Network Security Assignment Questions 2022

Instructions:

1. Please submit the softcopy on Taxila

2. Last date for submission 10th July 2022
3. Run the experiment and submit the screenshot.
4. Cut and paste from internet is not allowed.
5. Viva will be conducted in coming contact sessions

1. Download “Nessus Professional” software tool (A Port Scanner) from the link
https://www.tenable.com/ and install in your system. You can sign-in for a free trail and down
load for your laptop or desktop OS compatible version. Install in your computer and use the
configuration user guide and configure:

1. Use Nessus tool and scan your entire OS and identify what are all the ports that are open.
2. List at least 10 applications and the corresponding ports used by them.
3. List the Network Protocol that each of the application uses.

2. Presume a scenario, in which you have opted to make an online purchase of an Apple IPad
through www.amazon.com.

1. Create a User Profile and capture a screen shot, identify the fields that captured
sensitive information. If the system does not ask for sensitive information, then state
that very clearly.
2. Use search Engine and Identify an Apple IPad you wish to buy. Go to buying cart
and capture a screen shot of what payment information does the system prompts you to
feed. Stop at that level. Do you see the system is adequately designed to protect
confidentiality, authenticity and integrity? What is the minimum security controls
required for such an ecommerce application and what controls do you see? Prepare a
comparative chart and document your findings.
3. Now, Exit the system. Choose Google Chrome Internet Browser and log in
again. What are the SSL configurations present at the browser? Capture
 screen shots, identify and mark those controls available? What version of SSL is used
at the browser level? Identify at the server level what is the version of SSL used? Exit
the system. Present Screen Shots and explain.
4. Choose Mozilla Firefox Internet Browser and log in again. What are the
SSL configurations present at the browser? Capture screen shots, identify and mark
those controls available? What version of SSL is used at the browser level? Identify at
the server level what is the version of SSL used? Exit the system. Present Screen Shots
and explain.
5. Do you see any difference in the SSL configurations between Mozilla and
Chrome? What differences do you see?

As a Network architect, what proposals do you make if Amazon wants to publish this
ecommerce website between their branches offices in a highly secured way along with other
communication sent? Why do you propose so?

3. Download “Wireshark” software tool (A Network Traffic Analyzer) from the link
https://www.wireshark.org/download.html and install in your system. Use the online
configuration guide and configure the basic tool.

Please ensure that the configuration mode switched to “Network Traffic flow Capture”
option. Now perform the following tasks and capture the output of network traffic flow.

1. From your browser type www.cisco.com and capture the screen shot produced by
the Wireshark Tool. Analyze and answer to the questions in the respective space
allotted.
2. 1. What Network Protocol was used for this transaction? (when you
browsed www.cisco.com)

2. What are the source IP address and destination IP address?

3. What was the port number used for this transaction?

4. What was the frame length you observe from the screen shot?

5. Which OSI layer was involved in this data transmission?

 Mark the port numbers and the network OSI layers through which the mail has
crossed and reached the destination

4. Go to play store and down load CRPTOGRAPHIC COMPILATION OF TOOLS app: Run
the Beginners session and perform Encryption and decryption of the
following PLAIN TEXTS. Record screen shots and provide here:

Sl Plain Text Encryption Method

#

1 Network Security Caser Cipher, Play Fair

2 Submit Your Assignment Play Fair ,Vigenere

3 Email alerts to Students Caser and Vigenere

4 Maintain 6 feet distance when you Caser, Play Fair and

meet people Vigenere

5 Identify the vulnerabilities Play Fair

5. Capture the traffic to/from Facebook using Wireshark during the time when you log in to
your Facebook account and answer the following:

1. Which version of IP protocol is being used?

2. What protocol is running over IP? Name the protocol.
3. If IPSec is being used, what mode of the protocol is - tunnel mode or transport
mode? Justify your answer.
4. What security header fields of IP Sec protocol are visible?
5. As part of IPSec, which count this IP datagram has?
a. How do you know that? Justify your answer.
6. What is the size of ESP SPI field in bits?
a. Does it match with your theoretical understanding?
6. Go to https://www.mailvelope.com download and install mailveleop compatible
to your browser.

Perform the following:

 1. Install, Configure and set up
2. Generate the Key and go to Key Management Section
3. Draft a mail and send your first mail with the PGB encryption
4. Open your mail box and click on the new mail received
5. Show the screen shot of Encrypted message
6. Decrypt and show the screen shot

7. Go to https://www.vpnbook.com and perform the following steps.

1. Open VPN
2. Go to VPN client
3. Choose windows installer
4. Verify 32 or 64 bit compatible installer
5. Down load VPN certificate
6. Install and configure in your system
7. Separately install the certificate
8. Store the User name and password for establishing peer-to-peer VPN
connection
9. Refer the online user manual for additional information

10. ESTABLISH peer-to-peer VPN tunnel and produce screenshots of all the
steps

8. Configure S/MIME security services on your outlook and perform the following
actions

1. Encrypt messages contents and attachments

2. Add digital signature to this message
3. Send this message as clear text signed
4. Request S/MIME receipt for this message
9. Download “Nessus Professional” software tool (A Vulnerability Scanner) from the link
https://www.tenable.com/ and install in your system. You can sign-in for a free trail and
down load for your laptop or desktop OS compatible version. Install in your computer and
use the configuration user guide and configure:
 1. Use Nessus tool and scan your entire OS for vulnerabilities. Allow the tool to complete
the vulnerability scanning. It might take couple of hours. Pl wait for the system prompt
for completion of the scan and run the report.

Identify from the report the Top 5 vulnerabilities existing in your laptop and provide
measure for arresting the vulnerability

10. Generate SSL certificate with Open SSL tool kit.

11. Presume a scenario, in which you have opted to make an online purchase of an
Apple MAC BOOK through Wal-Mart or Alibaba online web store.

1. Create a User Profile and capture a screen shot, identify the fields that captured
sensitive information. If the system does not ask for sensitive information, then state
that very clearly.

2. Use search Engine and Identify an Apple MAC BOOK you wish to buy. Go to buying
cart and capture a screen shot of what payment information does the system prompts you to
feed. Stop at that level. Do you see the system is adequately designed to protect
confidentiality, authenticity and integrity? What is the minimum security controls required
for such an ecommerce application and what controls do you see? Prepare a comparative
chart and document your findings.

3. Now, Exit the system. Choose Google Chrome Internet Browser and log in again. What are
the SSL configurations present at the browser? Capture screen shots, identify and mark those
controls available? What version of SSL is used at the browser level? Identify at the server
level what is the version of SSL used? Exit the system. Present Screen Shots and explain.

4. Choose Mozilla Firefox Internet Browser and log in again. What are the SSL
configurations present at the browser? Capture screen shots, identify and mark those
controls available? What version of SSL is used at the browser level? Identify at the server
level what is the version of SSL used? Exit the system. Present Screen Shots and explain.
5. Do you see any difference in the SSL configurations between Mozilla and
Chrome? What differences do you see?

6. As a Network architect, what proposals do you make if Amazon wants to publish this
ecommerce website between their branches offices in a highly secured way along with other
communication sent? Why do you propose so?

12. A multi-speciality hospital Head Quartered in Southern Part of Tamil Nadu has established
15 branches across Tamil Nadu, Kerala and Karnataka. They are using Hospital Management
Solution (HMS) and unsecured domain controller for profile authentication. All their locations
are well connected through internet, MPLS VPN. Their expansion strategies presented to
venture capitalists have brought a Foreign Information Technology and Security Controls audit
team which has identified the following major threats. Study each threat scenario and
recommend countermeasures to solve. Also explain what your base for such a recommendation
is?.

1. The HMS application was hosted in a native IP (192.168.1.xxx). What is the security
threats associated with this? What countermeasures do you recommend and why?
2. The payment gateway connected to their corporate website for patients to pay their dues is
not secured. Provide at least 3 methods for securing the transactions from the web browser
till the data base update.

3. The HMS application does not enforce change of password. There is no password standards
followed and no history of password stored in the database. What kind of security attach is
possible in this scenario? Provide solutions to overcome this situation. Identify and
recommend 5 password standards to be followed. Why is the history of password needed to be
stored?
4. The Domain Server is left unsecured. What possible security attacks are expected and
suggest ways to counter act.

5. All software applications used by the organization has an independent user name and
password creation and not uniform. How would you solve this issue?

13
a. Use Hill Cipher algorithm and encrypt the text “SAFEMESSAGES”. The key for
encryption is “CIPHERING”. Perform all the steps in detail and present.

b. What is the pre-requisite for the KEY before Hill Cipher Decryption? Evaluate and prove
whether the key CFJPNSKQY satisfy the condition.

Answer Hint:

a. The Plain Text “SAFEMESSAGES” will become “HDSIOEYQOCAA” cyber Text.

b. The key CFJPNKQY will not satisfy the condition dd-1 1 mod 26

14

Download “Wireshark” software tool (A Network Traffic Analyzer) from the link
https://www.wireshark.org/download.html and install in your system. Use the online
configuration guide and configure the basic tool.

Please ensure that the configuration mode switched to “Network Traffic flow Capture”
option. Now perform the following tasks and capture the output of network traffic flow.

From your browser type www.amazon.com and capture the screen shot produced by the
Wireshark Tool. Embed the screen shot in the answer sheet. Analyze and answer to the
following questions.

What Network Protocol was used for this transaction? (when you browsed
www.cisco.com)

What are the source IP address and destination IP address?

What was the port number used for this transaction?

What was the frame length you observe from the screen shot? Which OSI
layer was involved in this data transmission?
15

Study and Compare the Security Configurations (with respect to SSL) of the following
browsers

1. Mozilla Firefox

2. Safari or Google chrome

3. Opera

Steps to do:

Install the current version of the above browsers in your laptop/ desktop

Use every browser and reach the home page of any banking website: ex
www.icicibank.com

Go to the browser setting page and capture the SSL configuration

Study against the standard SSL requirements and compare.

Make screenshots of all your activities and provide them in your answer sheets Analyze and
comment on your observations. Use the following table as a reference for comparison.

Comparative Analysis of SSL capability

Sl no Browser Browser Browser

Internet Explorer Google Chrome Fire Fox

SSL GAP
Standard