联系方式

  • QQ:99515681
  • 邮箱:99515681@qq.com
  • 工作时间:8:00-21:00
  • 微信:codinghelp

您当前位置:首页 >> Python编程Python编程

日期:2024-01-06 10:55


Module Number: 661982 Trimester: 1

Module Title: Secure Digital Infrastructure

Lecturer: Dr. Ahmed Moustafa

COURSEWORK DETAILS:

Assessment Number: 1 of 2

Title of Assessment:

Format: Report

Method of Working: Individual

Workload Guidance: Typically, you should

expect to spend between

Feedback should be provided no later than 4 ‘teaching weeks’ after the submission date.

You are advised to read the NOTES regarding late penalties, over-length assignments, academic

misconduct and quality assurance in your student handbook, which is available on Canvas.

Student Name Marking will be by:

661982 Secure Digital Infrastructure ACW

Assignment

Please read the below sub-sections carefully. The report needs to be submitted on the

module page on Canvas.

661982 Secure Digital Infrastructure ACW

Virtual Machine Configuration

A leading Japanese Biotech company has recently acquired some virtual machine resources

to begin deployment of their research data management system and to additionally facilitate

in-house research and development.

You have been given a freshly created Virtual Machine which will need configuring

appropriately. Your role as administrator for this company is to configure these systems and

maintain them.

Task:

1. Secure, with justification, the root user account

2. Setup administrative users for yourself and another one for the module leader

(Ahmd Moustafa)

3. Set-up and correctly configure the SSH server, taking into account all user account

requirements.

4. Create accounts where needed for the following persons:

a. Katsuhide Fujita - Head of R&D

b. Naoko Yamaguchi - Lead Scientist

c. Kai Yoshino- Is an intern (Kun) with the company and is being closely

supervised by Naoko. He will require access to materials which Naoko will

place in a folder in /srv/ for him to access as part of his training.

d. Shota Suzuki – Media Manager, requiring access to

/srv/http to see, and put any promotional material. Shota is not familiar withCLI,

and only requires SFTP access infrequently.

e. Daiki Setoguchi & Makoto Hagiwara - Company research engineers who

need access to dedicated project materials for on-going development.

These also reside in /srv/.

f. Yuya Kondo - Quality Manager responsible for verifying that developed work

conforms to company standards and works appropriately.

5. Store, and secure access to, a research project data directory (under /srv/) for

research engineers to have access to. Research engineers should have full access

to the research projects’ folders; however, the quality managers should not be able

to change the research data, only check the experimentation data for compliance

and whether they follow the quality guidelines. Senior members of the company

such as the Lead Scientist and the Head of R&D should be able to oversee any

company research project/asset. On occasion they will contribute to research

projects developed by Daiki and Makoto.

6. Conduct a comprehensive security assessment and audit of the configured system.

Identify potential security risks, vulnerabilities, and areas of improvement. Propose

and justify strategies for managing and mitigating these risks. Include steps for

responding to security incidents and maintaining an updated security posture.

7. Critical reflection section: reflecting on the process of learning these tools, and of

configuring the VM to this specification. This can include challenges faced (such as

error messages) and how you solved them, as well as personal reflections on the

process as a whole.

661982 Secure Digital Infrastructure ACW

As Kai has just started, Naoko does not yet have any materials to send him; however,

she still requires a place to put these when ready.

Kai has been told he should normally use private keys; however, he asks if he can login

with password only from the following host on the local network: (150.237.92.8 );

Everywhere else he has private keys to login.

First Steps

Follow the vSphere access instructions, including VPN access.

Each VM has internet connection for downloading any packages you may need. Each of

your VMs is also in a subnetwork, therefore enabling communication between your

colleagues for testing purposes. Note: Any abuse of this will be dealt with severely.

You should request a reset of your Virtual Machine when you are ready to attempt this

assignment task, as it will require documenting your progression. See the “What if

things go wrong / needs resetting” section below for details on resetting back to the

template.

What if things go wrong / needs resetting?

It is possible for you to misconfigure your machine which will result in your being locked out.

In some cases, even using the vSphere login web console might not be possible. If you have

fully locked yourself out, and a snapshot isn’t available to roll-back to, then you may request

your VM be reset back to the template by opening a Virtual Machine ticket on

support.hull.ac.uk putting “For the attention of Andrew Hancock” at the top.

Please ensure you include your 6-digit ADIR number so your response can be dealt with

promptly.

This WILL wipe your VM back to the original workshop starting point, and will require you to

reinstall many packages which you may be familiar with from workshops.

Also note, it may take time for these to be reset depending on the current workload of ICTD,

therefore consider this a warning against last minute VM configurations close to the

deadline.

661982 Secure Digital Infrastructure ACW

Deliverable

A PDF report ( Minimum 4 pages; Maximum 8 pages ) detailing the steps from the initial

machine given to you, towards the goal of configuring to the above specification. You should

provide clear and justified rationale for decisions made.

You should include steps taken to verify that changes implemented are working as intended.

You may utilise additional software which is required to be installed via pacman; however,

these must be justified and fit-for-purpose.

Cover page, table of contents page, appendices, and references sections do not count

towards the page limit.

Note: Your VM will NOT be inspected for being awarded marks. Therefore you should

ensure that your documented progress sufficiently shows the steps taken. It is expected that

when performing configuration steps that these are done optimally and with consideration of

security of the system such as proper root and non-root administrative account use

661982 Secure Digital Infrastructure - CRG

ACW - Virtual Machine Configuration


版权所有:编程辅导网 2021 All Rights Reserved 联系方式:QQ:99515681 微信:codinghelp 电子信箱:99515681@qq.com
免责声明:本站部分内容从网络整理而来,只供参考!如有版权问题可联系本站删除。 站长地图

python代写
微信客服:codinghelp