INCS 615 Network Security Assignment 1

Verified

Added on 2019/09/18

AI Summary

This document presents the solutions for Assignment 1 of the INCS 615 Network Security and Perimeter Protections course. The assignment includes four questions focusing on network security concepts. Question 1 requires designing a firewall decision diagram for a private network with specific access rules for a server and other computers. Question 2 discusses the advantages and disadvantages of using a firewall or proxy server to isolate a CS department network, along with alternative solutions and specifications. Question 3 explains NAT, its mechanism, and its security implications. Finally, Question 4 asks about the optimal placement of a web server within an organization using a network firewall.

[INCS 615: Network Security and Perimeter Protections]
School of Engineering and Computing Sciences- Cybersecurity
INCS 615: Network Security and Perimeter Protections
Assignment 1
Individual Assignment - Due Date: 5th Nov., 2016
Q1. This homework problem requires you to design a firewall decision diagram for a firewall
that protects a private network. In this private network, there is only one server that serves as
both an email server and a DNS server. The IP address of this server is 192.168.0.1. This
network currently has 49 computers other than the server. The IP addresses used by these 49
computers range from 192.168.0.2 to 192.168.0.50. The firewall has two interfaces: interface 0
which connects the firewall to the outside Internet, and interface 1 which connects the firewall to
the private network. The function of this firewall is as follows:
A. The 10 computers, whose IP addresses range from 192.168.0.2 to 192.168.0.11, are not
allowed to be accessed from the outside Internet.
B. The server only accepts TCP packets or UDP packets. The value of the protocol type
field of any TCP packet is 6, and the value of the protocol type field of any UDP packet
is 17.
C. The server is dedicated only to email services and DNS services. The email protocols
used by the email services include SMTP (which uses TCP port number 25), POP2
(which uses TCP port number 109), and POP3 (which uses TCP port number 110). To
efficiently process multiple connection requests, the email server uses TCP port
redirection. The port numbers used in port redirection range from 10000 to 30000. The
DNS service uses UDP port number 1949. The traffic to the server that does not belong
to any of the above two services is discarded.
D. The computers, whose IP addresses range from 192.168.0.12 to 192.168.0.50, are not
allowed to run any of the services that are run by the server, but they are allowed to run
any other services.
Q2. We need to isolate the CS department network from the rest of the campus network. Some
of the reasons are to improve the performance of both parts of the network as well as improve the
security of within our CS network. We have discussed the possibility of setting up a firewall /
proxy server to facilitate this separation of the network.
A. Discuss the advantages and disadvantages of setting up a firewall and / or proxy server.
B. Are there any alternative solutions.
C. Describe the specifications of a firewall / proxy server for the CS Department.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

[INCS 615: Network Security and Perimeter Protections]
Q3. What does NAT stand for, and how does the mechanism work? Describe what, if any,
security NAT provides (or fails to provide).
Q4. Where would you place a web server in an organization assuming that you can use a
network firewall and why?
Good Luck