1. [3 marks] Suppose you are responsible for the IT infrastructure of an organization, which has...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
1. [3 marks] Suppose you are responsible for the IT infrastructure of an organization, which has about 20 desktop computers. You are advised that automation for uniformity is a good solution. What does "automation for uniformity" mean? Why is it a good solution in principle? Will you implement a fully automatic system in this case of yours? 2. [2 marks] Please summarise the technologies used in server computers to improve reliability. availability, and performance. 3. [2 mark] Please summarise the essentials of running a well organised Helpdesk operation. Task 2 [Cryptography] 4. [3 marks] Suppose that you are responsible for the IT department of a university with students around the world. It is infeasible to meet each student in person. The IT department is responsible for all secure communication with the students. Assume that there is a trusted certificate authority which can securely issue certificates to all involved parties. Please explain: • Why the trusted certificate authority is essential to establish a secure communication? What role does it play in the secure communication between the IT department and the students? From time to time, your department, on behalf of the University, makes public announcements. The announcements are of public nature and can be shared and transmitted by any interested parties, say, prospective students. How would you guarantee the authenticity of your announcements? It is not a solution to publish the announcement on a website for students to compare and decide if the received copies are the same as the web copies. Task 3 [DoS and Firewall] 5. [5 marks] An organization has two server computers and several desktop computers, a few printers (IP address: p1.p2.p3.p4) and routers (IP address: r1.r2.r3.r4). All of them are connected via an internal network, and the network is connected to the Internet via the border router of the organization. From the outside of the organization, on the Internet, only these two server computers are visible. One of them is the email server (IP address: e1.e2.e3.e4), and the other one is the web server (IP address: w1.w2.w3.w4). In other words, only these two server computers accept requesting incoming network traffic. All desktop computers (IP address: d1.d2.d3.d4) are allowed to access the Internet, without any restriction. Therefore, they accept responding incoming network traffic, but cannot accept any requesting incoming network traffic. . [3 marks] Please design the network and draw the network diagram. You have the freedom to assume the internal network structure. In the diagram, in addition to the two servers, you should also include a few desktop computers and a printer. Please explain the rationale on why you put a computer or a printer in its designated location, one example for each location. A subnet (or a segment) is regarded as the same location. (Hint: a firewall or a few firewalls, depending on your design, are needed to regulate the network traffic. You may customise the "big picture" from Week 1 lecture.) [2 mark] Please write down the firewall rules to fulfil the access requirement of the organization. Please follow the sample firewall rule format (below) to write down the firewall rules for regulating the network traffic of your IT infrastructure. action block ourhost port * theirhost port * ● The textbooks are your reference: Week 1 slides; Stallings: Chapter 9. Below is from a Nessus report on a computer. ● * default Task 4 [Software and System Security] 6. [5 marks] Please write a summary to briefly explain to senior managers, who know very little on computer security but have a general understanding of IT, on what a buffer overflow problem is and what the consequences of a buffer overflow problem could cause [1 mark]. What programming techniques should the software development team adopt to avoid buffer overflow problems in the software it develops [1 mark]? comment [1 mark] Assuming that the application is developed by the software development team of this organization, what is your recommendation to fix the problem? [1 mark] Accepting the recommendations given by the report, what action you should take? Assuming this computer is one of the many desktop computers, and an automatic system for software updating is in operation. Write down the operational steps, by following the principle of "one, some, and many". • [1 mark] Assuming this computer is a server computer, please write a brief report to the senior managers, who know very little on computer security but have a general understanding of IT, explaining why the software Firefox (a web browser) should not be installed on the computer. In your report, you should use trusted information sources to explain to your senior managers on the best practices of operating system security administration. The textbook is your reference: Limoncelli: Chapter 1; Stallings: Chapter 9, 10, 11, 12. 1. [3 marks] Suppose you are responsible for the IT infrastructure of an organization, which has about 20 desktop computers. You are advised that automation for uniformity is a good solution. What does "automation for uniformity" mean? Why is it a good solution in principle? Will you implement a fully automatic system in this case of yours? 2. [2 marks] Please summarise the technologies used in server computers to improve reliability. availability, and performance. 3. [2 mark] Please summarise the essentials of running a well organised Helpdesk operation. Task 2 [Cryptography] 4. [3 marks] Suppose that you are responsible for the IT department of a university with students around the world. It is infeasible to meet each student in person. The IT department is responsible for all secure communication with the students. Assume that there is a trusted certificate authority which can securely issue certificates to all involved parties. Please explain: • Why the trusted certificate authority is essential to establish a secure communication? What role does it play in the secure communication between the IT department and the students? From time to time, your department, on behalf of the University, makes public announcements. The announcements are of public nature and can be shared and transmitted by any interested parties, say, prospective students. How would you guarantee the authenticity of your announcements? It is not a solution to publish the announcement on a website for students to compare and decide if the received copies are the same as the web copies. Task 3 [DoS and Firewall] 5. [5 marks] An organization has two server computers and several desktop computers, a few printers (IP address: p1.p2.p3.p4) and routers (IP address: r1.r2.r3.r4). All of them are connected via an internal network, and the network is connected to the Internet via the border router of the organization. From the outside of the organization, on the Internet, only these two server computers are visible. One of them is the email server (IP address: e1.e2.e3.e4), and the other one is the web server (IP address: w1.w2.w3.w4). In other words, only these two server computers accept requesting incoming network traffic. All desktop computers (IP address: d1.d2.d3.d4) are allowed to access the Internet, without any restriction. Therefore, they accept responding incoming network traffic, but cannot accept any requesting incoming network traffic. . [3 marks] Please design the network and draw the network diagram. You have the freedom to assume the internal network structure. In the diagram, in addition to the two servers, you should also include a few desktop computers and a printer. Please explain the rationale on why you put a computer or a printer in its designated location, one example for each location. A subnet (or a segment) is regarded as the same location. (Hint: a firewall or a few firewalls, depending on your design, are needed to regulate the network traffic. You may customise the "big picture" from Week 1 lecture.) [2 mark] Please write down the firewall rules to fulfil the access requirement of the organization. Please follow the sample firewall rule format (below) to write down the firewall rules for regulating the network traffic of your IT infrastructure. action block ourhost port * theirhost port * ● The textbooks are your reference: Week 1 slides; Stallings: Chapter 9. Below is from a Nessus report on a computer. ● * default Task 4 [Software and System Security] 6. [5 marks] Please write a summary to briefly explain to senior managers, who know very little on computer security but have a general understanding of IT, on what a buffer overflow problem is and what the consequences of a buffer overflow problem could cause [1 mark]. What programming techniques should the software development team adopt to avoid buffer overflow problems in the software it develops [1 mark]? comment [1 mark] Assuming that the application is developed by the software development team of this organization, what is your recommendation to fix the problem? [1 mark] Accepting the recommendations given by the report, what action you should take? Assuming this computer is one of the many desktop computers, and an automatic system for software updating is in operation. Write down the operational steps, by following the principle of "one, some, and many". • [1 mark] Assuming this computer is a server computer, please write a brief report to the senior managers, who know very little on computer security but have a general understanding of IT, explaining why the software Firefox (a web browser) should not be installed on the computer. In your report, you should use trusted information sources to explain to your senior managers on the best practices of operating system security administration. The textbook is your reference: Limoncelli: Chapter 1; Stallings: Chapter 9, 10, 11, 12.
Expert Answer:
Answer rating: 100% (QA)
Answer to question 1 Automation for uniformity means using automation to ensure that all IT infrastructure components are configured and managed in the same way This can be achieved by using scripts c... View the full answer
Related Book For
Smith and Roberson Business Law
ISBN: 978-0538473637
15th Edition
Authors: Richard A. Mann, Barry S. Roberts
Posted Date:
Students also viewed these computer network questions
-
The probability distribution is given below for the random variable X = "number of days between the placement of an order and receiving an order". Probability Days 2 0.15 3 0.45 4 0.30 5 0.10 Find...
-
The Crazy Eddie fraud may appear smaller and gentler than the massive billion-dollar frauds exposed in recent times, such as Bernie Madoffs Ponzi scheme, frauds in the subprime mortgage market, the...
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Identify 3 ethical and 3 legal issues regarding Genomics ? with examples? Genomic services provided for gaining a better understanding of the interactions between genes and the environment but there...
-
Early in the morning, when the temperature is 5.5 C, gasoline is pumped into a car's 53-L steel gas tank until it is filled to the top. Later in the day the temperature rises to 27 C. Since the...
-
Zen began a new consulting firm on January 5. Following is a financial summary, including balances, for each of the company's first five transactions (using the accounting equation form). Identify...
-
Using only the data in Table 4-17, create a set of relational tables that solve the update, insert, and delete anomalies. Table 4-17 Invoice table Invoice # Date Order Date Customer ID Customer Name...
-
Clarabelles Construction is analyzing its capital expenditure proposals for the purchase of equipment in the coming year. The capital budget is limited to $ 10,000,000 for the year. Laura Bobo, staff...
-
Luna reported the following taxable income/loss and applicable taxes paid. Assume tax rate of 20%. Income/Loss Taxes 2018 100,000 $30,000 paid 2019 (425,000) enacted rate 25% 2020 450,000 enacted...
-
Andreas Broszio (Geneva). Andreas Broszio just started as an analyst for Credit Suisse in Geneva, Switzerland. He receives the following quotes for Swiss francs (CHF) against the dollar (USD) for...
-
I'm struggling to understand how to add this test case. 19. Implement circ_area Now that you have fixed the header for circ_area, it is time to implement the function. Again, pay close attention to...
-
The most successful and admired companies have distinct combinations of attributes that make them stand out from the competition. People respect organizations like Apple, and Google because of their...
-
Why can we say that technological innovation was just as significant in building American cities as it was in driving American industrialization? In what ways did the Civil War help American...
-
A sleepwear buyer has an opening stock figure of $ 1 7 0 , 0 0 0 at retail, which carries a 6 1 % markup. On March 3 1 , new purchases since the start of the period were $ 9 9 0 , 0 0 0 at retail,...
-
Solve each of the following proportions. (a) 5: n=35:21 (c) 1.15 0.85=k: 1.19 (d) 3.60 m = 10.8:8.10 (e) 5 15 6 = 7 14 5 t (b) 10 6 30:x 86 54 (f) y: 9 = 45 8 4 64
-
Calculate. 21 7 30 6.251
-
Find the following inverses, if they exist: (i) the inverse of 7 modulo 11; (ii) the inverse of 10 modulo 26; (iii) the inverse of 11 modulo 31; (iv) the inverse of 23 modulo 31; (v) the inverse of...
-
Factor and simplify, if possible. Check your result using a graphing calculator. 3 cot 2 + 6 cot + 3
-
Carl, a salesman for Smith, comes to Bensons home and sells him a complete set of gourmet cooking utensils that are worth approximately $300. Benson, an eighty-year-old man living alone in a one-room...
-
Civil Code 1719, subdivision (a) provides in part that any person who draws a check that is dishonored due to insufficient funds shall be liable to the payee for the amount owing upon the check and...
-
Discuss the contractual liability of the principal, agent, and third party when the principal is (a) disclosed, (b) partially disclosed, and (c) undisclosed.
-
Discuss the potential fundraising effectiveness of a board with or without a development committee.
-
Few board members were born with natural fundraising skills. What are the most effective ways to involve every board member in fundraising?
-
How are the mission and vision linked to each other? Choose an organization you know well and list the issues to which you should pay attention as you analyze its external and internal contexts.
Study smarter with the SolutionInn App