PORTFOLIO

Student Version

ICTNWK546
Manage network security
 CONTENTS
Section 1: Security design preparation 5
Section 2: Security design and policy 7

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 3 of 12
Oct 2022 Oct 2023 2
 Student name: Tilak Adhikari

Assessor: Zaman

Date:

Business this assessment is This assessment is based in the ICT related company known as IT
based on: linked group. The main aim of this company is the convert the ICT
products to the values for their customers.

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 4 of 12
Oct 2022 Oct 2023 2
 Section 1: Security design preparation
Network For network security we can consider the following points
security
 Setting string password policy
planning
Provide an  Improving the email security system.
outline of  Properly and securely handling and maintaining the technologies.
the
processes  Setting policies for using social media and internet form corporate network.
you will  Planning for back up and restoration.
use to
plan, build After knowing all about the company’s infrastructure via the investigation we are now
and sure that there is no any kind of security is inbuilt or available within the company.
manage a So while creation the new network design of the company we will be focusing more
network in the security side of the network and the systems. We will implement different
security kinds of security such as firewalls, ACL, security in the wireless technologies, etc.
design to For better security we will also use different kinds of security while setting up the
meet the router and switches.
organisati
on’s Therefore ultimately we will use Wireshark and other monitoring tools of same kind
requireme for monitoring and determining the data flow and any kind of security intrusions
nts. within the network.

ICT assets The categorization of the ICT assets of the IT biz company are given
Provide an as below:
overview
of the
organisati
High Medium Low
on’s
assets that
Detailed information Components Different kinds of
need
required for software
protecting. And Data
networking
Remembe
r assets
Servers Computers, routers
are not
just and switches
physical
assets.
Categorise
each of
the assets
in terms of
their value.
The value
does not
need to be
a
monetary

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 5 of 12
Oct 2022 Oct 2023 2
 value but
instead
can be
based on
the value
to the
organisati
on e.g.,
high,
medium,
low, etc.

Threat Malware: It enters to the system via the rogue software that are designed in such a
modelling way that it seems genuine. Not only the normal hackers the big companies had also
Describe done such kinds of frauds for
at least Monitoring and stealing the data from their customers. The entered malware can
three defect the computer directly by making it malfunctions or monitoring the user’s
major activity without being known by the user the while time. Once it gets infected even
threats to after uninstalling that rogue software will not solve the problem.
network
security This attack is also more likely to happen within the IT Biz company as there is no
that can any security and these kinds of attack preventing system available within the
happen to company.
any Basically, his type of attack cannot be performed easily and seen in daily basis. But
organisati
since the company has many confidential data and information about the users and
on, as well
the employees and also no any kind of security systems it can be the target of this
as where
kind of attack at any time.
these
threats
originate
from.
For each
threat,
describe a
system
vulnerabilit
y that may
have led to
the threat.

Risk Threats Risk control Risk ranking (1-5)

managem measures
(Where 1= lowest
ent plan
and 5=highest)
For each
of the Malware Upgrading the 5
threats system with the
you have latest security
identified, patches and using

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 6 of 12
Oct 2022 Oct 2023 2
 identify the antivirus software.
level of
risk that Advanced persistent Upgrading the 4
the threat threats system with the
presents latest
(use a risk
legend to DDos attack Utilizing the different 2
do this). kinds of anti-ddos
antiviruses intrusion
Rank the
prevention system,
threats in
cloud computing etc.
order of
severity
from least
severe to
most
severe.
Outline a
risk control
relevant to
each
threat.
Use the
table
included in
the
Portfolio to
develop
your plan.

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 7 of 12
Oct 2022 Oct 2023 2
 Presentati
on
Write the
title of your
presentati
on here
and attach
it to your
Portfolio.

Presentation ☐

Attach:

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 8 of 12
Oct 2022 Oct 2023 2
 Section 2: Security design and policy
Network As per the network security design we will incorporate all the components as per
security design the description provided in the scenario and the plan above. But since there are
no any security system available within the company we will add firewall as the
Provide an
hardware security and for other security we will configure the devices accordingly.
overview of
Here firewall will act as the data filtering device that will filter all the incoming and
your design to
outgoing data packages as per the rules assigned within it.
protect
network
security.
Include
screenshots to
illustrate your
work as
required.
Make sure you
consider
manufacturer’s
recommendati
ons for use of
the tools you
will incorporate
into your Figure 1 Network security design
design. Write
about how you
have done this. The above provided is the network security design for the IT biz company. Here
we used router to communicate with the internet. To separate the departments,
Further,
we have used the switches. There is also an printer that can be used by all the 90
include the
computers. So as per the security we have used firewall which is hardware and
costs of the
visible in the diagram but as per the other software related security we will be
equipment/soft
using access control list and antivirus software that will help to filter and define
ware you have
the IP addresses which can access the network and also scans and eliminate the
identified and
viruses
document
them here. In the computers respectively,
The table provided below sows the require price for the hardware and software
within the company:

Hardware

Particulars Cost(AUD $)

Micrrotik routers $1100

Microtik switches $3500

Firewalls $1800

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 9 of 12
Oct 2022 Oct 2023 2
 PC’s $12000

HP Printers $750

Software

Window 10 Pro $1250

Antivirus $1000

Total $21400

Security Purpose of the policy

policies
The main purpose of the security policy is to describe about the different kinds of
Develop and security policies and procedures that are going to be used at the time of research
document or that has been used at the time of researching. The
security
below mentioned all the security policies are to be applied to all kind of
policies to
accompany research in this project. Any of the staff members who don’t follow the
your network any kind of security rules and regulations will be fired instantly and all
security
design. his privileges will also be taken away.

Your security Security policies

policy must Used identity managing policy
include as a
minimum:  The username and passwords of each and every staff will be

 Purpose  unique. So no one is allowed to write the passwords in the paper

of the or share it to anyone else.
policy.
While assigning new roles to the staff or if the staff wants it
 Key
personally then they have to consult with the IT administrator so
procedure
s relevant that he will make it accessible using different kinds for security
to
procedures in place.
maintainin
g security  The IT administrator should be informed if any non-usable or
e.g.,identit unnecessary roles to the staffs to maintain the proper security standard within the
y company.
managem
ent, threat Password policy
managem   A password created should be at least 8 character long.
ent
(including   The passwords should be updated after every 1 month of time.
incident  The password should contain at least one number, one special;
response character and one capital letter.
procedure

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 10 of 12
Oct 2022 Oct 2023 2
 s) and  The passwords that has already been created by in users cannot be used
auditing by another user.
procedure
 If the user enters the password incorrectly for 3 times in a row then
s.
he/she will be blocked.
As a guide
your policy
should be 2 – Risk managing policy
3 pages. Write
 The system should be checked every 24 hours and the morning should be
the name of
done 24/7. So if any is seen observed the action should be taken
your policy
immediately to eliminate them.
here and
attach it your Incident response policy
Portfolio. For this policy most important part is following the backup policies properly.

  The backups are to be made regularly by the IT administrations.

 The users and the staff members always should backup their
files in the cloud or the internet rather than in the local disk
as to will be erased after backing up. They should be
informed in regular basis by the IT teams of the company.
 Hot backup
 The backup should be done hourly, daily and regularly as it
should be made available for restoration within 2 hours.
 This backup are only accessible to the system admins and
are only used for making the system back up and cannot be
share with anyone else.
 Offline backup
 This kind of backup is made on weekly or the monthly basis
which are used for backing up the data in different data
centre. They are stored in the tapes and should be available
within 24 hours for restoration if any kind of incident
happens.
 The information about the staff and the users should not be
leaked by any means and should be made available only for
the offsite backup.

Auditing processes

 Properly determining and explaining the scope of the auditing

 Determining the risks.
 Properly evaluating and maintaining the changes of the
policies as per the requirement.
 Reviewing the password policies.
 Ensuring that the secret data of the company are safe and
secure.

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 11 of 12
Oct 2022 Oct 2023 2
 Feedback
Write the
feedback you
received here
and your
response to it.

© Sydney City College of Management Pty Ltd

RTO: 45203 CRICOS: 03620C Date Revision date Version
File Name: ICTNWK546 Student Resources Page 12 of 12
Oct 2022 Oct 2023 2