Final Project Requirements
Introduction:
The final project tests your ability to put together the skills learned in previous weeks and present it as an application of your knowledge and skills to a small business network. So as you read through the requirements, consciously relate it to relevant work you've already completed.
The small business network represents the capstone of this course
- it is what all the previous assignments have led to, and is the reason that it takes the bulk of the assessment weighting. Some additional research and reading may still be required.
Any questions of clarification or requests for help for the Final Project should be raised on the Course Forum under the topic 'Final Project'.
The Scenario
You are required to setup and install a small network and set of servers to support a small company, which operates a tomato packing plant. The plant has 10 permanent employees and around 25 part- time and casual employees. Of the 10 permanent employees, 5 work full-time in the office and already have a fully configured networked workstation computer each. On high-capacity networked laser printer serves the entire plant.
The company requires a forward facing (connected to the Internet) Web Server that is located onsite in the main office. The National Broadband Network has just been enabled in the area so a high speed Internet connection is now available.
An existing computer, Wally, used by permanent employees to store various documents (spreadsheets, databases, etc), will need to be integrated as the File Server into the new network. Wally runs Microsoft Windows or MacOS* as the operating system and is backed up daily via physically attached high-speed tape drive with proprietary driver software. All new servers should mount a shared space on Wally to save backups to. These will then form part of the backup process already operating on the Wally server.
if you are not using windows or mac as your host OS (hosting VirtualBox with your VM's) you can use whichever you do have, e.g. Linux.
The Network
A single internal network is to be created, using DHCP to configure all networked devices. All internal servers should be allocated a fixed IP address by the DHCP server and have a fixed server name as specified below.
All other client hosts (e.g. workstations, printer) should be allocated an IP address from a range of IP addresses.
You do not need to configure the workstations and printer - assume they have already been setup. However you should include them in your network diagram as they are part of the network.
What you need to setup (configure) are the internal servers and their connection to the file server.
The following items make up the Final Project submission.
1. A single Word document named TomatoPlant.docx, with table of contents, containing all installation, configuration, processes and procedures used to develop the system.
The document must include the following in the order listed:
a) Installation and configuration details of the servers DHCP, WEB, GATEWAY and IDPS.
b) Backup and recovery procedures that would allow any IT staff, even those not familiar with backup/recovery methods, to perform backup and recovery of all servers if needed.
c) Details of Failover arrangements and procedures in the event of failure of the primary DHCP server.
d) Details of the network configuration. This should consist of:
i. a table of servers with MAC addresses, allocated IP addresses, client IP address ranges and;
ii. a well labelled diagram of the entire network showing all network members. The diagram must be embedded and viewable in the Word document, do not attach as a separate file.
e) Details of general procedures and actions required to be taken in the event of an attempted attack/security breach. Assume that the attempt has been detected.
f) Details of general procedures and actions to be taken in the event of a significant security breach actually occurring e.g. unauthorised access to the Web Server. Assume that the breach has just occurred.
Hint: e) and f) differences: Your answers should reflect essential differences in response to attempted breaches and actual breaches.
g) Details of how support staff gain access to internal systems from outside of the network. This should be detailed enough to give a new support staff member a good idea of how they are supposed to access the internal systems from their home.
h) Details outlining how all servers have been hardened against security attacks.
i) Details of system/security alerts - what/where alerts are generated and where they are sent. Write this so that your boss, who is not a systems administrator and in your absence, could read it and understand exactly how alerts are generated and where they are sent.
j) Details of the password aging policy and implementation. The policy should be appropriate to the organisation, and detail exactly how it is implemented in the system.
Tips:
i. Keep notes on each server as you progress. You can use these to provide the required details listed above.
ii. Backup your servers, clients, notes and configuration files regularly - loss of these due to hardware or software failure will not be accepted as a reason for problems with submitting the project.
iii. Do not repeat yourself e.g. if you list details for a base server installation, which is used by most/all servers, only do that once. Do not include details about VirtualBox installation or configuration - we are only interested in the servers and network details.
2. Submit the following configuration files and scripts:
a) All backup scripts which must be well documented and clearly referred to in the TommatoPlant.docx document. Sample backup script output for each server named as $SN.BackupOutput.txt, where $SN is the server name. Include a backup.readme.txt file that summarises the files you have submitted.
b) iptables rules used on the gateway/firewall - submit as a well-documented and executable script. Ensure it is named appropriately.
c) /etc/passwd, /etc/group and /etc/sudoers (or sudoers.d) files for all servers. Name them as follows, substituting the server name for $SN:
$SN.passwd e.g. Lockwood.passwd
$SN.group e.g. Spiderman.group
$SN.sudoers e.g. Hiccups.sudoers or Hiccups.sudoers.d.xxx
3. Summarise results of security scans performed on each server. Submit as a single Word document named SecurityScans.docx.
4. Assume that the hard disk on the Web Server has failed. Rebuild the entire server using your recovery procedures in 1b). Provide full details of the process including details of where your recovery procedures failed or can be improved.
You must provide 'proof' that you have rebuilt your Web Server by providing screen shots of the recovery process where appropriate.
Include relevant sections of the /var/log/auth.log file showing the relevant commands being performed using sudo. These must be full entries including date/time stamps etc.01 - Virtualisation, Installation and Documentation
This week is all about getting the base software downloaded and installed, and documenting the process, so that we can repeat it if we ever need to.
Once the base installation is completed, we will take a copy of it so that we don't have to go through the full installation process again.
Summary
The details for downloading and installing VirtualBox and Ubuntu Server are provided in a separate document titled "Base Server Installation".
* VirtualBox - virtualisation software which allows us to install and run operating systems on top of other operating systems.
* Ubuntu Server - the Linux-based operating system.
* man - (help.ubuntu.com/community/man) - "used for displaying Unix and Linux manual pages".
Part -1:
Tasks
Read all of the recommended chapters before beginning the base server installation. This will give us some background information that should help in understanding what is happening during the installation and also provide us with an understanding of the importance of documenting our system.
1. From your reading, list what you think are the top five responsibilities of a System Administrator. Give reasons for your choice of 5.
2. Write a summary in your own words of the installation of VirtualBox and the Ubuntu Server. Describe how easy or hard it was, how long it took, give details of any problems that you encountered and what you did to resolve them. Do not simply simply copy text or diagrams from the Base Install document.
3. Submit a screen capture of the Ubuntu Server systems disks (don't worry if it scrolls off the screen). Details of how to do this can be found in the Chapter 8 reading (see 8.1).
4. Submit a screen capture of each of the following:
• the systems Volume Groups
• the systems Logical Volumes
• the systems Physical Volumes
Details of how these can be generated are provided in the Chapter
8 reading - see 8.8 "Logical Volume Management."
5. Submit a screen capture that shows the systems disk free space. Details of how to do this can be found in the Chapter 8 reading - see 8.9 "Filesystems." The command to use is df -h
6. A good System Administrator documents everything they do so that they can go back and do it again if they need to, without having to research the process again. A typical log might look like this (with an example entry):
Use this form to create your own Systems Administrator Log, and make your first entry the appropriate details of your Base Server installation.
You can add any other headings you think are important. Keep the entries as brief as possible, but enough to understand what happened. Submit a copy of your Log in this week's submission doc.
Once you've created your Systems Administrator Log, continue to use it as a living document for the remainder of term (ie, keep updating it) for your own personal use.
7. Run levels, starting up and shutting down:
Review the readings for the week and also the "upstart_cookbook" reference provided in the Readings section above and answer the following questions related to our Ubuntu Server.
a) Briefly describe each of the run levels available on our system.
b) Briefly summarise the startup and shutdown process for our system i.e. what happens during startup and shutdown. [The "upstart_cookbook" will help in answering this question.]
Part -2:
Tasks
Read the relevant parts of the recommended chapters before installing the software or attempting the assessment items. The readings will give background information to help in understanding what is required to securely connect to a remote server.
As there are a number of components to install, a separate document titled "Remote SSH and Command Line Tools" is provided on the course website. Download it and follow the steps to install and configure each of the components. Before starting the installation, read the assessment items below and notice that we need to document the PuTTY installation process as we do it, which will help in answering the questions.
Assessment
1. Briefly describe the basic configuration options for PuTTY and what each option does.
2. Submit a description of the default information that byobu displays.
3. When the vim or vi command is run, it checks for a number of configuration files which provide details on how the vi interface should be displayed and configured. Details about the various configuration files can be found in the man pages for vi - review these again if you haven't already.
Each user can configure vi with a file located in their 'home' directory. Details about the 'home' directory are covered next week, but for now just accept that when we login, we are in our 'home' directory (just like a folder in Windows).
The name of the user configuration file is .vimrc, so to edit the local configuration file we simply type vi .vimrc which allows us to use vi to edit the file. [Note: there is a dot in front of vimrc in the file name - do you know why?]
a) Make suitable changes to the vi configuration file, .vimrc, so that when you edit a file it shows line numbers and displays coloured text.
b) Submit a screenshot showing the .vimrc file being edited with vi within the PuTTY SSH client (the screenshot should show line numbers and coloured text highlighting).
4. Demonstrate you can download files using the PuTTY SFTP client, by downloading the .vimrc file. Submit your downloaded .vimrc file and in addition, submit a screenshot of the PuTTY SFTP client just after the download of the .vimrc file (i.e. it shows the downloading).
5. Submit a screenshot of the command "traceroute" with a network destination of your own choice and describe what the output is showing.
The default location that SFTP logs into is the users 'home' directory. Hint: You can use the 'help' command in SFTP to list the available commands.
Part -3:
Tasks
Read all of the recommended chapters before modifying the filesystem, installing the software or attempting the assessment items. The readings will give us some background information that should help in understanding the changes we make to the filesystem. Read through the assessment items before making any changes.
We must use a cloned copy of our Virtual Machine as instructed in the separate document "Basic Filesystem Changes". Altering filesystems can often result in irreversible and terminal changes to our entire system. If we make a mistake we don't want to have to reinstall our complete system from scratch.
We install eLinks which will be used in a later week and we learn the basics of shell scripting.
The following set of videos should help you become familiar with basic shell scripting and file and directory structures and permissions. Do the same tasks as shown yourself - experiment a little if you like. This is meant to add to the required readings. It is not a substitute for the readings. To develop the scripts required in this course you will have to refer to the required readings for additional details.
Assessment
1. Make the specified changes to your filesystem as outlined in the document "Basic Filesystem Changes". Submit the before and after screenshots of your filesystem disk space usage - paste them into the word document. Your screenshots must clearly show disk space usage. Briefly summarize the size changes you made.
2. Install the text based web browser eLinks, using the same apt- get command you have used several times already.
Start eLinks, then configure it so it displays in colour. Submit a screen capture image of eLinks displaying the www.cqu.edu.au website in colour.
3. Writing a basic shell script.
Write a basic shell script named addaddress.sh that prompts the user for the following details:
* First Name
* Last Name
* Age
* Street number and name
* Suburb
* Post Code
* State
Ensure that Age is between 18 and 110 and Post Code is between 1000 and 9000. If they are not, exit the script and display a suitable message.
Make sure your script has plenty of comments in it that explains the variables you set up and used and the flow of the script (ie what its doing). Putting such explanatory or clarifying comments in scripts is excellent practice.
Run the script three times, using your name but invent all the other details for each run.
Use script code to change the 'Street number and name' and 'Suburb' entries to all capital letters, then append the entered
address to the text file 'addresses.txt' and display the reformatted address to the screen so you can check it worked.
Submit both the shell script and text file with all three sample names and addresses in the text file.
4. Suppose that a user at your site has started a long-running process that is consuming a significant part of a machine's resources.
a) What command would you use to check which process is using too many resources? Briefly describe what this command does.
b) Assume that the misbehaving process might be legitimate and doesn't deserve to die. Show the commands you would use to suspend the process temporarily while you investigate.
c) Later, you discover that the process was launched by your boss and must continue running. Show the commands you would use to resume the task.
d) Much later, your boss tells you that the process now needs to be killed. What signal would you send, and why? What if you needed to guarantee that the process is killed?
Part -4:
Tasks
Read all of the recommended chapters before installing the software or attempting the assessment items. The readings will give us some background information that should help in understanding the access control and permissions required for our system and details of what is involved in adding new users to our system.
Read through the assessment items before making any changes.
Assessment
1. List and describe a sequence of commands that modifies another user's password entry, and explain how you could cover your tracks (i.e. leave no record that you did it). Assume you only have sudo power (all commands allowed, but no shells or su).
[Source: Textbook E4.4]
2. Submit a list of essential procedures to follow when creating a new user. Include the specific commands you would type to "manually" create the user on the system as well as more general principles and procedures.
3. Creating and deleting users:
a) Create a new user (donohoej) using the adduser script. The user's full name is "Jack Donohoe" [all other details should be left blank]. Set the initial password to "bushr@ng3r". Capture the output as you create the user and submit it. Once created, login as Jack and try to view the /etc/shadow file (try sudo as well) - what was the result and why?
b) Login as donohoej and create a file named 'secrets' in the
/tmp directory and then logout. Now delete the user donohoej
using the deluser script. What happened to the /tmp/secrets file? What group and owner does it have? Submit a listing of the file that shows the group and owner. [Leave the file as it is for now.]
c) After deleting the user donohoej, create a new user with full name "Edward Kelly". Set the initial password to "bushr@ng3r". Once the new user kellye has been created, submit a file listing showing the group and owner of the /tmp/secrets file. Also submit a file listing of the subdirectories in the /home directory.
d) After completing a,b,& c: who now owns the /tmp/secrets file and /home/donohoej directory and all its files? What problems could this cause? How would you prevent these problems?
4. Installing Samba client
a) Install and configure Samba client to allow your Windows host and your Ubuntu server to share a directory.
b) List the software you installed, and the steps and any configuration changes needed to connect the share directory.
c) Create a new file called Mysamba.txt in your Ubuntu share directory, then provide a screenshot of both your Ubuntu share directory and your Windows share directory showing the file appearing (shared) in both.
d) Submit a listing of the file from the server command line, showing the group, owner and permissions of the Mysamba.txt file. What owner, group and permissions does this file have? Why?
NOTE: Setting up Samba for the first time can be difficult. We want you to try to do it yourself. Use the samba man pages to help in the configuration. There are many traps, so if/when you get stuck, use the course forum for help.
Part -5:
Tasks
Read all of the recommended chapters before installing the software or attempting the assessment items. The readings will give us some background information that should help in understanding: how processes/jobs can be configured to run at scheduled times, the ins and outs of backing up our system, where system logs are kept and what they contain, how Electronic Mail works at the server level and how to setup and configure a basic Web Server.
Read through the assessment items before making any changes. Discuss on the course forum if unsure of any of the below activities.
1. Backups and recovery of files using ‘tar' command:
a) Write a shell script using the tar command to do a level 0 backup of the /home directory and all significant system configuration files. Create a directory /mnt/backup and use it as the default backup location. List all the ‘tar' parameters you used, with a line explaining what each parameter does. Submit output in ‘backup.tgz'.
Within your shell script, remember to place helpful comments that explain what your commands are designed to do.
Finally submit a screenshot of the ‘ls' command displaying the information for the /mnt/backup directory that contains your backup tar file.
b) Make crontab entries to trigger the backup script to run daily, weekly and monthly with suitable names for the output files (e.g. daily01.tgz - daily07.tgz, weekly01.tgz - weekly05.tgz and monthly01.tgz - monthly12.tgz). Submit your backup script (homesysbackup.sh), crontab entries and a sample backup file.
c) Briefly summarise the steps for recovering files from your backups while ensuring the original timestamps and ownerships of the files are maintained.
2. View each of the following log files and provide a brief explanation (1-3 lines at most) of the content of each log file:
* /var/log/syslog
* /var/log/auth.log
* /var/log/apt/history.log
* /var/log/dpkg.log
* last.log after running "last > last.log"
* dmesg.log after running "dmesg > dmesg.log"
3. Install Exim as outlined in the provided "Installing Email" document. We are only interested in sending email, not receiving it - this removes a significant security issue from our server.
Once you have Exim installed and working, send an email to your campus lecturer from the command line (use the mail command) with the Subject: "SYSADM:StudentNo", where "StudentNo" is your student number and include a brief statement of how easy or difficult you are finding the course in the message body. Distance students should send their email to the course coordinator.
You will need a gmail account for this installation. Alternate SMTP servers can be used if you feel confident in using them and can troubleshoot any issues with them yourself. You can use your student CQUMail account. If you use an alternate SMTP server, include basic details of the server in your email.
The email address is available from the course website or ask your lecturer.
4. Install lighttpd as outlined in the provided "Installing a Web Server" document. Submit a screenshot of your desktop browser displaying the output of the test php web server page (the index.php page, NOT the "Placeholder page").Tasks
Read all of the recommended chapters before beginning the assessment items. You will have seen some of the material covered before, in a prerequisite network course, so it should be a useful refresher.
Discuss on the course forum if you have problems with any of the questions or activities.
Part -6:
Assessment
NOTE: For all questions that ask you to write a summary, zero marks apply if your summary consists mostly of text copied straight from textbook, help files, man pages, or internet sources.
1. Submit a screenshot of the output from your systems "route" command. Briefly describe what each line is indicating.
2. VirtualBox allows a number of different network modes. Review the VirtualBox Help and summarize each of the following virtual network modes: Network Address Translation (NAT); Bridged networking; and Internal networking, ensuring that you highlight the differences between them.
This must be in your own words and your summaries must be much shorter and simpler than what's in the Help, while still being clear and correct.
3. View the contents of your /etc/resolv.conf file.
a) Describe the contents and use of the file.
b) What server is nominated as resolving domain names for your system?
c) Submit a screenshot of your /etc/resolv.conf file.
4. Install (if required) iptables and nmap. Read the man pages for iptables and nmap and provide a brief summary of each, being sure to mention what they have in common.
NOTE: Your answer must be in your own words and your summaries must be much shorter and simpler than what's in the man pages, while still being clear and correct.
5. The activity in this question is critical to the rest of the course. Future weeks will use the configuration you create here.
In this activity you will:
a) Build two VirtualBox VMs, cloned from the 'Ubuntu Server'. The two clones should be named ‘userv1' and ‘userv2' and both should be configured in the 'Internal network' mode (using the same internal network name (use the default ‘intnet').
The configuration should ensure that they can both 'see' each other but not the Internet (e.g. they should be able to ping each other but not an address on the Internet). See ‘creating the two servers' below for more information.
b) Provide proof that the setup for userv1 and userv2 was successful. You can provide this proof as follows:
i--A screenshot of each server's successful ping or traceroute of the other and briefly describe what you did.
ii--Another screenshot showing that the servers were not able to ping the Internet as they were using 'Internal network' mode.
Part -7:
Tasks
Read the recommended chapter before attempting the assessment items. Do not ignore the material on Snort and OSSEC - we will be installing those next week.
IptablesHowTo - (help.ubuntu.com/community/IptablesHowTo) - "if you want to do a few basic things". This may help when it comes to developing iptable rules.
We will build a VM that will house our Firewall - hence we'll call it our Gateway VM.
1. Run the "chage" list command for your username. Briefly discuss any obvious problems with using the default password aging configuration. What values would you recommend for a normal user working in a large company?
2. Run an "nmap -sT" scan of your server, from your server. Then run an "nmap" scan of your host computer (i.e. the one running VirtualBox). You will have to find its IP address first. You may have to use "nmap -PN". Try "-sT" first and read the response, often nmap will prompt you with alternate scan settings.
Describe the nmap flags available, including the ones used above and discuss the information obtained from the output of your scan. Include a screenshot of your nmap commands output.
3. Run an update on your system packages, then install "John the Ripper"(john). Login to your system as kellye (the user created earlier - the password used was "bushr@ng3r"). Then run a series of tests as follows:
a) Logged in as kellye, change the password to "password" and then run "john" against the /etc/shadow file. Comment on the results including how long it took.
b) Next, change kellye's password to "computer" and run "john" again. Comment on the results including how long it took.
c) Finally change kellye's password back to "bushr@ng3r" and run "john" again. Comment on the result including how long you waited. (hint: no need to wait beyond 10 minutes). What conclusion can we make about password security based on these tests?
4. We now make use of the ability of VirtualBox to add additional virtual network cards (NICs). Create a VM server named "Gateway" that has two NICs - one using a "Bridged Adapter" connected externally to the Internet configured to use DHCP, the other using an "Internal Network" adapter configured manually.
At this point, turn to the "Making a Gateway" document and follow the instructions and information very carefully. When you have completed that, return here to continue.
We will use the internal server userv1 that was created last week. Make sure the Internal Network in userv1 and Gateway both have the same name in VirtualBox. Configure the system so all of the internal traffic goes via the gateway.
a) Provide traceroute output that shows the internal server accessing the Internet through the gateway server.
b) Develop a well-labelled diagram of your network. Present this as a graphic embedded in your submission Word document.
Warning: Do not submit diagrams as separate files created from other programs in their native format (e.g. Visio, Cade etc) as we may not be able to open them. Diagrams developed with such third-party software submitted separately that cannot be opened by us may be marked zero. If you use such software, you must import the diagram into Word for submitting.
5. A complete working firewall configuration file (iptables) can be found at the end of this document - you simply need to make adjustments/changes to match your configuration, e.g. your IP addresses, server names etc. Also adjust author name and date.
a) Extend the firewall rules to allow HTTP and SSH connections to go directly to an internal server (userv1) through the gateway server. Limit all other incoming traffic.
Test your configuration by accessing the default lighttpd server page running on userv1. You do this by connecting to Userv1 through the gateway, via PuTTY.
Submit your firewall rules/script. Provide 'proof' that it works with screen dumps of your Web and SSH access. Ensure you are connecting to the internal server, not the gateway, by checking the IP address in the PuTTY session and the default lighttp PHP page display that includes the variable '_SERVER["SERVER_ADDR"]'.
b) Allow an SSH connection to the gateway server from the inside only - test it by logging into the internal server (from outside), and then, from the internal server, login to the gateway (using ssh). Once logged into the gateway, you should not be able to ping/access any external or internal hosts - try pinging the internal server and cqu.edu.au. Submit a screen dump showing the results.
c) Enable loopback on the gateway, and the ability to ping the gateway from the internal network only. Submit a screen dump showing the successful ping.
d) There should be no restrictions on outgoing traffic - test this by using elinks from your internal server to www.monash.edu.au. (note: do not use cqu.edu.au since you already have a screenshot of that one from week-3!). Submit a screen dump of elinks with the monash university site displaying.
e) Enable logging of attempts that are rejected by the firewall
- provide a sample of the log.
f) 'Attack' the gateway by trying to do an ‘nmap' on it, and show that only the required ports are available - submit your 'attack' output from nmap with a brief description of what it is showing.
Part -8:
Tasks
Review the recommended chapter before beginning the installation or attempting the assessment items.
We will need to research Snort and OSSEC ourselves this week. The main website links listed above provide a vast amount of documentation for both.
1. Snort and OSSEC:
Read the descriptions available of what Snort and Ossec are and what they do, then summarise the similarities and differences between them. Ensure to mention where and how each should be used.
2. Install Snort using the "Installing Snort" document. Once Snort is installed and configured perform an nmap scan of your entire network. Ensure your gateway, userv1 and userv2 servers are running and working as they should. An example scan of your entire 192.168.12.0 internal network can be performed by running "nmap -v
-sU 192.168.12.0/24".
Submit the details of the scan you used, the output from the scan, and the entries generated in the snort alert file. Describe the alerts generated - include other alerts that may be generated from other activity on your server. You need to show that you can interpret the alerts being generated, so ensure you describe what the alerts mean as part of your answers.
3. Install OSSEC using the "Installing OSSEC" document. Once OSSEC is installed and configured attempt the same nmap scan as in question 2 and submit the results. Review the OSSEC logs and summarise what it reports.
4. Attempt to login to the kellye account on userv1 using PuTTY a number of times, but deliberately enter an incorrect password. Also attempt to login to 3 non-existent accounts on userv1 (e.g. krudd, jgillard, tabbott) using PuTTY. Report the results - ensure you include what action the system has taken - is it permanent? [Hint: review the /var/ossec/logs/active-responses.log file.]
5. Edit and save some of the main system configuration files e.g.
/etc/fstab, /etc/group, /etc/passwd (remember about using clones as safety?).
List the changes that you make and describe the resulting emails and events recorded by OSSEC - include other emails generated from other activity on your server. Submit the email text as part of your descriptions.
Part -9
Tasks
Read the recommended chapter/resource before attempting the assessment items.
We will need to research Nessus and SAGE-AU ourselves this week. The main website link above provides a vast amount of documentation.
1. The following are key features of Nessus: high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis.
Write a brief description in your own words of what each of these features entail. This need not be done in depth. Answer this question as a "what is", e.g. what is "high speed discovery"; what is "configuration auditing" and so on. You must properly reference your sources.
2. Read the code of ethics of the Systems Administrators Guild of Australia (SAGE-AU), choose any 3 code principles that you think are directly relevant to Systems Administration, and explain in your own words why you think your chosen 3 principles are significant in informing best practices in Systems Administration.
Attachment:- Project Requirements.rar