CYB 220 Project Two Guidelines and Rubric
Overview
One of the projects for this
CYB 220 Project Two Guidelines and Rubric
Overview
One of the projects for this course is the creation of a network segmentation strategy in which you will create host-based and network-based firewall policies in a provided network and explain how the network achieves isolation, segmentation, and least privilege. As a security analyst, you will often be asked to evaluate and suggest solutions that require this type of network security design, so this project demonstrates competency in the field. The audience for this strategy is your IT security manager.
The project leverages the skills that you have built in Module Four. The project will be submitted in Module Six.
In this assignment, you will demonstrate your mastery of the following course competency:
Describe the fundamental principles and practices of network traffic flow policy and enforcement
Scenario
As a security analyst, you are tasked with creating a network segmentation strategy for your IT security manager. This includes configuration tasks in a network as well as a written rationale of the network segmentation strategy.
Your instructor will post a real-world scenario that includes the minimum specifications on which your work will be based (SCENARIO ATTACHED BELOW). You will also be provided with a Packet Tracer native file (.pkt) that you will import into the Packet Tracer application to use as the base diagram for your network. You will use the scenario and the provided Packet Tracer lab environment to do your work.
Prompt
You must address the critical elements listed below. The codes shown in brackets indicate the course competency to which each critical element is aligned.
Network Segmentation Strategy
ConfigurationConfigure the host-based firewall policy to meet project specifications. Provide a screenshot of the configured policy.
Configure the FTP server to meet project specifications for access control. Provide a screenshot of the configured FTP server.
Configure the network-based firewall policyto meet project specifications for the extended access control list. Provide a screenshot of the configured policy.
RationaleDescribe how network segmentation is achieved after meeting the configuration requirements for the host-based firewall.
Describe how the concept of least privilege is achieved in the configuration of the FTP server.
Describe an approach of employing a network-based firewall to achieve network isolation to meet project specifications.
What to Submit
Your submission should be 1 to 2 pages in length (not including screenshots) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Use a filename that includes the course code, the assignment title, and your name—for example, CYB_100_Project_One_Neo_Anderson.docx.
Project Two Rubric
CriteriaExemplaryProficientNeeds ImprovementNot EvidentValue
Configuration: Host-Based Firewall PolicyN/AConfigures the host-based firewall policy to meet project specifications and provides a screenshot of the configured policy (100%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Configuration: FTP ServerN/AConfigures the FTP server to meet project specifications for access control and provides a screenshot of the configured FTP server (100%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Configuration: Network-Based Firewall PolicyN/AConfigures the network-based firewall policy to meet project specifications for the extended access control list and provides a screenshot of the configured policy (100%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Rationale: SegmentationMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%)Describes how network segmentation is achieved after meeting the configuration requirements for the host-based firewall (85%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Rationale: Least PrivilegeMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%)Describes how the concept of least privilege is achieved in configuration of the FTP server (85%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Rationale: IsolationMeets “Proficient” criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%)Describes an approach of employing a network-based firewall to achieve network isolation to meet project specifications (85%)Addresses “Proficient” criteria, but there are gaps in clarity, logic, or detail (55%)Does not address critical element, or response is irrelevant (0%)16
Articulation of ResponseSubmission is free of errors related to grammar, spelling, and organization and is presented in a professional and easy-to-read format (100%)Submission has no major errors related to grammar, spelling, or organization (85%)Submission has some errors related to grammar, spelling, or organization that negatively impact readability and articulation of main ideas (55%)Submission has critical errors related to grammar, spelling, or organization that prevent understanding of ideas (0%)4
Total: 100%