School of Computer Science & Mathematics

Faculty of Engineering and Technology

Coursework Title: Secure System Design

Module Name: Secure Systems

Module Code: 7142COMP
Level: 7
Credit Rating: 20

Weighting: 40%
Maximum mark available: 100

Lecturer: Dr Nathan Shone

Contact: If you have any issues with this coursework, you may contact your
lecturer.
Email: n.shone@ljmu.ac.uk
Room: BS/649
Hand-out Date: 05/02/2024
Hand-in Date: 11/03/2024
Hand-in Method: Canvas
Feedback Date: 02/04/2024
Feedback Method: Canvas
Programmes: Cyber Security

Introduction
In this scenario, JunkRooms is a startup company providing a digital marketplace for pre-owned
goods. The usage in the platform has increased significantly, so they are looking to invest in a larger
and more secure network. They have hired you as a security consultant to design them a new secure
network from scratch. However, you are constrained to using their approved hardware and staying
within budget.

Learning Outcome to be assessed

1. Display critical awareness of the relationship between theoretical and practical security
concepts and their implementation.
Detail of the task
This assignment requires you to interpret the criteria and produce a secure network design, which
meets the company’s criteria. Your work should be presented as a professional report to give to the
company; the quality, presentation and writing of this report will be assessed. This is an individual
assignment and all designs, diagrams and explanations should be your own work. Although you are
strongly advised to undertake additional research, the use of credible academic resources should
only be used to strengthen/support your own work. Your report should use either the Harvard or
IEEE referencing style.

Task 1
The current logical and physical network designs for JunkRooms’ network are available on Canvas.
You are required to carefully analyse these designs and identify and explain five security weaknesses
within this design. For each weakness, you need to include the following:
• A snippet of the respective network design (annotations are encouraged) demonstrating the
area of the design being discussed.
• A detailed explanation of the issue.
• A detailed explanation of the potential impacts with supporting evidence and references.

Task 2
JunkRooms have asked you to design a new network from scratch that satisfies their provided
requirements. You are to produce a logical network design diagram and a physical network design
diagram to illustrate your design. Both diagrams should be clearly explained/justified in technical
detail.

Please read the specific task requirements below carefully:

• The new design must only be based on the requirements provided in Table 1. No
components from the previous network are to be included.
• A technical and concise explanation of the design process followed must be outlined.
• The produced design should be focused upon security and resilience.
• The design diagram explanations should focus on decisions made with supporting
justifications. This should not be a text-based description of the diagrams.
• The design diagrams must be legible (consider using landscape pages or submit separate
files to ensure this).
• ONLY the specific hardware listed in Table 2 can be used.
• ONLY the costing values supplied in Table 2 can be used.
• The compute and storage requirements for each service (Table 1) are SEPARATE. Your
design must accommodate both, through the usage of appropriate devices (Table 2).
• The total cost must be within the company’s budget of £90,000.
 • External hosting of ANY component it NOT permitted.
• You may make the following assumptions in your design:
o 2 ISP uplinks have been installed from different providers.
o All necessary infrastructure hardware is in place e.g., CAT6 cabling, network wall jacks.
o Each server has a dual network interface card.
o Any OS licencing costs are included the prices shown in Table 2.

Table 1. Overview of Requirements

Required Service Required no. Required External Notes

CPUs Storage Access?
Capacity (GB)

Selling Web App 16 0 Y All data stored in DB.

Buying Web App 16 0 Y All data stored in DB.

Admin Web App 2 0 N Staff only, local application.

All data stored in DB.

Card Payment 8 200 Y

Handler

SMTP 2 100 N
CRM Web App 4 100 N Staff only, local application
DB 10 500 N

SIEM 4 10 N Staff only, local application

VPN 2 0 Y Only allows access to CRM

and SIEM
N/A N/A N/A N 10 x Desktop PCs required
for staff usage.
 Table 2. JunkRooms’ Equipment List

Individual Device Cost

Storage server
• 250 GB £2600
• 500 GB £3700
• 750 GB £4300
• 1000 GB £5100
Compute server
• 1 CPU £2600
• 2 CPUs £3700
• 4 CPUs £4300
• 8 CPUs £5100
Load balancer £600
Desktop PC £420
8-port switch £90
16-port switch £200
24-port switch £350
Security gateway £130
Network Anti-Virus £750
Firewall £110
Router £170
IDS £250
IPS £300

Your professional report should be both detailed and technical, and must contain the following as
a minimum:
• Executive Summary
o A brief comment on the aims/objectives of your design
o A statement of the final costs
o A full tabular breakdown of the costings, using the following headings as a
minimum:
Network Item Unit Total
Service Quantity
Zone Description Cost Cost
• Design Overview
o Explanation of the design principles followed.
 o Explanation of the network security considerations integrated into the design.
• Physical Network Design
o Physical network design diagram (this may be submitted as a separate file if
required).
o Details of the design decisions made and justifications.
• Logical Network Design
o Logical network design diagram (this may be submitted as a separate file if
required).
o Details of the design decisions made and justifications.

What you should hand in

You must submit a professional report in .doc/docx format via the Canvas handler. You can submit
diagrams separately as .pdf, .vsd or .vsdx files.

Marking Scheme/Assessment Criteria

Task Assessment Criteria Weighting

1 Security Analysis (total 20%)
• Identification of suitable design weakness (x4) 1% each
• Appropriate diagram snippet (x4) 1% each
• Explanation of suitable design weakness (x4) 3% each
2 System Design Report (total 75%)
• Financial Breakdown 5%
• Design Process/Theory 10%
• Logical Diagram 30%
• Logical Explanation 5%
• Physical Diagram 20%
• Physical Explanation 5%
Quality of report (total 5%)
• Professionalism of report 5%

Assessment Rubric

Task Poor Average Good Excellent

Task 1
Identification of Element is missing, Weakness is Weakness is Weakness is clearly
weakness misunderstood or identified at a basic identified but some identified using
incoherent. level but lacks appropriate
sufficient
 Weakness is terminology and important details terminology and
unsuitable. technical detail. are missing. technical detail.

Appropriate Snippet(s) missing or Snippet(s) included Appropriate Appropriate

Diagram Snippet element is but key parts of the snippet(s) included snippet(s) included
misunderstood. design are omitted. featuring all with annotations.
necessary design
parts.

Weakness Element is missing, A basic explanation Detailed explanation Detailed explanation

Explanation misunderstood or is given but it lacks given but no impact of weakness and its
incoherent. technical depth. metrics/discussion impact.
provided.

Task 2
Financial Element is missing, Breakdown is not Breakdown lacks Accurate and clear
Breakdown misunderstood or clear, or key sufficient depth breakdown
incoherent. information missing, (e.g., grouping of provided.
or incorrect components).
Costs are missing or values/calculations
incorrect, or the are evident.
total is incorrectly
summed.

Design Theory Element is missing, Some basic theory Good range of Well written
misunderstood or elements are design theory is discussion covering
incoherent. discussed but not discussed and linked a breadth of design
evidenced. Or to the produced theory elements
important details design. Some that are justified
are missing. justification or detail and linked to the
is missing. Or some produced design.
minor details have
been omitted.

Logical Diagram Element is missing, Diagram is missing Diagram is suitable Diagram is

misunderstood or several important but is missing appropriate and
bears no design or several components includes the
resemblance to a diagrammatic and/or includes required
logical network elements, or is not a unauthorised components. There
diagram. proper logical components, or may be some minor
diagram. design elements are issues.
flawed.

Logical Explanation Element is missing, Explanation Explanation covers Detailed explanation

misunderstood or provided is a self- the design decisions covering the design
incoherent. evident walk and justifies the decisions and clearly
choices made. outlines underlying
 through of the theory and/or
diagram. principles involved.

Physical Diagram Element is missing, Diagram is missing Diagram is suitable Diagram is

misunderstood or several important but is missing appropriate and
bears no design or several components includes the
resemblance to a diagrammatic and/or includes required
physical network elements, or is not a unauthorised components. There
diagram. proper physical components, or may be some minor
diagram. design elements are issues.
flawed.

Physical Explanation Element is missing, Explanation Explanation covers Detailed explanation

misunderstood or provided is a self- the design decisions covering the design
incoherent. evident walk and justifies the decisions and clearly
through of the choices made. outlines underlying
diagram. theory and/or
principles involved.

Professionalism Report is basic and Report offers some Report provides a Report provides a
offers no basic structuring but cover page, cover page,
professional there is scope for contents page and contents page and
qualities. improvement. professional styling. styling is of
There are some professional quality.
Quality of writing is Quality of writing is minor areas for
poor. satisfactory. improvement. Quality of writing is
very good.
Quality of writing is
good but there are
several minor issues.

Extenuating Circumstances
If something serious happens that means that you will not be able to complete this assignment, you
need to contact the module leader as soon as possible. There are a number of things that can be
done to help, such as extensions, waivers and alternative assessments, but we can only arrange this
if you tell us. To ensure that the system is not abused, you will need to provide some evidence of
the problem.

More guidance is available at: https://www.ljmu.ac.uk/about-us/public-information/student-

regulations/guidance-policy-and-process
Any coursework submitted late without the prior agreement of the module leader will receive 0
marks.

Academic Misconduct
The University defines Academic Misconduct as ‘any case of deliberate, premeditated cheating,
collusion, plagiarism or falsification of information, in an attempt to deceive and gain an unfair
advantage in assessment’. This includes attempting to gain marks as part of a team without making
a contribution. The Faculty takes Academic Misconduct very seriously and any suspected cases will
be investigated through the University’s standard policy (https://www.ljmu.ac.uk/about-us/public-
information/student-regulations/academic-misconduct). If you are found guilty, you may be
expelled from the University with no award.

It is your responsibility to ensure that you understand what constitutes Academic Misconduct and
to ensure that you do not break the rules. If you are unclear about what is required, please ask.

For more information you are directed to following the University web pages:
• Information regarding academic misconduct:
https://www.ljmu.ac.uk/about-us/public-information/student-regulations/academic-
misconduct
• Information on study skills:
https://www.ljmu.ac.uk/microsites/library/skills-ljmu
• Information regarding referencing:
https://www.ljmu.ac.uk/microsites/library/skills-ljmu/referencing-and-endnote