The total word count of the report should not exceed 5000 words. No marks will be awarded for the entire assignment if any part of it is found to be copied directly from printed materials or from another group. All submissions should be made on or before the due date. Any late submissions after the deadline will not be entertained. Zero (0) mark will be awarded for late submission, unless extenuating circumstances are upheld.
Scenario:
Company A is food manufacturer based in Kuala Lumpur. Its office consists of 3 departments: Sales, Engineering and Finance. It has a Sales office in Singapore located 350km away from Kuala Lumpur and hosts 50 employees. The following topology illustrates the network architecture and topology of the Kuala Lumpur office of Company-A and Singapore Company-B.
The Kuala Lumpur office has simple network architecture. Clients workstations are connected to an access switch, then connected to a distributed switch and then to the router’s inside interface. The firewall’s outside interface connects directly to the internet service provider (ISP) router. The ISP completely manages this router and the company-A has no control over it. A third interface on the firewall hosts a demilitarised zone (DMZ) hosting several servers. These servers include web, email and FTP applications.
The goal is to protect the internal and DMZ hosts from external threats. As a network security specialist, you are required to provide a security solution for company-A and company-B. All your configuration using ipv6 only.
There are some requirements in the above scenario that must be considered in this security design.
• Client workstations (sales, engineering and finance) must be able to access the web server at the DMZ over HTTP and HTTPS. The web server should be reachable from the external clients over HTTP and HTTPS only. (Solution and configuration)
• Clients should also be able to put and get files via FTP to the same server. The company requires implementing FTP with user and password is essential for each transaction. (Solution and configuration.)
• Engineering and sales workstations must be able to access the Internet (to reach company B) over HTTP and HTTPS with DNS. No other protocol access is allowed to the Internet. (Solution and configuration.)
• Client workstations must be able to check their e-mail on the e-mail server at the DMZ. (Solution and configuration.)
• The e-mail server should be able to receive e-mail from external hosts over the simple mail transfer protocol (SMTP). (Solution.)
• No client from sales, engineering and finance department is able to access clients in the other departments. (Solution and configuration.)
• Layer two securities is a requirement in the company-A LAN. (Solution and configuration.)
• Bastion host works as an application proxy. You are required to explain the solution in detail. (Configuration is not required.)
• Connectivity between company-A in Kuala Lumpur and company-B in Singapore is a requirement. What is the best solution? Elaborate on the solution. (Configuration is not required).
• Data transmitted over the network must be kept disguised and only intended recipient can read it. Hackers are unable to understand the content even they are able to wiretap the communication. (Solution on the techniques, no configuration is required)
• The company requires implementing intrusion detection systems (IDS). (No Configuration is required.)
• Implement VPN between Singapore and Kuala Lumpur. (Configuration is required.)
• Implement SSL encryption between Singapore and Kuala Lumpur. (Solution)
Note: The “solution” in the parenthesis means that, you have to recommend, what should be done in order to fulfil the company’s requirement. In this case, you do not have to configure any of the device(s) in the topology. The “configuration” in the parenthesis means that, in addition to the solution that you provide, you have to implement it by configuring the appropriate device with commands and setups.
Guidelines for the Report:
Document the results of your work in a professional and systematic manner, in the form of a computerized report. One (1) softcopy and hardcopy of your documentation is to be submitted.
Your completed documentation should meet the following requirements:
• Table of contents for every detailed chapter/section.
• Marking Table
• Gantt Chart
• Detailed Work Breakdown Structure
• Introduction
• Chapters / sections
• Recommendations
• Network configurations
• Documentation of the configured device(s)
• Conclusion
• Contribution of each member
• Appendices
• Bibliography or References
In your document the report is to be written in a professional manner, paying due regard to the following aspects:
• The report is to be written in the 3rd person.
• The report should have a consistent layout and be divided into enumerated sections, sub-sections, sub-sub sections etc.
• The report should be fully referenced using the University standard.
• Your report must be typed using Microsoft Word with Times New Roman font and size 12. Expected length is 5,000 words (excluding diagrams, appendixes and references). You need use to include a word count at the end of the report and it should be in 1.5 spaces.
• Submission of reports that are unprofessional in its outlook (dirty, disorganised, inconsistent look, varying coloured paper and size) will not fare well when marks are allocated.
• Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper.
• The report should have a one (1”) margin all around the page as illustrated below:
• Every report must have a front cover. A transparent plastic sheet can be placed in front of the report to protect the front cover. The front cover should have the following details:
• Name
• Intake code.
• Subject.
• Project Title.
• Date Assigned (the date the report was handed out).
• Date Completed (the date the report is due to be handed in).
Submission requirements
A CD containing an electronic version of the document and video presentation (15 minutes) of group member. The total word count of the main body of the document (excluding title & contents pages) is to be in the region of 5000 words.
Marking Table
Please note that during the preparation of your assignment, you must include the following marking table. Ensure you fill in the details of your team members’ full names and their respective student IDs.
The marking table must be placed on a single page, located as either the second or third page of your final assignment documentation. Each team member’s name must only appear once. The schedule for the presentation will be announced in due time.
Assessment Criteria:
Assessment Criteria
Student
Name:
TP. No:
Marks
PLO3: Problem Solving and Scientific Skills (60%)
Weight
Design follows the requirements and good integration
20
Configuration
20
Research & Investigation
20
Subtotal Marks (PLO3)
60
PLO5: Social Skills, Team Skills and Responsibilities (20%)
Weight
Task distributed equally and appropriate security technologies chosen
10
Task completion
10
Subtotal Marks (PLO5)
20
PLO6: Values, Attitudes and Professionalism (10%)
Weight
Presentation
10
Subtotal Marks (PLO6)
10
PLO4: Communication Skills
Weight
Q&A
10
Subtotal Marks (PLO4)
10
Grand Total (PLO3 + PLO5+ PLO6+PLO4)
100
Marking Scheme (based on SLT):
Group Components (70%)
CLO1: Design secure network based on scenario given
(Problem Solving and Scientific Skills = 60 marks)
Marking Criteria
0-4
(Fail)
5-8
(Marginal Fail)
9-12
(Pass)
13-16
(Credit)
17-20 (Distinction)
Marks Awarded
Design follows the requirements and good integration (20)
All submission requirements were not adhered or poor writing or poor quality of contents. No integration of the tasks given
Some submission requirements were not adhered or poor writing or poor quality of contents. No integration of the tasks given
Network design follows the requirements but with some missing parts. Partially integrated and not all the configurations are working after integration
Network design follows the requirements but with some missing parts. Fully integrated but not all the configurations are working after integration.
Network design follows exactly the requirements. No missing part. Fully integrated and configuration is working well
Marking Criteria
0-4
(Fail)
5-8
(Marginal Fail)
9-12
(Pass)
13-16
(Credit)
17-20 (Distinction)
Marks Awarded
Configuration (20)
Failed to configure the required devices.
Partial configuration is done; some of the devices are not configured properly. The documentation of the configured devices is not complete.
Most configuration is done; some of the devices are not configured properly and not all integrated. The documentation of the configured devices is not complete.
Proper and full configuration of all of the devices but the documentation of the configured devices is not complete.
Proper and full configuration of all of the devices with complete documentation of the configured devices.
Marking Criteria
0-4
(Fail)
5-8
(Marginal Fail)
9-12
(Pass)
13-16
(Credit)
17-20 (Distinction)
Marks Awarded
Research & Investigation (20)
Poor research and investigation of the problem. Poor evaluation of the requirement.
Very brief research and investigation of the problem. Poor evaluation of the requirement.
Research and investigation are done but not in depth. Appropriate evaluation of the requirements with proper reasoning with proper project planning and management.
Well research and investigation is done. Good evaluation of the requirements with proper reasoning with proper project planning and management.
Very well analysis and investigation of the problem. Outstanding evaluation of the requirements with proper reasoning. Outstanding project planning and management with the screenshots of used tools.
CLO2: Choose appropriate security technologies to overcome the threats and risks presented to a computing system in a given realistic scenario.
(Values, Attitudes and Professionalism = 10 marks)
Marking Criteria
0-2
(Fail)
3-4
(Marginal Fail)
5-6
(Pass)
7-8
(Credit)
9-10 (Distinction)
Marks Awarded
Presentation (10)
Demonstrate dependency on others guidance during presentation. Unable to answer any questions independently.
Demonstrate dependency on others guidance during presentation. Able to answer several questions with clues from others.
Demonstrate tendency to dependent on others guidance during presentation. Able to answer question but failed to produce confirmed answers
Voice is clear and loud. Able to answer all the questions without referring to notes.
Always demonstrate a self-reliant attitude in all situation during presentation.
CLO3: Participate in developing secure network diagram by integrating layer 2 security, layer 3 security and firewall technologies using appropriate simulation tool
(Social Skills, Team Skills and Responsibilities = 20 marks)
Marking Criteria
0-2
(Fail)
3-4
(Marginal Fail)
5-6
(Pass)
7-8
(Credit)
9-10 (Distinction)
Marks Awarded
Task distributed equally and appropriate security technologies chosen (10)
No task distribution
Poor task distribution among the team members. Irrelevant technologies chosen
Imbalance task distribution among the team members. Acceptable technologies chosen but explanation not in depth
Balance distribution of tasks among the team members. Accurate technologies chosen but explanation provided not in depth
Balance distribution of tasks among the team members. Accurate technologies chosen and detail explanation provided
Marking Criteria
0-2
(Fail)
3-4
(Marginal Fail)
5-6
(Pass)
7-8
(Credit)
9-10 (Distinction)
Marks Awarded
Task Completion (10)
Not completed and not fulfill the requirements
Minimal tasks completed and partially fulfill the requirements
At least half of the tasks completed and partially fulfill the requirements
More than half of the tasks completed and partially fulfill the requirements
All the tasks are completed and fulfill the requirements
CLO4: Present the proposed security solution effectively to solve organization problems
(Communication Skills = 10 marks)
Marking Criteria
0-2
(Fail)
3-4
(Marginal Fail)
5-6
(Pass)
7-8
(Credit)
9-10 (Distinction)
Marks Awarded
Q & A (10)
Demonstrate dependency on others guidance during presentation. Unable to answer any questions independently.
Demonstrate tendency to dependent on others guidance during presentation. Able to answer question but failed to produce confirmed answers
Lack of confident in answering the questions. Able to answer the question but with minimal guidance from others.
Demonstrate a self-reliant attitude in most situation during presentation. Voice is clear and loud. Able to answer some of the questions without referring to notes.
Always demonstrate a self-reliant attitude in all situation during presentation. Voice is clear and loud. Able to answer all the questions without referring to notes.
Online Components (30%)
CLO3: Cooperate as a team to respond to an incident
(Social Skills, Team Skills and Responsibilities = 20 marks)
Marking Criteria
0-2
(Fail)
3-4
(Marginal Fail)
5-6
(Pass)
7-8
(Credit)
9-10 (Distinction)
Marks Awarded
Online test, practical skills 1 and 2 (30)
Poor in basic knowledge
Not able to apply new idea or knowledge to a given problem
Able to apply new idea on knowledge to a given problem with assistance from lecturer or student
Able to apply new idea or knowledge to a given problem and but unable to propose alternative applications
Able to apply new idea or knowledge to a given problem and able to propose alternative applications
Total Marks
/100