Enterprise Communications: Security, Mail, and Network Practical

Verified

Added on 2022/10/06

AI Summary

This practical assignment for the ICT50415 Diploma of Information Technology Networking Competencies focuses on securing enterprise communications. Students are tasked with researching and understanding SSL and TLS, including their differences and applications. The assignment involves deploying and configuring an Exchange Server, setting up Thunderbird, and analyzing network traffic using Wireshark to identify security vulnerabilities in unsecured email communication. Students then re-enable certificate services and TLS security, retesting mail connectivity and analyzing the secured traffic. The exercise includes detailed journal documentation with screenshots and troubleshooting logs. The aim is to understand and implement secure communication protocols, identify security risks, and configure secure email systems, including the use of certificates and TLS to protect data integrity and confidentiality.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Enterprise Communications – Practical Activity 4
Department of
Computing and Information Technology
EnterpriseWeb Authoring
Semester 2, 2019
Version 1.0: 31/08/2024
ICT50415 Diploma of Information Technology Networking
Competencies
 ICANWK501: Plan, implement and test enterprise communication solutions
 ICTTEN512: Design and implement an enterprise voice over internet protocol and a
unified communications network
 ICTNWK505: Design, build and test a network server
Instructions
To Students
 Submit your assessment items by the specified dates
 Present material according to IT Dept. standards
specified.
 Practical activities are to be noted down in the student
journals specifically for this subject. Marks will be
allotted according to the practical and the write up.
Method Introductory Activity – Assessed as a Prac in-class activity
Due Date As completed. Refer to subject outline.
Tools &
Equipment
Windows Based Computer(s) with Virtualisation Environment
Grade A satisfactory assessment.
UNCLASSIFIED : SS 18-Jul-2019 L:\CAIT\Teaching\T&L\201920\ICT50415\ENTERPRISE_COMMUNICATIONS\RESOURCES\EC_Prac4.doc

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Enterprise Communications – Practical Activity 4
Practical 4
Aim
You will recall back in Prac 1 & 2 that when we installed Thunderbird it issued an
interesting security warning message. This was a result of the lack of security functions
that we implemented within our mail server.
The aims of this exercise are to investigate some of the security mechanisms that ways of
ensuring the integrity and security of the messages that we are transferring. In particular,
we will investigate Certificates, SSL and TLS.
This exercise is to be done individually.
This exercise will be completed within a VMware Workstation 12.x/14.x Environment.
You must maintain an error log sheet and mention how you troubleshot the issues.
Read the entire activity before starting!!!
Document the steps that you followed in your Journal. Journal must have full
screen and clear screenshots.
Activity 1
In this activity we will research some terms from the internet.
 Research the following terms:
 SSL
 TLS
 How does TLS and SSL Differ? Explain in your own words, strictly no copy and
Paste.
 List the websites that you referred to provide effective definitions and explanations for
these terms.
 Document your research in your Journal.
Tasks Done
SSL refers to Secure Sockets Layer and it can be described as the default
technology for maintaining a safe link to the internet and preserving the
confidential information transmitted among two networks, prohibiting hackers
from viewing and manipulating any transmitted data. These two systems can be
a customer and server or servers to databases.
TLS (Transport Layer Security) is essentially a stronger, upgraded edition of SSL. The
protection licenses are still referred to as SSL since it is a popular term, but when you
purchase SSL from Symantec, ECC, RSA and DSA are given as the authentication
choices.
Activity 2
UNCLASSIFIED : SS 18-Jul-2019 L:\CAIT\Teaching\T&L\201920\ICT50415\ENTERPRISE_COMMUNICATIONS\RESOURCES\EC_Prac4.doc

Enterprise Communications – Practical Activity 4
In this activity we will quickly redeploy Prac 2.
 Deploy an Exchange Server 2012/2016 system as per Prac 2.
 Set up Thunderbird
 Disable any certificate services or TLS security. Restart the POP/IMAP service
o You may have to research the internet on how to do this.
 Test mail connectivity using the Exchange Web services
 Establish mail connectivity between accounts.
 Document the steps that you followed in your Journal.
Tasks Done
The facilities offered by digital licences are:
 Encryption: This assists in securing information shared from fraud or abuse.
 Verification: Validate that their owners (persons, sites, and network equipment)
are in fact what they seem to be or not. Authentication is one-way, during
which the origin authenticates the enemy's identity.
The Web Management system in IIS uses this Windows self-signed license to allow
centralized maintenance of the cloud server and related sites and applications.
When you delete this license, the Web Management system will not begin unless
a legitimate license is chosen.
Activity 3
In this activity we will examine packets transferred between our unsecured mail system
and our base OS set up in Activity 2.
 Load the latest version of Wireshark in client machine (Workstation Virtual machine)
 Sniff packets on the VMware interface
 Start SMTP and POP 3 mail transfers between the Thunderbird client and the server
 Sniff for SMTP data
 Sniff for POP3 data
 Analyse the data packets
 Are there any observations that you can make with regards to data security?
 Document your observations in your Journal.
Tasks Done
POP3 is generally used for server correspondence. For example, when you want to
view messages that occur on a central database without uploading them to the user.
IMAP4 is employed when server exploitation is needed. SMTP typically provides
server-to-server interaction.
UNCLASSIFIED : SS 18-Jul-2019 L:\CAIT\Teaching\T&L\201920\ICT50415\ENTERPRISE_COMMUNICATIONS\RESOURCES\EC_Prac4.doc

Enterprise Communications – Practical Activity 4
The distinction among IMAP and POP is that the mail is always stashed on the server
in IMAP. It will not be accessible on another device if you erase it from a device.
Erasing an downloaded mail in POP might erase that server mail.
SMTP privilege passwords are generally partitioned into three classifications that are
organized to assist you in comprehending weaknesses. The SMTP privilege password
techniques and specifics are addressed:
Activity 4
In this activity we will re-enable certificate services and TLS security. Reconnect the mail
client application (you may remove and setup the account again)
 Deploy the Exchange system as per Prac 2 within a virtual environment.
 Ensure that all certificate services and security (i.e. TLS) is enabled. Restart the
POP/IMAP service
o Again, you may need to research how to do this on The Internet.
 Set up Thunderbird
 Establish mail connectivity between accounts.
 Sniff the traffic as per Activity 4.
 Document the steps that you followed to re-enable secure communications.
Tasks Done
Secured communication established.
Activity 5: Observations
 Are there any observations that you can make with regards to data security?
Document your observations in your Journal.
 Are there any observations that you can make with regards to your results in
Activities 3 and 4? Document your observations in your Journal.
Tasks Done
Be it Exchange Server 2013 or the Exchange 2016 Setup, they are well aware
that a target computer is similar to a Directory domain controller. Therefore,
it is not recommended to install Exchange at least on the domain controllers.
If you still do that, be ready to face the following problems.
 First, you can face support problems when Configuring Exchange for
Active Directory split permission.
UNCLASSIFIED : SS 18-Jul-2019 L:\CAIT\Teaching\T&L\201920\ICT50415\ENTERPRISE_COMMUNICATIONS\RESOURCES\EC_Prac4.doc

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Enterprise Communications – Practical Activity 4
 The universal security group which is the trusted Exchange Subsystem is
inserted to the Domain Admins group. This act is responsible to grant
domain rights to all Exchange server domain holders.
 You can face performance issues for resource-intensive applications like
Exchange Server and Active Directory when working on the same system.
 Exchange services do not work correctly on the much required global
catalog server for domain controllers.
 Delay in system shutdown is possible in case you forget to close the
Exchange services before shutting down the server.
 You will face problems in degrading the domain controller to just a
member server.
 Support problems are encountered when running the Exchange on Active
Directory domain controllers like clustered notes.
Seeing these issues, it is wise to install Exchange on a member server,
rather than on domain controller.
Explain and, if possible, demonstrate your observations to your teacher
Upload your Journal Notes to Moodle for assessment.
---------------------------------------------------------------------------------------------------------------------------
If there are no further tasks given by the Teacher at this point, then shut down your
virtual operating systems. Remember to shut down the client workstation first and
then the server operating system
*********************************************************************************************************
At the end of the practical session, please ensure that you have saved the folders of
the virtual operating systems on to your USB hard disk. Before leaving the lab room
ensure that any software installed on the base OS is removed and that your machine
has been left in a better state than you found it in.
UNCLASSIFIED : SS 18-Jul-2019 L:\CAIT\Teaching\T&L\201920\ICT50415\ENTERPRISE_COMMUNICATIONS\RESOURCES\EC_Prac4.doc