Assignment No. 1: Computer Network Security for a Home/Small scale Network.
Learning outcomes:
1. Identify the various threats and risks in a small scale network
2. Describe and compare a number of different techniques to secure a network
3. Analyse, evaluate and apply various techniques currently used to protect a network.
4. Design a secure network system
Introduction
In today's world computers are used for everything from banking and investing to shopping, games, leisure and communicating with others, therefore online security is of a concern for clients or users, organisations and the administrators trying to protect sensitive data located on these computers.
Computer security has become a very important issue that needs to be dealt with at every level of a network or system: physical, user-based, service-based, host-based and network-based to secure data, protect privacy and prevent frauds. Network security involves protecting all the resources on the network from threats (physical, packet sniffers, port analysers, denial of Access, spoofing, data alteration, TCP session hijacking, virus and malicious attacks...). You must consider not only the computers on the network, but other network devices, network transmission media and the data being transmitted across the network.
Assignment Brief
You are requested to design a secure home or small scale network (Fig. 1) to satisfy the key concepts underlying computer and network security: confidentiality, integrity, availability, accountability and non-repudiation.
Fig. 1 shows a small home network comprising: two personal computers (PC1 and PC2), a laptop and an ADSL Modem with wireless G Router. PC1 is directly wired to the Router using an RJ45 connections crossover cable, while PC2 and the laptop are connected by wireless adapters to the router. A mobile phone, iPhone 4S, can also connect to the internet using wireless technology. The technical specifications of the devices and the details of the operating systems are given in Table 1.
The network is peer-to-peer networking to allow the users to share files and printing and scanning facilities attached to PC1.
1. Identify possible weaknesses in the network infrastructure that may make it vulnerable to attacks, accidental and intentional misuses. Assess the assets, vulnerabilities and threats to the network. Carry out a risk analysis for the data asset.
2. What are the reasonable precautions, countermeasures and risk mitigation to provide/install in order to secure the network?
3. Visiting guests need to access and connect to the internet, using their private laptops, how would you devise/design procedures to protect the network and the information contained in the devices?
4. The network owner would like to convert PC1 to a file server and would like secure access to his files from outside the network using the internet, how would you change/design the network to satisfy this requirement?
