a.

In order to make a secure communication from remote office to the main office, we have to
implement some encryption protocol into our existing network,

First Protocol will be PPP which is point-to-point protocol and it will provide encryption services at
layer 2.

Secondly we will make a tunnel , in simple words we will use IPSec which is again a security protocol
and will provide encrypted virtual private network (VPN) from remote to the main office.

b.

In this step we will make sure that all the senstive traffic from remote to the servers is encrypted.

So first of all we will enable only https service on our servers and Secondly we will again use a VPN
tunnel which will provide another layer of encryption and will keep
our traffic secure and private.

c.

Now we will ensure that wifi is not open and it should be used some kind of encryption.
For that purpose we will use WPA2 which is the most advanced available encryption out there.

Secondly we can limit the number of users and also can use the mac-filtering feature and these both
technqiues will ensure that nobody from outside will come into our wireless network.

Task-2

Network monitoring is no doubt one of the key factor in network security. Becasue a network
monitoring software has the ability to monitor the network performance in real-time.

It means that whenever a malicious activity or failure will occur in the network, it will immediately
alerted via various methods like email.
With the rapid relay of information it allow us to take the corrective actions in the eariler stage of
network breach.
Additionally These monitoring systems eliminates the need of physical system administrator and
manual checking of the network.
Eventually it benefits the organization and will save both time and money.

Now here the question is , what should be monitored , so we have to monitor the traffic that is
coming from outside network and the most used service is web which runs on port 80 or on 443. And
it should be monitored.

Intrusion detection is a security measure that organization must consider for monitoring and
detection of malicious activity in the network,
There are a lot of intrusion detection devices are available out there, some of them react to malicious
action and alert the admin, while some perform passive funtionality.
Intrusion Detection appliances are used to monitor network traffic ,analyze it and looked for a pattern
in the traffic and when that specific pattern found then it alert the administrator about suspicious
activity.

SolarWinds Network Performance Monitor is one of the best software available for network
monitoring, It quickly diagnose the problem and resolve the performance issues.

Task-3

OpenVas is vulnerability scanning tool ,which is totally free and open-source.

Initially it started as a GNusses, In its starting days , it began as fork fo the Nessus which was also an
open-source scanning tool but in 2005 Nussus became propritary.

Originally OpenVAS was purposed by pentesters of Security Space and also discussed with Portcullis
Computer Security. Eventually announced by Tim Brown at Slashdot. OpenVAS is also a member of
Softwarein the public interest.