7CS093 Securing Networks Group Presentations and Report Assignment UOD

Description of the assessment

You are required to design and protect a network from external and internal threats and discuss different methods of system breach. Apply or amend the taught techniques to provide mechanisms necessary for detecting and protecting against them, e.g., Firewalls, Anti-malware and Intrusion Detection, and Prevention Systems (IDPS).  You will be assessed on your ability to demonstrate your ability to design a network and an understanding of how the attacks can be detected, and how mitigation techniques can be applied.

Task: You have just joined a company ABC as security analysist and IoT architect. The first project you have been tasked with is the setup of a demo IoT Smart Office, with a link to the company offices. The project is divided into 3 parts:

1. Create a smart office with the criteria and devices given
2. Control these smart devices from the branch office which is in the same city.
3.  Secure this SmartOffice from attacks by applying variety of techniques.

The Main Smart Office includes, but is not limited to the following smart devices:

• Ceiling Fan
• Lamp
•  Front Door Lock
• Motion Detector
• Lawn Sprinkler System
• Smoke Detector
• Temperature Monitor
• Anemometer (Wind Speed Detector)

These devices are linked to a Wireless Router, which is linked via an Ethernet cable to a Cable Modem. The modem is connected to the Internet via an ISP. All the devices registered on the Remote Server can be controlled locally by a Tablet which is also connected to the wireless network. There is a Remote Server connected to the Company's Cloud Cluster service, as well as an external server that the Smart office uses for backups. Ensure that you add all necessary screenshots with the documentation and submit your packet tracer file along with the report on Turnitin. 

Step 1: Build and configure a smart office.

• Add, connect, enable, and configure the registration server, tablet and wireless router as shown in the diagram below
•  Add, configure the smart devices mentioned in the case study and name these as given in the Figure 1. Note that these devices should be connected to a wireless router wirelessly and should be encrypted using AES by using WPA-PSK (PSK pass phrase must be only your student ID.
• Connect and activate the devices with username and password as Student ID only.
• Set up all the smart device attributes through the tablet web browser for the devices to work as shown in the diagram below
• Show the protocols that are used in transmitting a simple PDU from the tablet to the Server.

Figure 1: Smart devices interconnection

Step 2: Add a new branch office in the same city. Either move the same tablet to the branch office or use your smart phone and connect to the main smart office server. You can use any connecting and intermediary devices of your choice. Log on to the web browser on your tablet/smart phone and manage the devices.
Use your tablet/smart phone to:

• Turn off the Sprinkler
•  Turn off the ceiling fan
•  Lock the door
• Dim the lamp
•  Turn on the smoke alarm
•   Turn on the motion detector
•   Turn on the wind detector

Step 3: Assess the network and protect it from external and internal threats and discuss different methods of system breach. Apply or amend the taught techniques to provide mechanisms necessary for detecting and protecting against them. You can use the following tools and equipment:

• Firewalls,
• Anti-malware
• Encryption
• VPN
•  Intrusion Detection
• Prevention Systems (IDPS).

Also discusses any other conceptual techniques and approaches that can be used to detect attacks and explain mitigation techniques to secure the SmartOffice.

Assessment Content

This portfolio assignment has THREE components, you must attempt all three components. If the implication of this is unclear, please ask!

Component 1 – Presentation 1 - 20% of grade (Group)
In this part of the assignment, you are required to prepare and deliver a PowerPoint presentation that clearly defines and explains the concepts and components of a Smart office. You should consider every possibility of the environment / devices that could be controlled or monitored. You should identify how devices will co-exist on the network. You should include detail of the control / monitoring process and procedure and include details of how the controlled / monitored and controlling / monitoring / reporting components communicate.

Component 2 – Presentation 2 - 20% of grade (Group)
This part of the assignment, you are required to prepare and deliver a PowerPoint presentation that clearly defines and explains the vulnerabilities of the Smart office network defined in presentation 1. You should include direct and indirect vulnerability concepts as well as remote, local, and physical attack vectors. You should include potential / conceptual as well as reported vulnerabilities and present various mitigation techniques.

Component 3 – Final Report - 60% of grade (Group Work)
The final part of the assignment is to construct a well written report which

1. Introduces the subject and the aim of the report
2. Defines the scope of the report (using a summary of Presentation 1)
3. Identifies the problems to be resolved (using a summary of Presentation 2)
4. Critically discusses the problems, solutions, and mitigations. Documented vulnerabilities must include details of date of disclosure, equipment affected, solutions implemented and likelihood of being exploited. 
5. Concludes with the findings of the research and any recommendations. 

At this level, it should be very clear that none of these stages are optional. For absolute clarity: in addition to scoring zero for the component, your final mark will be reduced by 20% for each missed component. Submit your packet tracer file along with the report on Turnitin, it is worth noticing that only submitting a packet tracer file while not submitting the report may result in a grade "FAIL". The report must have all the scenarios, results, and investigations. It is intended that the presentations will be held in the normal practical / tutorial period however you may be expected to attend outside of this period to make your presentation. This is to ensure that everyone has adequate time to present and be given feedback.

Learning Outcomes:

1.    Demonstrate through evaluation, analysis, and critical comparison, detailed comprehension of the mechanisms of system breach, perimeter defence and intrusion detection.
2.    Develop creative thinking to apply or amend the techniques taught, to address issues within the research domain, and offer innovative solutions.