ICT205 Assignment 1

ICT205 Assignment 1

Assessment Details and Submission Guidelines
Trimester T1, 2019
Unit Code ICT205
Unit Title Cyber Security
Assessment
Type
Individual Assignment
Assessment
Title
Assignment-1: Firewall Setup and Configuration
Purpose of the
assessment
(with ULO
Mapping)
The purpose of this assignment is to assess student understanding on firewall
design and configuration and students ability to exercise the operational,
analytical and critical skills needed to reduce the potential security risks. This
assessment contributes to learning outcome
a. Analyse and evaluate the organizational adoption of security controls
b. Design solutions for concrete security problems for distributed
applications
Weight 20%
Total Marks 50
Word Limit 1000
Due Date Week 6, Friday, by 11:55PM through Moodle
Submission
Guidelines
 All work must be submitted on Moodle by the due date
 Reference sources must be cited in the text of the report, and listed
appropriately at the end in a reference list using Harvard Anglia referencing
style.
Extension and
Academic
Misconduct
Please refer to subject outline for information policies related to Extension and
Academic Misconduct.

ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
Assignment Description:
This Assignment requires you to perform a security testing on the network to identify the
threats, prepare a Risk Mitigation report and configure some of the firewall settings using Kali
Linux to secure the network and the distributed applications. The assignment consists of two
parts.
Part A:
Use Nmap – a security testing in Kali Linux to perform penetration testing on the network
(features of Nmap listed below). Prepare a short Risk Mitigation plan to identify the threats
for the assets. This plan will guide you to proceed with the firewall settings required for the
organization as you focus on the second part of the assignment.
Features of Nmap:
 Host discovery: useful for identifying hosts in any network
 Port scanning: lets you enumerate open ports on the local or remote host
 OS detection: useful for fetching operating system and hardware information about
any connected device
 App version detection: allows you to determine application name and version
number
 Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting
Engine (NSE)
Part B:
Configure a few settings on the firewall for the network using Kali Linux commands to achieve
a required level of security. The initial set of commands are given to you to start with. You
may need to perform online search to complete the rest of the requirements for the firewall
settings.
Case Study for the Assignment:
CMC is a small business enterprise comprising a network to reach their business
requirements. A network need to be secured to achieve their business goals. The System and
Network administrator of CMC realizes that it is necessary to impose certain level of filtering
for the network to be secure and that is when it can sustain from attacks, which may damage
the whole network. To develop a secure network, network administrators must have a good
understanding of all the attacks that are caused by an intruder and their mitigation
techniques. Choosing a particular mitigation technique for an attack has an impact on the
overall performance of the network, because each attack has different ways for mitigation.
The network administrators identify the assets that need to be protected by performing a risk
analysis, threats and vulnerabilities that the network may pose. The risk analysis provides
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
sufficient information about all risks and helps to build a network with high security. After
risk analysis, designing a set of security policies is very important to provide high level of
security. Security policies provide information for network users for using and auditing the
network. Firewall is considered to be a part of the security policy providing necessary
protection to the network and the applications.
You are the System and Network Administrator of CMC and the top management of CMC
urges you to design the required firewall for the organization’s network. Looking into the
requirements of the security and adhering to information security policy you are required to
provide firewall settings to secure the network from different types of possible attacks that
can harm the business network.
Part A
Perform the following task.
1. Use Nmap from Kali on your Virtual Box
2. Write an introduction to include the description of the tool
3. Demonstrate four tasks Nmap can perform. Discuss on how this tool can be
used for mitigating differ types of threats. The discussion should include the
name and brief description of the threat and must be supported by
screenshots.
4. Discuss the performance of the tools based on the following:
a. Security features and
b. Time taken to detect any threat
5. Perform the firewall testing using Nmap
6. From the report generated from the above tasks write a short Risk Mitigation
Plan to identity the type of threats on the organisation’s assets.
Part B
Configure the following setting on the firewall using the appropriate commands in Kali
Linux. The list of commands is provided below:

Command Description
Ufw status To check firewall status
Ufw enable Enable firewall
Ufw allow Allow services, port range and network
Ufw deny Blocking a service

1. Check the firewall status
ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019
2. Enable or disable the firewall accordingly
3. Allow services such as TCP, SSH and samba using their port number or name
4. Verify the firewall rules after adding the above services
5. Secure a web server by blocking HTTP(80) service and allowing HTTPS(443) service
only
6. Allow a range of ports from 20 to 80 and deny a range of ports from 500 to 100
7. Verify the firewall rules
8. Allow HTTP from a specific subnet to access your web services
9. Block connections to a network interface
Submission Guidelines:
The assignment should be submitted on Moodle on or before the deadline as a word
document that includes all the details of the task completed in Part A and Part B. The report
should address the requirements mentioned in the Marking Criteria section of the
assignment.
Marking Criteria:

Sections Description of the section Marks
Executive Summary Summary on what the report is addressing 5
Outline Outline of the whole report including tool
description
5
Demonstration Details of the tests performed with screenshots 10
Risk Mitigation Plan Details of the threats in the mitigation report 5
Analysis Critical analysis of the scenario 5
Firewall setup Details of the firewall settings with screenshots 15
Conclusion Information on what has been addressed in the
report – discussion of the findings is important
5
Total 50

Marking Rubric:

Unsatisfactory Satisfactory Effective Excellent Exceptional
Grade
Mark
Fail
(0 – 49%)
Pass
(50 – 64%)
Credit
(65 – 74%)
Distinction
(75 – 84%)
High Distinction
(85 – 100%)
Students
demonstrate
knowledge of
firewall
design and
configuration
Very difficult to
read the
structure
Some difficulty
in reading
structure and
lacking
information
Well written
structure but
not very clear
Well written and
structured
Very clearly
written and
structured

ICT205 Assignment 1 Compiled by: Smitha Shivshankar 20th March 2019

Unsatisfactory Satisfactory Effective Excellent Exceptional
Grade
Mark
Fail
(0 – 49%)
Pass
(50 – 64%)
Credit
(65 – 74%)
Distinction
(75 – 84%)
High Distinction
(85 – 100%)
Directly
answers
questions
Does not
directly answer
question
Directly
answered most
of the question
Directly
answers the
question
Directly answers
the question
giving additional
insights
Directly answers
the question,
gives additional
insights and
theoretical
perspectives
Provides a
supports
argument
No support for
the position
taken in the
answer
Provides some
support for the
position taken
Provides good
level of support
for position
taken.
Provides excellent
level of support
for position taken
Provides
exceptional level
of support for
position taken
Draws a
conclusion
based on the
argument
No conclusion
presented
Conclusion
based on some
argument
Conclusion
based on sound
argument
Conclusion based
on extensive
argument
Conclusion
based on
extensive and
compelling
argument
Demonstrate
s knowledge
of subject
matter
Very little
knowledge of
subject matter
presented
Adequate
knowledge of
subject matter
demonstrated
Sound
knowledge of
subject matter
demonstrated
High level of
knowledge of
subject matter
demonstrated
High level of
knowledge of
subject matter
and synthesis
with theory
demonstrated