COIT20265 Networks and Information Security Project
Answer:
Nnetwork Security- DMZ ZONE
Objective of Control
The ultimate goal of this network implementation is to build a demilitarized zone and followed by installation of server in that particular zone. It has been mainly done for preventing access to staff and local kinds of users. It ultimately creates an additional kind of network security layer on the provided network which ultimately provides restriction to various kinds of local nodes for accessing element which are installed in the demilitarized zone. Hosts are considered to be vulnerable to various kinds of attacks that is mainly installed in DMZ zones. It is mainly used for providing protection to rest of network from various kinds of attacks.
Resources Used
DMZ is mainly configured on router for establishing of DMZ zone. It needs to be work out configured as per the rules of DMZ firewall. Various other kinds of resources are needed for DMZ zone on firewall, Servers.
Developing the control
The development of DMZ zones and configuration of emails server is mainly remains associated to email server in DMZ. This mainly works for associated email and database which can be used in various kinds of primary servers. Information can be only accessed from various kinds of mail servers which are mainly present in DMZ network and access is provided to external users. The main notion of email server is mainly used for passing incoming and outgoing emails which are present in the server and internet. Web sides mainly handles the communication with internal database as it contains database server and also contains some kinds of sensitive information for an organization. Database server must be connected through a proper firewall which is used for maintaining secure kind of network communication and also aims in maintains overall security of organizational security. Installation of communication proxy servers in the zone of DMZ can be considered to be helpful for understanding various rules and associated standards.
Description of the System
The development of system comes up with various kinds of methodology which ultimately helps in understanding the infrastructure of the network which is being provided. Two well-known methodology which are used are single firewall and secondly using of two firewall. Single firewall also known as three legged model has a single firewall which comes up three kind of network infrastructure is mainly used for development of DMZ architecture. While in Dual firewall mode of DMZ consist of two firewall which comes up with one end in the front and other end one as back end.
Configuration of the system
: justify;">For proper configuration of the system the provided external network should be connected with interface first of the provided network. Internal network is connected is mainly connected with second interface of the provided network and after that a network of DMZ is mainly created on third interface which is mainly present in the network. It is mainly used for tackling various kinds of network traffic in DMZ and associated internal network. Various colour codes are mainly used for providing indication of network traffic which is mainly present in different network interfaces. It is mainly used for different kinds of colour codes which are used in network traffic on various interfaces of network. It is mainly used for increasing various kinds of security in organizational network on the zone of DMZ. It can be considered be more secured with the implementation of two kinds of firewall. Firewall are mainly used in the front end as it allows the traffic of data to easily pass the DMZ. Back end of firewall is mainly used for creating a set up for the traffic to easily pass through the internal network of DMZ.
Test Plan Design
If a network design is created in certain way that it comes up with various kinds of errors in the provided configuration of the firewall by making use of same kind of configuration in the second firewall as it comes with same kind of error. Firewalls of various kinds of brands should be used at the provided entry and exit place. This should be used in such a way mistake of configuration is much lowered. A penetration test must be there so that it can easily identify the needs of security of the network and various kinds of errors can be easily resolved which are found in the organization. A penetration test should be done on the network for analysing various needs in the network. This test mainly overcomes various kinds of errors which are found in the network. Host should be connected to a DMZ network and after that ports for opening must be there for bocking them form any kind of external access. A fake security sense is mainly used for analysing configuration blocking the system from any kind of access made externally.
Test Plan Implementation
For the proper implementation of test plan the network should be configured in such a way that various firewall devices are installed in the network. There large number of tools for network configuration which is mainly used for analysing or checking various kinds of vulnerabilities which are present in the network and after that proper kind of testing of network must be done.
Test Results and Analysis
For proper analysis of result of test, it has been concluded that various kinds of networks can be kept secured from various kinds of external agents and so the vulnerability of the system should be kept secured from various kinds of solution for network.
Network security- Radius server
Objective of Control
Implementation of thee Radius server mainly focus on the fact that it can easily help in server management for the users which are connected in the network. It mainly focuses on the fact of authorization and mechanism of authentication which is used for securing the various resources which are mainly present in the provided network. It also aims in providing wireless networks and internal networks which is used for management of various integrated web services.
Resources Used
The ultimate resource which has been used for maintaining and running of radius in various system is all about understanding the various requirement of the system and as per that server must be chosen.
Developing the control
Radius authentication is mainly used by various kinds of devices and is mainly used for configuration of information which is provided which mainly comes with one or more Radius kinds of server which is present in the network. It can be mainly achieved by the help of statement of radius server which is present at the Radius server. This can easily take place due to the fact remote authentication is properly configured on large number of devices. It comes up with common configuration for large group of people. This is mainly inclusive of adding up of server address of IPv6 and IPv4, which is ultimately followed by strong kind of password. In many it is seen that various kinds of server of Radius server can be contacted easily. The default provided port number is 1812. After this the provided order is mainly specified in which the provided system can itself authenticate.
Description of the System
RADIUS or Remote Authentication is a well-known Dial up server is considered to be client or server protocol. It is mainly associated for enabling the various kinds of remote access on server for establishing communication with the central software for various kinds of authentication. Dial up users are mainly followed by various kinds of authorization of access to the user by various kinds of access which are requested by various kinds of users. This particular system also helps in maintenance of large number of records for various users in the provided central database that is again shared by all the remote servers which are present. This provided system will help in providing better kind of network security which will help the organization in setting some policies that is again applied to single administer point of network. Central database mainly helps in easy tracking of the usage on billing and also aims in keep track of statistic of network.
Configuration of the system
Quick configuration of CLI can be easily done for copy of large number of commands and after pasting it to the provided text file. After that line must be properly removed and provided details must be needed to be matched as per the network configuration which is matched according. GUI is mainly taken by step by step process and after that various details of the network are provided. From the provided results the mode of configuration can be easily configured by the help of commands which are provided. The output of files mainly provides configuration and then after that instruction are set for configuration which are again used for repetition.
Test Plan Design
It mainly describes the various kinds of schedules, approaches, resources and other kinds of scope which is needed for the activity. It also adds up some of the features which are needed for testing large number of activities. The activity mainly comprises of test and design which is needed.
Test Plan Implementation
Various kinds of inputs are mainly considered. Out of that the first one is the employee and deadline of provided project. In working days, various kinds of resources and deadline of project are considered like an important kind of factor. After that estimation of project comes into action. Depending on estimation the test manager of the project can easily effect of schedule of data which is provided. This ultimately help the project manager in proper scheduling of it. Understanding of risk in project mainly managers to easily incorporate some kind of extra schedule which is needed for dealing with project in terms of understanding various kinds of associated risk.
Test Results and Analysis
For the analysis of the RADIUS server configuration the errors in the network must be analysed.
For proper analysis of result of test, it has been concluded that various kinds of networks can be kept secured from various kinds of external agents and so the vulnerability of the system should be kept secured from various kinds of solution for network.
Network Security- IPS
Control objective
Security tools can be easily used for proper kind of analysis of intrusion path and there after a proper kind of penetration test is done for providing security at the entry and exit points. In the above steps of the report various steps have discussed which needs to be followed proper deployment of snort. Honey ports needs to be discussed which can help the team of network development for providing security to network from various kinds of external agents. Snort can be defined as a well-known mechanism that can be used in intrusion detection. It is mainly installed at various location of the provided network which can be used for capturing of data packets and providing security to sensitive kinds of organizational information. Deployment or implementation of honey pots ultimately helps in creating proper kind of tarp in the network which is provided. It can ultimately distract various kinds of attackers to easily gain access to original kind of resource which is provided to the organization. Various vulnerabilities in the system can be easily overcome by doing various kinds of penetration techniques. Various kinds of sensitive information of organization is generally kept secured.
Various kinds of resources used
Attackers can easily make use of different kinds of different kind of methodology for providing access to large number of networks. It mainly focuses on injection of SQL, overrun of buffer, execution of remote code and bypass of third party. It also aims in mitigation of various kinds of risk related to third party software which needs to be avoided or eliminated for various kinds of application that is kept up to dated. After that it is patched for minimizing various kinds of risk reduction which is associated with the network provided.
Development of Control
For performing research on various kinds of vulnerability on the network a proper kind of research needs to be done on various kinds of available penetration tools. It is mainly used for selection of tool where a study is mainly provided on various kinds of weak points and proper kind of security mechanism must be followed for providing security to network from any other kinds of external threats. Various points on vulnerability can easily be analysed and focus is provided application program which creates an ultimate effect on the security of network. Issues or flaws in code of programming can be checked and after that third party software which should be avoiding various kinds of risk of malware and open ports which are present in the network which ultimately cases intruder in the network. Rootkit also helps in increasing the vulnerability of the provided system and easily protect the provided network from loss of data and theft.
Description of system
Honeypots are mainly used in network for creation of large number of tarp on the provided network. It also helps in analysing logical activity of the various users that can be used in different levels and other kind of associated threats. Various kinds of research in honeypot is mainly used in the network for creation a proper kind of tarp on the network along with clos activity. Data which is placed in honey pot should come up unique identification property. It can be easily used for tracking of data which has been stolen and it also helps in identification of connection between attackers and participants that is used in penetration technique. Various kinds of virtual machine can be used for hosting the hosting the provided honeypots and providing the centre server. It also provides protection to the main server from any kind of authorized access.
Configuration of system
1st Step: In the first phase we need to download a pentbox which is used for setting up nectar pot in linux and it will ultimately provide framework for the terminal.
2nd Step: Provided compact disc that is 1.8/ is mainly utilized for undergoing into the pentbox index and pentbox.rb mainly adds up for executing various kinds of pentbox devices.
3rd Step : Second alternative which is provided for alternative to system instrument is mainly taken or chosen by 3 which is for honeypots.
4th Step: On properly analysing the alterative of honeypot two kind of incited are made like quick auto design and arrangement in a manual way.
5th stage: Alternative of auto design has been chosen as it can enact various kinds of nectar pot on port of 80. Manual arrangement of distinctive port address can be easily set and false message can be easily embedded in misinform and other kinds of alternatives for sparing large number of call records.
Design of test plan
Procedure of infiltration is mainly used for minimizing or breaking down of vulnerabilities or issues after analysing the objective of the framework along with execution of malignant strategy. Entrance procedure mainly abuses the presence of shortcoming and various kinds of mistake which are done for setup codes. The primary motivation behind the infiltrate mechanism is to provide security to authoritative information from various kinds of unapproved clients. Fruitful distinguishable proof of the defenceless is mainly used for analysing for getting into various kinds of sensitive data in the association.
Test plan for implementation
Test of Social engineering: It is mainly used for abusing various kinds of individual information, password and unauthorized data. It can be easily done by help of human blunders. Various kinds of security approaches and norms can be used for proper maintaining a proper kind of distance of kind of power which is provided. It mainly conducts various kinds of security approaches and can be easily used for maintaining strategic distance for powerless and conduction of reviews of security in evaluation of imperfection.
Web application test: Various kinds of software techniques is mainly used for presenting the danger related to security. Programming mainly focus on the use of framework which is used for framework which is abused in investigation for imperfection.
Entrance of physical test: It is mainly used for providing touchy information which is used for assuring information by providing a test on the system gadgets. It is mainly done for probability of break of testing and testing of large number of products.
Benefits of network test: Various kinds of open ports which are present in the system are considered to be indistinguishable for making utilization of distinctive kind of system investigation instruments and a system can be easily configured for system gadgets which are again reconfigured for relief in various kinds of hazards tests.
Test on client side: Customer side programming application is considered to be dissected for overcoming vulnerabilities.
Test on wireless security: Interlopers can easily meddle in the system by the help of unsecured data, focused on providing access and as per the requirements some kind of calculation are provided to unsecured data for checking the vulnerabilities of the system and various kinds of success parameter which mainly focus on limiting interface of hierarchical system.
There are large number of penetration test which are mainly installed or deployed in the system for checking some kinds of vulnerabilities which mainly stops connection without limiting the approval from the client. As present Snort and Honey pots are being used for performing large number of test and its selection depends on a large range of criteria:
- Ease of arrangement and organization for the use of instrument.
- Proper kind of device must be utilized for filtering the framework in minimum effort.
- It mainly aims in having a proper kind of capacity which is used for re confirm the previous defencelessness which are mainly found in the network.
- It comes up the capacity to easily make logs and various kinds of reports.
Network Security – IDS
Control objective
Intrusion detection system or IDS can be easily used for monitoring or tracking of various kinds of networks which is used for different kinds of activity. This mainly takes place like an autonomy of detection and providing reports in turn. It can be found as a main function as few kinds of IDS come with capability for making decision regarding malicious traffic which can be easily detected. This mainly inclusive of blocking of traffic which ultimately form various kinds of IP addresses which are suspicious.
Used Resources
Although a large number of methodologies and tools are available at present, the widespread fundamentals are considered to be important in every kind of security configuration. Enterprise makes use of IDS (intrusion detection system) and various kinds of associated firewall. Firewall is mainly used for controlling large number of departments and incoming traffic depending on large number of policies and procedure. Under the provided network IDPS has come into action for providing host for the traffic. This has come into action of undertaken measures of proactive measures for large number of blocks and attacks of log. Implementation of Snort, Honeypot and other kind of software identification for flow of network traffic which is used for identification of various kinds of vulnerability in the network.
Development of control
IDS project is developed in such a way it can be decide type of IDS is needed to be developed. It is mainly used for determining the fact IDS is based on signature or not. They just need to focus on one fact that host based detection system which is used by IDS. They just need to focus on one fact that various kinds of host based detection system for IDS. Along with they need to do an analysis on the fact of various correlation system and implementation of high order of IDS. Lastly the final architecture of IDS needs to be checked and the fact that how they can define the various kinds of detection technique. In the end it is not easy to decide the architecture of IDS which mainly focus on the fact of defining of detection technique. In the end mainly need decided the architecture which is inclusive of IDS architecture on the fact that how they can define the network. Finally, it is mainly requires deciding up of IDS architecture which is inclusive of the fact of defining network detection. Let us considered an example in which it has been found on various kinds of fact related to signature.
Details and Description of System
Proper selection tool will help in having proper kind of penetration that can be deployment in various kinds of location. It is mainly used for finding data flow in the network and proper kind of analysis of traffic of data. It is mainly used for both kinds of parameter like positive and negative like attackers which is used for having proper visibility of current network and intruder of path in the network. It can be easily used for securing the network by providing the details of unwanted network and configuration of firewall for providing restriction of the traffic.
System configuration
Various kinds of business bodies have developed IDS which is used for detection of any kind of break events. The screenshot which has been attached provides a proper kind of snort configuration which is used for detection of various kinds of intrusion in the network.
Design of test plan
First stage is all about implementation of single terminal in which a category is launched by single kind of service or equivalent logics. The next kind of phase is all about intruder multiple kind of terminal.
Plan for implementation
Implementation mainly focus on the fact that various kinds of signature based and anomaly dependent of IDS network. It is a well-known kind of approach which used for detection of protocol. This can be used for adopting various kinds of conformance of methods or techniques of testing. It can be used for testing it an effective investigating for proper its implementation. Snort rule mainly adds up according to the policy of network which is again used for various kinds of penetration testing on the network and this ultimately improve performance of provided network.
Conclusion
The above report mainly focuses on the implementation of firewall policy. RADIUS network can be considered to be secured for large number of users for getting access to core of the resource of network. Installation of firewall mainly focus on depending upon the requirement of the organization. A zone of demilitarized is mainly created for core of the network servers in such a way it can get access to the network. IDS can be easily used for monitoring of flow of data in the network. It is again combined with IDS for overcoming certain number of risk related to threats of cyber.
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.
Da Xu, L., He, W., & Li, S. (2014). Internet of things in industries: A survey. IEEE Transactions on industrial informatics, 10(4), 2233-2243.
Faynberg, I., & Goeringer, S. (2017). NFV Security: Emerging Technologies and Standards. In Guide to Security in SDN and NFV (pp. 33-73). Springer, Cham.
Granjal, J., Monteiro, E., & Silva, J. S. (2015). Security in the integration of low-power Wireless Sensor Networks with the Internet: A survey. Ad Hoc Networks, 24, 264-287.
Ibrahim, A. S., Hamlyn-Harris, J., & Grundy, J. (2016). Emerging security challenges of cloud virtual infrastructure. arXiv preprint arXiv:1612.09059.
Kizza, J. M. (2017). Guide to computer network security. Springer.
Li, S., Da Xu, L., & Zhao, S. (2015). The internet of things: a survey. Information Systems Frontiers, 17(2), 243-259.
Li, S., Tryfonas, T., & Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), 337-359.
Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., & Zhao, W. (2017). A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal, 4(5), 1125-1142.
Loo, J., Mauri, J. L., & Ortiz, J. H. (Eds.). (2016). Mobile ad hoc networks: current status and future trends. CRC Press.
Pathan, A. S. K. (Ed.). (2016). Security of self-organizing networks: MANET, WSN, WMN, VANET. CRC press.
Perlman, R., Kaufman, C., & Speciner, M. (2016). Network security: private communication in a public world. Pearson Education India.
Yang, N., Wang, L., Geraci, G., Elkashlan, M., Yuan, J., & Di Renzo, M. (2015). Safeguarding 5G wireless communication networks using physical layer security. IEEE Communications Magazine, 53(4), 20-27.
Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014, May). Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network Operations and Management Symposium (NOMS), 2014 IEEE (pp. 1-9). IEEE.
Zhou, L., Wu, D., Zheng, B., & Guizani, M. (2014). Joint physical-application layer security for wireless multimedia delivery. IEEE Communications Magazine, 52(3), 66-72.
Buy COIT20265 Networks and Information Security Project Answers Online
Talk to our expert to get the help with COIT20265 Networks and Information Security Project Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.