Table of Contents

SysSec Final Project!

Here is the situation…

James (@james) and Aaron (@aaron) are two entrepreneurs with a bold idea. They want to deploy “Catflix” a website that streams thousands of 4k quality cat videos. They have purchased your services, and want you to build them a network for their start-up. They need a database for their cat videos. A webserver to run their new and cool website. A Windows client to talk to customers and Windows Server with Active Directory to manage the client. They also will need a router to setup a Furwall, I mean Firewall. And lastly they will need a Linux client to SSH into the database and webserver and well Linux is cool. And you have been ​HIRED! However you only have to do some of this network, the rest they hired RIT to make.

Part I - Topology (10 pts)

Just like the previous assignments, we need a topology, below is an example. Depending on the route you take your topology won't be very big. Be creative!

Part II - Windows + Linux (60 pts)

Here is the overview of Windows(30 pts), Linux(30 pts) and Firewall setup that you will need to perform:

Windows (Active Directory)

Linux (LAMP Stack)

Part III - Risk (30 pts)

Use what you learned in the Risk Management lecture and Choose 5 Technical controls you learned in the Risk Management lecture and implement these into your environment. These controls must come from the CIS top 20 control list: https://www.cisecurity.org/controls/cis-controls-list/

You must submit proof of your Implementation (Screenshot is fine). In a two to three page paper summarize the 5 controls that you have implemented. In this paper please summarize the specific control, what risk(s) is being mitigated (for each control implemented), and why CatFlix will benefit from this implementation.

If you decide to implement any sort of inventory list please submit this as an excel sheet/word document with a table in it.

Examples of technical controls to implement [Controls - Evidence]:

Part IV - Deliverable

Submit one PDF on homework.ubnetdef.org. If you have multiple PDFs you can use https://combinepdf.com/

Important:

Do not create a whole report for Part II, all we need is screenshots of…

As usual, if you have any questions please ask in the System Security channel!