1

CP2414 Assignment 1
Security Checklist – A Case Study
Due Date: 11.59 pm, 16/April/2023

WARNING: This is NOT a group-based assignment. You should complete all parts of your
submission INDIVIDUALLY.
Discussions and online tools (e.g., Google, Wikipedia, ChatGPT, etc) are allowed; however,
please practice academic integrity (jcu.edu.au/students/learning-centre/academic-integrity) by
citing and paraphrasing the sources. Note that citing ChatGPT is not a proper citation at
this stage.

Introduction
This assignment contains three parts:
Part I - Identify and analyse threats to a company. Then, search for appropriate
devices/software to address those threats. Remember to justify your choices (feasibility,
efficiency, etc.).
Part II - Design a secure network.
Part III – Citation and Referencing.

Scope
The concepts we discussed in the first three weeks cover all you need to complete this
assignment.

Deliverab s
1. Submit a single PDF document (.pdf) – containing all parts to the Assignment 1
submission box in LearnJCU.
2. Formatting
a. If you use Word: Calibri 11, Line Spacing 1.5, leave Margins and Space
before/after Paragraph as default.
b. If you use LaTeX: Article class specifying A4 paper and 1.5 line spacing.
3. Use IEEE referencing (including both in-text citations and reference list). See
https://libguides.jcu.edu.au/IEEE

NOTE
1. We strongly suggest you check the originality of your submission via “Draft submission
– SafeAssign Originality Report”. If your report returns more than 40% similarity
(including the reference list), then you should paraphrase to reduce this number.
2. Assignment rubric can be found in subject outline.
3. A suggested report structure sample at the end of this assignment sheet.
4. If you use answers from ChatGPT, then you should find the original resources to cite
the ChatGPT answers. For example, ChatGPT tells you how packet-filtering firewalls
work. You go to Google to find a citable resource saying (almost) the same thing as
ChatGPT, then cite that resource.
 2

Scenario Background
An Australian mattress-in-a-box company, TheSleepyheads, is not confident about its IT
system considering the global rise in cybercrime and ransomware. Your friends in this
company recommended you as a Cybersecurity Consultant to look after their IT system.

TheSleepyheads is a growing mattress-in-a-box company consisting of two branches, the

Perth (Headquarters) branch and the Sydney branch. Each branch has four departments, with
approximately forty employees per department. The Perth (Headquarters) branch has one
mail server, two web servers, and two database servers. The Sydney branch has only one mail
server and one database server.

Both branches have high-speed networks; however, weekday traffic can be pretty heavy. This
is especially true for the Perth branch.

They have asked you to:

• For both branches - Identify and analyse application and networking-based threats to
their company; and
• For the Perth (Headquarters) branch only - Recommend preventative and mitigative
technologies and strategies for potential intrusion and attacks on the network.

Assignment tasks:
Part I. Potential Threats
TheSleepyheads have collected a list of complaints from employees about the workstations
for you:

• Complaint 1 (Teddy): My computer takes a long time to start up and shut down. It
seems that there are other programs, which I don’t use, running when I start my
computer as well.
• Complaint 2 (Christina): I often get the blue screen of death, and my workstation
keeps crashing. This is so frustrating.
• Complaint 3 (Meredith): It takes forever to download a file from the company servers.
It doesn’t even matter what the size or type of the file is.
• Complaint 4 (Alex): I’ve got customers and colleagues informing me that I’ve been
sending them emails; this is very weird because my job doesn’t concern sending out
emails to my colleagues, let alone customers.
• Complaint 5 (Richard): I get many pop-ups on my screen. I never visited any
inappropriate websites.
• Complaint 6 (Joe): My computer's fan is so loud. It spins fast and always, even when I
am not using it.
• Complain 7 (All employees): It is either no response from the website, mail and
database servers or taking too long to load the contents from those servers.

From the complaints above, you are asked to analyse and identify the threat/s (if any) and
recommend strategies and technologies to prevent and mitigate those identified threats.
 3

NOTE
1. Your threat analysis and identification should ONLY focus on network security as a
result of cyber-attacks. For example, we do not consider website server access
difficulty due to an out-of-order keyboard.
2. The complaints may be correlated with each other.

Part II. Firewall, Honeypot/s, and Other Network Security Technologies Planning and Design
for Perth Branch
Deploying firewalls, honeypots, and other network security technologies can effectively
protect an organisation’s network. As such, TheSleepyheads asked you to design a network
security configuration for the Perth branch of the company. To do this, you will need to
consider the existing facilities at the Perth (Headquarters) branch, the solutions you
recommended in Part I and additional honeypot(s). Specifically, we should
1. Draw your proposed secure network diagram, including the following:
a. Firewall(s)
b. Other network security technologies (hardware and/or software)
c. Honeypot(s)
d. Existing devices (e.g., servers, workstations, routers and switches)
2. Explain and justify the configuration diagram regarding the following:
a. The type and placement of each firewall;
b. The honeypot location/s and quantity;
c. The placement and purpose of each piece of hardware/software.

Part III. Use IEEE referencing style. See https://libguides.jcu.edu.au/IEEE.

Suggested Report Structure

For the highest marks possible, you should READ THE RUBRIC and submit your report using
the following structure:
Part I. Potential Threats
Complaint [number] – [name]:
• Identify the problem/s stated by the employee/s.
• [Identified threat/s] – [Discussion and comprehensive explanation for the identified
threat/s]
• Solution – [Recommended resolution for threat]
Overarching Threat:
[If an overarching threat exists, you should discuss this here. See Part I’s Note]

Part II. Firewall(s), honeypot(s), and other network security technologies Planning and
Design
• Diagram
• Explanation and justification of the proposed configuration.

End of Assignment 1