New

Learn smart - Learn online. Upto 88% off on courses for a limited time. View Courses

Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!
loader
Add File

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!

MET CS 690 : Network Security

tag 4 Downloads 4 Pages / 953 Words tag 09-11-2020
  • Course Code: MET CS 690
  • University: Boston University
    icon

    MyAssignmentHelp.com is not sponsored or endorsed by this college or university

  • Country: United States

Question:

        

Scenarios:

1). As part of the maintenance contract for a robot in the Manufacturing VLAN, the vendor XYZ Robots, must be able to access the robot remotely through the Internet from their offices for troubleshooting. Your Security Manager has agreed to permit SSH connections for this purpose, but only from the XYZ’s office network. The Security Analyst for XYZ provided the network 150.140.130.0/29 for this purpose. Write the rule required to enable this business function. (Hint: an explicit outgoing rule already exists.)

2). A new virus is sweeping through the Internet. Infection occurs when an infected document is opened on a user’s machine. Once infected, the computer tries to initiate a TCP connection to a remote server using port 43224 and transmits any information or documents it can collect from your network. Updated virus scan signatures are being pushed to each workstation in the enterprise and scans are being initiated, but this takes time as not all devices are online all the time. Write a rule that will mitigate the impacts of this virus if it has already infected the organization.

3). The Human Resources department is instituting a tele-commute policy, allowing some employees to work from home (or anywhere else they wish). These employees will need to us a Virtual Private Network (VPN) to gain access to the corporate network. The VPN concentrators are assigned IP addresses 192.168.60.5 and 192.168.60.6 and use SSL on TCP port 4343. Write rule(s) that will permit these employees’ use of VPN.  

4). As part of the tele-commute scenario described above, the Human Resources (HR) employees will need to gain access to sensitive information stored within the HR VLAN. Because of the sensitive nature of the information in the HR VLAN, existing firewall rules prevent all incoming connections from the other VLANS in the enterprise. Write a rule that will allow the IP addresses in the pool assigned by the VPN concentrator(s), 192.168.60.224/27, to the employees’ workstations after successfully connecting to the VPN to access all resources (all IPs, all ports) within the Human Resources VLAN.

5). An old robot in the Manufacturing VLAN is only capable of accepting Telnet connections. The XYZ Robots (see scenario 1) who supports it requires remote access, but updating the firmware to support SSH is too expensive. Because Telnet sends information in plain-text, your Security Manager will no longer allow Telnet connections from the Internet, effectively preventing XYZ Robots from supporting the machine. As a work around, you’ve suggested that the XYZ use SSH from their offices to connect to a “jump server” in DMZ 1, and then Telnet to the robot from there. The jump server’s IP address is 192.168.60.7. The old robot’s IP address is 10.10.100.53. Write the rules required to enable XYZ’s access to the old robot. (Hint: You’ll need two rules to accomplish this).

6). Although your manufacturing machines require remote access for maintenance, as described in previous scenarios, they do not require access to the Internet. Write a rule that prevents the Manufacturing VLAN from accessing the Internet. Describe where in the ACL you would place this rule in the relation to the rules you wrote for Scenarios 1 and 5.

7). Because RFC 1918 designated “private” IPs are not routed across the Internet, many enterprises explicitly block all connections from those networks at their firewall. Your Security Manager has instructed you to implement this policy on the firewall. Write the rules to complete this task.

Download Sample Now

Earn back the money you have spent on the downloaded sample by uploading a unique assignment/study material/research material you have. After we assess the authenticity of the uploaded content, you will get 100% money back in your wallet within 7 days.

Upload
Unique Document

Document
Under Evaluation

Get Money
into Your Wallet

Total 4 pages

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help (2020) Network Security [Online]. Available from: https://myassignmenthelp.com/free-samples/met-cs-690-network-security/firewall-devides-the-network-into-zones.html
[Accessed 11 August 2022].

My Assignment Help. 'Network Security' (My Assignment Help, 2020) <https://myassignmenthelp.com/free-samples/met-cs-690-network-security/firewall-devides-the-network-into-zones.html> accessed 11 August 2022.

My Assignment Help. Network Security [Internet]. My Assignment Help. 2020 [cited 11 August 2022]. Available from: https://myassignmenthelp.com/free-samples/met-cs-690-network-security/firewall-devides-the-network-into-zones.html.


We Can Help!

Get top notch assistance from our best tutors !
Excel in your academics & career in one easy click!

icon

Other Samples

Content Removal Request

If you are the original writer of this content and no longer wish to have your work published on Myassignmenthelp.com then please raise the content removal request.

icon

5% Cashback

On APP - grab it while it lasts!

Download app now (or) Scan the QR code

*Offer eligible for first 3 orders ordered through app!

screener
ribbon
callback request mobile
Have any Query?