Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave
Modelo T&T Network Security Assessment and Recommendations

Background

Assessment 1 Details – MODELO T&T Case Study v2.0

You are asked to investigate Modelo T&T, a small private microbiology laboratory located in south London
which has a local area network and collaborates with 2 other hospitals as part of a single NHS trust.


Patients laboratory examinations (blood, urine, etc.) are ordered either by registered NHS GPs (in which
case the patient needs to have a referral in order for the tests to be paid on the NHS), or privately (in which
case the patient pays the cost).

The laboratory consists of 8 employees:

• 2 secretaries, responsible for answering phones, making appointments for blood and other tests and taking payment information from the patients. They are also responsible for posting the results (either using Royal Mail or a courier service).
• 2 GPs, that are responsible for checking the test results and making recommendations.
• 4 microbiologists that are responsible for processing the blood samples in order to get results.
• Lately, the laboratory's reputation has spread, and it receives a lot of private patients that wish to have blood checks. This has resulted in a great increase in telephone calls, asking to book appointments or get information of alternative methods of paying (for now only cash or online payment is accepted – currently only through a third-party such as PayPal).


The laboratory's computer network consists of 8 PCs on a simple Wi-Fi network with WAN connection to the Internet and VPN used to secure the connections between the laboratory and the other hospitals.
There is one Microsoft Windows Server 2008 servicing the Modelo T&T network, and most of the data is currently stored and shared via an American cloud storage provider with their datacentre located in
Arizona. Modelo T&T network has:
• Computers 1 and 2 - used by the secretaries to book appointments, write confidential letters to patients, send communications to patients and other health professionals at the 3 hospitals and other clinics, and hold transaction details.
• Computers 3 and 4 - used by the GPs to access patients' files, update them adding medication prescriptions, and recommendations.
• Computers 5 to 8 - used by the microbiologists to access patients' files and add the blood test results.
• Server - used as a backup solution, to store all patients' files, letters, communications with others, and transactions, for extra security. The server is also connected to the hospital's network, to exchange patient information.
• Wi-Fi Network: there is a Wi-Fi Network in the company cafeteria for general use.
• All client computers are running Windows 10. All clients and server are connected to one switch which is connected to the gateway router. The VPN is connected from the server to the end destination servers at the 3 hospitals. 

For security, Modelo T&T uses AVAST free and the default Windows firewall on all machines. The network
is being managed by a young person who has basic networking knowledge and Windows servers/clients
configuration knowledge.

Current Network Configuration


Modelo T&T wishes to create an online system, in which the patients will be able to book appointments for
tests. Private patients will need to pay for the services.

Assessment Tasks

You work as the Information Security Manager for Modelo T&T you have been asked to evaluate the current network security at Modelo T&T and make recommendations for improvements, including a simulation of the upgraded/secured network design.


You will need to produce and hand in the following:
• Technical Document – this is to contain a full write up of your threat analysis and security recommendations. This should be a technical document written to InfoSec Technical people.
• Secure Network Configuration (packet tracer activity simulation)
Technical Document – Designing a Cyber-Defence Solution (Tasks 1, 2 and 3) – 40% [Note: for these tasks you are expected to use a range of respected sources to back-up your recommendations and you will need to cite these sources clearly in your technical report using Harvard referencing – a related References list must also be included with your report.]

Task 1 – Vulnerability and Risk Assessment (suggested length: 1000 words)

Outline the security issues (e.g. suspected vulnerabilities, potential threats, risks) to the company and create
a draft risk assessment outline with potential mitigations to ensure the protection of the company’s assets.
Note: The company intends to hire a contractor to carry out a full risk assessment, but they would like you to provide a brief overview and examples of the types of things you would specifically like them to check (note that your discussion should be listed as bullet points of potential vulnerabilities with a CVSS, or STRIDE evaluation). You could include considerations such as: known vulnerabilities, key assets, potential threat
vectors, consequences to the business of a cyber-incident or breach, etc. Also, if the company were to
expand to allow card payment transactions, what additional security standards would they have to comply
with?

Task 2 – Network Nodes and Endpoints Hardening Recommendations/Checklist (suggested length: 1
table)

Write a security checklist for the all the network nodes and endpoints, i.e. a list of items that a technician
could check and date/tick to say that the node/end-point was ‘secured’. This should also address the
proposed addition of a card payment system.

Task 3 – Network Segmentation and use of secure remote communications (suggested length: 800
words)

1. Write a brief description in your technical report of the benefits to network segmentation and how it helps in providing security while relating your discussion to how this concept is applied in this case study.


2. Write a brief description explain how secure remote communications have been and can be further extended to provide extra security in this case study. Clearly state where secure remote communications can be extended giving exact areas related to the case study. Include recommendations for why this is a good idea into your technical report. This should also address the proposed addition of a card payment system.

Task 4 – Secure Network Configuration – Packet Tracer Simulation Activity and Testing (60%)

You will be provided with a Packet Tracer activity that is a simulation of the Modelo T&T Network and asked to carry out some key security configurations to model a more secure design for the company.


The Packet Tracer activity will ‘score’ your attempt (and you can click ‘show incomplete items’ to see what
you have correct and still to do). Please note this score is INDICATIVE but may not be exactly the score you
will get for this section – an instructor will still look at your configuration. You will need to submit your
packet tracer file with your technical report.


50% of this assignment mark will be for the PT grade and 10% for demonstrating testing and connectivity
and providing configuration outputs.


[Please note: the PT file already has been configured with some information (to save you time) – do not
restart/erase the devices. Add your student details as the USER details when you first open the Packet
Tracer that also would help identify your work]


REALLY IMPORTANT NOTE: You need to use Packet Tracer 32-bit version 8.x. Do not forget to save regularly (perhaps with a new file name after every part – in-case something goes wrong).


Using the Packet Tracer activity provided, you will be asked to complete the following (configuration details are given separately):


4.1 Intermediary device hardening
4.2 Securing Remote Access to the Router (SSH)
4.3 Configure VLANs on Switch 1
4.4 Confirm DHCP is working and test basic connectivity between hosts
4.5 Switch Port Security
4.6 Wi-Fi Configuration and Securing
4.7 Access-control-lists
4.8 Configure Protocols
4.9 Documentation of your configuration


In your technical document please include, in addition to all the evidence required in the PKA file, a screenshot of your completed packet tracer activity showing the score (and network diagram in the background). 

support
close