Assignment title: Management

UEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 1 / 7 CHISHOLM INSTITUTE Information Technology and Computer Systems Student Name: Student ID: Date: Start Time: Finish Time: Due Date: week of 20th March Network Managment Network Design and Security Report Major assignment 1UEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 2 / 7 DESCRIPTION OF TASKS – PLEASE READ CAREFULLY OVERVIEW The Zipper Biz Company has taken over the Fair Dinkum Retail Company. They have discovered that they have inherited a company network made up of 2 licensed Microsoft 2012 standard R2 servers with 25 Client Access Licenses (CALs) and out of these CALs, 10 are Windows 8.1 Professional client workstations and 2 HP Laser Printers. All of these networks are on a WorkGroup called LOCAL. The network itself is a peer-to-peer network and provides basic network basic file and print services to its users. The Zipper Biz company and its stakeholders will liaise with YOU (-the networking consultant) to discuss and document design, security improvements and determine solutions that will lead: 1. (a) to the use of a development tool (eg. Microsoft Visio) to draw up a current topology of the network. (b) to describe how the Active Directory Services structure will be implemented in this current network. 2. to list occupational work safety issues and implement an OHS risk a control assessment that might be expected in the building housing the Zipper Biz network. 3. to determine and document security requirements to the current network. 4. to indicate the current authentication being used by the current network. 5. to implement an Active Directory structure(which includes domain controllers, users and computers – with rights and permissions, domains and trusts), security controls and test procedures to the Zipper Biz network. 6. to setup compliance management of the server/network and an audit of the network to determine current vulnerabilities that could lead to counter measures. 7. to implement: email, Internet Information Server (IIS) – that is web and FTP services, DNS (forward and reverse zone), and certificate server services. 8. to setup a security policy. 9. to setup deployment of software to specific user groups. 10. to implement Windows Deployment Services to build more devices on the Active Directory network topology. 11. to setup remote desktop services. Sign off to the commencement of the work and the end of the project will be done by the company IT manager – Mr George Mickeman. Your report task should address all of the above requirements 1-11. In essence, each numbered statement above is to be treated as section in your report. A summarized version of the above overview will act as introduction to your report. IMPORTANT NOTES FOR YOU ONLY: 1. The 4 areas that make the Zipper Biz Company are : 1. Managers, 2. Production, 3. Marketing and 4. Printers. This important for the Active Directory design! In each area, there are 10 users present. From the manager to supervisors to the general staff.UEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 3 / 7 2. Group policy is used to deploy software to particular areas and organize security. 3. Microsoft antivirus and antimalware solutions can be used in this network. 4. Microsoft 2012 Server Roles need to be considered in this assessment. 5. Third party security software solutions can be considered in this assessment. 6. Microsoft server security policies can be also be modified to suit this assessment task. APPENDIX – FURTHER CONSIDERATIONS (THESE SHOULD ATTACHED TO THE BACK OF YOUR REPORT): Answer each section's requirements. APPENDIX 1.1: 1.1 REQUIREMENTS - WHAT, WHY AND HOW MUCH You often work with an Australian government agency. Provide brief answers to the following: 1.1.1 Write the link YOU would use connect to the Australian Government Information Security Manual Controls. 1.1.2 List 2 client stakeholders involved with this assessment scenario. APPENDIX 1.2: RISKS, VULNERABILITIES AND CONTROLS You want to indicate what real risks may be present. Provide brief answers to the followingUEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 4 / 7 1.1.3 Explain some of the general types of risk that good security will help protected against. 1.1.4 Explain the generic types of security controls 1.1.5 List 2 URLs to "security vulnerability advisories / databases" 1.1.6 What are zero day vulnerabilities? 1.1.7 If all protocols/products sooner or later have vulnerabilities, how can you mitigate this risk? APPENDIX 1.3: INCIDENT DETECTION AND RESPONSE Possible responses to a security incident surround legal responses. Provide brief answers to the following: 1.1.8 What is the status of legal requirements for mandatory reporting of a data breach in Australia? a) for government agencies b) for private companies 1.1.9 Explain intrusion detection and recovery procedures Summarize the procedures published at http://www.comptechdoc.org/independent/security/policies/incidentresponse-plan.html APPENDIX 1.4: 1.2 SECURITY BASELINE The security baseline will involve an audit and penetration test. Provide brief answers to the following: 1.2.1 Briefly outline auditing and penetration testing techniques used with a Windows network. NETWORK SERVICE SECURITY ANALYSIS AND DESIGN 1.2.2 Windows 2012 Server - IIs WEB Server , IIs FTP, Email Server, Domain Controller and its DNS, and Firewall. Your tasks: a) briefly describe security vulnerabilities with the above. b) list URL links to best practice configuration guidelines to rectify these issues and what the rectification was.UEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 5 / 7UEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 6 / 7 2 DOCUMENTATION REQUIREMENTS At the completion of the research, you are to submit your documentation in the form of a report. The report should be word processed, professionally written and presented, proof read, and should address all of the tasks outlined above. The report must contain a title page, a table of contents, have a heading for each task and sub-task (you could use this document as a template), screen shots or diagrams must be included under the relevant headings (not submitted as separate files, or the report will not be marked), whole sentences and proper grammar must be used, material that is copied from the internet must be attributed and include a link at the point that it is used (a list of links at the end of the document is not acceptable). Instructor Use Only: Yes No Meets Requirements (satisfactory evidence): Further Evidence Required Re-assessment required See Below Signed (by Instructor) DateUEE60411 Advanced Diploma of Computer Systems Engineering ICT60215 Advanced Diploma of Information Technology Network Security Subject: Network Management Units of Competency:UEENEED147a, UEENEED149a 7 / 7 If you have been assessed as "Further Evidence Required" an opportunity for you to be re-assessed has been made available. Please sign below to acknowledge re- assessment time. Reason for reassessment _____________________________________ _ _ _ _____________________________________ Re-assessment Date Time Location Student signature