================
Establish a virtual environment for utilizing network technologies.
Remap an IP address using Network Address Translation.
Demonstrate multicasting by testing connectivity between computers.
Describe the failure of past security measures exposed by a breach.
Examine the complexities of integrating technical solutions into non-technical business frameworks.
Describe ethical practices related to data and system security supported by a Christian worldview perspective.
Demonstrate the use of managed network services by implementing Network Security Components (Data Loss Prevention, VPNs / Firewalls).
Apply various tools, technologies, and concepts to support information security.
INSTRUCTIONS
=============
Please provide all references where needed
QUESTION 1 A — NOT MORE THAN HALF A PAGE
===========================================
What are the benefits of virtualizing this environment rather than using actual hardware? What effect does this have on your host system?
QUESTION 1 B — NOT MORE THAN HALF A PAGE
==========================================
Compare and contrast Type 1 and Type 2 virtualization architecture. Provide an example of each, when would one be more useful than the other?
QUESTION 1 C
============
In cybersecurity network defense, firewalls are crucial for the survival of the network. A firewall is your first line of defense from hackers. Demonstrate the protection of a network by properly configuring the firewall software pfSense.
Research installation guides and details for pfSense installation within your virtualization program.
Download and install the pfSense firewall into a new VM.
Create a Kali Linux VM.
In a Microsoft Word document, provide screenshots of the process. Make sure to describe each screenshot, including lessons learned and/or successes, issues encountered, how to prevent issues in the future, as well as helpful pfSense software resources.
QUESTION 1 D
=============
In cybersecurity network defense, it is crucial to assess for system weaknesses. Tools such as a vulnerability scanner can enable security teams to monitor an organization’s infrastructure.
Configure the Kali Linux VM with a static IP Address (192.168.1.13).
Install Greenbone Vulnerability Manager (GVM) on the Kali Linux VM.
Perform a full and fast vulnerability scan of the pfSense firewall VM.
Provide screenshots of the GVM installation steps.
Generate a GVM Scan Report showing that a scan of the pfSense firewall VM is complete and correct.
In a Microsoft Word document, provide screenshots of the process. Make sure to describe each screenshot, including lessons learned and/or successes, issues encountered, how to prevent issues in the future, as well as helpful GVM software resources.
Make sure when submitting the Word document to include the GVM-generated Scan Report PDF.
QUESTION 2 A — NOT MORE THAN HALF A PAGE
===========================================
What equipment and protocols are required for establishing network enterprise architectures/security architectures? Provide 2-3 examples and discuss how they provide layered security.
QUESTION 2 B — NOT MORE THAN HALF A PAGE
===========================================
Voice over IP (VoIP) is a central system that manages phones within an enterprise. What advantages does VoIP provide companies in maintaining security?
QUESTION 2 C
============
Since networks are not homogeneous, cybersecurity professionals must be skilled in creating a hybrid network, joining computers to the domain, and developing security policies in the network to maintain access control.
Part 1
Set static IP addresses on the three new VMs: Windows Server 2019 (192.168.1.10) Windows 10 (192.168.1.11) and Ubuntu (192.168.1.12)
Configure the following in the Windows Server 2019: DNS, DHCP, Active Directory. DHCP should be set up with IPv4 and IPv6.
Create a domain name. (Example: sample.com)
Join the Windows 10 and Ubuntu virtual machines to the domain.
Using Active Directory, create login policies in Server 2019 for users.
Log in three times as a user, including one failed login.
Generate login logs to report the number of successful and failed logins.
Provide screenshots of the network domain name, the range of IP addresses in the DHCP server, policies that were created in the Active Directory, and the login logs.
Part 2
Write a 250- to 500-word lab report (to include all screenshots from Part 1) addressing the following:
Summarize the issues encountered, lessons learned, and successes in a bullet point format.
Describe the screenshots provided.
Explain 2-3 benefits of having a hybrid network.
Describe the role of Active Directory in accessing information.
Explain how reviewing the security logs could be helpful in a security operations center (SOC).
Make sure to support the report with at least 2 credible resources other than the textbook.
QUESTION 2 D
=============
A virtual cybersecurity infrastructure provides a closed environment to test and explore various security tools and systems. This environment will be used for labs throughout the course. In addition, multicasting will be used to allow packets to go from one host to another.
Extend the VirtualBox infrastructure by adding three new VMs:
Windows Server 2019
Ubuntu
Windows 10
Test that you can see all the VMs in the network by pinging them all from each of the VMs.
Document the installation process in a Microsoft Word document by creating a 100- to 200-word step-by-step instruction guide of the installation process, including a minimum of two screenshots for each operating system. Include the individual IP addresses and hostnames for each virtual machine.
QQUESTION 3 A — NOT MORE THAN HALF A PAGE
===========================================
Research two software firewalls and explain the advantages and disadvantages of each one of them. Which one would you recommend and why?
QQUESTION 3 B — NOT MORE THAN HALF A PAGE
===========================================
What are the challenges in securing networks (internet, LANs, wireless)? Which network is most difficult to secure and why
QUESTION 3 C
============
Through managed services, you can secure a system. Enabling and disabling ports sets the precedence for inbound and outbound data to defend the network. Performing a security assessment on a firewall ensures the protection of the network services.
Part 1
In this lab, you will use the GVM Vulnerability Scan Report that was generated in the Vulnerability Scanning Lab.
Choose five open/closed ports and determine the applicable protocol/application.
Perform the following tasks to implement the basics of pfSense post-installation configuration:
Update to the latest stable version.
Set HTTPS to port 8443.
Include the traffic graph on the dashboard.
Disable port traffic for World of Warcraft games ports (not the World of Warcraft website). Refer to “World of Warcraft Router and Firewall Port Information,” located in the topic Resources, as needed.
Disable inbound ICMP protocol.
Choose a social media website and disable all domains for that website.
Choose a video streaming website and enable all domains for that website.
Provide screenshots of the original port scan, the traffic graph of the dashboard, the World of Warcraft disabled ports, the disabled inbound ICMP protocol, disabled domains for the social media website, enabled domains for the video streaming website, and the GVM Scan Report.
Part 2
Write a 250- to 500-word lab report (to include all screenshots from Part 1) addressing the following:
Summarize the issues encountered, lessons learned, and successes in a bullet point format.
Describe the screenshots provided.
Examine a specific architecture and identify potential vulnerabilities. Include a description of 2-3 vulnerabilities of the hybrid network used in this lab.
Explore in-depth advanced and novel areas of networks and protocols. Include a description of what you learned from exploring the networks and protocols in this lab.
Make sure to support the report with at least 2 creditable resources other than the textbook.
QUESTION 3D
===========
In this day and age, data breaches have increased in quantity and intensity. Therefore, it is essential that cybersecurity professionals assess situations that could threaten the security of an organization’s intellectual property.
Research a data breach, ransomware, or data exfiltration attack that has occurred within the last six months that successfully compromised an organization. Write a 500- to 750-word summary addressing the following:
Describe the failure of the security measures by detailing how the attacker made the breach.
Describe how the attacker was able to get in and out of the system, as well as the threat vector.
Examine and explain the effects of the attack on the various stakeholders. Include nontechnical elements of the entire organization (e.g., public relations, marketing, and/or sales). What are some of the complexities of integrating technical solutions into nontechnical business frameworks that are applicable to this situation?
Describe ethical practices related to data and system security supported by a Christian worldview perspective. Include the ethical practices the organization could have implemented, both prior to and after the attack. How might having a Christian worldview perspective impact the response sent to consumers for a security incident?
Make sure to support the summary with a minimum of three resources other than the textbook.
QQUESTION 4 A — NOT MORE THAN HALF A PAGE
===========================================
What is a zero-day attack in relation to cybersecurity? What processes are in place to facilitate zero-day patching on Windows systems? What issues can arise from emergency patching of enterprise systems? What advantages are there?
QQUESTION 4 B — NOT MORE THAN HALF A PAGE
===========================================
Research how network-connected devices, such as a smartphone, can be used in a network forensics investigation. Discuss at least two cases.
QUESTION 4 C
============
An intrusion detection system is essential for detecting threats and preventing vulnerability exploits.
After network mapping (enumeration and identification of network components), perform an attack on the network to test the intrusion detection system that was installed and configured.
Part 1
Install the Suricata software on Ubuntu. Configure its audit capabilities to monitor and analyze network traffic.
Using GVM, implement an attack from Kali Linux to target Ubuntu.
Provide screenshots of the Suricata installation steps and intrusion detection logs.
Part 2
Write a 250- to 500-word lab report (to include all screenshots from Part 1) addressing the following:
Summarize the issues encountered, lessons learned, and successes in a bullet point format.
Describe the screenshots provided.
Describe the methodologies used in network forensics. Include packet capture, deep packet inspection, and the analysis of protocols.
Analyze and decipher network traffic, identify anomalous or malicious activity, and provide a summary of the effects on the system.
Describe how analytic methodologies, both qualitative and quantitative, could leverage the IDS to predict and communicate network anomalies.
Make sure to support the report with at least 2 creditable resources other than the textbook.
QQUESTION 5 A — NOT MORE THAN HALF A PAGE
===========================================
Research and describe 2-3 intrusions that have occurred in alternative environments (SCADA, real time systems, critical infrastructures). Explain how and why the intrusions occurred. What can organizations do to prevent such threats?
QQUESTION 5 B — NOT MORE THAN HALF A PAGE
===========================================
Research the term “cyberwar.” How does using the internet to wage a cyberwar affect personal and corporate privacy? Should only governments have the right to conduct cyber warfare? Where does the responsibility of corporations fit in the cyberwar landscape?
QUESTION 5 C – BE CREATIVE
=============
Organizations look to cybersecurity professionals to provide expertise in preventing and implementing countermeasures against security threats.
Imagine you have been asked to create a public service announcement that can be used to Help organizations in their efforts to protect against security threats.
Part 1: Public Service Announcement
Research examples of public service announcements that target a specific audience, creatively capture a viewer’s attention, and make clear assertions with facts and/or data when communicating their messages. Create a 1- to 2-minute public service announcement video directed to organizational leaders to warn against cyber warfare threats.
Include the following:
State a minimum of three potential security threats any organization may face.
Describe appropriate countermeasures organizations may employ against security threats.
Describe appropriate measures to be taken should a system compromise occur.
Properly use the vocabulary associated with cybersecurity.
Part 2: Reflection
Write a 250- to 500-word reflection discussing how the internet is being used to wage a cyberwar that affects corporate privacy.
Make sure to support your reflection with at least 2 scholarly resources.
QQUESTION 6 A — NOT MORE THAN HALF A PAGE
===========================================
Often budgets are a major concern for many organizations with the constant changes and ongoing advances in cybersecurity. Research compensating controls and provide a solution for the scenario:
You head up a small team of IT and cyber professionals tasked with ensuring network security. A recent malware has come to light that involves exploiting several ports and protocols, specifically port 22, port 25, port 53 TCP, port 80, and port 8080. Identify each of the ports and protocols associated. What compensating controls could be utilized to ensure security?
QQUESTION 6 B — NOT MORE THAN HALF A PAGE
===========================================
Investigate the advantages and disadvantages of hardware, software, and cloud firewalls. If you were asked to make a firewall recommendation for a business, what information would you need to know about the business to provide the best solution?
QUESTION 6 C
============
In this lab, you will use the pfSense system from Topic 1 and Snort software to harden and test the firewall.
Complete the following:
Configure Snort and start the Snort service. Update Snort and download the latest community rules. Ensure that you have configured Snort to detect port scans.
Using Kali Linux, perform a full GVM scan of the pfSense VM
.
Provide screenshots of the Snort installation steps and the port scan logs from Snort.
In a Microsoft Word document, provide screenshots of the Snort installation steps and the port scan logs from Snort. Make sure to describe the screenshots and include lessons learned, any issues you encountered during the installation process, as well as how to prevent them in the future. In addition, describe which scans were detected by Snort and how hardening methods helped to detect the scans.
QQUESTION 7 A — NOT MORE THAN HALF A PAGE
===========================================
How does software-defined networking (SDN) support edge computing, IoT, and remote access? How does it support quality of service?
QQUESTION 7 B — NOT MORE THAN HALF A PAGE
===========================================
How does software-defined networking (SDN) help customers with security?
QUESTION 7 C
=============
As organizations increasingly move toward cloud technology, a cybersecurity professional should be familiar with the effect(s) it has on security.
You have been asked by your company to explain the fundamentals of cloud computing and related security issues because your company is migrating to the cloud.
Create a presentation of no more than 10 slides that explains cloud services. Then create a video of the presentation of your slides for the company leadership. Use an online video platform such as Loom, YouTube, or Vimeo to upload your completed video.
Address the following:
Describe each type of service/model of cloud computing.
Compare and contrast: local resource requirements, local control, network requirements, and security (attacks, mitigations, overall vulnerability).
Additionally, ensure you cover the following topics in your presentation:
Virtualization platforms
Cloud services (SaaS, PaaS, DaaS, IaaS)
Service-oriented architectures
Deployment models (private, public, community, hybrid)
Security, storage, legal/privacy issues
Support your presentation with a minimum of three scholarly resources.
QQUESTION 8 A — NOT MORE THAN HALF A PAGE
===========================================
Securing information systems is a common and ongoing process. However, business priorities often compete against limited resources, which can result in a data breach. At what point does the decision to not implement best practices based on business priorities become an ethical question? Examine this ethical decision from the Christian worldview perspective.
QQUESTION 8 B — NOT MORE THAN HALF A PAGE
===========================================
During this course many concepts, methods, and technologies have been introduced and explored. Has this course changed the way you think about the tools and technologies used to secure an organization’s intellectual property, or how these tools are selected and implemented? Explain your reasoning.
QUESTION 8 C
=============
Before designing a network, it is necessary to understand the components of the network and how they relate to each other.
Create an appendix providing a 50- to 100-word summary for each of the following topics to be used in your Business Continuity Plan.
Defense in depth
Air gap
DMZs
Proxy servers
Composition and security
Cascading/Segmentation
Emergent properties
Dependencies
TCB subsets
Transport layer security
BGP
OSPF
MPLS
Configuration management
DHCP
VPN
VLAN
SIEM
QUESTION 8 D
=============
Cybersecurity professionals must be able to reduce the vulnerability of an organization’s network by designing a secure network.
Part 1
Design a secure architecture for a fictional company.
Design a corporate infrastructure diagram in Visio or another network mapping tool (this deliverable must be readable by your professor; Cisco Packet Tracer is not acceptable). Your network diagram must include a minimum of 2 routers, 2 firewalls, 4 switches, 1 IDS, 1 IPS, a proxy server, an email server, a DHCP server, a DMZ, and finally, 5 separate departments utilizing network segmentation with a minimum of 25 clients per department. You must also include an air gapped system for your R&D department to utilize.
Perform the following tasks to complete the VirtualBox infrastructure:
Create a Windows 11 VM and join it to the domain.
Create a VM using an operating system of your choice that has not been created yet. It could be a different version of Windows or Linux. It is not necessary to join this VM to the domain.
In a Microsoft Word document, supply screenshots demonstrating the successful creation of both VMs.
NOTE: MS Cyber Students, this infrastructure will be used in your CYB-610 course.
Develop the intellectual tools to explore and understand advance network concepts and protocols. Using your Kali Linux VM, perform a GVM Full and Fast vulnerability scan of your entire VirtualBox infrastructure.
Within the same Word document above, select 2-3 intellectual tools (e.g., Suricata, pfSense, Snort, etc.) and demonstrate how they work together to create a framework. Make sure to include them in your secure network design. Do not use Suricata, pfSense, or Snort for this part of the assignment.
The deliverables for Part 1 will include the corporate infrastructure diagram, a GVM Scan Report, and the Word document described above.
Part 2
Create a 5– to 7-minute screencast addressing the following:
Explain all components and how they interact with each other within the secure network design created.
Discuss the results of the GVM scan.
Describe and discuss the security issues and implications of advanced and novel networks and protocols. Ensure your discussion applies to both current and new network technologies.