Using Microsoft Visio or online network diagraming tools

SECTION 1.

1. Using Microsoft Visio or online network diagraming tools, as identified in the topic Resources, diagram a secure network design for an enterprise network.

2. An enterprise network is defined as 1000+ clients for various corporate departments, 50–100 servers providing typical network services, network infrastructure using layer 3 switches, and layered routing to provide separation of subnets.

3. Your diagram, at a minimum, should include the following secure network design elements: Firewalls, IDS/IPS, DMZ, Vlans, Border and Gateway routers, private IP addressing, Isolated Server Subnets, Network Access Control, and VPN concentrator.

4. In roughly 250–500 words, describe your design and how it follows the concept of fundamental design principles such as "Layered Security."

5. Make sure to address how the fundamental principles underlying cybersecurity principles interrelate and can be typically employed to achieve assured security solutions, as well as the mechanisms that may be built from or due to these principles.

6. Make sure to describe the key concepts in network defense and how network defense tools are used to defend against attacks and mitigate vulnerabilities,

7. Include your diagram within the description for reference.

 

 

 

Network Infrastructure diagram for ASB

SECTION 2.

Performing a penetration test (PEN) of an organization's network allows the security practitioner to identify weaknesses before anyone else can exploit them. Effective communication of these vulnerabilities is essential. This assignment will explore two phases of PEN testing: scanning and exploitation.

Using your VM, perform the following;

 

Using the Kali VM and Nmap, perform a scan of the network. Identify the IP addresses of the two target VMs.

Using the Kali VM and Nmap, identify the open ports and services running on the two identified targets.

Research at least one vulnerability on either of the two targets that can be exploited. Document your research.

As you go, take instructional notes and screenshots that will help to reproduce your process using the "Report Template," located in the Class Resources.

Then, at the end of the report, write a 250- to 350-word essay (using the open network services that you discovered in your Nmap scan above) to explain:

 

How can these services be secured?

How does implementing security configuration parameters on network devices and other technologies prevent network scanning?

APA format is not required, but solid academic writing is expected.