(Solved): Assignment : Computer Networks and Security...

Introduction
The purpose of this assignment is to assess your knowledge of computer networks and security. You should read the following scenario carefully and provide a written response to the FOUR (4) tasks. Where you need to make any assumptions, you should state them clearly in your answer.

Scenario
This scenario refers to Shopping R Us, an SME (Small/Medium Enterprise) located in London, selling various household, healthcare, and grocery products to customers from its store. Due to the rapid expansion of the business, the management has decided to introduce online sales of products. Customers can order items through the company’s new online shopping website and the ordered items are dispatched from the warehouse. Any new customer will need to complete an online registration form. When placing an order, they can pay via a credit or debit card from any major bank.
The online shopping website is hosted on a server running a Linux operating system and used to be maintained by the former network administrator who has since left the company. Since the development of the online shopping website, the company has encountered multiple security incidents which have affected sales and customer service delivery.
The company currently has 50 employees who work both at the store and warehouse. Recently 20 employees have been working from home and it is likely more employees will be working remotely. The employees act as the online primary point of contact for customers, handle stock control, answering the phone and email enquiries, resolving complaints and processing orders in an efficient and timely manner.
The company management is concerned about the continuous network security issues and considers the protection of customer information and other assets a top priority for the business.

Details of the Task
Each task outlines specific network security issues and threats faced by the company. As the new network administrator, you will need to propose network defence solutions and strategies for the company. Your proposed solutions and strategies should help them satisfy all their aims of mitigating network security threats, protecting customer information and ensuring business continuity. Your solutions need to be both technical and specific especially in terms of what tools/ software/ resources/ techniques/ configurations you recommend.

Task 1 (25 Marks)
The online shopping website suffered a Distributed Denial of Service (DDoS) attack which lasted for FOUR (4) hours on one occasion. There are concerns this attack could happen again.

a) Explain in detail what a Distributed Denial of Service (DDoS) attack is and the impact this attack could have on business operations and continuity at Shopping R Us.
(10 marks)

b) Intrusion Prevention Systems (IPS) and Firewalls are examples of network security devices and form part of the Defence-In-Depth strategy.

i) Describe in detail, the purpose and components of an Intrusion Prevention System (IPS) and explain how it can be used to limit Distributed Denial of Service (DDoS) attacks.

ii) Explain, the concept of a defence-in-depth strategy.

iii) Explain which defence-in-depth layers a firewall and IPS can be implemented in.
(15 marks)

Task 2 (25 Marks)
a) The employees at Shopping R Us currently bring and use their personal devices such as laptops, mobile phones, and storage drives on the company’s network. The management is concerned that the use of these devices can introduce network security threats and vulnerabilities to the network. You have been tasked to create and implement a security policy to address this issue.

i) Discuss in detail what a security policy is and explain security threats and vulnerabilities that can be introduced by the employees’ personal devices.

ii) Highlight the specific type of security policy that can be implemented to address the network security threats and concerns. You should describe in detail, the steps you will take to implement this security policy.
(15 marks)

b) Describe the steps you will take when conducting an overview of the security status and security assessment of the operating system running on the online shopping website’s server.
(10 Marks

Task 3 (25 Marks)
a) You have been advised to set up a demilitarized zone (DMZ) using a dual firewall approach for the internet facing website and the internal company network, as shown in Figure 1.

Figure 1. Shopping R Us Demilitarized Zone (DMZ)

i) Explain the purpose and advantages of a Demilitarized Zone (DMZ).

ii) Explain the purpose of a firewall and how the dual firewalls should be configured to protect the company’s internal network.
(10 marks)

b) Employees working from home need to be able to access the internal network remotely over the internet. One of the solutions proposed is that the company should adopt Virtual Private Networks (VPNs).

i) Explain the purpose of VPNs and how a VPN functions.

ii) Describe the appropriate VPN suitable for Shopping R Us and the factors you will consider in selecting this VPN.
(15 marks)

Task 4 (25 Marks)
a) You have been requested to implement access controls so that only authorised customer service employees can have access to information about customers’ payment status, order status, and returns on the online shopping website.

i) Discuss the difference between authorisation and access control.

ii) Describe with justification the appropriate type of access control you will use in the above scenario.
(10 marks)

b) The management is concerned with controlling and regulating the movement of individuals and vehicles in and out of the store and warehouse.

i) Describe access controls that could be implemented to prevent vehicles from moving through unauthorised areas.

ii) Describe access controls that could be implemented to restrict the entry of unauthorised individuals into the warehouse.

iii) Explain how Shopping R Us can enforce controlling and regulating the movement of individuals and vehicles in and out of the store and warehouse.

Guidance
Consult with your tutor if you are uncertain about any aspect of this assignment.

Submission requirements
You must submit a word-processed report.
Your report should answer Tasks 1 to 4. The word count for your report is 4000 words