Country : India
Assignment Task


Task 

For this assignment, you are to assume the role of a cyber security consultant who has been hired by a small training company. The company has provided you with a copy of their virtual server and would like you undertake the following tasks:

1) Identify four security issues with the virtual server.
2) Fix two of these security issues and validate the fixes.
3) Install and configure a secure SSH server that fulfils the company’s requirements given later in this specification.


Learning Outcomes to be assessed
1) Apply wide-ranging technical and conceptual skills to the task of securing new and existing systems.
2) Demonstrate the ability to apply practical configuration, diagnostic and problem solving skills to real-world scenarios.


Detail of the task
This is an individual assignment designed to evaluate YOUR knowledge. Copying pre-existing configuration files (partial or complete), reports or testing plans from other sources is prohibited. You must develop the contents yourself, based on what you have learned.


Task 1 - Virtual server security audit
Using any selection of tools that you deem appropriate, you are to perform a detailed inspection the current server setup and identify four security issues (TCP timestamp-related issues are NOT acceptable).

 

For each issue you MUST:

  • Comprehensively explain the issue in your own words (using supporting evidence where appropriate).
  • Explain any potential vulnerability that may arise from this issue and outline the potential impacts (using supporting evidence where appropriate).
  • Provide a detailed technical write-up as to how you tested for and identified this issue.
  • Provide evidence of this testing through the use screenshots. All screenshots must be produced by you; the use of library/stock/reference/shared images is prohibited.


 

Task 2 - Virtual server security repair Selecting any two of the security issues previously identified, you are required to implement permanent fixes on the provided VM.

Each fix MUST:

  • Permanently resolve the issue identified, temporary fixes or workarounds are not accepted.
  • Be appropriate and proportionate to the specific issue identified (e.g. correcting configuration errors instead of uninstalling the entire application).
  • Be fully documented, with an explanation detailing how the issue was fixed and outlining credible resources used to create and/or implement your fix.
  • Provide evidence to demonstrate the implementation of your proposed fix (e.g. diff files, screenshots).
  • Validate the fix and original component functionality, by using all of the same tools used for identification in Task 1. Evidence for this validation must be supplied through the inclusion of your own screenshots in the report.

 

Task 3 - Implement a secure SSH server
You are tasked with installing and configuring OpenSSH on the provided VM. Your implementation must conform to the company’s requirements given below. You will need to interpret these and devise a suitable configuration for the server. If you find any element ambiguous, it is up to you to select the configuration you feel is most appropriate for the company’s needs.

 

SSH requirements provided by the company:

  • Must be accessible only by accounts student, student2, student6, student18 and student23
  • Root access must be enabled
  • No access it permitted outside the local network (use the subnet address range assigned to your VM)
  • Must operate over port 7022
  • Must audit all SSH activity
  • Must have a banner message reminding users that only authorised persons can use the system (exact wording is up to you)
  • Must not allow empty passwords
  • Must have an idle timeout of 90 seconds using 2 message attempts

 

You must provide the sshd_config file as part of your submission, which will be tested on the VM provided. Remember, your configuration files must be commented to explain changes where any default values have been changed and why.


What you should hand in

You must submit the following items to Canvas in a single ZIP archive file:

  • sshd_config file
  • A .docx report

 

This IT Computer Science Assignment has been solved by our IT Computer Science Expert at UniLearnO. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing Style. Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. 

You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turn tin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.

  • Uploaded By : Jordan
  • Posted on : May 27th, 2021
  • Downloads : 183

Whatsapp Tap to ChatGet instant assistance