2023年12月3日

网络安全代写 | CE324-6-SP Undergraduate Examinations 2020

本次英国代写主要为网络安全的限时测试

CE324-6-SP
Question 1
A small company, ACME, has a network as shown in Figure 1 with IP addresses as indicated.
The packet filtering firewall, FW, is also an Internet access gateway. Collab, is an external
partner to ACME and they both share component design files on the sever NAS but share no
other data. NAS also hosts a database that stores credit card information of ACME’s customers.
Web is the company web site using HTTP for ACME’s general Internet presence and also to
process online sales made by credit card.
Internet
Collab FW
Web
Deskt
155.245
Ext
Int
Collab network
202.202.202.1-254
Figure 1
ACME requires the following border control policy:
 Web should serve HTTP traffic to the Internet (HTTP uses port 80)
 Desktops should be able to access TCP servers in the Internet except Telnet servers in the
Internet (Telnet uses port 23)
 Collab should be able to access NAS on TCP port 445
 spoofed IP addresses from the Internet should be blocked
 any other traffic must be blocked.
(a) Design the firewall rules in FW that meet the specifications above. The firewall FW is a [18%]
stateless packet filter. Your answer does not need to be in the format of any particular
firewall system, but should describe the required firewall rule parameters and indicate the
order of the rules. Every firewall rule must have a description that explains the fields.

(b) The network architecture described above is very poor from a security perspective. Design
a better architecture and explain why it improves the security. Your design should introduce
as little new equipment as possible, as would suit a small company,

Question 2
A company finds that their only Internet connection is overwhelmed by domain name system
(DNS) replies so that their main web presence is unable to provide the essential on-line sales
service for the company. They analyse the DNS replies that are being sent to them and see that
they result from what is called a DNS amplification attack; they are certain that the DNS replies
are not generated from DNS requests coming from the company.
Explain what is meant by a DNS amplification attack and propose a solution for the company [15%]
that will allow them to maintain a reliable web presence even if the attack continues. Explain
how your solution operates.