Course Aim
This course will introduce students to the current trends and issues related to computer, network, and cloud security. The course covers both computer security (including such topics as security policies, access control, malwares, etc.) and network and cloud security, along with some relevant background in basic cryptography.
Purpose
The purpose of this assessment is critically analyse the requirements of the users and their security issues, and provide solutions for their on-premise, hybrid or full cloud network.
Assessment Information
1. This is an individual open book assessment and worth 30% of your total assessment weighting of the entire course. 2. You have 2 weeks to complete this assessment.
3. You have the opportunity for one resubmission for one failed assessment per course. The maximum mark available for any reassessed failed assessment event is 50%
4. You can make a request for a resubmission within three working days of the return of the assessment and negotiate a resubmission date.
5. The agreed resubmission date will be adhered to and no further extensions will be given. In all cases, the grade achieved on the resubmission will be the grade used to calculate the final course grade.
6. Failing two or more assessments within a course equates to a failed course and a re-enrolment of that course.
7. You are required to keep a soft copy of the submitted assessment.
8. You need to submit you assessment through Turnitin via Canvas.
9. All students are required to attach the signed assessment coversheet (the front page of this document) with their final submission.
10. Students are required to check their course outlines in relation to assessment extension requirements.
11. Extensions of time to complete an assessment are only given in exceptional circumstances. If you anticipate difficulty in meeting the due dates to submit an assessment and/or sit tests or examinations, and/or attempt any missed practical assessment activity which may have been timetabled to occur once only during the programme, you may request an extension of time.
12. A formal written request must be made prior to the due date. The agreed extension date will be adhered to and no further extensions will be given.
Learning Outcomes
This assessment is mapped to the following learning outcomes for this course:
LO 2: Critically analyse user requirements, and its security issues to provide solution for an on-premise, hybrid or full cloud network.
Graduate Profile Outcome
The above stated learning outcomes are mapped to the graduate profile outcome shown below for this programme:
GPO 3: Critically assess a business network and cloud system’s security and propose solutions to mitigate security risks.
GPO 5: Demonstrate advanced communication, cultural and teamwork skills in professional and applied contexts including acknowledging biculturalism, Te Ao Māori, tikanga and Mātauranga Māori.
English Writing and Layout Requirements
• You need to be use the APA referencing 7th edition for all resources you use (see marking guidelines)
• Your written work is to be typed out in a Word-processed document. You need to adapt the proper tone to suit the audience of your writing and aim for your submission to be grammar and spelling error-free.
• You need to use the following formatting:
o Font Style: either Calibri or Times New Roman
o Font size: not less than 12pt for main content, and no more than 18pt for section headings.
o Line Spacing: 1.5 lines
o Margins: leave margins of 2.54cm all around the page.
• Include Your student ID, Course Number, Cohort Number, and date of submission in the “header” of all pages (excluding the cover page).
• Insert page numbers into the “footer” of all pages.
• IMPORTANT NOTE: Poor English writing and poor layout may result in a deduction of mark up to 5 marks.
Assessment Task
Scenario
Shades & Co. is a trendy sunglasses brand established in 2014, with its flagship stores located in Auckland and Christchurch. They specialize in selling stylish eyewear both in-store and online. The company employs a team of 25 employees who work from their headquarters in Manhattan and their store in Brooklyn. Currently, they have a customer base of over 10,000 registered users on their e-commerce website.
Network Setup and Specifications:
The central office of the organization has implemented a network infrastructure with the following setup and specifications:
The network is built on a domain-based architecture and operates on Windows Server 2016. The primary domain controller server runs Windows Server 2016 and is responsible for hosting various roles and features including Active Directory Services, DHCP server, DNS server, Web server, Database server, and Basic Windows Firewall.
The network is equipped with three servers that handle different functionalities. The Active Directory Services server manages user authentication, access control, and directory services. The DHCP server assigns IP addresses dynamically to the devices connected to the network. The DNS server resolves domain names to their corresponding IP addresses, enabling efficient communication across the network. The Web server hosts the company`s website, providing access to online resources. Lastly, the Database server stores and manages critical data utilized by the organization.
In terms of client devices, there are ten desktop computers connected to the network. These desktops provide the employees with a stable and efficient computing environment. Additionally, there are ten laptops that connect to the network via WLAN (Wireless Local Area Network). This wireless connectivity allows employees to bring their own devices and seamlessly connect to the company`s network.
The specifications of the devices are provided below.
Description: This server responds to authentication requests and verifies users on computer networks. When users log into their domain, the DC checks their username, password, and other credentials to either allow or deny access for that user. This server is also a DHCP server which provides dynamic IP addresses to all the devices in the network. This also works as a DNS server, which translate domain names into IP Addresses, which computers can understand.
Description: This server provides a secure and easy-to-manage platform for reliably hosting websites, services, and applications. With Internet Information Services (IIS), information can be shared with users on the Internet or an intranet. This server is the heart of company’s ecommerce business and used to host their ecommerce website to sell their products online.
Description: This Microsoft SQL Server is a relational database management system with the primary function of storing and retrieving data as requested by other software applications—which may run either on the same computer or on another computer across a network (including the Internet.
The company uses this server to manage data of all it’s transactions, customers, vendors etc.
Security Issues:
Recently, the company has encountered several security issues that are causing significant disruptions and potential risks. These incidents include:
1. Performance Issues and Malware Infections:
Many employees have reported poor performance on their PCs, despite the hardware being relatively new and well-equipped. Additionally, a considerable number of support tickets indicate malware or antivirus-related problems. This suggests that the company`s systems may have been compromised, leading to decreased performance and increased malware infections.
2. Suspicious Customer Emails with Attachments:
Staff members have noticed an influx of customer emails containing attachments that seem irrelevant or suspicious. This could indicate that the company`s email system is being targeted by phishing attempts or malware distribution campaigns.
3. Wireless Man-in-the-Middle Attack:
A recent attack on the WLAN network resulted in a wireless man-in-the-middle attack. This security breach allows attackers to intercept and manipulate network communications, potentially compromising sensitive information and preventing employees from accessing the company`s website via the WLAN.
4. Webserver Attacks:
The webserver hosting the company`s e-commerce site has been the target of multiple web-application attacks over the past year. While these attacks may not have caused catastrophic damage, they have resulted in periods of website unavailability, leading to revenue loss.
5. Guestbook Page Defacement:
The company`s Guestbook page has been subject to various forms of defacement, with strange messages and inappropriate pictures being displayed. This indicates that the website is vulnerable to unauthorized access and manipulation, affecting the company`s reputation and customer experience.
6. Database Breaches:
The organization has experienced multiple attacks on its databases, resulting in the theft of customer email addresses. These incidents have led to a loss of customer trust in the company`s security measures. Additionally, in one instance, a vendor`s bank account details were compromised, highlighting the potential financial risks associated with the breaches.
7. Fraudulent Transactions:
The company has suffered financial losses due to fraudulent transactions made using stolen credit card information and fake postal addresses. These incidents can damage the company`s reputation, result in financial liabilities, and impact customer confidence in the business
These security issues collectively pose a significant threat to the company`s operations, reputation, and revenue. Addressing these concerns should be a top priority, requiring robust security measures, network monitoring, employee awareness training, and regular vulnerability assessments to mitigate the risks and safeguard the organization`s assets and customer data.
You have been hired by Shades & Co to analyse the current network. Your analysis should be based on the current network setup, specifications and security problems listed above. You are also required to propose security solution(s) for their current on-premise network. The company is also planning to migrate their current network to a cloud-based network. They plan to have Platform-as-a-service cloud based ecommerce solution. A part of your job is to evaluate the readiness of the company to migrate to cloud-based network, identify potential security issues that may arise after the migration and prescribe relevant solutions.
Read the following requirements carefully and use them to as a guide to writing the report:
Requirement 1: 40 marks
Based on the scenario provided above:
a) Critically analyse the company’s current network setup and specifications of the resources. Your analysis may include but not limited to the following: hardware specifications of the servers and clients, software specifications of the servers and clients and wireless local area network. (5 marks)
b) Critically analyse the company’s security issues for the current on-premise network. Your analysis must include the following issues: (3 marks per issue analysed, 15 marks max)
i) Malware security
ii) Network & cloud security
iii) Firewall security (Premise & Cloud)
iv) Web Services security
v) Database security
c) Suggest and justify security solutions to resolve the aforementioned issues. (4 marks per solution provided, 20 marks max)
Requirement 2: 20 marks
a) Perform a SWOT analysis to evaluate the readiness of the resources and the current network of the company for cloud migration. Your analysis must include the identification of the strengths of the current network, the weaknesses in terms of resources, opportunities that comes with the cloud migration and the potential threats or risk involved. (10 marks)
b) Recommend the type of cloud implementation (either full or hybrid) that needs to be implemented. Provide explanation and justification. (10 marks)
Requirement 3: 40 marks
a) Analyse the potential security issues that may arise after the migration to the cloud implementation (either full or hybrid) that you have chosen. Your analysis must include the following issues: (5 marks per issue analysed, 15 marks max)
i) Infrastructure security
ii) Data security
iii) Access Management
b) Suggest and justify security solutions to resolve the aforementioned issues. (5 marks per solution provided, 15 marks max)
c) Recommend two risk management techniques that can be implemented your cloud-based network. Provide explanation and justification.
