ICT205 Assignment 1
| Assessment Details and Submission Guidelines | |
| Trimester | T1, 2019 |
| Unit Code | ICT205 |
| Unit Title | Cyber Security |
| Assessment Type | Individual Assignment |
| Assessment Title | Assignment-1: Firewall Setup and Configuration |
| Purpose of the assessment (with ULO Mapping) | The purpose of this assignment is to assess student understanding on firewall design and configuration and students ability to exercise the operational, analytical and critical skills needed to reduce the potential security risks. This assessment contributes to learning outcome a. Analyse and evaluate the organizational adoption of security controls b. Design solutions for concrete security problems for distributed applications |
| Weight | 20% |
| Total Marks | 50 |
| Word Limit | 1000 |
| Due Date | Week 6, Friday, by 11:55PM through Moodle |
| Submission Guidelines | All work must be submitted on Moodle by the due date Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using Harvard Anglia referencing style. |
| Extension and Academic Misconduct | Please refer to subject outline for information policies related to Extension and Academic Misconduct. |
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
Assignment Description:
This Assignment requires you to perform a security testing on the network to identify the
threats, prepare a Risk Mitigation report and configure some of the firewall settings using Kali
Linux to secure the network and the distributed applications. The assignment consists of two
parts.
Part A:
Use Nmap – a security testing in Kali Linux to perform penetration testing on the network
(features of Nmap listed below). Prepare a short Risk Mitigation plan to identify the threats
for the assets. This plan will guide you to proceed with the firewall settings required for the
organization as you focus on the second part of the assignment.
Features of Nmap:
Host discovery: useful for identifying hosts in any network
Port scanning: lets you enumerate open ports on the local or remote host
OS detection: useful for fetching operating system and hardware information about
any connected device
App version detection: allows you to determine application name and version
number
Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting
Engine (NSE)
Part B:
Configure a few settings on the firewall for the network using Kali Linux commands to achieve
a required level of security. The initial set of commands are given to you to start with. You
may need to perform online search to complete the rest of the requirements for the firewall
settings.
Case Study for the Assignment:
CMC is a small business enterprise comprising a network to reach their business
requirements. A network need to be secured to achieve their business goals. The System and
Network administrator of CMC realizes that it is necessary to impose certain level of filtering
for the network to be secure and that is when it can sustain from attacks, which may damage
the whole network. To develop a secure network, network administrators must have a good
understanding of all the attacks that are caused by an intruder and their mitigation
techniques. Choosing a particular mitigation technique for an attack has an impact on the
overall performance of the network, because each attack has different ways for mitigation.
The network administrators identify the assets that need to be protected by performing a risk
analysis, threats and vulnerabilities that the network may pose. The risk analysis provides
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
sufficient information about all risks and helps to build a network with high security. After
risk analysis, designing a set of security policies is very important to provide high level of
security. Security policies provide information for network users for using and auditing the
network. Firewall is considered to be a part of the security policy providing necessary
protection to the network and the applications.
You are the System and Network Administrator of CMC and the top management of CMC
urges you to design the required firewall for the organization’s network. Looking into the
requirements of the security and adhering to information security policy you are required to
provide firewall settings to secure the network from different types of possible attacks that
can harm the business network.
Part A
Perform the following task.
1. Use Nmap from Kali on your Virtual Box
2. Write an introduction to include the description of the tool
3. Demonstrate four tasks Nmap can perform. Discuss on how this tool can be
used for mitigating differ types of threats. The discussion should include the
name and brief description of the threat and must be supported by
screenshots.
4. Discuss the performance of the tools based on the following:
a. Security features and
b. Time taken to detect any threat
5. Perform the firewall testing using Nmap
6. From the report generated from the above tasks write a short Risk Mitigation
Plan to identity the type of threats on the organisation’s assets.
Part B
Configure the following setting on the firewall using the appropriate commands in Kali
Linux. The list of commands is provided below:
| Command | Description |
| Ufw status | To check firewall status |
| Ufw enable | Enable firewall |
| Ufw allow | Allow services, port range and network |
| Ufw deny | Blocking a service |
1. Check the firewall status
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
2. Enable or disable the firewall accordingly
3. Allow services such as TCP, SSH and samba using their port number or name
4. Verify the firewall rules after adding the above services
5. Secure a web server by blocking HTTP(80) service and allowing HTTPS(443) service
only
6. Allow a range of ports from 20 to 80 and deny a range of ports from 500 to 100
7. Verify the firewall rules
8. Allow HTTP from a specific subnet to access your web services
9. Block connections to a network interface
Submission Guidelines:
The assignment should be submitted on Moodle on or before the deadline as a word
document that includes all the details of the task completed in Part A and Part B. The report
should address the requirements mentioned in the Marking Criteria section of the
assignment.
Marking Criteria:
| Sections | Description of the section | Marks |
| Executive Summary | Summary on what the report is addressing | 5 |
| Outline | Outline of the whole report including tool description | 5 |
| Demonstration | Details of the tests performed with screenshots | 10 |
| Risk Mitigation Plan | Details of the threats in the mitigation report | 5 |
| Analysis | Critical analysis of the scenario | 5 |
| Firewall setup | Details of the firewall settings with screenshots | 15 |
| Conclusion | Information on what has been addressed in the report – discussion of the findings is important | 5 |
| Total | 50 |
Marking Rubric:
| Unsatisfactory | Satisfactory | Effective | Excellent | Exceptional | |
| Grade Mark | Fail (0 – 49%) | Pass (50 – 64%) | Credit (65 – 74%) | Distinction (75 – 84%) | High Distinction (85 – 100%) |
| Students demonstrate knowledge of firewall design and configuration | Very difficult to read the structure | Some difficulty in reading structure and lacking information | Well written structure but not very clear | Well written and structured | Very clearly written and structured |
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
| Unsatisfactory | Satisfactory | Effective | Excellent | Exceptional |
| Grade Mark | Fail (0 – 49%) | Pass (50 – 64%) | Credit (65 – 74%) | Distinction (75 – 84%) | High Distinction (85 – 100%) |
| Directly answers questions | Does not directly answer question | Directly answered most of the question | Directly answers the question | Directly answers the question giving additional insights | Directly answers the question, gives additional insights and theoretical perspectives |
| Provides a supports argument | No support for the position taken in the answer | Provides some support for the position taken | Provides good level of support for position taken. | Provides excellent level of support for position taken | Provides exceptional level of support for position taken |
| Draws a conclusion based on the argument | No conclusion presented | Conclusion based on some argument | Conclusion based on sound argument | Conclusion based on extensive argument | Conclusion based on extensive and compelling argument |
| Demonstrate s knowledge of subject matter | Very little knowledge of subject matter presented | Adequate knowledge of subject matter demonstrated | Sound knowledge of subject matter demonstrated | High level of knowledge of subject matter demonstrated | High level of knowledge of subject matter and synthesis with theory demonstrated |