IFN583 Computer Systems and Security
The use of generative AI tools such as ChatGPT, Microsoft Copilot is strictly forbidden for all assessment tasks in IFN583 and will be considered an act of major academic misconduct incurring an automatic mark of 0.
Assessment Task 2: Written Report
Weighting: 40%
Group/Individual: Individual
Due date: End of Week 10 (3rd October)
1 Assessment task
You work for an information security consultancy company. You have been asked to write an Infrastructure and Architectures report for a client organisation whose CEO has recently contacted the company you are employed by. Your report must be customised for the scope provided by the client organisation.
2 Report structure and format
Your report should be written in Word, with a header and footer on each page. Include student number and name in the header, and the unit code IFN583, and page number in the footer. Use 12-point font, 1.5 spacing
The report should have the following sections and content:
1. Title page
2. Table of contents
3. Introduction
A general overview (100 words max) of the importance of Infrastructure and Architectures for enterprises.
4. Infrastructure and Architectures Scope
As this report activity involves writing a report for a particular organisation begin this section with an assumption about your hypothetical large client organisation, and the industry sector the organisation belongs to.
This may be an entirely fictitious organisation, or you may base your hypothetical organisation on an organisation you know from previous personal experience.
Choose your organisation by deciding on
· The name of the hypothetical large client organisation and
· An industry sector from the following list:
o Public administration and safety
o Health care
o Telecommunications
o Utilities (electricity, gas, water, etc)
o Finance (banking, insurance)
o Transport and logistics
o Defence
o Retail
o Hospitality
Then, from the table below research the topic corresponding to your official QUT registered Tutorial Class (as shown in the Tutorial_Official Student Registration spreadsheet and also recorded in Canvas - People).
[Submitting research on a topic not corresponding to your registered section will incur a penalty of 25% grade reduction.]
Prepare a report for your client organisation related to this topic. Research on the topic should be between 600 and 700 words (essay format).
|
Research Topic: Tcpdump. (Monday 2-4; Tutor: Eric Ohana)
Tcpdump is a command-line packet analyzer. It displays TCP/IP packets and other packets being transmitted or received over a network and operates on UNIX and Linux operating systems, and versions of it are available for Windows computers. Tcpdump’s power and functionality can be seen by the large number of switches that are available for tcpdump. A complete list of tcpdump switches is available at www.tcpdump.org/manpages/tcpdump.1.html.
Research tcpdump describing it and noting its capabilities. What are its advantages and disadvantages? What is the Windows equivalent of tcpdump – briefly outline it. How does Tcpdump compare with Wireshark? Which would you choose (Tcpdump or Wireshark), and why? You may include illustrative diagrams to enhance your report.
|
|
Research Topic: DDoS mitigation. (Tuesday 6-8, Tutor: Bhargavi Goswami, and Thursday 9-11 Tutor: Tony Rhodes)
For websites, the only real protection against DDoS attacks is DDoS mitigation services. These services will detect abnormal network traffic that may signal an imminent DDoS attack and then reroute the traffic away from the target, either to be filtered or just discarded. This rerouting is most often done in one of two ways. The first method uses DNS redirection. This is accomplished by changing DNS records (specifically the CNAME and A record) to point to the IP address of the mitigation provider, where malicious requests are dropped while legitimate requests are forwarded back to the actual website. In some ways DNS redirection is similar to DNS poisoning. The second method is Border Gateway Protocol (BGP) routing that can divert all Network Layer packets, meaning that it is effective across all protocols to stop various types of Network and Application Layer attacks. However, DDoS mitigation services can be expensive.
Investigate Distributed Denial of Service (DDOS) attacks on websites. Firstly, outline/define a DDOS attack. Then research how most organizations attempt to mitigate a sudden DDoS attack that is directed at their web servers? Use the Internet to research DDoS mitigation techniques, technologies, and third-party entities that provide mitigation services. Which would recommend and why? You may include illustrative diagrams..
|
|
Research Topic: Microsoft Macro Protection (Wednesday 4-6, Tutor Tamara Orth)
Due to the impact of macro malware, Microsoft has implemented several protections.
· Protected View. Protected view is a read-only mode for an Office file in which most editing functions are disabled and macros will not launch. Files that are opened from an Internet location, received as an email attachment, opened from a potentially unsafe location, opened from another user’s OneDrive storage, or have “active content” (macros or data connections) will display a Protected View warning message.
· Trusted Documents. A trusted document is a file that contains active content but will open without a warning. Users can designate files in the Office Trust Center as trusted. However, files opened from an unsafe location cannot be designated as a trusted document. Also, the ability to designate a trusted document can be turned off by the system administrator.
· Trusted Location. Files that are retrieved from a trusted location can be designated as safe and will not open in Protective View. It is recommended that if a user trusts a file that contains active content, it should be moved to a trusted location instead of changing the default Trust Center settings to allow macros.
Using the internet, research these protections against Microsoft macros. Your research should list each protection type, their strengths and weaknesses, and how they would be implemented in an enterprise. In an appendix, Include a brief description of 3 real-world examples of Macro-Based Attacks.
|
|
Research Topic: Network Access Control. (Thursday 4-6, Tutor: Eric Ohana)
Use the Internet to research the network access control (NAC) products from Microsoft and Cisco. Outline the purpose of a NAC product. How are they different? How are they similar? What are some of the options for each product? Which product would you choose, and why? You may include an illustrative diagram to enhance the report.
|
|
Research Topic: Compare different types of firewalls. (Friday 8-10, Tutor: Tamara Orth)
Use the Internet to describe network firewalls. Then identify three network firewalls and create a chart that compares their features. Note if they are rule-based or policy-based, perform. stateless or stateful packet filtering, what additional features they include (IDS, content filtering, etc.), their costs, etc. Which would you recommend? Why? You may include an illustrative diagram to enhance the report.
|
|
Research Topic: UTM Devices (Monday 6-8, Tutor: Bhargavi Goswami)
UTM devices, or Unified Threat Management devices, are hardware or software solutions that consolidate multiple network security functions into a single, easy-to-manage appliance.
Firstly describe UTM’s, then create a table of four UTM devices available today. Include the vendor name, pricing (if available), a list of features, the type of protections it provides, and any other functions you consider relevant. Based on your research, assign a value of 1–5 (lowest to highest) that you would give each UTM. Include a short explanation of why you gave it that ranking. You may include any illustrative diagram/s to enhance the report.
|
5. Conclusion
Provide a single recommendation (with brief justification) (50 words max) to the client which they should consider for the topic you have researched on their behalf.
6. References
6.1 Use the QUT APA style. for citation and references. This requires citations within the written text of the assignment, as well as the list of references used.
6.2 Some information about using the APA style. of referencing is here: https://www.citewrite.qut.edu.au/cite/qutcite.jsp#apa-general-how The QUT librarians are also willing to provide assistance: you can check on the QUT Library homepage for links, or ask HiQ how you connect to this service.
3 Report Organisation
The report should be no longer than 2 pages (excluding the title page, table of contents and references). Some information about reporting writing can be found here: https://www.citewrite.qut.edu.au/write/report.jsp.
Note: you need to write a report, NOT a literature review.
3.1 Writing feedback - Studiosity
Studiosity is an online AI-powered English-writing feedback service available to students. The Studiosity Feedback+ service is on-demand and provides timely formative feedback on submitted work.
Studiosity provides general feedback on core academic writing concepts such as structure, word choice, grammar, spelling and punctuation, referencing and critical thinking.
Accessing Studiosity from Canvas – From the Canvas main menu panel find Studiosity 24/7 writing support towards the bottom of the panel.
Watch this short YouTube video to understand how to use Studiosity: https://www.youtube.com/watch?v=013_gHUB3ks
3.2 Academic report writing:
An important aspect of this assessment task is locating relevant information, either in online resources or in print media. However, it is important that the report is written in your own words. Do not just 'cut and paste' or copy information from any source into your report: that is considered plagiarism (a breach of academic integrity) and is not acceptable at QUT. If this is detected, the Unit Coordinator will notify the Faculty Academic Integrity Committee, and the penalties imposed may be severe (See the QUT MOPP for details).
A useful guide to referencing, citation and report writing is: http://www.citewrite.qut.edu.au/ .