CS3609 | Cybersecurity Coursework Template
Added on 2022-09-12
6 Pages2258 Words20 Views
|
|
|
CS3609 CYBERSECURITY COURSEWORK TEMPLATE
STUDENT NUMBER:______________________
SYSTEM ARCHITECTURE DIAGRAM ( 1 PAGE ):
A diagram depicting the environment (nodes, networks, applications)
Figure-1: System Architecture
(Source- Created By Author)
STUDENT NUMBER:______________________
SYSTEM ARCHITECTURE DIAGRAM ( 1 PAGE ):
A diagram depicting the environment (nodes, networks, applications)
Figure-1: System Architecture
(Source- Created By Author)
SYSTEM ARCHITECTURE DESCRIPTION ( UP TO 2 PAGES ):
A narrative analysis of the environment that covers nodes, networks and applications. This must
include articulation of the elements of the office network, identifying possible risks in the network,
devices and applications (and any assumption made).
Brunel Tech Start-up has set up their new office and is setting up a new network required for the
company to carry out all the business related activities efficiently along with the presence of cloud
service provider for the same.
Firstly, the entire local area network of the company consists of a main router from where all the other
existing sub routers of the network receive the required network connection. Each of the sub router
consist of a switch with the help of which the sub routers controls the equipment attacked to the same.
There are three main sub routers connected to the network.
The first sub router is present within the machine room that consists of a Linux server belonging to
the company that acts as an internal storage for storing all the data along with the information
belonging to the company. To store the information of the company internally, a SQL database along
with a Linux Controller is connected to the Linux Server for storing all the information locally. In this
section of the company, there is the possibility of any employee taking the advantage of the access to
the internal database of the company and make use of the data towards illegal activities. In addition to
this, there is also the shared possibility of database injection attacks that provisions the attacker with
the particular access to the database in an unauthorized manner.
Next, a sub router has been placed within the conference room to which a switch is connected for
controlling all the devices present inside the conference room. The conference room consists of a
projector meant for the purpose of carrying out meetings inside the room and showing related
information on the projector for the people to get hold of the agendas and other related information. A
gaming PC has been placed within the conference room to carry out all the activities related to
graphics. A device for conference calls to clients, namely VOIP phone has been placed. To carry out
the conference calls without any errors, a PBX has been placed along with a VOIP network to
provision for the same. This VOIP phone is mainly kept for carrying out all the conversations with the
clients and provide the clients with the information related to their project to keep the client updated
with the progress of the project. In case of the routers as well as the sub routers, there is the possible
threat of unauthorized access from external sources, rerouting, session hijacking, DoS as well as
masquerading. Such threats carry the potential ability to steal the data that belongs to the company
and make use of the same for online existent illegal practices.
For the employees, a separate server meant for the working room has been installed along with a
switch to control all the connected devices present within the working room. Each of the desk present
within the working room will be provisioned with separate working stations for each of the individual
employees. All of the working stations has been connected with a single switch, with the help of
which all of the working stations will be controlled along with turning on and off. Common risks to
the workstations upon which the employees will be working are the likes of DOS, ransomware as well
as malware attacks. All of the risks that have been mentioned include the possibility of preventing the
user from accessing their own data and pay a ransomware to regain access to the same.
Another sub router has been kept under the main router that has the only purpose of carrying out the
connection of a Wi-Fi. A Wi-Fi device has been installed and connected to a switch, which connects
to the sub router for the Wi-Fi connection. This wireless network has been installed for the benefits of
the employees to download all the documents from the server using the Wi-Fi connection. The Wi-Fi
device can have associated risks such as unauthorized access from some external source that might get
into the communication of the user with the device and get hold of all the data that is a part of the
communication.
Lastly, the company is also using the services of Amazon Cloud for storage of important information
A narrative analysis of the environment that covers nodes, networks and applications. This must
include articulation of the elements of the office network, identifying possible risks in the network,
devices and applications (and any assumption made).
Brunel Tech Start-up has set up their new office and is setting up a new network required for the
company to carry out all the business related activities efficiently along with the presence of cloud
service provider for the same.
Firstly, the entire local area network of the company consists of a main router from where all the other
existing sub routers of the network receive the required network connection. Each of the sub router
consist of a switch with the help of which the sub routers controls the equipment attacked to the same.
There are three main sub routers connected to the network.
The first sub router is present within the machine room that consists of a Linux server belonging to
the company that acts as an internal storage for storing all the data along with the information
belonging to the company. To store the information of the company internally, a SQL database along
with a Linux Controller is connected to the Linux Server for storing all the information locally. In this
section of the company, there is the possibility of any employee taking the advantage of the access to
the internal database of the company and make use of the data towards illegal activities. In addition to
this, there is also the shared possibility of database injection attacks that provisions the attacker with
the particular access to the database in an unauthorized manner.
Next, a sub router has been placed within the conference room to which a switch is connected for
controlling all the devices present inside the conference room. The conference room consists of a
projector meant for the purpose of carrying out meetings inside the room and showing related
information on the projector for the people to get hold of the agendas and other related information. A
gaming PC has been placed within the conference room to carry out all the activities related to
graphics. A device for conference calls to clients, namely VOIP phone has been placed. To carry out
the conference calls without any errors, a PBX has been placed along with a VOIP network to
provision for the same. This VOIP phone is mainly kept for carrying out all the conversations with the
clients and provide the clients with the information related to their project to keep the client updated
with the progress of the project. In case of the routers as well as the sub routers, there is the possible
threat of unauthorized access from external sources, rerouting, session hijacking, DoS as well as
masquerading. Such threats carry the potential ability to steal the data that belongs to the company
and make use of the same for online existent illegal practices.
For the employees, a separate server meant for the working room has been installed along with a
switch to control all the connected devices present within the working room. Each of the desk present
within the working room will be provisioned with separate working stations for each of the individual
employees. All of the working stations has been connected with a single switch, with the help of
which all of the working stations will be controlled along with turning on and off. Common risks to
the workstations upon which the employees will be working are the likes of DOS, ransomware as well
as malware attacks. All of the risks that have been mentioned include the possibility of preventing the
user from accessing their own data and pay a ransomware to regain access to the same.
Another sub router has been kept under the main router that has the only purpose of carrying out the
connection of a Wi-Fi. A Wi-Fi device has been installed and connected to a switch, which connects
to the sub router for the Wi-Fi connection. This wireless network has been installed for the benefits of
the employees to download all the documents from the server using the Wi-Fi connection. The Wi-Fi
device can have associated risks such as unauthorized access from some external source that might get
into the communication of the user with the device and get hold of all the data that is a part of the
communication.
Lastly, the company is also using the services of Amazon Cloud for storage of important information
and data belonging to the company for the purpose of backing up all the data to provide support to
situations where data losses can occur. To mitigate such potential happenings, Amazon cloud services
have been installed within the organization. The system architecture consists of an Amazon Server
that is connected to a cloud storage. On the other hand, the main router is connected to the Cloud
storage and gets access to the Amazon Server through the cloud.
RISKS & COUNTERMEASURES: A RISK MODEL ( 1 PAGE ):
A risk model presenting identified risks (in a) using a recognised cyber security risk modelling
technique. Clear links to at least three countermeasures should be highlighted.
Risk
Number
Risks Likelihood
(1-5)
Impact
(1-5)
Overall
Risk (1-25)
Risk Level Mitigation
R1 Ransomwar
e attacks.
3 4 12 High Installation
of specific
tools on the
network of
the
organizatio
n to stop
the access
of such
ransomwar
e attacks
taking
place.
R2 Database
injection
Attacks
4 5 20 Medium Validation
of inputs
made by
user as well
as usage of
parametrize
d queries.
R3 Denial-of-
service
attacks
5 5 25 Medium Deployment
of anti-DOS
hardware
as well as
software
modules to
prevent
such
attacks.
R4 Repudiatio
n.
4 4 16 Low Usage of
digitalized
signatures
to ensure
that there is
no
provision to
the online
criminals to
copy the
signatures
and get past
access
situations where data losses can occur. To mitigate such potential happenings, Amazon cloud services
have been installed within the organization. The system architecture consists of an Amazon Server
that is connected to a cloud storage. On the other hand, the main router is connected to the Cloud
storage and gets access to the Amazon Server through the cloud.
RISKS & COUNTERMEASURES: A RISK MODEL ( 1 PAGE ):
A risk model presenting identified risks (in a) using a recognised cyber security risk modelling
technique. Clear links to at least three countermeasures should be highlighted.
Risk
Number
Risks Likelihood
(1-5)
Impact
(1-5)
Overall
Risk (1-25)
Risk Level Mitigation
R1 Ransomwar
e attacks.
3 4 12 High Installation
of specific
tools on the
network of
the
organizatio
n to stop
the access
of such
ransomwar
e attacks
taking
place.
R2 Database
injection
Attacks
4 5 20 Medium Validation
of inputs
made by
user as well
as usage of
parametrize
d queries.
R3 Denial-of-
service
attacks
5 5 25 Medium Deployment
of anti-DOS
hardware
as well as
software
modules to
prevent
such
attacks.
R4 Repudiatio
n.
4 4 16 Low Usage of
digitalized
signatures
to ensure
that there is
no
provision to
the online
criminals to
copy the
signatures
and get past
access
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents