Hello, dear friend, you can consult us at any time if you have any questions, add WeChat: THEend8_
PART I
1. SCENARIO
To be future pandemic ready, the company has mandated the employee to work from home on somedays. This work arrangement could potentially increase the cyberattacks vectors due to insecure remote access that could affect the company security posture. The current IT team are mostly new hire; thus their knowledge and skill were limited to advice or help employees to harden their laptop security. As such, the Chief Information Security Officer (CISO) wants to address these issues. The IT team should be knowledgeable and skilful with the Windows Security by completing the below Tasks A to D.
Task A. LinkedIn Profile (5%)
You are to complete the following online courses and update the certificate of completion in your LinkedIn Profile.
i. Access LinkedIn Learn course via the TP Library LinkedIn Learn portal.
ii. Windows 11 Security course via the TP Library LinkedIn Learn portal
Upon completion of the course, you must be able to show the certificate of completion and linked it to your LinkedIn Profile.
Windows certification
Note: Tasks B, C and D are to be done in the same Virtual Machine (VM). These tasks are to be complete in sequence.
Task B. Complete Week 11 & 12 Windows Lab sheets (5%)
i. Set the Computer name to CYFUN-PCXX-AdminNo e.g. CYFUN-PC01-1234567A
ii. Complete all the activities in Week 11 & 12 Windows lab sheets.
Task C. Network Services (10%)
Note: This section will assess if you can research independently on what are secure FTP and web service, SSL/TLS, and Firewall rules. It will assess your capability if you can configure these services to function without guidance from your tutor. The references given are NOT working solution for your project, they are examples for you to reference and adapt to your project context.
You should document the following with screenshots:
Demonstrate you can
i. Set up secure IIS FTP service with SSL/TLS using self-signed certificate.
• Research on what is Virtual Box Host Only Adapter
• Research on what is SSL/TLS and how it works
• IIS FTP server root directory is the VM Downloads directory
• Download and install WinSCP client on your laptop
• FTP over SSL as user “student” to the Win VM Host Only Adapter network (192.168.56.123)
• FTP uploads any file from the laptop to the Win VM successfully
The following is for your reference.
The references given are NOT working solution for your project, they are examples for you to reference and adapt to your project context.
https://winscp.net/eng/docs/guide_windows_ftps_server#on_windows_desk top_windows_11_windows_10_windows_8_windows_7_and_windows_vista
ii. Set up secure IIS web service with SSL using self-signed certificate.
• Research on what is Network Address Translation (NAT)
• Research on what is localhost 127.0.0.1
• Research on what is Port Forwarding
• Setup IIS SSL self-signed website on your Win VM to listen on VM NAT Adapter network (10.0.2.15)
• Note that VM NAT IP (10.0.2.15) is not directly accessible by the laptop, the laptop can only access it via VBox TCP port forwarding
• Using your laptop browser, go to localhost https://127.0.0.1 to access the IIS SSL self-signed website (Demonstrate you can browse from your laptop to the Win VM IIS self-signed SSL website on the VM NAT Adapter network (10.0.2.15) via VBox localhost port forwarding using the 127.0.0.1 IP address)
The following is for your reference.
The references given are NOT working solution for your project, they are examples for you to reference and adapt to your project context.
• https://www.itechguides.com/how-to-install-iis-in-windows-11/#:~:text=How%20Do%20I%20Enable%20IIS,Then%20click%20the%20OK%20button
• https://www.activecountermeasures.com/port-forwarding-with-virtualbox/
Task D. CIS Benchmark (5%)
Note: Please pause Windows Updates when performing this task. Please refer to Week 2 – Introduction to VM lab activities on how to pause Windows Updates.
i. In the VM, run the CIS tool (CIS-CAT Lite provided in POLITEMall) using Level 1 Corporate/Enterprise Environment profile.
ii. Generate and save one CIS Benchmark report before rectification.
iii. Remediate and rectify at least 2 failed items from each CIS Benchmark report listed below. The overall “Fail” value for each CIS Benchmark report category should reduce at least by 2 after remediation. State the Fail item you have chosen to fix and explain the purpose of the remediation.
1. Account Policies
2. Local Policies
5. System Services
9. Windows Firewall with Advanced Security
17. Advance Audit Policy Configuration
iv. Generate and save one final CIS Benchmark report after rectifications are completed.
v. Screenshot the before and after rectification for each of the category.
vi. Following are screenshots example of the rectifications done for Account Policies
Before rectification
After rectification
E. Report (5%)
You are to submit the report via POLITEMall.
The file name should be P0x_AdminNo_Name.doc where x is your class number.
You will present your documentation and demo your VM to your class tutor.
The documentation should not be more than 25 A4 size pages (excluding Appendix and References), font size 12, Times New Roman.
Refer to the report template provided on the documentation content required.
F. Q&A (10%)
During the project demo, your tutor will be asking you questions with regards to your project.
You will be assessed based on the quality of your response.
F. SCORING CRITERIA
Following are the qualities we are looking for in this project:
1. Able to show on LinkedIn Profile certificates of completion.
2. Able to configure the VM and Win OS according to project requirements.
3. Documentation with screenshots explained.
4. Well-formatted and readable report.
5. Able to articulate and answer well during Q&A.
6. Able to demonstrate good understanding of the subject content.
7. Able to perform. ad hoc technical tasks and resolve technical issues.
G. MISCELLANEOUS
1. Plagiarism
Plagiarism is not allowed and will result in a zero for the assignment; including AI generated work e.g., ChatGPT. Please cite any sources used in your research. The Safe Assign in POLITEMall will highlight similar sentences that are copied from the websites and reports submitted by your classmate as plagiarism. Do note that we treat plagiarism seriously hence disciplinary actions (E.g. failing the subject) will be taken.
2. Penalties for late submissions
late and < 1 day: 10% deduction from absolute mark given for the assignment e.g. 75 marks (100 marks max) becomes 65 marks (deduct 10% of 100 marks)
late >=1 and <2 days: 20% deduction from absolute mark
late >=2 days: 0 marks awarded