Sec370 course project description 456

 

Objectives Back to Top
ABC Invitation Design and XYZ Invitation Printing have decided to merge into one company, A2Z Invitations. ABC is a virtual company with a proprietary website that allows customers to do some preliminary work on invitations and then consult with a designer for the final product. XYZ is a traditional company with a system that allows customers to submit designs and track their orders. It also has a contact management and invoicing system. ABC will be moving its application into the XYZ data center and will be using all of XYZ's back end systems.
Both companies have experienced data breaches in the past and do not want to have them in the future. A2Z has hired you to do a security analysis of its new network and to recommend how it can be set up in a secure manner. It has budgeted for a capital expenditure (outside of man hours) of $250,000 for hardware and software and $25,000 every year for additional security measures.
Guidelines
Back to Top
The Statement of Work objectives are:

    Perform online reconnaissance on XYZ to see what information is available to an attacker. No social engineering of employees is allowed. Use the Week 1 You Decide as the data for this section.
    Perform an analysis of the current XYZ network, using the current network diagram and nmap report Diagram; NMAP and files are below.
    Check the user's password strength. Use the Week 3 You Decide as the data for this section.
    Redesign of network. Current network below.
    System hardening procedures for both IIS and Apache (even if they only use IIS).
    Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section.
    Template for future security policies.
    Your paper must conform to all requirements listed below.

Requirements

    Papers must be at least 5–10 pages in length, double-spaced.
    Papers must include at least three references outside of the text.
    Paper and references must conform to APA style, including:
        cover page;
        header with student’s name and page number; and 
        sections including Introduction, Body, and Conclusion/Summary.

Milestones

Each You Decide and other write-ups should be used as the raw material for this report. This report is the analysis of that data.

    Week 1 You Decide
    Week 3 You Decide
    Week 5 writing assignment

Grading Rubrics
Back to Top
Category 	Points
Recon Report
IP Addresses
Mail Servers
WHOIS
CNAME 	20
Current Network Diagram Analysis 	20
Quantitative Analysis Ranking of Assets 	20
NMAP Analysis 	20
Password Cracking Report 	20
Redesigned Network Diagram 	20
Web Server Hardening Procedure IIS 	20
Web Server Hardening Procedure Apache 	20
Security Policy Template 	20
Three Complete Policies 	20
Three Outside References 	10
Spelling, Grammar, and APA Formatting 	10
Total 	220
Best Practices
Back to Top
You should begin working on this course project on Day 1.
Official XYZ Network Diagram
Back to Top
Image Description
The official network diagram is the network configuration XYZ printing thinks it has for its network. It shows logical groupings of network gear, servers and workstations. Currently it has a single firewall directly connected to the main company router. All the different departments, business development, administration and invitation consulting, are connected to that router. All IT systems including those that run the printing system, accounting and invitation designs are also connected through that central router. No security systems such as IDS or VPN systems are installed on the network. As part of the project you should analyze the network diagram for strengths and vulnerabilities and report your findings back to management.
 Press the ESC key to close the image description and return to lecture.
Results of NMAP Scan
Back to Top
Above is the official network diagram of XYZ (pre-merger with ABC). All servers are supposed to be Windows 2003. XYZ uses a private IP internally of 192.168.x.x. Below are the results of the NMAP scan done as part of the consulting agreement with infosecwizards.
Starting Nmap 5.00 (http://nmap.org) at 2009-MM-DD 23:12 UTC 
Interesting ports on XYZDomainController at (192.168.0.1): 
Not shown: 997 filtered ports 
Port 	State 	Service 	Product 	Version 	Extra info
135 	tcp 	open 	msrpc 	  	 
139 	tcp 	open 	netbios-ssn 	  	 
427 	tcp 	open 	svrloc 	  	 
445 	tcp 	open 	microsoft-ds 	  	 

Service Info: OS: Microsoft Windows 2003 Server or XP SP2
Interesting ports on XYZInviteDesign at (192.168.0.2):
Not shown: 997 filtered ports
Port 	State 	Service 	Product 	Version 	Extra info
135 	tcp 	open 	msrpc 	  	 
139 	tcp 	open 	netbios-ssn 	  	 
427 	tcp 	open 	svrloc 	  	 
445 	tcp 	open 	microsoft-ds 	  	 

Service Info: OS: Microsoft Windows 2003 Server or XP SP2
Interesting ports on XYZAcct at (192.168.0.3):
Not shown: 997 filtered ports
Port 	State 	Service 	Product 	Version 	Extra info
135 	tcp 	open 	msrpc 	  	 
139 	tcp 	open 	netbios-ssn 	  	 
427 	tcp 	open 	svrloc 	  	 
445 	tcp 	open 	microsoft-ds 	  	 

Service Info: OS: Microsoft Windows 2003 Server or XP SP2
Interesting ports on XYZprinting at (192.168.0.4):
Not shown: 997 filtered ports
Port 	State 	Service 	Product 	Version 	Extra info
135 	tcp 	open 	msrpc 	  	 
139 	tcp 	open 	netbios-ssn 	  	 
427 	tcp 	open 	svrloc 	  	 

Service Info: OS: Microsoft Windows 2003 Server or XP SP2
Interesting ports on XYZwebsrv at (192.168.0.5):
Not shown: 997 filtered ports
Port 	State 	Service 	Product 	Version 	Extra info
135 	tcp 	open 	msrpc 	  	 
139 	tcp 	open 	netbios-ssn 	  	 
427 	tcp 	open 	svrloc 	  	 
1025 	tcp 	open 	NFS-or-IIS 	  	 

Service Info: OS: Microsoft Windows 2003 Server or XP SP2
(The 1656 ports scanned but not shown below are in state: closed)
Interesting ports on XYZChat at (192.168.0.6):
Port 	State 	Service 	Product 	Version 	Extra info
22 	tcp 	open 	ssh 	  	 
80 	tcp 	open 	Apache 	  	 
111 	tcp 	open 	rpcbind 	  	 
6000 	tcp 	open 	X11 	  	 
32771 	tcp 	open 	sometimes-rpc5 	  	 

Service info: OS: Linux 2.5.25 - 2.6.3 or Gentoo 1.2 Linux 2.4.19 rc1-rc7)
Service detection performed. Please report any incorrect results at http://nmap.org/submit/.
Nmap done: 6 IP address (6 hosts up) scanned in 64.27 seconds 
Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.

Read more

Free-revision policy

The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.

Read more

Privacy policy

The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.

Read more

Fair-cooperation guarantee

By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.

Read more

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency