NAME: MUSTAPHA

ABDULGAFAR OLATUNJI
DEPT: INFORMATION
TECHNOLOGY
MATRIC NO: 20L1FT0098
COURSE CODE: IFT 426
COURSE TITLE: NETWORK
SECURITY II

ASSIGNMENT

1. Secure Network Design

Secure network design involves
creating a network architecture
that is secure, scalable, and
maintainable. The following are
key principles and strategies for
secure network design:
Ÿ Secure Network Architecture
Design Principles:
- Defense in depth: multiple
layers of security to prevent a
single point of failure
 - Least privilege: access
control to limit user privileges to
only what's necessary
- Segmentation: dividing the
network into smaller sections to
reduce attack surface
- Encryption: protecting data in
transit and at rest
- Secure protocols: using
secure communication protocols
like HTTPS and SFTP

Ÿ Network Segmentation and

Isolation Strategies:
- VLANs (Virtual Local Area
Networks): segment devices into
logical groups
- Subnetting: divide a network
into smaller sub-networks for
organization and security
- Firewalls: control incoming
and outgoing network traffic
based on security rules
- Access Control Lists (ACLs):
filter
 network traffic based on source,
destination, and protocol
- Network isolation: isolate
sensitive areas of the network
from the rest of the network

2. Secure Communication
Protocols
Secure communication protocols
are used to protect data in
transit. The following are secure
email and web protocols:

Ÿ Secure Email Protocols:

- *PGP (Pretty Good Privacy):*
- Uses public-key
cryptography for encryption and
decryption
- Provides authentication
and integrity checks
- Supports digital signatures
and encryption for emails
- *S/MIME
(Secure/Multipurpose Internet
Mail Extensions):*
- Uses public-key
cryptography for
 encryption and decryption
- Provides authentication,
integrity checks, and non-
repudiation
- Supports digital signatures
and encryption for emails

Ÿ Secure Web Protocols:

- HTTPS (Hypertext Transfer
Protocol Secure):
- Uses SSL/TLS for end-to-
end encryption
- Authenticates the server
and optionally the client
- Supports secure web
browsing and data transfer
- *SSL/TLS (Secure Sockets
Layer/Transport Layer Security):*
- Provides end-to-end
encryption and authentication for
web traffic
- Supports various
encryption algorithms and key
exchange methods
 3. Network Security
Management
Network security management
involves managing and
maintaining network security.
The following are key aspects of
network security management:

Ÿ Security Policy and Risk

Management
- Security policy:
- Outlines an organization's
security goals, risks, and
procedures
- Defines roles and
responsibilities for security
management
- Risk management:
- Identifies potential security
 risks and threats
- Assesses the likelihood
and impact of each risk
- Implements measures to
mitigate or accept each risk

Ÿ Vulnerability Management and

Patching:
 - Vulnerability management:
- Identifies and classifies
vulnerabilities in software and
systems
- Assesses the severity and
impact of each vulnerability
- Prioritizes and remediates
vulnerabilities based on risk and
severity
- Patching:
- Applies updates to fix
known vulnerabilities in software
and systems
- Ensures timely and secure
deployment of patches to prevent
exploitation