ICT 318 Network Security Tutor-Marked Assignment July Semester 2025 Presentation

TUTOR-MARKED ASSIGNMENT (TMA)

This assignment is worth 18% of the final mark for ICT 318 – Network Security.

The cut-off date for this assignment is Friday, 10 October 2025, 2355 hours.

Note to Students:

You are to include the following particulars in your submission: Course Code, Title of the TMA, SUSS PI No., Your Name, and Submission Date.

Question 1 (25 marks)

(a) Appraise and comment on the following statement:

(i) “It is important and essential to have collision resistance property (both weak collision resistance and strong collision resistance) in a secure hash function”.

(6 marks)

(ii) “Either AH (Authentication Header) or ESP (Encapsulating Security Payload) protocol, but not both, can be selected or enabled in a single Security Association (SA). However, a particular traffic flow can be protected by both AH and ESP”.

(6 marks)

(b) Assess and analyse the email header of an email, using Gmail, Yahoo mail, or otherwise, based on Activity 5 of Study Unit 3, Chapter2.

(i) Provide the steps of how the email header may be read from the chosen email service.

  (2 marks)

(ii) List and explain two (2) MIME headers of your email.

  (4 marks)

(iii) In the header, you will notice the word – ‘ARC’ and ‘DKIM’. Appraise the purpose of ARC and DKIM. List and explain both the ARC headers as well as the DKIM header.

  (7 marks)

You must submit a snapshot of your analysis (i.e. contents of your email header).

Question 2 (25 marks)

(a) (i)   Apply columnar transposition algorithm to the following ciphertext and determine its plaintext:

CGIPPURRSYAFTHNOY

Assume that the key is “ASSESS”, ignoring all spaces.

  (4 marks)

(ii)  Apply Vigenère Square cipher algorithm to the plaintext obtained in part (i), using the    key, ‘CRYPTO’, describe how the resultant ciphertext can be obtained. {Note: Use the Vigenère Square table given below}

  (4 marks)

(iii)  What is the possible weakness of using Vigenère Square method of encryption?

(2 marks)

(b) Examine the following message packet.

(i) Appraise how one can be reasonably sure that the message is authentic, if the message is encrypted.

(4 marks)

(ii) Assess whether it would be sufficient to just encrypt the actual data field or the entire message needs to be encrypted and why?

  (3 marks)

(c) Appraise how security can be provided using symmetric encryption for the so-called enhanced protocol of the Kerberos authentication service.

  (8 marks)

Question 3 (25 marks)

(a) Go to the following website: https://www.cloudshark.org/captures/a9718e5fdb28 to access the TLS test pcap file (starting from Line 1). Analyse the TLS_test pcap file and determine the following:

(i) What is the purpose of the Client_Hello message?

  (2 marks)

(ii) What is the chosen Cipher Suite and explain how did the server obtained the Cipher Suite?

  (2 marks)

(iii) In SSL/TLS, a session key will normally be created to enable it to perform encryption. Briefly discuss how this key is determined.

  (4 marks)

(iv) In Line 5, what is the alert number given for the message “Encrypted Alert Message” and explain what does it mean?

(3 marks)

(b) (i) Go into any browser and open any web-based (X.509 Version 3) public certificate. Illustrate by using your chosen certificate and determine the following items:

• the purpose of the certificate and the issuer.
• the public key, the signature algorithm and the issuer’s signature.
• the URL where the CRL list can be found and highlight one of the CRLs

(Provide a screenshot of all these items as part of your illustration)

  (6 marks)

(ii)  Discuss how verification can be done to determine if the public certificate is genuine and came from the correct source. Illustrate your answer by using an appropriate diagram.

  (8 marks) 

Question 4 (25 mark)

(a) An intrusion detection system (IDS) is an application that monitors network traffic and searches for known threats and suspicious or malicious activities.

(i) Appraise the difference between threshold detection and profile-based detection used in statistical anomaly detection.

  (4 marks)

(ii) A private education centre recently installed a computer network system to be used mainly by its employees. These employees have been with the company for many years and are expected to remain until retirement and possibly even longer. The centre has also recruited a new network administrator who has just graduated from university.

• Appraise if the centre has any chance of implementing an effective intrusion detection system and explain why?
• If so, which detection system would you recommend for the centre? Explain your answer.

  (7 marks)

(b) A management consultancy firm, headquartered in Singapore with a branch in Sydney, requires a secure network connection between the two sites. This connection will operate over the public internet and must guarantee the confidentiality of all data in transit—including the source and destination IP addresses. All internet-bound traffic is routed through designated network gateways.

Since both the headquarters and Sydney branch host servers containing sensitive data, encryption keys must be stored exclusively on those individual servers. Although authentication is not a primary concern for the organization, your CISO has tasked you to explore implementing IPsec to ensure secure communication between the two locations.

Apply IPSEC and recommend appropriate IPSEC configurations for the firm to provide the necessary secured communication. Justify and discuss why you have made these recommendations.

(8 mark)

(c) Discuss what security services are specified by the IEEE 802.11i RSN standard. Illustrate, in your answer, the appropriate security protocols supporting these services.

  (6 marks)

—- END OF ASSIGNMENT

The post ICT 318 Network Security Tutor-Marked Assignment July Semester 2025 Presentation appeared first on Singapore Assignment Help.