Task 1:
Submit a work proposal for this assignment which must include:
- Understanding of deliverables - a detail description of deliverables
- General overview of proposed plan - initial understanding of solution to all the tasks
- Resources identified
Task 2: This part evaluate students' perceptive of Security Architecture.
It is becoming increasingly critical that financial institutions ensure their banking customers are able to access their accounts with the highest reasonable security, using a process that is very straightforward and approachable. Technology has made it possible for hackers to extend their reach to vast number of potential victims through a wide variety of attack vectors. Therefore, banks are required to use a secure architecture to provide convenient and secure online services. Secure architecture can be achieved by having layered security. Layered security is a defensive strategy featuring multiple types of security measures, each protecting against a different vector for attack.
Students are required to do the following tasks:
a. Provide a literature review on layered Security Architecture.
(Hint: This should include: the understanding of layered security concept, detailed description of security layers, advantages and disadvantages of using layered security architecture)
b. As a network security consultant, suggest a layered security architecture for a small company's network.
(Hint: Your architecture should include five levels of IT infrastructure)
c. The concept of layered security is commonly applied by banking system to provide a secure mobile banking services. From user side, Explore and identify what are security controls in your mBanking application. Evaluate the efficiency of these controls.
(Hint: provide screen shoots for all security messages appears in your application)
Task 3:
You are the network administrator for 7colores Company. The company has implemented Microsoft Forefront TMG as the firewall. The company works 5 days a week (Sunday to Thursday) from 8am to 4pm. The company has the following requirements:
1. The Company management wants to implement Network Inspection System (NIS). The goal is to enable NIS to all networks except for servers located in the range 10.20.20.10 to 10.20.20.30. Those servers are considered administration servers, and do not require NIS traffic evaluation. TMG should check for updates every 25 minutes to obtain new signatures. The company wants to follow the default Microsoft policy when network traffic matches one of the active signatures.
2. The TMG intrusion detection should be able to detect Ping of death, UDP bomb and IP half scan attacks and all sorts of DNS attacks. TMG should filter the Time stamp and Loose Source Route during the IP options filtering. The Company management wants to block packets containing IP fragments, but wants to give the default settings for the SIP parameters.
You are required to complete the following configuration
a. Configure network Inspection System (NIS) as following :
- Configure an exception named ‘admin' for the NIS
- Configure the address rule Element called ‘administration server'.
- Configure the excepted IP addresses range to be 10.20.20.10 to 10.20.20.30.
- Configure the signature update to be every 25 minutes
b. Configure an intrusion detection System (IDS):
- Enable detection for Ping of death, UDP bomb and IP half scan attacks
- Enable detection for all types of DNS attack.
- Configure Time stamp and Loose Source Route during the IP options filtering.
- Block packets containing IP fragments.