Assessment Task

Provide answers to all of the questions below:

1. Briefly explain the following questions:
   A. Briefly explain the latest policies and guidelines of government and industry related to the development of efficient and reliable ICT environments.
   Answer: The latest policies and guidelines of government and industry related to the development of efficient and reliable ICT environments include:
   Accessibility – this ensures that there is participation of small, medium and large venture. The ICT environment should assure that when sensible information is requested can be reviewed and give respond at a high speed. The ICT activities cost should also be reasonable.
   Administration- helps to ensure that the system and technique used are flexible and can be adjusted according to government or industry needs. The ICT system is supposed to be administered by government or industry authorities who will ensure smooth running of the system. Government and industries are required to run a prudent and moderate ICT system. The ICT administrators are required to monitor and evaluate the system. They should oversee, prevent and control system risks in order to ensure that the system meets its goals.
   Resolving issues- government and industry need to use reliable framework and systems in solving issues.
   Security and privacy – create awareness on terrorist attack that surrounds ICT system and do training on how to prevent it from happening.
   B. List and explain the current technologies and the processes designed to produce an efficient and reliable ICT environment.
   Answer: The current technologies and the processes designed to produce an efficient and reliable ICT environment include:
   The use of cloud computing. This has been made possible through the use of artificial intelligence (AI) especially in bid data analytics and machine learning. This has helped to reduce cost that is associated in distributing and sharing information in wider scale.
   Self management devices – sensory data are combined with artificial intelligence technology. The AI technique allows objects to be sensed and remotely activated which helps to connect physical and digital world.
   Communication beyond sight and sound – in this century, communication is done through 2D techniques in email, text messages, chat, and blog. Due to growth I technology, people will be able to gather with their families and attend meetings through 3D selfie. People are waiting eagerly for the day that they will be able to attend events such as FIFA World Cup, Mobile world Congress or Super Bowl.
   Use of Internet of things (IOT) to solve security and privacy issues – Security and privacy management is automated in order to ensure that cyber security threats are overseen and prevented.
2. Answer the following questions:
   A. Explain the term “virtual desktop infrastructure”
   Answer: virtual desktop infrastructure (VDI) is a hostage for desktop operating system on a central server. In VDI a specified desktop images run within virtual machines which are delivered to the end user through the network.
   B. Explain the structure and business organization of the client virtualization
   Answer: The structure and business organization of the client virtualization include:
   Presentation virtualization – it is an application technique that delivers application from shared server to the end client machine. It initiates a session through web portal and gives access to the end user on virtualized application instance on a shared Window Server operating system. Graphical user interface and keyboard or mouse is the only resource shared with the end user.
   Virtual desktop infrastructure – it also known as remote display protocol which host centrally managed virtual machine that is connected with the end user computer through one on one network relationship. Every end user is separated from another on the server which allows flexibility, management and security.
   Application virtualization – it is layered on top of virtual storage and virtual machine in order to allow computing resources to be distributed dynamically in real time. it enable end user to access an application without installing it on their computer.
   User virtualization – it separates end user profile, settings and data from operating system and store them in a centralized data share in data center or cloud.
   C. List the two (2) features and functionality of virtual desktop infrastructure
   Answer: below are two features and functionality of virtual desktop infrastructure:
   Mobility – companies can employ employees from different places since they are able to work from anywhere. They can connect their PCs, tablets with company hosted virtual desktop via the internet. There must be Citrix Receiver Application.
   Improved performance – in virtual desktop, resources are assigned as needed. The resources are assigned 8 CPUs, 16GB RAM by most providers. Companies are not assigned any amount of resources.
3. Briefly explain the followings in terms virtual desktop environment:
   A. Summaries the two (2) application software and their application to manage the virtual desktop environment.
   Answer: below are two application software and their application to manage the virtual desktop environment
   Virtual Box – it is a free and open source software, it host x86 virtualization. The system that Virtual Box runs is known as the “have” operating system and the device running in virtual machine is known “guest” operating system. The guest manages its operating system scheduling when executing. It runs a sole process when it scheduled by a host on the host system.
   Hyper –V – it is a virtualization product which was developed by Microsoft. This hardware helps clients to create and run a program application which attains the version of a computer known as virtual machine. Hyper-V runs each virtual machine on their own space therefore; the end user can run various virtual machines on the same hardware at the same time. This program helps to establish or expand a private cloud environment since it provide flexible and on demand Information Technology service.
   B. Explain the configuration of the software applications for the management of the virtual desktop environment.
   Answer: Below are the configurations of the software applications for the management of the virtual desktop environment:
   The first step is to select all virtual machine which are found in the virtual machine route board. Find and select the virtual machine that you will allocate the route tree in each and every virtual machine then click on the virtual applications tab. First select the supersede you want to pick from the drop down menu that is found on the upper right of the primary board if you wish to change the virtual application assignment from default virtual machine. Tick the box of the corresponding virtual application in order to appoint the virtual machine. Source: citrix (2010)
   Then click on save after adding all the required applications.
   C. Describe the factors to consider while formulating the configuration required integrating virtual machines into the existing network design.
   Answer: Below are the factors to consider while formulating the configuration required integrating virtual machines into the existing network design
   Virtual networks configuration in Hyper-V environment- through virtual local area network (VLAN) trunks you can configure virtual network in Microsoft Hyper-V infrastructures with some assistants from Hyper-V Manager or System Centre Virtual Machine Manager (SCVMM).
   Network performance and throughput in virtualized environments- virtualization has a critical impact on how network performs. Therefore, there is need to change network traffic patterns and depend on each switch ports when integrating virtualization into data centre network.
   Consider virtual consolidation and the effect on network latency – when virtualized network is properly managed, it can work efficiently without the need for network latency.
   Virtual switch best practices results to successful virtual networking.
4. Answer the following questions:
   A. Summaries the comparison between Citrix XEN Desktop and Microsoft Remote Desktop Services.
   Answer: Comparison between Citrix XEN Desktop and Microsoft Remote Desktop Services
   Performance: users are able to interact directly with Microsoft remote desktop Protocol (RDP) on the server. In Microsoft remote desktop services, every user interacts with a single server at a time while Citrix XEN end users interact with HDX protocol. In Citrix XEN, the server act as a buffer between the server and the end user which allow users to serve fast on every type of device and internet connectivity.
   Reliability: Microsoft remote desktop services depend on internet connection and if the connection is reliable, the session will be terminated without a warning while Citrix XEN uses Session Reliability feature which helps to keep end users active even when the connection is unreliable
   Client software or device: Microsoft remote desktop services serve Windows clients while Citrix XEN serves variety of clients who use different software such as Windows, Linux, IOS, Android, and Mac.
   Cost: Microsoft remote desktop services has lower upfront costs but have a hidden business costs which are caused by downtime while Citrix XEN saves money by negating downtime.

B. Explain the three (3) components of Virtual Desktop Infrastructure.
Answer: three components of Virtual Desktop Infrastructure
Virtual platform such as Hyper-V – it host virtual machines with the operating systems of the end users. The platform must have enough capacity to host virtual machines which are required by all concurrency connected end-users.
Virtual desktop infrastructure must have a virtual management platform that can manage the server and help to provide virtual machines quickly and more efficiently to the end users. This platform ensures that there are virtual machines available for new clients.
Application virtualization: it enables fast availability applications to the virtual client operating system.

5. Briefly describe the followings:
   A. What are the requirements for Virtual Desktop Infrastructure?
   Answer: The requirements for virtual desktop infrastructure are described below:
   Planning depending on the type of the workers – some structure fragments such as RAM, CPU and space size must be specified.
   Virtual desktop memory required must be estimated. This will ensure that all clients are served and not left out because of the memory or storage.
   Estimate CPU requirements which can be achieved by gathering information on the standard usage of CPU in different tasks in a company.
   Choose the appropriate disk size which will provide enough space for working structure, application by the client.
   B. Hardware and software features of a Virtual Machine
   Answer: hardware and software features of a virtual machine
   Hardware features
   o One sound card which is configured to use the default sound card on the host system.
   o One processor and one processor per core.
   o One USB controller.
   o One display which is configured to use the display settings on the host computer.
   o One virtual network adapter which is designed to connect at the power on and automatically detect any physical drive on the host system.
   Software features
   o Dag and drop, copy/cut and paste features are active.
   o Virtual machine is decrypted.
   o VMware tools are supposed to be manually updated.
   o Shared folders and remote access by VNC clients are not enabled.

C. Desktop specific design objectives of Virtual Desktop Infrastructure
D. Answer: Desktop specific design objectives of Virtual Desktop Infrastructure
Its objective is to increase IT adaptability and flexibility in order to meet organizations requirements.
To reduce the IT cost.
To deliver requested information by the end-users immediately
Improve security and reliability of the infrastructure.
Develop disaster recovery solution.
E. Limitations of Virtual Development Infrastructure
Answer: Limitations of Virtual Development Infrastructure
VDI cost is more than the cost of purchasing new computer. More equipment is requirement before and after implementation of VDI.
VDI technology requires committed employees who will administer and maintain its hardware and software.
It requires training of the staffs on the new technology which can be costly and time consuming.

6. What are the factors to consider for planning the implementation and deployment of virtualisation?

Answer: factors to consider for planning the implementation and deployment of virtualization include:
Contingency plan when the host server stops working – when the host server stops working, there will be denial of services and their work will be disrupted. Companies need to come up with a plan that will help to reduce te impact of server failure.
Determine the number o guest machine the host can handle – the administrators should ensure that the host server is not overloaded. They should do capacity planning to determine the maximum number of guest computer a host server can hold.
Software licence required – understand the type of licence required for operating system and application for the guest machine.
Determine whether the application are supported by virtual environment
Plan on single server host failure which can result to catastrophic consequences

7. What information should you include in a virtualization plan? Furthermore, explain the process involved in implementing and deploying the application virtualization software.
   Answer: information to include in virtualization plan is as follow:
   Architecture structure – this helps to understand how the virtualization will be arranged and the interrelationship between different components which will be involved such as operating system, server.
   Implementation plan on how the architectural structure plan will be executed and whether it will meets the client needs.
   Installation – this include information on how the virtualization software will be installed and the processes to be followed.
   Validation test plan – this helps to determine the criteria which must be followed. It also includes the testing techniques that can be used to test whether it is working as planned.
   Implementation and deploying the application virtualization software processes include:
   Analysis – the virtualization software is analyzed to make sure that the required application s will be available during implementation.
   Assessment – analyze the current environment and understand the performance of the server and the applications.
   Design phase – this involves the process of designing the layer of the virtual desktop
   Implementation – long term goals are identified in this phase. Resource allocation, disaster recovery and backup are set and monitoring of the virtual machine is done on this stage.
8. Briefly describe how to deploy a virtual application package for testing? And, list the steps involved for tuning the virtual environment?
   Answer: process for virtual application package for testing include:
   AppvClientPackage a powershell: it forms a group for the parse folder or files and a report is needed for example .ico. The group formed is not displayed on end user computer. For example
   $MyPackage002 = Add-AppvClientPackage \path\to\appv\package002.appv
   Then publish $MyPackage002 which will make the group to be accessed by the end users and create shortcuts.
   Methods for tuning the virtual condition include:
    Virtual host systems, firmware, virtual machine hardware, and virtual machine ware gadgets should be kept up to date.
    Make some adjustment on vCPUs.
    Adjust working system.
    Add limit.
    Make some changes on virtual memory
    Remove unused VDMKs.
9. Answer the following questions:
   A. Explain the steps to setting up a Cisco Router including configuration and verification/testing.
   Answer: steps for setting up a Cisco Router including configuration and verification/testing include:
   a. Game plan and affirmation.
   b. Determine the switch interfaces.
   c. Design the IP address.
   d. Set up get to record.
   e. Design crucial TCP or UDP evaluation.
   f. Administer the passageway records and analyze the rules.
   g. NAT setting.
   h. Enable the interfaces
   i. Test the game plan.
   B. The key features of deployment schemes
   Answer: Key features of deployment schemes include:
   Random deployment where more sensors are used to ensure performance
   Deterministic deployment allow friendly and accessible environment. It also allow optimal sensor deployment schemes that maximize the lifetime of the network or the network coverage
   C. Explain the troubleshooting process for the following issues:
   • Console is not responsive
   Answer: troubleshooting process when console is not responding
   Unresponsive console happens when the switch is not active to enter the console port. In order to solve this issue check the interface arrangement, make sure that the power supply is switched on, check the LED status of the switch and if all of them are not working, this could be the issue.
   Check whether the traffic still courses via the switch and do the following: disconnect the arranged interfaces and verify that the switch is responding, enter the going heading if you are using Cisco 7200and 7500 series configure terminal and schedule disseminate 3000 1000.
   • Traffic doesn’t pass through
   This issue happens when solace remain open. In order to solve this issue can be caused by routing issue where the guiding table might be affected by changes made in topology framework or changes in switch arrangement.
   It can also be caused by overloaded CPU which happens when it is utilized for more than 95 per cent. To solve this issues some processes need to be terminated.
   Check the switch interface that might be down due to poor configuration
10. In order to setup network security to the enterprise level network, firewalls are implemented to mitigate with network attacks. Summarise are the steps involved in setting and securing firewall.
    Answer: steps involved in setting and securing firewall
    o Secure the firewall by keeping it up to date, change password frequently and do not share administrator account.
    o Design firewall zone and IP address by identifying the network assets and group them in different zones for example internal and dedicated zone. Do not use internal IP address for external network.
    o Disable firewall administration interface from public access and ensure that there is deny all law at the bottom of every access control list which will help to filter unapproved entries.
    o Configure other firewall services and logging such as DHCP server network time protocol
    o Test the firewall configuration by scanning any vulnerability and use penetration testing.
11. Summarise the following terms:
    A. Internet Protocol (IP) Networking Model
    IP networking is an approach that is used to identify how the network will work. The network protocol and hardware should work together. This network model is the most used.
    B. Internetwork operating system (iOS)
    IOS is an application that is used to run Cisco systems routers and switches. It enables data communication between network nodes. It consist of services such as encryption, firewall, authentication
    C. Transmission Control Protocol (TCP)/TCP function
    It acts like an intermediary between application program and internet protocol which allows communication between them. TCP provide host to host connection. It is also used to route data packet in the network to its destination.
    D. IP Addressing
    An IP address is a unique numerical address assigned to every machine on the Internet. The IP address is a 32 bit binary number normally represented as 4 decimal values. It Enable the system to process the receipt and transmission of packets, specify the device’s local addresses and specify a range of addresses that share the cable with the device
    E. IP stack
    It is also known as internet protocol suite. Internet and network uses this set of communication.
12. What are the steps involved in design and implementation of the following?
    • Local Area Network (LAN)
    Answer: the following are steps involved in designing and implementation of LAN
    o The first step is to identify equipments required in setting up LAN such as the number of PC, route, Ethernet cable.
    o Connect PCs to the router using Ethernet cable.
    o Configure the WIFI and connect the Ethernet cable which must run on the internet.
    o Set password for the LAN devices to make sure all devices are internet connected and ensure that its firewall is working properly.
    o Connect other LAN such as printers, telephone.
    • Wide Area Network (WAN)
    Answer: the following are steps involved in designing and implementation of LAN
    o Identify the business performance requirements, number of network ports and the capacity and understand the other companies’ requirements.
    o Plan how the cable layout will be designed, you can consult with the cable design professionals who will assist in identifying the most efficient design.
    o Create a questionnaire which will help to gather information which is important in designing. This information may include the number of users in particular location and their roles, port speeds.
    o Analyze the current network and identify the physical and logical network diagram.
    o Identify the number of LAN switch ports that will be needed in the next 24 months for each location.
    o Choose the access layer switches depending on the WAN requirements.
    o Choose switches and routers and determine the standards in every layer of the network.
    o Allocate a room for switches.
    o Design the IP address and choose the routing protocol for the network.
    o Connect the servers depending on the number of users.
13. Summarise IPS the and IDS deployment strategies to mitigate network attacks.
    Answer: IPS the and IDS deployment strategies to mitigate network attacks
    IPS and IDS are part of network infrastructure. They compare the network packet to a database known as cyber threat which contain cyber attack signature and alert the administrator on matching packets. IDS monitor the system while IPS controls the system. IDS and IPS are configured in order to help the enforcement of internal security policies at any network level.
    IDS are a software or hardware which is combined to detect any intrusions into a system or network.
    IPS prevents attacks by alerting security personnel to potential threats and complements an IDS configuration. It emanates malicious data and blocks the attacking IP.
    IDS identify abnormal activity in both inbound and outbound network traffic. It compares the system against malware signature. It also scans the processes in order to detect any signs of harmful activity and monitor the end user behavior which help to monitor their intention in the network.
14. Setting up a network for a Network Administrator requires the basic knowledge of network fundamentals, which include the topology, architecture and elements of the network that need to be designed as per the requirements of the enterprise.
    A. What do you understand from the term Network Topology? Also, summaries the different models of network topology.
    Answer: network topology is how the nodes such as switches, routers are arranged and connected in the network
    Network topology can either be physical or logical. Physical topology is how the devices are located and installed while logical topology shows how the data flows within a network and the shortest path is used.
    Different types of network topology.
    Bus topology-in this type of network every computer and network devices are connected using a single cable.
    Ring topology-this topology forms a ring since every device is connected to each other, the last connected device is connected to the first.
    Star topology-all computers are connected through a cable to a single hub.
    Tree topology-there is root node where all other nodes are connected forming a hierarchy. It should comprise of at least three levels of the hierarchy.
    Hybrid topology-is a combination of two or two topologies such as star topology and ring topology.

B. Explain the following terms:
• Network Architectures
Answer: it shows how computer network is designed. it is a framework that specify the physical network components and how the organization function and configuration.
• Network Elements
Answer: the network elements are logical entity or physical devices which are manageable. It allows management of distributed devices in a unified manner through one management system.
• Network Standards
Answer: it ensures networking technology has the capability of defining the communication rules among networking devices. It helps to ensure that different product from different vendors are able to work together.
• Network Protocols
Answer: these are formal standards and policies which contain rules and procedures which identify the communication between two or more devices.

15. Summarise the followings:
    A. Threat mitigation strategies required for network security
    Answer: firewall configuration-it should be frequently reviewed and audited to make sure that the necessary configuration is activated. It should also be updated regularly.
    Network segregation-it should be reviewed to make sure that it is working effectively in all networking devices. Any anomalies that may arise between server and the client should be addressed.
    Web applications- perform regular application penetration testing which will help to identify any SQL injection and parameter tampering attack.
    Patch management- ensure that all system and services are properly and regularly patched. Third party application such as java runtime environment adobe reader and flash can be used.
    Usernames and Strong passwords-the network passwords should contain all the characters such as uppercase, numbers, special characters.
    B. Two (2) Intrusion Prevention System sensor technologies
    Answer: remote IDS and IPS improvement IEEE 802.11n transmission is maintained by most of the remote IDS/IPS headways. IDS and IPS helps to identify any inappropriate remote activity and where it is happening.
    IDS/IPS for virtualized conditions- due to advance virtualization technology, the traditional intrusion detection tools cannot integrate and operate within virtualized network and this is the reason why IDS/IPS for virtualized was developed.
16. Explain the following terms:
    A. IPS Signatures
    Answer: a signature is a set of rules that an IPS use to detect any intrusive activity. When the IPS sensor matches a signature with a data flow and takes action such as sending an alarm or logging.
    B. Meta Signatures
    Answer: it defines events which occur within a sliding time break. It takes care of events as compared to packaging. They are audited as an event signature by meter engine.
    C. Virtual private network technologies
    Answer: it is a program that is used to create secure and encrypted connection in a poor secure network for example public internet. It uses tunneling protocols in encryption of data when it’s being sent and during decryption process by the receiver.
    There are various different protocols that are used to encrypt users and data such as IP security, secure socket layer and transport layer security, point to point tunneling protocol, layer 2 tunneling protocol and open VPN. Network administrators have various options when deploying a VPN.
    Remote access VPN where clients connect to VPN gateway server in the organization network.
    Site to site VPN uses a gateway device that connects one network with another network which is in different location.
17. Describe two legislation, regulations, standards and codes of practice relevant to the network security?
    Answer: two legislation, regulations, standards and codes of practice relevant to the network security
    Australia IP legislation helps organization protect their patent, network structure and trade engravement. Those who does not comply to the law are charged
18. What are the steps involved for the following?
    A. Configuration of a Cisco Switch
    Answer:
    B. Verifying of a Switch
    C. Troubleshooting of a Switch
19. What are the benefits to deploy an access management on IPS sensor?
    Answer: it helps to detect and stop attacks in a network
    It helps to reduce network traffic.
    It helps to reduce the cost incurred in managing network security.
20. Summarise the followings:
    A. Anomaly detection and its modes
    This helps to detect unusual event which seems to be suspicious. Different anomaly detection mode relies on availability of labels which are stored in the dataset.
    Initial set up mode also known as learning accept mode conducts an initial learning accept mode for the default period of 24 hours. It assumes that there will be no attack during this phase. It creates an initial baseline which is referred as knowledge base of the network traffic.
    Detect mode- the sensor should remain in detect mode for 24 hours in a day and 7 days in a week. In this mode, network traffic flows that violates threshold in knowledge base is monitored and an alert is sent.
    Inactive mode-the anomalies can be put off by putting it in inactive mode.
    B. What are the approaches to monitor the IPS sensor
    Answer: signature base-it helps to detect attacks by looking at specific patterns such as bytes sequences in network traffic or any malicious intrusion sequences used by malware.
    Anomaly- it detects network and computer intrusion and misuse. It monitors the system activities and classifies it as either normal or anomalous.
    Application protocol base- it puts its focus on monitoring and analysis on a particular application protocol.
    Host based intrusion detection system- it monitors and analyze internal over computing system and the network packet on its interfaces.

C. Two basic types of IPS signatures
Answer: An atomic signature is the simple signature type. A single packet, activity or event is analyzed to determine whether the signature should trigger a signature action. it does not require intrusion system in their state maintenance.
Stateful signature- it triggers a series of specific events which are required in IPS device in state maintenance. Event horizon is the type that the signature maintains its state.

21. Explain passive operating system fingerprinting and list the OS fingerprinting tools.
    Answer: passive operating system fingerprinting is an open source tool. It determines the system that runs on a machine which sends network traffic to the box that it is running on. It is also used to analyze other aspects of the remote system.
    Below is a list of OS fingerprinting tools
    o Ettercap – it is a passive TCP/IP stack fingerprinting
    o NetworkMiner – is a passive DHCP and TCP/IP stack fingerprinting. It combines P0f, ettercap and satori database.
    o P0f tool – it include passive TCP/IP stack finferprinting
    o Nmap – comprehensive of active stack fingerprint.
    o Satori is the passive fingerprinting of HTTP, TCP/IP, DHCP, CDP and other stacks.
22. Summarise the following terms:
    A. VLAN

B. VLAN functionality
It is used to increase the number of broadcast domains in local area network and group various hosts which shares same characteristics.
It provides a technique for making logical use of end devices which are on different networks.
It makes it possible to change users on VLAN.
It offers flexible networking method that groups different users depending on their department instead of physical location of the network.
C. VLAN group
Answer: it is a logical grouping of VLAN which can either be tagged or untagged. A tagged VLAN has a VLAN that contains VLAN id in each and every packet transmitted to and flow.
D. External Product Interfaces
Answer: these interfaces are used to connect peripherals pr test the product when it is manufactured, therefore external interfaces are the product lifeline to the outside world.
E. Promiscuous vs Inline Mode
Answer: in promiscuous mode, it provides a reactive protection. It is configured to reset the attacker’s connection, block their IP and logging but it does not stop the initial attack from getting to the target.
In inline mode, traffic has to pass through sensor interfaces and it is inspected and tested against the signature and if it is ok it is allowed to pass to its destination. This mode helps to prevent and protect before the attacker reach to the target.