Your company, Praetor, Inc, develops non-lethal crowd control technology for police and military use. It has decided to move the headquarters and primary operations to Amarillo, Texas and utilize an outside disaster recovery company to provide a disaster recovery hot site in Wayne, Pennsylvania.
Praetor, Inc, while most of its technology is for the civilian police market, has one Research and Development unit that is developing a light-based crowd control device for large groups for use by the military market. This unit is made up of 25 people many of which do not currently live in Amarillo and the company has no plans to force their relocation to the new location.
The headquarters building is 3 floors in height and have approximately 150,000 square feet. As the senior CISSP, you have been tasked with designing the network solution with both functionality and usability in mind for the new location.
Further specificationscompany requirements:
1. The primary site (Amarillo) is the only one you need to concern yourself with designing as the hot site (Wayne) is considered to be logically identical as it is a mirror hot site for business continuitydisaster recovery
2. There needs to be a constant connection between the two sites with no less than 105 Mbps throughput
3. There will be a datacenter on the third floor
4. There will be 100 network connections on each floor
5. There are 4 primary divisions in the company: HeadquartersAdministration, SalesCustomer support, Research and Development (this division includes the Light device research t group) and Information Technology
6. The members of the Light device research group that do not live in Amarillo need to be able to connect to the primary datacenter at any time
7. Physical security as well as logical must be considered
8. There are file servers, database servers, corporate webservers and external sales webservers and all must have high-availability
9. All servers must have redundancy (both physical and how they are configured)
10. The solution should have a plan to verify security measures
Case requirements:
1. You should submit network drawings showing
a. the topology of the network
b. the topology of the VPN setup
They should include the hardware (and be labeled as such) but only generally no brand names or models, just switch, firewall, router, server and so on; any cabling differences should be noted as well.
2. You should include a paper that contains the following:
a. List any recommended cable and where it will be used
b. List the type of connection you will utilize to ensure 105 Mbps connection between sites (do not just give a medium, like fiber or copper, or just a protocol)
c. Recommend wiring closets wherever needed
d. Recommend any WAN or wireless technologies; mention and explain what topologies you used and why
e. How you will set up the servers (both physical and logical should be explained) to have:
i. redundancy
ii. high-availability
f. What logical protections you recommend
i. What measures you will take to protect against attack
ii. What measures you will take to prevent attacks
iii. What measures you will take to be notified that you are being attacked
g. Recommend and describe logical (i.e. network) traps to stop attackers
h. Any physical security measures you deem appropriate
i. What they are
ii. Where they are
iii. How they protect
i. How the remote users will connect securely
j. How will security measures be verified?
k. Justify your recommendations
Grading Criteria and Notes
1. APA or MLA styleformatting is acceptable double spaced lines, 10 or 12 point Arial font is preferred.
2. Network diagrams must be your original work or they will not be accepted
3. Network Diagrams must show all network devices (workstations, since there are a large number, can be grouped so that 1 icon can represent 10 or 100 or whatever number you want them to be); the VPN diagrams only need to show the nodes involved in the VPN setup (as well as their relation to other networking devices, like routers, firewalls, etc), including the remote user.
4. Original written work is mandatory. Do not copypaste directly from websites, ads, or any other work that is not yours unless it is cited as a quote – or it will not be accepted.
5. If there is plagiarism in one part of the Case, the entire Case is tainted and will receive a zero. There will be no additional submissions once the final submission receives a zero for plagiarism that will the final grade for the Case.
6. If you want to explain a common item such as a particular topography (for example a Star topography) it is acceptable to use a graphic from another source, but it must be cited in the footnotes and works citedbibliography page just as you would a quote from another source or information received from an outside source. NOTE: a generic diagram (such as a star, token, etc. diagram) used in this fashion will not constitute the network diagram.
7. Do not use specific manufacturersmodels (i.e. Cisco 2960, Dell Optiplex 9010, etc.) unless you feel you absolutely have to if you do there must be a very good explanation why you felt you had to use this particular model.
8. While there is no set budget, it is advisable to use solutions that are in line with common business practices unless there is a reason to go above and beyond (i.e. fiber to every workstation would be VERY expensive) and the reason should be fully explained.
9. If a specific software is to be utilized, list all aspects as to how it is to be used.
10. Recommendations must be specific i.e. you cannot just say protections will be in placeutilized; you have to explain what those protections are as well as their purpose
11. Each recommendation must be explained specifically and fully.
12. Do not neglect to do any part of the case.
13. Cases must be submitted through iLearn, not through email, and must be prior to the deadline.
14. The rough draft must be submitted or the final case submission grade will be reduced by 15%. The rough draft is due November 13th, 11:59 PM, EST
15. While the rough draft does not have to be a completed paper, the more you submit in the rough draft, the more suggestions I can offer to better your final grade.
16. Some notessuggestions on the rough draft and final submission I have accumulated from previous classes:
a. Network & VPN drawings must be clear and show all network devices, cabling and their placement; logical diagrams are required but physical diagrams can be added as well
b. Bullet points are fine for the rough draft (this makes it easier to see the direction you are thinking but dont forget to turn those bullet points into written explanations of how they are to be usedimplemented when you are writing the final submission
c. Do not use general terms like We will have physical security in place. You must explain (to use this example) what security measures are to be implemented, not just that there will be security measures
d. Remember that this is a medium size business make sure any equipment you suggest is appropriate (for example, your internet connection would not be to a modem)
e. If any wireless technology is to be used, it must be applicable and fully explained especially how it will be secured since this company is working with law enforcement and the military
f. You need to identify the type of connection that will guarantee the 105 Mbps connection between the sites: will you use a leased line like a T-1, etc. or and Optical Carrier line like an OC-1, OC-3, etc.? Or something else? Dont just say fiber optics or copper.
g. The light-based device personnel work from home not a branch office.
h. Ensure you are clear on what you are recommending – Do not describe technologies without saying what you are using and how.
i. Do not make the diagrams larger than a regular sheet of paper (8.5 x 11); if it needs to be continued onto a second sheet (and it really shouldnt), make sure the flow is easily followed.
j. Rough draft diagrams can be hand drawn if necessary but the final submission should create though software like Visio or something similar. If you dont have Visio, there are free network design programs that can be found on the internet.
k. Make sure it is readable if I cant read it, I cant give you credit for it.
l. The paper portion and the network diagrams should work hand-in-hand: each should reflect one another. For example, if a network device in in the paper, it should be in the network diagram and vice-versa.

If there are any questions, feel free to contact me.

Case Study Assignment
5.1 Web Application Vulnerability Detection
As an experienced IT Security Professional, you have been given the project to develop a demonstration model to prove you are competent to be able to utilise a wide range of security and forensic tools and techniques to discover vulnerabilities in typical web applications that your clients and customers might typically use. You are to
a) Write a concise technical report (2000 words) documenting how to successfully install, configure and test a “sample” vulnerable computer system which will incorporate at least 3 of the “Top 10 OWASP Web Application Vulnerabilities” and show how both commercial vulnerability scanning tools and open source tools can be used to detect these vulnerabilities. An important part of the exercise is that you are expected to show in addition how they can be successfully mitigated against. Report should be written in a 3rd Person.
b) Produce a short animated computer screen video using either commercial, open source or freeware tools of how you used a variety of commercial and/or open source tools from particular forensic toolkits or security frameworks to detect vulnerabilities from the selected vulnerable systems.
A vulnerable system must be selected and justified along with a suitable penetration testing environment to be implemented.
You are required to produce a virtual environment with a minimum of three virtual machines as documented above and report on at least 3 of the top 10 vulnerabilities that you can discover with both conventional penetration tools such as NMAP, Backtrack(Kali), VMARE etc and/or commercial vulnerability test tools such as SAINT, to determine the vulnerabilities and present possible mitigating actions or fixes to the top 3 issues you discover. It is required that you document your findings in terms of a test plan with evidence of how the vulnerabilities were discovered and how they should be mitigated against.
The OWASP Top 10 vulnerabilities can be found at
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
and are summarised over the page.

Assessed work within this range attracts such marks because it demonstrates:
• Analysis at a penetrating level, fluently at ease with the topic.
• Arguments which are based on persuasive evidence and are lucid, coherent and convincing.
• Communication which is fluent and well-organised; if written it will be highly coherent and free of solecisms.
• Research which shows strong evidence of a full exploration of key issues and a critically incisive engagement with relevant secondary issues.
• Presentation which is almost entirely error-free and conforms to acceptable conventions of good scholarly practice (referencing, bibliography, footnotes etc.)

Report Marking Criteria
1. Evidence and Documentation of Virtual Testing Environment (10%)
2. Depth of analysis and understanding of security testing issues (including test plan) (15%)
3. Relevance of security issues found (15%)
4. Prioritisation of vulnerabilities found (!5%)
5. Research into possible exploit mitigation (15%)
6. Report Presentation/Quality (3 rd Person) (10%)
Bonus Marks Examples (10%)
1. Extra Mile References used throughout reports (Harvard Referencing)
2. Supporting evidence of testing, results and operation (hint: graphs, scans and device output)
3. Professional looking documentation (formal report format)
4. Clear and concise configurations with annotation.

Case Study Assignment
5.1 Web Application Vulnerability Detection
As an experienced IT Security Professional, you have been given the project to develop a demonstration model to prove you are competent to be able to utilise a wide range of security and forensic tools and techniques to discover vulnerabilities in typical web applications that your clients and customers might typically use. You are to
a) Write a concise technical report (2000 words) documenting how to successfully install, configure and test a “sample” vulnerable computer system which will incorporate at least 3 of the “Top 10 OWASP Web Application Vulnerabilities” and show how both commercial vulnerability scanning tools and open source tools can be used to detect these vulnerabilities. An important part of the exercise is that you are expected to show in addition how they can be successfully mitigated against. Report should be written in a 3rd Person.
b) Produce a short animated computer screen video using either commercial, open source or freeware tools of how you used a variety of commercial and/or open source tools from particular forensic toolkits or security frameworks to detect vulnerabilities from the selected vulnerable systems.
A vulnerable system must be selected and justified along with a suitable penetration testing environment to be implemented.
You are required to produce a virtual environment with a minimum of three virtual machines as documented above and report on at least 3 of the top 10 vulnerabilities that you can discover with both conventional penetration tools such as NMAP, Backtrack(Kali), VMARE etc and/or commercial vulnerability test tools such as SAINT, to determine the vulnerabilities and present possible mitigating actions or fixes to the top 3 issues you discover. It is required that you document your findings in terms of a test plan with evidence of how the vulnerabilities were discovered and how they should be mitigated against.
The OWASP Top 10 vulnerabilities can be found at
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
and are summarised over the page.

Assessed work within this range attracts such marks because it demonstrates:
• Analysis at a penetrating level, fluently at ease with the topic.
• Arguments which are based on persuasive evidence and are lucid, coherent and convincing.
• Communication which is fluent and well-organised; if written it will be highly coherent and free of solecisms.
• Research which shows strong evidence of a full exploration of key issues and a critically incisive engagement with relevant secondary issues.
• Presentation which is almost entirely error-free and conforms to acceptable conventions of good scholarly practice (referencing, bibliography, footnotes etc.)

Report Marking Criteria
1. Evidence and Documentation of Virtual Testing Environment (10%)
2. Depth of analysis and understanding of security testing issues (including test plan) (15%)
3. Relevance of security issues found (15%)
4. Prioritisation of vulnerabilities found (!5%)
5. Research into possible exploit mitigation (15%)
6. Report Presentation/Quality (3 rd Person) (10%)
Bonus Marks Examples (10%)
1. Extra Mile References used throughout reports (Harvard Referencing)
2. Supporting evidence of testing, results and operation (hint: graphs, scans and device output)
3. Professional looking documentation (formal report format)
4. Clear and concise configurations with annotation.