FIT1047 - Cybersecurity Vulnerability

本作业的第一部分要求学生分析和讨论最近的漏洞或网络安全攻击，展示对相关网络安全主题的理解，并展示研究网络安全事件信息的能力。

第二部分要求学生们准备一个视频演示和幻灯片，展示在中型企业场景中如何使用一组给定的安全控制。这表明对不同安全控制的理解，以及评估和解释其使用的能力。

PART 1 - Analyse a cybersecurity vulnerability or incident

Information on security problems, weaknesses and attacks can be found in many places (blogs, newsletters, experts' pages, etc.). Your task is to pick one item only from the following list (additional other sources can be added, but need to cover the same vulnerability/incident), read the news item, look up and read the referenced sources, and finally write a report on the findings.

Follow the following steps to write your report

1. Choose one of the 14 news items above, read the text.

2. Look up and read the articles and information referenced in the news item.

3. Write a short summary of the news item in your own words (max 200 words).

4. Identify which software, hardware or system is affected (max 100 words). The identification should be as precise as possible. Include exact product names, distribution of the product, version numbers, etc.

5. Describe how the problem was discovered and how it was initially published. Try to find this information in the referenced articles. The problem might have been found by researchers at a university, by a professional security company, by some hacker, published in a scientific conference/journal, in a newspaper on a blog, etc. Was it the result of targeted research, found by chance, were any tools used, etc? (write 100-150 words)

6. Discuss how serious the issue/weakness/attack is, describe what is necessary to exploit the weakness, evaluate what the consequences might be if it is exploited, and what reactions you think

7. are necessary/useful on (i) a technical level, (ii) in terms of human behaviour, and (iii) on a policy level (between 200 and 350 words).

8. Create a pdf file and upload it to Moodle.

Part 2 - Security controls in an IT network of a medium sized company with automated production of vacuum cleaners

For this task you take on the role of a security architect (as defined in the NIST NICE workforce framework) You are responsible for a re-design of a company network, including placing security controls in the right places of the network. As security always costs money, you need to prepare a presentation that explains to the management of the company why each security control is required at that particular part of the company network.

The company has several departments, but the focus is on three network areas:

● Production with automated machines controlled from PCs connected to the network. Production runs 24/7 and outages would be very expensive for the company. The company is very modern and customers can design their own colour combinations and specifications for their vacuum cleaner. Thus, data needs to frequently be transferred to the PCs controlling the machines.

● Outward facing servers including a web server that is used for marketing and online sales and the company’s mail server.

● Administration with PCs and laptops, a server running administration software and databases, wireless printers and Wifi for meeting rooms and general office areas. Employees also travel with their laptops and need to access the administrative network, but not the production area.

You have a list of security controls to be used and a number of entities that need to be connected in the internal network. Depending on the role of the entity, you need to decide how they need to be protected from internal and external adversaries.

Entities to be connected:

● PCs to control production machines

● Production machines themselves

● Employee PCs and laptops for administration

● Server for administration and internal databases

● Wireless printer and scanner for administration use

● Webserver

● Mailserver

● WiFi access points

● Routers

● Switches

Security controls and appliances (can be used in several places)

● Firewalls (provide port numbers to be open for traffic from the outside of the respective network segment)

● VPN gateway

● VPN clients

● TLS (provide information between which computers TLS is used)

● Authentication server

● Secure seeded storage of passwords

● Disk encryption

● WPA3 encryption

● Air gaps

● Intrusion detection system

咨询 Alpha 小助手，获取更多课业帮助。