Ask Question, Ask an Expert


Ask Computer Network & Security Expert


“Big Red Rocks” (BRR) mining company is based and operates in Western Australia. They are mainly an iron ore miner, but they also produce electricity through tidal power to support their crushing operations, with any excess power sold back to power grid through the electricity market. BRR maintains the head office in Perth, and the site office in Port Hedland. There is also a control system network operated at their crushing plant outside of Port Hedland. There is a need for database information from the crusher site to be sent to Perth for accounting and other purposes.

BRR has been informed by CERT Australia that some of their internal documents have been found on external third party websites, and that they have important security issues which have to to be rectified. You are the network security consultant who has been hired to advise on issues present in the present architecture and associated network security issues.
Following hardware and software is in operation at each site:

Perth Head Office

• 200 client desktop PCs running Windows Vista
• Web server (external) running Apache on Redhat Linux
• MS Exchange Server on Windows Server 2008
• 802.11 wireless using WPA TKIP
• Executives have iPads to access the internal network
• Connection between Head Office and PH Site over Telco private WAN
• External Access is via VPN (PPTP) user name and password
• There is an AV server

Port Hedland Office

• Runs 20 PCs with Windows Vista
• Authentication to ADS over the WAN link to Perth
• Connected to mine site via 802.11 wireless (WPA TKIP)

Mining Site

• No ADS – all PCs belong to workgroup
• Connection to PH Site Office via 802.11g point to point link (WPA TKIP)
• 10 PCs running Windows Vista in office
• 5 PCs running Windows NT in the control room (NOTE: This cannot be changed as the SCADA software will not run on the newer OS)
• There are no individual logons or passwords on the control room PCs (Usernames and passwords cannot be implemented as this is an operational issue)
• SCADA engineers remotely connect to the mine site through a VPN Server PPTP Other information:
• The network security policy has not been updated since 2005
• There is no patching regime
• See network diagram shown below (Note: this may be out of date but is the most current we can find)
• The VPN at the Head Office and the VPN at the mine site are not connected


You are required to produce the following deliverables as part of your contract:

1. A list of the issues with BRRs network as it currently stands. The list will describe the vulnerabilities associated with each issue
2. Treatment recommendations to address the identified issues in BRRs networks
3. A detailed network diagram which creates a more secure network for BRRs operations
4. Updated network security policies which take into consideration current issues and hardware

1277_Network diagram.jpg

The report should be set out in the following manner:

• 11 point Times New Roman
• 1.5 line spaced
• Margins set to 2.5 cm
• Justification: block justified
• Footer: Should contain your ECU StudentID and Full Name (8 point type) and a Page number
• The report should contain an index and have appropriate headings and sub headings.
• The style of the report is a business report and as such it is expected that you present a professional report in both format and style.
• Your report should not exceed 30 pages in total length

All sources of references must be cited (in text citation) and listed (end reference list). For details about referencing and the required format, please refer to the ECU Referencing Guide, which can be found from the following URL:


Network Diagram
• Complete network diagram detailing new architecture
• IP addresses and other architecture detailed
 Network Security Policy
• Policy not procedure
• Covers all relevant devices and technologies and is relevant to BRR

Computer Network & Security, Computer Science

  • Category:- Computer Network & Security
  • Reference No.:- M9586

Have any Question? 

Related Questions in Computer Network & Security

Cyber crime and security 2168alleged computer hacker gary

Cyber Crime and Security (2168) Alleged computer hacker Gary McKinnon of the United Kingdom has publicly admitted to compromising computer systems belonging to NASA and the Department of Defense. Using information from y ...

Introductionthis case study has been divided into six

Introduction This case study has been divided into six components. You are to design a network, research and source appropriate devices justifying choices (feasibility, efficiency, etc), subnet the network using VLSM, an ...

Assignment identifying potential malicious attacks threats

Assignment: Identifying Potential Malicious Attacks, Threats and Vulnerabilities You have just been hired as an Information Security Engineer for a videogame development company. The organization network structure is ide ...

Project effect of legislation on organizationsthe purpose

Project: Effect of Legislation on Organizations The purpose of this is assignment is to 1) conduct research related to the impact of legislation on the HHS security program and 2) write a research paper. Learning Objecti ...

Using power flow analysis for network Using Power Flow Analysis for Network

Using Power Flow Analysis for Network Reconfiguration Electricity distribution networks connect the high-voltage transmission system to users. Conventional distribution networks have been developed over the last 50 years ...

Write answer to each question - two paragraphs for each

Write answer to each question - two paragraphs for each question with single spaces. Format : Single Spaced Strong Paragraphs Two paragraphs for each question Times New Roman - 12 subject: Data Communication and Network ...

1 why is the top-down approach to information security

1. Why is the top-down approach to information security superior to the bottom-up approach? 2. What is the difference between a threat agent and a threat? 3. What was important about Rand Report R-609? 4. What type of se ...

Term paper security regulation compliancethis assignment

Term Paper: Security Regulation Compliance This assignment consists of two sections: a written paper and a PowerPoint presentation. You must submit both sections as separate files for the completion of this assignment. L ...

Develop a network security policy for a global organization

Develop a network security policy for a global organization. The security was violated in different situations. There are various elements in which need to be discussed and researched to design and outline the policy. Di ...

Term paper the rookie chief information security

Term Paper: The Rookie Chief Information Security Officer This assignment consists of five parts: Part 1: Organization Chart Part 2: Request for Proposal (RFP) Plan Part 3: Physical Security Plan Part 4: Enterprise Infor ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

A cola-dispensing machine is set to dispense 9 ounces of

A cola-dispensing machine is set to dispense 9 ounces of cola per cup, with a standard deviation of 1.0 ounce. The manuf

What is marketingbullwhat is marketing think back to your

What is Marketing? • "What is marketing"? Think back to your impressions before you started this class versus how you

Question -your client david smith runs a small it

QUESTION - Your client, David Smith runs a small IT consulting business specialising in computer software and techno

Inspection of a random sample of 22 aircraft showed that 15

Inspection of a random sample of 22 aircraft showed that 15 needed repairs to fix a wiring problem that might compromise

Effective hrmquestionhow can an effective hrm system help

Effective HRM Question How can an effective HRM system help facilitate the achievement of an organization's strate