Network Security –
CNET233SL
Coursework
2020-2021
Term: Term 1
Submission Deadline: 11 January 2021
Coursework Type: Group assignment
Element of Assessment: C1
Module Leader: Mr.Harshapriya Rajakaruna
E-mail:[email protected]
Coursework 2020/2021 1
�Coursework
This is a group assignment. Please read ALL the instructions in this brief before starting.
Assignment Aims:
To provide a course of study leading to: an understanding of the theory and practical issues that
are involved with securing computer networks; and an understanding of key security techniques
employed within personal and professional computer networks.
Hypothetical Case Study Details
XYZ Enterprises is one of the leading groups of companies in Sri Lanka. They are running
businesses in different areas and fields. XYZ Enterprises has branch offices in different countries.
Due to COVID-19 pandemic situation, all the countries in the world have faced many problems in
running their business. The management of this group of companies has decided to automate the
entire operations provided by the all companies in the group. The automation also targets to
improve all the internal operations and the public services which provide online access to their
customers and their remote employees. The group of companies have World-wide branch
network. All the companies and branches are connected to the corporate office which is located in
Colombo. They are running business such as Finance (private banks, etc.), Manufacturing and
selling networking equipment’s, electrical and electronic appliances, Providing Cloud and Data
Centre facilities. Most of their companies interact with customers, distributors, dealers, remote
employees via internet. Following key functionality and task to be consider in establishing the
security infrastructure.
1. Customers, distributers, dealers, remote employees should be able to seek following
through online (web/mobile) systems.
• Customers should be able view their products
• Customers should be place online orders and make online payments
• Submit all the related documents online and download all relevant documents
• Distributers and dealers should be able check their stock levels and place online orders
• Certificate verification to identify legitimate business entities.
• People should be able to perform their financial transactions securely
• Customers should able reserve transport facilities and track the goods
• Maintain continues communication with remote employees and their offices
• People can purchase Cloud and Data Centre facilities.
2. The corporate office will maintain and host all their internal systems in a private cloud
infrastructure environment and external systems in a public cloud.
3. One company of the group runs a medium scale business of providing Cloud and Data
Centre services
4. The companies will maintain direct connectivity to following key organizations to precede
their business.
• Foreign Authorities
• Shipping companies
• Partners
• Board of Investments of Sri Lanka
• Local and Oversea Banks
• Sri Lanka Customs
Coursework 2020/2021 2
� 5. The security infrastructure must consider all related threats from inside, outside as well as
the connected institutions.
6. The security infrastructure must be able to build and enhance the trust in public to use the
facility and must reflect in providing the services.
Task
Develop a comprehensive security infrastructure plan providing answers to following key
questions.
a) Identify potential risks/threats to the above system.
b) Identify key security requirements on applications /users/ infrastructure.
c) Identify all the key features /components of the security infrastructure plan to address all the
above-identified items.
d) Explain how you can address number 5 of the above. Give a detail approach and steps you
will carry out to enhance the public trust highlighting both technical and none technical
steps.
Note:
The report can exclude the implementation of application level security related to the development
platform or related technology. All the security threats must be identified and must be clearly
identified the application level implementation requirements. The core equipment, technologies
and infrastructure components must be address in detail.
Deliverables
A report answering the above questions.
Marking Criteria:
• Written Report (100%)
o Clear methodical approach (40%).
o Fully documented approach with justification of the threats, mechanisms, diagrams
and hardware (60%).
Submission
• You must submit your coursework via the Digital Learning Environment portal. Coursework
must be submitted by the specified deadline.
• You should give due consideration to your personal time management to ensure that
coursework is submitted in plenty of time prior to the deadline.
• Coursework can be submitted at any time ahead of the deadline.
• Please note that work submitted late without valid extenuating circumstances will be
penalized. Work submitted within 24 hours after the deadline will receive a mark, but it will
be capped at the normal pass mark for that module. Work submitted more than 24 hours
after the official deadline will receive an automatic mark of zero.
• The report that you present should be supported (where relevant) by appropriate evidence.
Any such information that you present must be appropriately cited and referenced in your
report - if you are unfamiliar with referencing style, then a Google search using the term
'Harvard referencing' will help to enlighten you. (Please refer the teaching and learning
handbook for more details)
• Although you will be expected to make significant use of printed and online literature in
researching and producing your materials, it is not acceptable for you to simply cut and
Coursework 2020/2021 3
� paste material from other sources (small quotes are acceptable, but they must be clearly
indicated as being quotes and the source must be referenced appropriately).
References:
You are required to provide references using Harvard format, wherever appropriate. All images, diagrams
should have source attribution (i.e. citation), if you did not create it by yourself.
Assignment Feedback:
Marked assessments will be returned to the students within 20 working days. Each individual student will
receive an oral and written feedback document based on their performance.
Academic offences:
(the following is a fragment of Section AST10.2 from
https://www.plymouth.ac.uk/uploads/production/document/path/8/8388/Section_D_Assessment.pd
f.)
Academic offences occur when activity is undertaken which could confer an unfair advantage to
any candidate(s) in assessment. The University recognises the following (including any attempt to
carry out the actions described) as academic offences, regardless of intent:
a) Copying or paraphrasing of other people’s work or ideas into a submitted assessment
without full acknowledgement (plagiarism).
b) Unauthorised collaboration of students (or others) in a piece of work (collusion).
c) Making false declarations in an attempt to obtain either modified assessment provisions or
special consideration (e.g. of extenuating circumstances).
d) Persuading another member of the University or partner institution (student, staff, or other)
to participate in any way in actions which would be in breach of these regulations.
e) Misrepresenting research outcomes and results.
f) Being party to any arrangement which would constitute a breach of these regulations.
g) The inclusion in a piece of assessed work (other than an examination or test) of material
which is identical or substantially similar to material which has already been submitted for any
other assessment within the University.
h) Any other activity which could confer an unfair advantage to any candidate(s).
For full details on the academic offences framework and procedures, consult Section AST10 from
https://www.plymouth.ac.uk/uploads/production/document/path/8/8388/Section_D_Assessment.pd
f.
Coursework 2020/2021 4
