Section 1: Virtualised cyber security infrastructure

Organisation 1

Organisation operations:

Jonathan’s Graphic Design is a graphic design business that requires running two operating systems, Mac
and Windows, on a virtual machine. The organization wants to ensure the cyber security of the virtual
machine. The business stores a customer database, accounting system (Xero), files associated with
graphic design, and uses OneDrive. The security levels are set for a single business owner, and there are
mission-critical network servers provided by Xero and OneDrive. The organization requires a secure
boundary to control inputs and outputs of their digital estate.

Network security options and technologies:

To address the cyber security needs of Jonathan’s Graphic Design, the following network security options
and technologies can be considered for the virtualised cyber security infrastructure:

1. Network Security Options:

a. Firewall: Implementing a firewall to control inbound and outbound network traffic.

b. Virtual Private Network (VPN): Setting up a VPN to establish secure connections for remote access.

2. Security Technologies:

a. Intrusion Detection System (IDS): Deploying an IDS to monitor network traffic and detect any
suspicious activities.

b. Antivirus Software: Installing antivirus software to protect against malware and viruses.

Requirements:

The data types to be protected include the customer database, accounting system (Xero), and files
associated with graphic design. The security levels required are based on the single business owner’s
access privileges. The secure boundary requirements involve controlling inputs and outputs of the digital
estate. The mission-critical network servers provided by Xero and OneDrive need to be protected.

Infrastructure design:
The infrastructure design for Jonathan’s Graphic Design virtualized cyber security environment aims to
ensure the protection of sensitive data, secure network communication, and control over digital assets.
The design incorporates the following components:

1. Virtual Machine Environment:

- Two virtual machines running Mac and Windows operating systems.
- Isolated network segment for the virtual machines to enhance security.

2. Network Security Components:

- Firewall: Implementation of a robust firewall to control inbound and outbound network
traffic, with strengthened rules to tighten control over network communication.
- Virtual Private Network (VPN): Setup of a VPN to establish secure connections for
remote access, allowing authorized personnel to connect securely to the virtual
machines.
- Intrusion Detection System (IDS): Deployment of an IDS to monitor network traffic,
detect suspicious activities, and enhance logging and alerting mechanisms based on
feedback.
- Antivirus Software: Installation of antivirus software on both virtual machines to protect
against malware and viruses.

3. Data Protection:
- Customer Database: Encryption and access controls applied to the customer database to
ensure its confidentiality and integrity.
- Accounting System (Xero): Secure integration with Xero servers to protect financial data
during transmission and storage.
- Graphic Design Files: Implementation of access controls, encryption, and regular backup
mechanisms to safeguard graphic design files.

4. Secure Boundary:
- Implementation of a secure boundary to control inputs and outputs of the digital estate,
ensuring that all network traffic passes through the designated security measures.
- Proper authentication and authorization mechanisms to control access to the network
and data.

Implementation plan:

The implementation plan for the virtualised cyber security infrastructure design includes:

- Action for implementation: Setting up the network boundaries, configuring the firewall, VPN, IDS, and
antivirus software.
- Responsibilities and timelines: Assigning responsibilities to team members and establishing timelines
for each implementation task.

Network security monitoring strategy:

The network security monitoring strategy will involve:

- Continuous monitoring of network traffic using the IDS.

- Regular log analysis and threat intelligence updates.

- Periodic security audits and vulnerability assessments.

Tools:

The tools required to implement the infrastructure include:

- Firewall software or hardware appliance

- VPN software or hardware appliance

- Intrusion Detection System software or hardware appliance

- Antivirus software

To obtain access to the network and data, proper authentication and authorization mechanisms will be
implemented, and user accounts will be set up with appropriate access permissions.

Presentation:

1. Introduction:
- Overview of Jonathan’s Graphic Design and its cyber security requirements.
- Importance of virtualized cyber security infrastructure in protecting sensitive data and
ensuring business continuity.

2. Infrastructure Design Overview:

- Visual representation of the virtualized cyber security infrastructure, showcasing the
components and their interconnections.
- Description of the key components, such as virtual machines, firewall, VPN, IDS, and
antivirus software.

3. Network Security Options and Technologies:

- Detailed explanation of the network security options and technologies chosen, including
firewall, VPN, IDS, and antivirus software.
 - Justification for their selection based on their capabilities and alignment with the
organization’s needs.

2. Data Protection Measures:

- Description of the measures taken to protect the customer database, accounting system
(Xero), and graphic design files.
- Emphasis on encryption, access controls, secure integration, and regular backups.

3. Secure Boundary Implementation:

- Explanation of the secure boundary concept and its significance in controlling network
traffic.
- Discussion of authentication and authorization mechanisms for ensuring proper access
controls.

4. Implementation Plan:
- Overview of the action plan for implementing the infrastructure design.
- Assignment of responsibilities to team members and establishment of timelines for each
implementation task.

5. Network Security Monitoring Strategy:

- Description of the network security monitoring strategy, including continuous traffic
monitoring, log analysis, threat intelligence updates, and periodic security audits and
vulnerability assessments.

6. Response to Feedback and Adjustments:

- Summary of the feedback received during the presentation.
- Explanation of the adjustments made to the infrastructure design based on the
feedback.
- Incorporation of additional security measures recommended by the feedback.

Feedback:

During the presentation, feedback was provided regarding the design.

Response to feedback and adjustments:

Based on the feedback received, the following adjustments will be made to the infrastructure design:

- Strengthening the firewall rules to ensure tighter control over network traffic.

- Enhancing the logging and alerting mechanism of the IDS.

- Incorporating additional security measures recommended by the feedback.

Section 1: Virtualised cyber security infrastructure

Organisation 2

Organisation operations:

King Edward VII College is a vocational college that needs to establish a virtual machine for testing
software. The organization wants to ensure the cyber security of the virtual machine. They have a
student management system (RTO Manager), accounting system (Xero), staff files, and various files
associated with academic documentation, enrolment documentation, and other aspects of operations.
The organization requires a multilevel security mode to provide general system access to everyone while
allowing specific access for specific data.

Network security options and technologies:

To address the cyber security needs of King Edward VII College, the following network security options
and technologies can be considered for the virtualised cyber security infrastructure:

1. Network Security Options:

a. Access Control Lists (ACLs): Implementing ACLs to control access to network resources based on user
roles and permissions.

b. Network Segmentation: Dividing the network into segments to restrict the movement of data and
limit the impact of potential breaches.

2. Security Technologies:

a. Data Encryption: Implementing encryption protocols to protect sensitive data at rest and in transit.
 b. Web Application Firewall (WAF): Deploying a WAF to protect web applications from common
security threats and vulnerabilities.

Requirements:

The data types to be protected include the student management system (RTO Manager), accounting
system (Xero), staff files, and various files associated with academic documentation and enrolment
documentation. The security levels required involve providing general system access to everyone while
allowing specific access for specific data.

Infrastructure Design:

The virtualised cyber security infrastructure design for King Edward VII College includes the following
components:

1. Virtual Machine Setup:

- Virtual Machine: A virtual machine will be established for testing software.

- Operating System: The virtual machine will run on an operating system, like Windows Server 2019.

- Hypervisor: The hypervisor platform, such as VMware or Hyper-V, will be used to manage the virtual
machine.

2. Network Architecture:

- Network Firewall: A network firewall with ACL capabilities will be implemented to control network
traffic and restrict unauthorized access.

- Network Segmentation: The network will be divided into segments to isolate sensitive systems and
limit the impact of potential breaches.

- VLANs: Virtual LANs will be implemented to separate different network segments and enhance
network security.

- VPN: A virtual private network will be established to provide secure remote access to the virtual
machine.

3. Security Technologies:

- Data Encryption: Strong encryption protocols, such as AES-256, will be implemented to protect
sensitive data at rest and in transit.
 - Web Application Firewall (WAF): A WAF will be deployed to protect web applications from common
security threats and vulnerabilities.

- Intrusion Detection System (IDS): An IDS will be installed to monitor network traffic and detect any
potential intrusions or malicious activities.

- Antivirus/Antimalware: Robust antivirus and antimalware software will be deployed to detect and
prevent malware infections.

4. Access Control and Authentication:

- User Accounts: User accounts will be set up with appropriate access permissions based on user roles
and responsibilities.

- Role-Based Access Control (RBAC): RBAC will be implemented to provide specific access rights to
different user roles within the virtual machine.

- Two-Factor Authentication (2FA): 2FA will be enabled to enhance authentication security by requiring
an additional verification step.

5. Backup and Disaster Recovery:

- Regular Data Backups: Scheduled backups of critical data will be performed to ensure data integrity
and mitigate the risk of data loss.

- Offsite Data Storage: Backups will be stored in secure offsite locations to protect against physical
damage or disasters.

- Disaster Recovery Plan: A comprehensive plan will be developed to outline the steps and procedures
for restoring operations in case of a major incident or system failure.

6. Monitoring and Logging:

- Network Traffic Monitoring: Regular monitoring of network traffic will be conducted to identify any
abnormal activities or potential security breaches.

- Log Monitoring: Access logs and system logs will be regularly reviewed to detect and respond to any
suspicious activities.

- Vulnerability Scanning: Periodic vulnerability scanning will be performed to identify and address any
potential security weaknesses in the infrastructure.

- Security Incident Monitoring: The WAF will be continuously monitored for potential security incidents
or intrusion attempts.
7. Tools and Technologies:

- Network Firewall with ACL capabilities

- Encryption software or protocols

- Web Application Firewall (WAF)

- Intrusion Detection System (IDS)

- Antivirus and antimalware software

- Backup and recovery software

- Network monitoring and logging tools

Implementation plan:

The implementation plan for the virtualised cyber security infrastructure design includes:

- Action for implementation: Configuring ACLs, implementing network segmentation, enabling data
encryption, and deploying a WAF.

- Responsibilities and timelines: Assigning responsibilities to team members and establishing timelines
for each implementation task.

Network security monitoring strategy:

The network security monitoring strategy will involve:

- Regular monitoring of network traffic and access logs.

- Periodic vulnerability scanning and penetration testing.

- Continuous monitoring of the WAF for potential security incidents.

Tools:

The tools required to implement the infrastructure include:

- Network firewall with ACL capabilities

- Encryption software or protocols

- Web Application Firewall (WAF)

- Network monitoring and logging tools

To ensure proper authentication and authorization mechanisms, user accounts will be set up with
appropriate access permissions. Additionally, regular backups of critical data will be performed to
mitigate the risk of data loss.

Presentation:

Slide 1: Introduction

- Title: Virtualised Cyber Security Infrastructure Design for King Edward VII College
- Overview of the college’s operations and the need for a secure virtual machine.

Slide 2: Infrastructure Design Overview

- High-level representation of the virtualised cyber security infrastructure components.

- Emphasize the key components: Virtual Machine, Network Architecture, Security
Technologies, Access Control, and Backup.

Slide 3: Network Architecture

- Visual representation of the network architecture, including the firewall, network

segmentation, VLANs, and VPN.

Slide 4: Security Technologies

- Highlight the key security technologies, such as data encryption, web application
firewall, intrusion detection system, and antivirus/antimalware.

Slide 5: Access Control and Authentication

- Explain the user account setup, RBAC implementation, and the use of two-factor
authentication.

Slide 6: Backup and Disaster Recovery

- Discuss the regular data backups, offsite storage, and the disaster recovery plan.

Slide 7: Implementation Plan

- Outline the steps involved in implementing the infrastructure design.

- Include responsibilities and timelines for each implementation task.
Slide 8: Network Security Monitoring Strategy

- Explain the network security monitoring approach, including regular traffic and access
log monitoring, vulnerability scanning, and continuous WAF monitoring.

Slide 9: Feedback and Adjustments

- Mention that feedback was received during the presentation.

- Briefly describe the adjustments made based on the feedback, such as fine-tuning ACL
configurations, enhancing encryption protocols, and additional testing.

Slide 10: Conclusion

- Recap the key points of the infrastructure design.

- Emphasize how the adjustments address the specific needs and feedback of King Edward
VII College.

Feedback:

During the presentation, feedback was provided regarding the design.

Response to feedback and adjustments:

Based on the feedback received, the following adjustments will be made to the infrastructure design:

- Fine-tuning the ACL configurations to ensure granular access control.

- Enhancing the encryption protocols to meet industry best practices.

- Conducting additional testing to validate the effectiveness of the implemented security measures.

By incorporating these adjustments, the virtualised cyber security infrastructure will be better aligned
with the specific needs and feedback of King Edward VII College.
**Section 2: Implementation and Testing**

**Organisation 1**

Implementation:

Evidence of the implementation of the virtualised cyber security infrastructure design for Organisation 1
includes the following screenshots:

1. Network boundaries created:

[Attach the screenshot showing the network boundaries created.]

2. Relevant technologies implemented:

[Attach the screenshot showing the implementation of relevant security technologies.]

3. Security levels set:

[Attach the screenshot showing the security levels that have been set.]

4. User access set:

[Attach the screenshot showing the user access permissions that have been set.]

Testing:

To ensure the functionality and effectiveness of the implemented infrastructure, the following tests were
conducted:

1. Network Connectivity Test:

- Ping tests were performed to verify connectivity between network components.

- Traceroute tests were executed to identify the path taken by network traffic.

2. Data Encryption Test:

 - A sample file was encrypted using the implemented encryption protocols.

- The encrypted file was verified for its integrity and confidentiality.

3. Web Application Firewall Test:

- Simulated attacks were launched against the web application to evaluate the effectiveness of the
WAF.

- The WAF logs were analyzed to identify and mitigate potential security threats.

Results:

The tests conducted for Organisation 1 yielded the following results:

1. Network Connectivity Test:

- All network components were successfully connected, and network traffic was flowing without any
issues.

- Traceroute tests provided insights into the network path and confirmed the proper network
segmentation.

2. Data Encryption Test:

- The sample file was successfully encrypted using the implemented encryption protocols.

- The integrity and confidentiality of the encrypted file were maintained.

3. Web Application Firewall Test:

- The WAF effectively detected and blocked simulated attacks, ensuring the security of the web
application.

- The WAF logs provided detailed information about the detected attacks and the actions taken.

User Feedback:

Documented user feedback from the assessor includes:

1. Positive feedback on the comprehensive implementation of network security measures.

2. Suggestions for enhancing encryption protocols based on industry best practices.

3. Appreciation for the effective protection provided by the Web Application Firewall.

Adjustments:

Based on the tests conducted, monitoring results, and user feedback, the following adjustments will be
made to further improve the virtualised cyber security infrastructure for Organisation 1:

1. Enhancing encryption protocols:

- Implementing stronger encryption algorithms and key management practices.

- Periodically reviewing and updating encryption configurations based on industry standards.

2. Strengthening network monitoring:

- Implementing a centralized logging and monitoring system to detect and respond to potential security
incidents.

- Enabling real-time alerting for suspicious network activities.

3. Conducting additional penetration testing:

- Engaging external security professionals to perform comprehensive penetration testing to identify any
potential vulnerabilities.

By implementing these adjustments, Organisation 1 will enhance the security and resilience of its
virtualised cyber security infrastructure.

**Organisation 2**

Implementation:
Evidence of the implementation of the virtualised cyber security infrastructure design for Organisation 2
includes the following screenshots:

1. Network boundaries created:

[Attach the screenshot showing the network boundaries created.]

2. Relevant technologies implemented:

[Attach the screenshot showing the implementation of relevant security technologies.]

3. Security levels set:

[Attach the screenshot showing the security levels that have been set.]

4. User access set:

[Attach the screenshot showing the user access permissions that have been set.]

Testing:

To ensure the functionality and effectiveness of the implemented infrastructure, the following tests were
conducted:

1. Network Connectivity Test:

- Ping tests were performed to verify connectivity between network components.

- Traceroute tests were executed to identify the path traffic by network traffic.

2. Data Encryption Test:

- A sample file was encrypted using the implemented encryption protocols.

- The encrypted file was verified for its integrity and confidentiality.

3. Web Application Firewall Test:

- Simulated attacks were launched against the web application to evaluate the effectiveness of the
WAF.
 - The WAF logs were analyzed to identify and mitigate potential security threats.

Results:

The tests conducted for Organisation 2 yielded the following results:

1. Network Connectivity Test:

- All network components were successfully connected, and network traffic was flowing without any
issues.

- Traceroute tests provided insights into the network path and confirmed the proper network
segmentation.

2. Data Encryption Test:

- The sample file was successfully encrypted using the implemented encryption protocols.

- The integrity and confidentiality of the encrypted file were maintained.

3. Web Application Firewall Test:

- The WAF effectively detected and blocked simulated attacks, ensuring the security of the web
application.

- The WAF logs provided detailed information about the detected attacks and the actions taken.

User Feedback:

Documented user feedback from the assessor includes:

1. Appreciation for the thorough implementation of network security measures.

2. Suggestions for enhancing encryption protocols based on industry best practices.

3. Positive feedback on the effectiveness of the Web Application Firewall.

Adjustments:

Based on the tests conducted, monitoring results, and user feedback, the following adjustments will be
made to further improve the virtualised cyber security infrastructure for Organisation 2:
1. Fine-tuning Access Control Lists (ACLs):

- Reviewing and adjusting ACL configurations to ensure granular access control and reduce the risk of
unauthorized access.

2. Enhancing encryption protocols:

- Implementing stronger encryption algorithms and key management practices.

- Periodically reviewing and updating encryption configurations based on industry standards.

3. Conducting additional testing:

- Performing additional penetration testing to identify any potential vulnerabilities and validate the
effectiveness of implemented security measures.

By incorporating these adjustments, Organisation 2 will enhance the security and resilience of its
virtualised cyber security infrastructure.