SEM I 2021/2022

DDWC 3343- COMPUTER SECURITY

GROUP PROJECT

Description:

As the world becomes more connected to the networks, the significance of network security
will certainly continue to grow. Security issues for networks are visible and important, but
their analysis is similar to analysis done for other aspects of security. That is, we need to ask
questions about what we are protecting and why are protecting it. In particular, we ask:

• What are the assets?

• What are the threats?
• What are the threats agents?
• What are the controls?
• What is the residual, uncontrolled risk?

Many controls in computing system are also useful in network, but controls that are specific
to networks are firewalls, intrusion detection system (IDS), honeypot, intrusion prevention
system (IPS) [as shown in Figure 1] and secure e-mail.

DMZ

Figure 1 Network Control Devices

Task:
Watch YouTube video listed below and answer questions as in the given scenarios:

• Firewall: https://youtu.be/kDEX1HXybrU
• Firewall: https://youtu.be/aUPoA3MSajU
• IDS/IPS: https://youtu.be/gHMkEKGwBM
• DMZ: https://youtu.be/dqlzQXo1wqo
• Honeypot: https://youtu.be/FihkG72z7MQ

Scenario 1

You are working at Fuyooh company. As in IT security manager, you propose to install
Network-Base Intrusion Detection System (NIDS) to the company system. The installation
proposed as in figure 1 below:

Figure 1: Proposed NIDS installation

In the way to convince your company for your installation idea, write a report to justify your
proposal. You should justify:

• Definition of IDS
• Type, purpose and function of IDS that available in marketing
• Justification of your idea. Why you choose NIDS over IDS.
o Your justification must be clear and detail that include the benefit or lost for
the installation
Scenario 2

1. Compare and contrast packet filter firewall, Application proxy firewall and hybrid
firewall. Discuss how these firewall works.
2. Firewall is an extremely useful security measure for an organization. However, it
does not solve all of the security problem. List limitation if firewall. Give a situation
to explain the limitation.
3. Discuss the consequences faces by an organization when installing a single firewall
behind a web server but I front of the private LAN of the organization.

Scenario 3

1. As an IT specialist, you are given a task to secure an email. Discuss how email
security can be implemented? Your discussion should include security feature and
design of secure firewall.
a. To discuss the security feature, you should consider a threat that could
happen to email and design the solution. You may suggest at least 4 threat
and design solution to protect your email.