You are on page 1of 12

Network Security Page 1 of 12

In-course Assignment Information Sheet

This assignment consists of TWO (2) sections: Section A and Section B. Section A is individual that
contributes 30% of total 100% while Section B is the remaining 70%, consisting of 60% individual and
40% group.

Section A

1. Learning Outcomes

This individual assignment carries 30% of your total module assessment marks. At the end of this
assignment, student would be able to apply programming concepts with regards to Network Security

2. Assignment Questions

You are required to conduct research, design and develop your assignment.

3. Project Title
Each group is to propose an Assignment Title (1 printed page) and submit it to the lecturer for approval
before starting your work. Deadline for Project Title approval is on 9th week. Students are expected to do
the project independently with minimal supervision.
Each student should have a unique title. The requirements of a title are that it should involve some
network security research components.

Some possible areas are (you can propose your own title or choose one below):
1. IDS/IPS: Challenges and Deployment
2. HotSpot Weaknesses
3. Rootkits
4. SIP and Secure VoIP
5. Scanning & Security Auditing
6. Smartphone Security
7. Web Security and SSL
Any other suitable title can also be accepted.

Guidelines for the Report:

Document the results of your work in a professional and systematic manner, in the form of a
computerized report. One (1) softcopy and hardcopy of your documentation is to be submitted.

Your completed documentation should meet the following requirements (if applicable):

1. Marking Table
2. Introduction
3. Chapters / sections
4. Recommendations
5. Documentation of the configured device(s), if there is any
6. Conclusion
7. Appendices
8. Bibliography or References

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 2 of 12

In your document the report is to be written in a professional manner, paying due regard to the following
aspects:

The report is to be written in the 3rd person.


The report should have a consistent layout and be divided into enumerated sections, sub-sections,
sub-sub sections etc.
The report should be fully referenced using the University standard.
Your report must be typed using Microsoft Word with Times New Roman font and size 12. Expected
length is 1,000 words for 1 topic (excluding diagrams, appendixes and references). You need use to
include a word count at the end of the report and it should be in 1.5 spaces.
Submission of reports that are unprofessional in its outlook (dirty, disorganised, inconsistent look,
varying coloured paper and size) will not fare well when marks are allocated.
Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper.
The report should have a one (1) margin all around the page as illustrated below:

1 inch 1 inch
1 inch

1 inch
The Typed Text
1 inch

1 inch

1 inch 1 inch

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 3 of 12

Every report must have a front cover. A transparent plastic sheet can be placed in front of the report
to protect the front cover. The front cover should have the following details:

o Name
o Intake code.
o Subject.
o Project Title.
o Date Assigned (the date the report was handed out).
o Date Completed (the date the report is due to be handed in).

Submission requirements

A CD containing an electronic version of the document. The total word count of the main body of the
document (excluding title & contents pages) is to be in the region of 3000 words.

Marking Table

Please note that during the preparation of your assignment, you must include the following marking table.
Ensure you fill in the details of your team members full names and their respective student IDs.

The marking table must be placed on a single page, located as either the second or third page of your final
assignment documentation. Each team members name must only appear once. The schedule for the
presentation will be announced in due time.

Assessment Criteria:

Documentation 10%
Referencing 10%
Research and Investigation 10%
Diagrams & Figures 10%
Critical Thinking and Applicability 20%
Analytical 20%
Explanation 10%
Presentation 10%

Level 2 Asia Pacific University of Technology and Innovation


4
3
2
1

Level 2
Network Security

Names and Intakes

Documentation (10)

Referencing (10)

Research and
Investigation (10)

Diagram/Figures (10)

Asia Pacific University of Technology and Innovation


Critical Thinking and
Applicability (20)
Individual (100%)

Analytical (20)
Explanation (10)

Presentations (10)

Grand Total (100)


Page 4 of 12
Network Security Page 5 of 12

Section B

Instructions:

This group assignment carries 70% of your total module assessment marks, with 60% of the total
contributed by an individual component. A group consist of maximum 4 students. (Minimum 2 students).
The total word count of the report should not exceed 5000 words. No marks will be awarded for the
entire assignment if any part of it is found to be copied directly from printed materials or from another
group. All submissions should be made on or before the due date. Any late submissions after the deadline
will not be entertained. Zero (0) mark will be awarded for late submission, unless extenuating
circumstances are upheld.

Scenario:

Company A is food manufacturer based in Kuala Lumpur. Its office consists of 3 departments: Sales,
Engineering and Finance. It has a Sales office in Singapore located 350km away from Kuala Lumpur and
hosts 50 employees. The following topology illustrates the network architecture and topology of the
Kuala Lumpur office of Company-A and Singapore Company-B.

The Kuala Lumpur office has simple network architecture. Clients workstations are connected to an
access switch, then connected to a distributed switch and then to the routers inside interface. The
firewalls outside interface connects directly to the internet service provider (ISP) router. The ISP
completely manages this router and the company-A has no control over it. A third interface on the
firewall hosts a demilitarised zone (DMZ) hosting several servers. These servers include web, email and
FTP applications.

The goal is to protect the internal and DMZ hosts from external threats. As a network security specialist,
you are required to provide a security solution for company-A and company-B.

There are some requirements in the above scenario that must be considered in this security design.

1. Client workstations (sales, engineering and finance) must be able to access the web server at the
DMZ over HTTP and HTTPS. The web server should be reachable from the external clients over
HTTP and HTTPS only. (Solution and configuration)

2. Clients should also be able to put and get files via FTP to the same server. The company requires
implementing FTP with user and password is essential for each transaction. (Solution and
configuration.)

3. Engineering and sales workstations must be able to access the Internet (to reach company B) over
HTTP and HTTPS with DNS. No other protocol access is allowed to the Internet. (Solution and
configuration.)

4. Client workstations must be able to check their e-mail on the e-mail server at the DMZ. (Solution
and configuration.)

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 6 of 12

5. The e-mail server should be able to receive e-mail from external hosts over the simple mail
transfer protocol (SMTP). (Solution.)

6. No client from sales, engineering and finance department is able to access clients in the other
departments. (Solution and configuration.)

7. Layer two securities is a requirement in the company-A LAN. (Solution and configuration.)

8. Bastion host works as an application proxy. You are required to explain the solution in detail.
(Configuration is not required.)

9. Connectivity between company-A in Kuala Lumpur and company-B in Singapore is a


requirement. What is the best solution? Elaborate on the solution. (Configuration is not required).

10. Data transmitted over the network must be kept disguised and only intended recipient can read it.
Hackers are unable to understand the content even they are able to wiretap the communication.
(Solution on the techniques, no configuration is required)

11. The company requires implementing intrusion detection systems (IDS). (No Configuration is
required.)

12. Implement VPN between Singapore and Kuala Lumpur. (Configuration is required.)

13. Implement SSL encryption between Singapore and Kuala Lumpur. (Solution)

Note: The solution in the parenthesis means that, you have to recommend, what should be done
in order to fulfil the companys requirement. In this case, you do not have to configure any of the
device(s) in the topology. The configuration in the parenthesis means that, in addition to the
solution that you provide, you have to implement it by configuring the appropriate device with
commands and setups.

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 7 of 12

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 8 of 12

Guidelines for the Report:

Document the results of your work in a professional and systematic manner, in the form of a
computerized report. One (1) softcopy and hardcopy of your documentation is to be submitted.

Your completed documentation should meet the following requirements:

1. Table of contents for every detailed chapter/section.


2. Marking Table
3. Gantt Chart
4. Detailed Work Breakdown Structure
5. Introduction
6. Chapters / sections
7. Recommendations
8. Network configurations
9. Documentation of the configured device(s)
10. Conclusion
11. Contribution of each member
12. Appendices
13. Bibliography or References

In your document the report is to be written in a professional manner, paying due regard to the following
aspects:

The report is to be written in the 3rd person.


The report should have a consistent layout and be divided into enumerated sections, sub-sections,
sub-sub sections etc.
The report should be fully referenced using the University standard.
Your report must be typed using Microsoft Word with Times New Roman font and size 12. Expected
length is 5,000 words (excluding diagrams, appendixes and references). You need use to include a
word count at the end of the report and it should be in 1.5 spaces.
Submission of reports that are unprofessional in its outlook (dirty, disorganised, inconsistent look,
varying coloured paper and size) will not fare well when marks are allocated.
Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper.
The report should have a one (1) margin all around the page as illustrated below:

1 inch 1 inch
1 inch

1 inch

The Typed Text


1 inch

1 inch

1 inch 1 inch

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 9 of 12

Every report must have a front cover. A transparent plastic sheet can be placed in front of the report
to protect the front cover. The front cover should have the following details:

o Name
o Intake code.
o Subject.
o Project Title.
o Date Assigned (the date the report was handed out).
o Date Completed (the date the report is due to be handed in).

Submission requirements

A CD containing an electronic version of the document and video presentation (15 minutes) of group
member. The total word count of the main body of the document (excluding title & contents pages) is to
be in the region of 5000 words.

Marking Table

Please note that during the preparation of your assignment, you must include the following marking table.
Ensure you fill in the details of your team members full names and their respective student IDs.

The marking table must be placed on a single page, located as either the second or third page of your final
assignment documentation. Each team members name must only appear once. The schedule for the
presentation will be announced in due time.

Assessment Criteria:

Documentation 10% Group


Referencing 10% Group
Research and Investigation 10% Group
Diagrams & Figures 10% Group
Critical Thinking and Applicability 20% Individual
Analytical 20% Individual
Configurations 10% Individual
Presentation 10% Individual

Level 2 Asia Pacific University of Technology and Innovation


4
3
2
1

Level 2
Network Security

Names and Intakes

Documentation (10)

Referencing (10)
Group (40%)

Research and
Investigation (10)

Diagram/Figures (10)

Asia Pacific University of Technology and Innovation


Critical Thinking and
Applicability (20)

Analytical (20)
Configurations (10)
Individual (60%)

Presentations (10)

Grand Total (100)


Page 10 of 12
Network Security Page 11 of 12

Marking Scheme Rubrics

1 to 3 4 to 7 8 to 10
Documentation (10) All submission All submission All submission
requirements were not requirements were requirements were
adhered or poor writing followed with well followed with very good
or poor quality of writing and proper writing and formatting.
contents. formatting of document The quality of the
along with proper content is very good.
quality of the content. The document looks
like a real world
solution.
1 to 3 4 to 7 8 to 10
Referencing (10) None, very little, or Proper, well formatted Proper, well formatted
wrong usage of citation referencing with needed referencing with needed
or not following proper citations in all required citations in all required
referencing format. places. Including places. Including
needed copyright sign needed copyright sign
for used software. for used software and
terms with proper
referencing for each
one. Using a right
bibliography
1 to 3 4 to 7 8 to 10

Research and Poor research and Well research and Very well analysis and
Investigation (10) investigation of the investigation is done. investigation of the
problem. Poor Good evaluation of the problem. Outstanding
evaluation of the requirements with evaluation of the
requirement. proper reasoning with requirements with
proper project planning proper reasoning.
and management. Outstanding project
planning and
management with the
screenshots of used
tools.

Level 2 Asia Pacific University of Technology and Innovation


Network Security Page 12 of 12

1 to 3 4 to 7 8 to 10
Diagrams / Figures (10) Failed to attach any Few diagrams and Proper and relevant
diagrams and figures. figures attached. diagrams and figures.
Descriptions of Diagrams are lack of Diagrams are labeled
diagrams are blurring. descriptions and and well described.
labeling. Sequence of diagrams is
well organized.
1 to 5 6 to 10 11 to 15 16 to 20
Critical Thinking and The judgment The judgment is The judgment is Provided relevant
Applicability (20) criteria are not somehow relevant.The criteria for
relevant and the relevant. The solution is making the
solution is not solution is relevant though it judgment.
applicable. applicable though lack of Applicable
it lacks in some supporting methods or
parts. factors. techniques are
used for forming
the judgment.
1 to 5 6 to 10 11 to 15 16 to 20
Analytical (20) Very poor or Analysis done Analysis is Excellent
minimal analysis with lack of tools accurate and analysis of the
of the problem is and techniques. good use of the solution has been
done. Insufficient analysis tools and done. Proper
descriptions on technique is usage of tools in
analysis results made analyzing and
testing the
accuracy of the
solution.
1 to 3 4 to 7 8 to 10
Configurations (10) Failed to configure the Partial configuration is Proper and full
required devices. done; some of the configuration of all of
devices are not the devices with
configured properly. complete documentation
The documentation of of the configured
the configured devices devices.
is not complete.

1 to 3 4 to 7 8 to 10
Presentations (10) Fail to attend the Attended presentation Attended presentation
presentations. but voice is hard to be and able to attract
Voice is hardly to be heard. Able to answer audiences attentions.
heard. question but failed to Voice is clear and loud.
Unable to answer produce confirmed Able to answer all the
questions answers questions without
referring to notes.

Level 2 Asia Pacific University of Technology and Innovation