CYB-220 Network Segmentation Strategy

Learning Goal: I’m working on a computer science writing question and need the explanation and answer to help me learn.

CYB 220 Project Two Guidelines and Rubric

Overview

One of the projects for this course is the creation of a network segmentation strategy in which you will create host-based and network-based firewall policies in a provided network and explain how the network achieves isolation, segmentation, and least privilege. As a security analyst, you will often be asked to evaluate and suggest solutions that require this type of network security design, so this project demonstrates competency in the field. The audience for this strategy is your IT security manager.

The project leverages the skills that you have built in Module Four. The project will be submitted in Module Six.

In this assignment, you will demonstrate your mastery of the following course competency:

  • Describe the fundamental principles and practices of network traffic flow policy and enforcement

Scenario

As a security analyst, you are tasked with creating a network segmentation strategy for your IT security manager. This includes configuration tasks in a network as well as a written rationale of the network segmentation strategy.

Your instructor will post a real-world scenario that includes the minimum specifications on which your work will be based (SCENARIO ATTACHED BELOW). You will also be provided with a Packet Tracer native file (.pkt) that you will import into the Packet Tracer application to use as the base diagram for your network. You will use the scenario and the provided Packet Tracer lab environment to do your work.

Prompt

You must address the critical elements listed below. The codes shown in brackets indicate the course competency to which each critical element is aligned.

Network Segmentation Strategy

  1. Configuration
    1. Configure the host-based firewall policy to meet project specifications. Provide a screenshot of the configured policy.
    2. Configure the FTP server to meet project specifications for access control. Provide a screenshot of the configured FTP server.
    3. Configure the network-based firewall policyto meet project specifications for the extended access control list. Provide a screenshot of the configured policy.
  2. Rationale
    1. Describe how network segmentation is achieved after meeting the configuration requirements for the host-based firewall.
    2. Describe how the concept of least privilege is achieved in the configuration of the FTP server.
    3. Describe an approach of employing a network-based firewall to achieve network isolation to meet project specifications.

What to Submit

Your submission should be 1 to 2 pages in length (not including screenshots) and should be written in APA format. Use double spacing, 12-point Times New Roman font, and one-inch margins. Use a filename that includes the course code, the assignment title, and your namefor example, CYB_100_Project_One_Neo_Anderson.docx.

Project Two Rubric

Criteria Exemplary Proficient Needs Improvement Not Evident Value
Configuration: Host-Based Firewall Policy N/A Configures the host-based firewall policy to meet project specifications and provides a screenshot of the configured policy (100%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Configuration: FTP Server N/A Configures the FTP server to meet project specifications for access control and provides a screenshot of the configured FTP server (100%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Configuration: Network-Based Firewall Policy N/A Configures the network-based firewall policy to meet project specifications for the extended access control list and provides a screenshot of the configured policy (100%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Rationale: Segmentation Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%) Describes how network segmentation is achieved after meeting the configuration requirements for the host-based firewall (85%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Rationale: Least Privilege Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%) Describes how the concept of least privilege is achieved in configuration of the FTP server (85%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Rationale: Isolation Meets Proficient criteria and addresses critical element in an exceptionally clear, insightful, sophisticated, or creative manner (100%) Describes an approach of employing a network-based firewall to achieve network isolation to meet project specifications (85%) Addresses Proficient criteria, but there are gaps in clarity, logic, or detail (55%) Does not address critical element, or response is irrelevant (0%) 16
Articulation of Response Submission is free of errors related to grammar, spelling, and organization and is presented in a professional and easy-to-read format (100%) Submission has no major errors related to grammar, spelling, or organization (85%) Submission has some errors related to grammar, spelling, or organization that negatively impact readability and articulation of main ideas (55%) Submission has critical errors related to grammar, spelling, or organization that prevent understanding of ideas (0%) 4
Total: 100%
Our customer support team is here to answer your questions. Ask us anything!