Page 45 - Computer Software Application TP - Volume 1
P. 45
COMPUTER SOFTWARE APPLICATION - CITS
EXERCISE 9 : Configuring Network Security for
preventing Attacks
Objectives
At the end of this exercise you shall be able to
• implement a fire wall
• secure routers and wireless access point
• monitor network activity and security events.
Requirements
Tools/Materials
• PC laptop with network connectivity
• Firewall
• Routers
Procedure
TASK 1: Implement a Firewall
1 Choose a firewall: Select a firewall suitable for your network size and needs. Hardware firewalls offer robust
protection, while software firewalls are more cost-effective for smaller networks.
2 Configure firewall rules: Define rules to allow only authorized traffic and block suspicious connections.
Consider factors like source IP addresses, destination ports, and protocols.
3 Enable logging and monitoring: Regularly review firewall logs to identify potential threats and adjust rules
accordingly.
TASK 2: Secure Your Routers and Wireless Access Points
1 Change default passwords: Replace factory-set passwords with strong, unique credentials for your router
and wireless access points.
2 Enable encryption: Secure your Wi-Fi network with WPA2 or WPA3 encryption to prevent unauthorized
access.
3 Disable remote access: If not necessary, disable remote management features on your router and access
points to reduce attack surfaces.
4 Update firmware regularly: Install firmware updates promptly to patch vulnerabilities and keep your devices
secure.
TASK 3: Employ Strong Passwords and User Authentication
1 Enforce strong password policies: Mandate complex passwords with a mix of uppercase and lowercase
letters, numbers, and symbols. Consider implementing multi-factor authentication (MFA) for added security.
2 Limit user privileges: Assign users the minimum level of access required for their tasks, minimizing potential
damage in case of compromised accounts.
3 Educate users on cyber security: Train employees and users on cyber hygiene practices like phishing
awareness, avoiding suspicious links, and reporting suspicious activity.
30