SEC 450 DeVry Week 7 iLab 7 of 7 Latest



Product Description

SEC 450 DeVry Week 7 iLab 7 of 7 Latest

SEC 450 DeVry Week 7 iLab 7 of 7 Latest



SEC 450 DeVry Week 7 iLab 7 of 7 Latest

iLab 7 of 7: Network Vulnerability Case Study

Note! Submit your assignment to the Dropbox, located at the top of this page. (See the Syllabus section “Due Dates for Assignments & Exams” for due dates.)

Student Name _________________________________ Date _____________

SEC450 Network Vulnerability Case Study—iLab7


In this lab, students will examine the following objectives.

· Differentiate the use of IDS and IPS to detect network attacks.

· Design a network with IDS/IPS.

· Justify the use of IDS/IPS for a given network solution.


A small company is using the topology shown below to secure its intranet while providing a less-secured environment to its eCommerce DMZ server. The company is concerned that firewalls are not enough to detect and prevent network attacks. Hence, deployment of sensors to intrusion detection systems (IDS) and/or intrusion prevention systems (IPS) are needed in the network. Your job is to provide recommendations, including a network design with IDS/IPS, that meet the company’s requirements.

Initial Topology

Company’s Requirements

1. Detect any malicious traffic entering the e-commerce server without performance penalty to traffic getting in the server from revenue-generating customers.

2. Stop any malicious traffic entering the human resources LAN (HR LAN).

3. Detect any malicious traffic entering the computer terminal in the marketing LAN (MKT LAN).

4. Stop any traffic entering the File Server in MKT LAN.

5. Deploy a centralized database and analysis console in the intranet to managing and monitoring both IDS and IPS sensors.

Note: RED text indicates the required questions to answer

Task 1—Layout the New Network Design

Click on the Initial Network Topology link on the iLab page in Week 7, and save in your computer the MS PowerPoint fileInitial_Network_Topology_iLab7.ppt. This file contains a diagram for the initial network topology and pictures of all components needed to create the new network design.

Review the documentation provided in the references at the end of these instructions to get more familiar with the implementation of IDS and IPS in network design. You need to find a network solution that meets the company’s requirements.

#1. Paste below your new network design diagram.

Task 2—IDS/IPS Recommendations

#2. Write an engineering specification document of at least 250 words (e.g., 1 page of full text, double space, and size 12) describing why your network’s design meets each of the company’s requirements. Justify how each recommendation addresses the company’s needs.

Task 3—Conclusions

#3. Describe in two paragraphs your learning experience in this lab.


1.SANS Institute. “Network IDS & IPS Deployment Strategies“—Webliography

2.Paquet, C. (2012). Implementing Cisco IOS network security (IINS) foundation learning guide (2nd ed.). Indianapolis, IN: Cisco Press.

3.NIST. “Guide to Intrusion Detection and Prevention Systems (IDPS)”—Webliography

SEC 450 DeVry Week 7 iLab 7 of 7 Latest

SEC 450 DeVry Week 7 iLab 7 of 7 Latest


There are no reviews yet.

Add your review