1. Explain the purpose of the ISO-OSI model and TCP/IP and the
significance to real-world networks such as LANS and the Internet
2. Explain in detail the architecture of LANS, the IEEE 802 standards for
station addresses and frame format, and the operation of LAN switches, and
outline shortcomings in LANS such as security and broadcasts
3. Describe in detail the architecture of the Internet, the operation of
routing tables, routers and the operation of dynamic routing protocols and
explain the purpose of layer 3 protocols and IP in particular, and the main fields
in the IP packet header
5. Describe in detail the features and protocol formats for presentation and
Application layers and outline the basic architecture of the World Wide Web
and Internet email systems
Assignment 3: Evaluating Access Control Methods
Due Week 6 and worth 50 points
Imagine that you are the Information Systems Security Specialist for a medium-sized federal government contractor. The Chief Security Officer (CSO) is worried that the organization’s current methods of access control are no longer sufficient. In order to evaluate the different methods of access control, the CSO requested that you research: mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC). Then, prepare a report addressing positive and negative aspects of each access control method. This information will be presented to the Board of Directors at their next meeting. Further, the CSO would like your help in determining the best access control method for the organization.
Write a three to five-page paper in which you:
- Explain in your own words the elements of the following methods of access control:
- Mandatory access control (MAC)
- Discretionary access control (DAC)
- Role-based access control (RBAC)
- Compare and contrast the positive and negative aspects of employing a MAC, DAC, and RBAC.
- Suggest methods to mitigate the negative aspects for MAC, DAC, and RBAC.
- Evaluate the use of MAC, DAC, and RBAC methods in the organization and recommend the best method for the organization. Provide a rationale for your response.
- Speculate on the foreseen challenge(s) when the organization applies the method you chose. Suggest a strategy to address such challenge(s).
- • Task 1: Consider the network and devise strategies that will secure the following:
a. the remote office’s connection to the main office as it is not using any
encryption;
b. remote access to the servers so passwords are not sent over the wire;
c. encrypted WIFI for employees.
You must provide at least 2 (two) options for each.
• Task 2: To ensure that this doesn’t occur again and assist with analysis you must
advise why a monitoring service would benefit them and provide a suggestion as
to what the service will monitor.
• Task 3: Conduct a vulnerability analysis on the servers using OpenVAS. Each
person must conduct one analysis, one server per person. Servers are in the VM’s
folder at the CSC72005 Google share.
With your colleague you will need to share the results of your audit and compare
You are required to set up, configure, and test your firewall. You need to do research and reading to be able to complete this assignment.
You have to discuss the main uses, limitations, and possible security holes of your firewall and write it in your report. You should test that following packages are installed on your machines: Telnet, MySQL and Apache webserver. Start the services, and test that they are working prior to your experiments with the Iptables firewall. Include screenshots in your answers to show that the services are working and the output of your results to show that the requested filtering is performed.
1. Use command injection for popping a reverse shell on the DVWA-VM to External Kali when the security level is set to “LOW.” You can configure either NC or Metasploit on the attacker machine to accept the reverse shell connection.
2.With the backdoor connection, complete the following sub-tasks from External Kali:
• Display the target machine’s network configuration.
• Display the target machine’s current network connections.
• Create a new MySQL user with the following information: o Username: o Password:
3. Remote access the MySQL from External Kali with the account created in the previous step.
Change the DVWA security levels and answer the following questions:
1. Analyse and compare the source PHP file at different security levels. Highlight and summarize the limitation of the codes that prevent the command injection, if any.
2. Based on the study above, can you still perform the command injection attacks where the security level is set to “Medium” and “High”? You don’t have to create a reverse shell as in Task A -1.
What is the type of message and what is the code?
Repeat exercise 19 for the time of 3:40 pm
Assignment 2Submission Deadline 20th April 2020
An organisation with 13 branches scattered across Ghana acquired the IP address 176.184.238.73/16
a. What class is the IP address. What subnet is the address once. What is the NetID? d. What is the HostID? e. What is the SubnetID? f. What is the site address? g. Give the address in its BITWISE notation. What is the name of the /16 notation? Give the dotted decimal notation of the /16 and also give bitwise notation equivalent. Design a suitable network for the organisation ensuring most efficient usage of addresses. List all the subnet addresses. Give the subnet address that this IP address resides on 176.184.238.73255.255.240.0m. What is the site address for the given address in ‘l’ above? What is the NetID for the given address in ‘l’ above. What is the Hosted for the given address in ‘l’ above? What is the SubnetID for the given address in ‘l’ above. Draw the network diagram that can be used for the implementation of the organisation network. Explain the functionality of each if the devices in your network diagram and justify their purpose in your diagrams. How will you ensure Internet connectivity for host at each branch.t. Explain type(s) of connections in your network diagram u. Explain the protocols for devices communication in your network diagram v. Explain protocol for 3 applications communication on your network w. Explain the addressing mechanism in the movement of packets from one branch to the other x. Assuming each branch has 58 workstations and a printer, how many collision domains has your network diagram y. As follow-up question to ‘x’, how many broadcast domains has your network diagram z. Write a convincing summary statement to convince management of why they should invest money to deploy your network diagram. Your statement must clearly spell out the advantages of the network that the organisation stands to gain if they implement it.
Find the key stream then encrypt the letter A by using A5/1 method, where the letter is given in ASCII code. The ASCII value for A is 65 = 1000001 0111011011 0 0 1 0 0 1 0 1 0 x noonnon 010 0 11 1 0 11 0 10V 1100110010111 0 0 1 1 0 0 0 0 1 0 z 2. Assume that you have the fallowing plain text: P-0110 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1100 And the key: K= 10010011 00110100 01010111 01111001 10011011 10111100 11011001 11110001 Encrypt P with K for only one round using the DES algorithm. Use the tables in the lecture notes. 3. Use the rail fence Cipher (3 rails) to encode the following plaintext: P= My name (write your name here) I live in (write your neighbourhood here) 4. Encrypt the same plain text in 3 using the COLUMNAR algorithm with the key “alzahrani
. What is the size of an ARP packet when the protocol is IPv4 and the hardware is Ethernet? 2. Distinguish between communication at the network layer and communication at the data-link layer. 3. What is the role of the address field in a packet traveling through a datagram network? 4. What is the role of the address field in a packet traveling through a virtual circuit network? 5. How do guided media differ from unguided media? 6. What is the function of the twisting in twisted-pair cable? 7. What is refraction? What is reflection? 8. What is the purpose of cladding in an optical fibre? 9. Name the advantages of optical fibre over twisted-pair and coaxial cable.
Objective
You are to design and build a secure, responsive, reliable, scalable, and resilient distributed
system to support the online learning operations of a large university.
Background
The Global University (TGU) is one of the world’s largest online learning universities with
more than 250,000 students undertaking undergraduate and postgraduate studies
worldwide. At TGU, all education services, courses, programs and units of study are
internally authored and delivered online both synchronously and asynchronously using
TGU’s proprietary network infrastructure. TGU’s headquarters is in France, where it houses
around 2,000 academics and about 4,000 administrative, operational and student support
staff. In France, TGU also has a world class learning and teaching research centre (LTRC)
with about 1,000 research staff. Since its inception, TGU has structured its academic
operations into faculties; but just recently, TGU decided to consolidate its operations into
seven schools, namely, 1. Arts and Social Sciences, 2. Business and Economics, 3.
Education and Language Studies, 3. Engineering and Maths, 4. Health Sciences, 5.
Learning Technologies and 6. Science.
TGU network infrastructure interconnects its operations with the global research and
education network community across multiple 100 gigabit per second (Gbps) dense
wavelengths division multiplexing (DWDM) leased links over multiprotocol label switching
(MPLS). TGU has four (4) strategically located private cloud data centres (CDCs) in Japan,
Argentina, India, and South Africa respectively. Each CDC is typically equipped with
application servers, virtual machines, physical machines, load balancers, bare machines,
storage and Internet access.
At each CDC there is also a proprietary remote access laboratory, the university uses to
support laboratory experiences for students enrolled in STEM units (Science, Technology,
Engineering and Maths). A remote lab is a set of network-connected physical devices that
can be observed and controlled at distance. Lately, these laboratories are becoming an
issue for TGU because of their age, lack of interoperability, and high running costs. TGU
decided to upgrade these remote labs by a state-of-the-art massive open online laboratory
system (MOOL) offered as services (Lab as a Service or LaaS). The LaaS, conceptualised
in Figure 1, features a modern service architecture typical of cloud computing [1]. From
Figure 1, there is a lab service provider and a lab service consumer. Stakeholders can be
teachers, students, learning designers, and lab owners.