Australia
UK
USA
- Case StudyHelp.com
- Sample Questions
CCA Pty Ltd Case Study
Your report should detail the following section and points below commensurate with the marks allocated and be addressed primarily to the management of CCA Pty Ltd who are not security or IT experts. Some issues
may require the acquisition of new software and hardware; you should identify suitable products that could be used to resolve the issues. Your proposal should adhere to industry security best practise and produce a secure and functional network installation for CCA Pty Ltd
Addressing Identified Issues (35 marks)
Vulnerabilities should be ranked based on a simple risk assessment methodology
Consider any necessary changes you think appropriate to the network design
Consider any necessary changes you think to the server and client deployment
Identify appropriate remediation for each identified issue and explain fully in language appropriate for the customer
Implicit/Unidentified Issues (20marks)
Vulnerabilities should be ranked based on a simple risk assessment methodology
Consider any necessary changes you think appropriate to the network design
Consider any necessary changes you think to the server and client deployment
Identify appropriate remediation for each identified issue and explain fully in language appropriate for the customer
Policy Development (25marks)
Develop basic polices need to better secure the network; as a minimum the following should be
considered:
Password Policy
Acceptable Network Usage Policy
Acceptable Internet Usage Policy
Acceptable Email Usage Policy
Network Design (10 marks)
Provide a detailed network diagram showing your proposal
You may want to consider multiple diagrams to separate physical & logical components
Presentation(10Marks)
Grammar & spelling
Report format
Overall presentation
Appropriate referencing for a customer report This assessment will be worth 40% of your final assessment
CCA Pty Ltd Case Study Information
CCA Pty Ltd are suppliers and publishers of printed media primarily for the enterprise IT training
industry. Products include course manuals, test booklets and IT technology reference books.
All of their sales are currently done via e-mail or direct contact with customers. CCA Pty Ltd has recently upgraded
their Internet connect ion to ADSL2+on a 250GB pcm plan in order to cater for the future possibility of having an online store. You have been hired as a network security consultant to advise on security issues as a result
of the recent re-structuring of the network. The customer would also like to investigate the option of publishing their product online and be able to receive orders via a web application. They don’t need specific recommendations with respect to products but they would like some generic ideas on how to accomplish these goals. The following is a set of notes that have been gathered by the lead consultant and you, as a junior consultant , must now analyse these and
complete a report to be presented by the Lead Consultant to the customer:
Network Details :
The following are the network details as reported by the lead consultant. Broadband Router
Billion BiPAC 7700N R2
Out of the box installation with only authentication details configured Gateway Server This machine has been deployed as the egress point of the network to the Internet. It was installed by the CEOs 20 year old son who is studying his third year of a computer science degree. The server is running pfSense 2.0.3 as its operating system and has been installed using default options in the main. No further hardening on the O/S has been performed.
Configuration Information
ntel Core i5-4440 processor
4GBRAM
250GB Serial ATA HDD
2 x10/100/1000Intel Network CardoExternal IP Address: 244.100.100.22(ISP Provided)oInternal IP address:
10.10.40.1
Services Installed
oNAT Overload
oDNS Forwarder
oProxy Server
oSPI Firewall
oSupport for only IPv4
oDHCP Server
DHCP Scope range:
10.10.40.0/24
Windows 2012
Database Server This server is maintained currently by an external database contractor
. The contractor has asked for remote access to manage the server remotely instead of attending site.
Configuration Information
Intel Core i7
8GB RAM
2×500 GB Serial ATA HDD
oConfigured RAID 1
10/100/1000Intel Network Card
oInternal IP address: 10.10.40.20/24
3TB External drive used for backups
Softwareo Windows 2012 Server R2Standard 64-bit (patch level unknown)
oMicrosoft SQL Server Standard 2014(patch level unknown)
oIIS Installed for internal intranet
Windows 2012 File Server The file server was installed about 2 years ago and has never been rebooted. Its primary role is the sharing of internal documents and printer sharing. The IT provider that installed the system has
since gone out of business and the server has not been actively supported for nearly 12 months .
Configuration Information
Intel Core i7
16GBRAM
4x250GB Serial ATA HDD
oConfigured hardware RAID 5
10/100/1000Intel Network Cardo
Internal IP address: 10.10.40.21/24
2x3TB external drives used for backups
Software oWindows 2012ServerR2 Standard 64-bit(patch level unknown)
Provides AD services through the domain “CCA”Client PC Details
There are 25 computers in the organisation that are relatively new
. They are all identical with respect to hardware and installed software.
Configuration Information
Intel Celeron J1800 2.58GHz
2GBRAM
128Gb SSD
10/100/1000Intel Network Card
Windows8.1 64-bit(patch level unknown)
Office 2010 Professional
–standard installation
All applications are run locally
Various browsers are used for web access
oIE
oFirefox
oOpera
All PCs can access the Internet unrestricted.
The machines have varying desktop configurations.
Level of maintenance is poor
.
Patch levels unknown but likely never been patched.
No AV software installed
Network
All of the Servers, PCs and the ADSL modem connect to a single
48portCisco 2960 switch.
oNo configuration done on the device out of the box.
IP addresses are received from the pfSense server using the range detailed earlier under the
pfSense configuration.
Cabling is UTP Cat5 withdual24 port patch panels located in the server room
Other Details
Servers are all located in a small (3m x 3m) server room located in the back corner of the open place office space.
oThis room is generally locked. There are 5 known keys for the door but not all keys are accounted for. Known key holders are the CEO, the CEOs son and the HR Manager.
oThere is a small A/C unit that provides cooling to this room with temperatures
generally between 26-27 degrees celcius.
oThere is currently no working UPS power.
oThe switch, patch panels and DSL router are also all in this room.
oThere is a 10RU communications rack on the wall of the server room that houses the
switch, patch panels and DSL router.
oThe servers are located free standing on a large cupboard on the opposite side of the server room from the communications rack.
oCables cross the carpet between the servers and the communications rack and are taped using heavy tape to the floor.
oA single monitor, keyboard and mouse is shared between all of the servers but no KVM is used.
Backups are performed daily on the file and SQL servers using an automated copy process that copies everything to the external hard drives.
oNo verification of backup is done.
All users have administrator access to their PCs.
Users have full admin rights to the database server.
The admin credentials for the pfSense server are currently unknown.
There is no administrator access to the file server as the password has been lost and the IT
contractor who installed it is now out of business.
All staff share a single domain account to simplify access rights to files.
o“CCA_User”
oPassword: P@ssw0rd1
The external domain cca.com.au is hosted by the ISP.
Only reception staff have access to e-mail accounts which are hosted by the ISP.
Since installing ADSL2+they have been receiving up to 150 spam messages a day each.
No documentation of systems or configurations available on demand.
No visible policy documentation,upon query-none developed.
Firewall rules are unknown and should be created from scratch.
No IDS or VPN capability installed.
Database server access is performed across plaintext tunnels.
Web Services do not provide SSL
AV software on servers is also unknown.
There 6 various laser printers dotted around the office.
oThey are all network capable.
o2 are currently attached to the network, 4 are connected directly to PCs
The customer would like to investigate deploying a web server on their own network in order to service customer orders directly but would like so me advice and suggestions on how to do this.
The customer would also like to implement wireless access to the network for visitors and staff alike but have no idea how to do this. You will need to provide some basic recommendations on how to do this and include it in your overall design.
Please CHAT WITH LIVE Assignment Advisor to get assignment help at low price
Chat with our 24 x 7 Online Agents CLICK CHAT NOW
Ask Your IT Management Assignment Question?
Check out our Fundamentals Assignment Help Services
Find Your MBA Assignment Experts
