Network Security Objectives
Objective 1
​1. Create a network infrastructure design communications document that includes identified hardware components, connections to the outside world, identified physical layer connectivity (media) and addressing, including operational and security components in the design.
NTS415-Final project Word Document
​
NTS415-Final project PowerPoint
Both documents comprehensively address the network infrastructure's design, implementation, and security by detailing critical technical and operational aspects. The first document meticulously outlines the network architecture, specifying hardware components like next-generation firewalls, intrusion prevention systems, and VPNs, while defining network segmentation into distinct security zones including DMZ, internal network, restricted subnet, student network, and IoT/Smart campus devices. It elaborates on operational security measures such as multi-factor authentication, role-based access control using Microsoft Active Directory, data protection strategies like full-disk encryption and SSL/TLS encryption, and comprehensive security policies covering antivirus, user onboarding, internet usage, and software management. Complementing this technical overview, the second document provides a risk-focused perspective by conducting a detailed assessment using NIST SP 800-30 guidelines, identifying potential vulnerabilities like unpatched systems and weak password policies, evaluating existing security controls, and proposing risk mitigation strategies that emphasize continuous monitoring, regular security reviews, and systematic incident tracking, thereby presenting a holistic approach to network infrastructure design and cybersecurity management.
NTW275- Assignment 15.1: Network Design Evaluation and Final Project
This document provides a comprehensive network infrastructure design communication that includes identified hardware components like Cisco routers and switches, Meraki security appliances, and servers, detailing their existing configurations and costs. It outlines connections to the outside world through its description of BGP routing. The document also identifies physical layer connectivity and addressing by discussing elements like wireless network implementation, VLAN segmentation, and IP addressing within the proposed improvements. Furthermore, it addresses operational components through improved network management and monitoring and incorporates security components by detailing security enhancements such as WPA2-Enterprise, RADIUS authentication, and enhanced firewall rules.
​
​​
Objective 2
2. Install, configure and test security hardware and software tools with supporting documentation such as port scanners, vulnerability detection systems, intrusion detection systems, firewalls, system hardening, anti-virus tools, patch management, auditing and assessment.
NTS330- Assignment 6.1/6.2/6.3 Try Hack Me: Metasploit series
​
Metasploit Notion Notes
​​
For this assignment, I went through the Metasploit TryHackMe modules and learned all the ins and outs of using Metasploit. When I was going through these modules I used the TryHackMe attack box/VM that had Metasploit preinstalled in it, but when I completed it I went back and installed Metasploit on my Windows Machine. The TryHackMe Metasploit modules directly address the objective of installing, configuring, and testing security hardware and software tools. They provide hands-on experience with Metasploit, a powerful penetration testing framework, enabling users to perform port scanning, vulnerability detection, and exploit vulnerable systems. Through practical exercises, users learn to configure and utilize various Metasploit modules, including port scanners, exploit modules, and post-exploitation tools, thereby gaining proficiency in auditing and assessing system security. The emphasis on database management, session handling, and payload configuration further reinforces the ability to document and understand the processes involved in security testing, directly aligning with the objective's focus on supporting documentation.
​
​
​
​
​
​
​
​
​​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
NTS330 -Assignment 5.1 Try Hack Me: Nessus
Nessus Vulnerability Scanning and Remediation
For this assignment, I went through the TryHackMe Nessus module where I had to download and install Nessus on my Kali Linux Cm. Completing the TryHackMe Nessus module directly addresses the objective by providing hands-on experience with a vulnerability detection system. The module guides users through the installation and configuration of Nessus Essentials, a widely used vulnerability scanner. Through practical exercises, participants learn to perform scans, interpret results, and generate reports, effectively testing the tool's capabilities. This process simulates real-world security assessments, fostering understanding of how vulnerability scanners contribute to identifying weaknesses and improving system security, aligning with the objective's focus on installing, configuring, and testing security software tools with supporting documentation.
​​​​​​​​​
​​​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​
​​
​
​
​
​
​​​​​
​
Objective 3
3. Construct, implement and document a script or a program to automate a security-related process or other tasks such as installation, administration, management, mapping resources, logon scripts, patch management, updates, auditing, analysis and assessment.
CSC202- Assignment 7.1 (Password Strength checker)
The password checker application automates a critical security task by providing real-time analysis and feedback on user-entered passwords. It evaluates passwords against established security best practices, including minimum length requirements and complexity rules involving character variety (uppercase, lowercase, numeric, and special characters). By automating this process, the application removes the need for manual password evaluation, which is often inconsistent and time-consuming. The application then visually represents password strength through color-coded feedback and delivers specific, actionable recommendations for improvement, such as adding more characters or incorporating different character types. This immediate feedback loop empowers users to create stronger, more secure passwords, directly contributing to enhanced system security and reducing the risk of unauthorized access. Furthermore, the inclusion of error handling and clear messaging ensures a user-friendly experience, even when passwords fail to meet security standards.
​
​
​
​
​
​
​
​
​
​
​
​
​
​​​​​
Grab The Axe - RuneShield Port scanner- Partial credit to Grab The Axe UAT Production Studios Team
The RuneShield scanner automates the security assessment process of mapping network resources and performing basic auditing. It constructs a program, using Python, to implement a rapid port scan (using RustScan in the backend) and presents the results in a structured GUI. This automation eliminates the need for manual command-line execution, streamlining the identification of open ports and services on the target system (127.0.0.1 in this case). By displaying the open ports and their associated services in the "Ports/Hosts" tab, the tool effectively maps the network resources and provides an initial assessment of potential vulnerabilities based on the revealed services. The "Basic Scan" button and the clear output organization demonstrate the automation of a security-related task, fulfilling the objective through a user-friendly interface and efficient resource mapping.
Objective 4
4. Create a policy or procedure that addresses events such as: a disaster recovery plan, a business continuity plan, an incident response policy, an acceptable usage document, an information security policy, a physical security policy, assessments or trouble shooting procedures.
NTS201: Security Essentials final project
​
This document outlines a comprehensive security strategy that addresses several key policy and procedure requirements: it emphasizes the development of an incident response plan with step-by-step processes for detection, resolution, roles, communication, and recovery, along with the need for regular testing and updates. It covers elements of an acceptable usage policy through security awareness training, educating employees on phishing, password security, and insider threats. The entire document focuses on information security policy, detailing risk assessment, security controls, a security-conscious culture, and regulatory compliance. The document also shows the importance of physical security by mentioning the protection of critical systems, and it also recommends that companies do assessments and troubleshooting through continuous auditing and regular testing of the incident response plan.
​
​
​
​
​
​
​
​​
​
​
​
​
​
​
​
​
​
​
​
​​
NTW275 Assignment 14.1 Disaster recovery
This document provides a practical guide for developing a disaster recovery strategy, specifically targeting ransomware attacks through VMware's comprehensive Ransomware Recovery solution. It offers organizations a detailed roadmap for protecting and recovering critical systems, centering on key protective measures like maintaining secure, air-gapped backups and creating an Isolated Recovery Environment for safely testing restored workloads. The strategy emphasizes thorough testing of backup systems to ensure clean, uninfected data can be recovered, while addressing the complex challenge of "dwell time" by recommending advanced tools and processes for identifying safe recovery points. By including visual aids like disaster recovery dashboards, the document serves as a comprehensive blueprint for organizations looking to strengthen their defenses against ransomware and develop robust, methodical system restoration capabilities that minimize the risk of reintroducing malware.
​
​
​
Objective 5
5. Develop a research report or implementation plan concerning legal and ethical best practices and mandated requirements that pertain to information security.
NTS201: Security Essentials final project
​
The document effectively addresses the objective by detailing the legal and ethical considerations critical to information security, specifically within the healthcare sector. It emphasizes compliance with mandates like HIPAA, the necessity of continuous auditing to meet evolving regulations, and the ethical importance of safeguarding patient data and maintaining trust. By advocating for a multifaceted security strategy, the document integrates both legal obligations and ethical best practices, demonstrating a comprehensive approach to information security.
​
​
​
This report effectively addresses the objective of developing a research report concerning legal and ethical best practices and mandated requirements pertaining to information security. Specifically, it focuses on the Draft NIST Special Publication 800-83: Guide to Malware Incident Prevention and Handling, a crucial resource that offers guidelines, best practices, and recommendations for organizations to bolster their cybersecurity defenses against malware. The report details how this publication provides practical, real-world guidance on preventing and handling malware incidents, emphasizing proactive defense strategies, rapid incident response, and the importance of aligning with relevant Special Publications and Federal Information Processing Standards. Furthermore, it considers the necessary resources for implementation, such as equipment, personnel, timelines, and budget, and it underscores the need for an evaluation system to ensure the effectiveness of prevention and response processes. By detailing the benefits of adherence, including improved malware prevention, enhanced detection, and better data protection, the report provides a comprehensive overview of how organizations can strengthen their cybersecurity posture.
​
Objective 6
6. Research, document, test and evaluate several current industry information security-based threats, risks, malicious activities, covert methodology, encryption technologies, mitigation techniques or unconventional tactics to prevent loss of sensitive information and data confidentiality, integrity and availability.​
NTS435 Final Project
This assignment meets the objective by thoroughly researching, documenting, and evaluating the evolving landscape of malware threats, risks, and mitigation strategies within the cybersecurity industry. It aligns with established standards, such as NIST Special Publication 800-83 and Federal Information Processing Standards (FIPS), to provide a structured approach to malware prevention, incident response, and security best practices. The presentation explores malicious activities, including malware propagation and response tactics, while also discussing the necessary tools, technologies, and personnel required for effective implementation. Additionally, it emphasizes the importance of protecting data confidentiality, integrity, and availability by detailing proactive defenses, rapid containment protocols, and remediation techniques.
​
​
​
​
​
​
​
This assignment effectively meets the objective as it shows that I had to research and utilize various tools and techniques to identify and exploit security vulnerabilities, thoroughly document their process, and test and evaluate the effectiveness of different approaches. I was able to go through current industry information security threats, including OSINT, XSS, and unauthorized access, and I also applied covert methodologies to uncover vulnerabilities. While focusing on exploitation, the assignment provides a foundation for understanding how to develop mitigation techniques to protect sensitive information, ensuring data confidentiality, integrity, and availability.
​
​
​
​
​
​
​
​​​​​
​
​