Assessment Details and Submission Guidelines Unit Code BN203 Unit Title Network Security Assessment Title Network Security Scanning Purpose of the assessment (with ULO Mapping) After completing this assessment, student’s should be able to: - Understand network scanning and security policies to manage operational security at workplace. Then administer those policies to ensure compliance by users in an organization. - Apply skills to analyse complex problems in network security under supervision. Weight 20% Total Marks 40 Word Count Minimum 1500, Maximum 2000 Due Date 0 Submission Guidelines • All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. • • The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. • • Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style. • Assessment Description After undertaking initial stealthy reconnaissance to identify IP address spaces of interest, network scanning is an intrusive and aggressive process used to identify accessible hosts and their network services. Performing both network scanning and reconnaissance tasks paints a clear picture of the network topology and its security features. The rationale behind IP network scanning is to gain insight into the following elements of a given network: • ICMP message types that generate responses from target hosts • Accessible TCP and UDP network services running on the target hosts • Operating platforms of target hosts and their configurations • Areas of vulnerability within target host IP stack implementations (including sequence number predictability for TCP spoofing and session hijacking) • Configuration of filtering and security systems (including firewalls, border routers, switches, and IDS/IPS mechanisms) Source: Chris McNab (2008), Network Security Assessment, O’Reilly 2nd Edition This assessment requires you to do literature search on internet, magazines, publications, textbook etc. This is an individual assignment, therefore it is very important to write the findings in your own words. Choose ONE of the following topics: 1) ICMP Probing 2) TCP Port Scanning 3) UDP Port Scanning 4) IDS/IPS Evasion 5) Low Level IP Assessment At minimum your report should address the following: A) Discuss your chosen topic. B) Explain what kind of security measures/threats it provides to the network. C) Identify three security vulnerabilities. D) Discuss how these threats can be mitigated. E) Conclusion/Summarize. Marking Criteria: Section to be included in the report Description of the section Marks Introduction Description of selected topic 4 Security Measures/Threats Analyse identified Threats 10 Security Vulnerabilities Researching vulnerablities 10 Threats Mitigation Finding threats mitigation 10 Conclusion Summary of report 3 Reference Style Follow IEEE reference style 3 Total 40