Objective 2
2. Install, configure and test security hardware and software tools with supporting documentation such as port scanners, vulnerability detection systems, intrusion detection systems, firewalls, system hardening, anti-virus tools, patch management, auditing and assessment.
Project 1 - Project 5: Network Sniffing
Summary -
The Network Sniffing Project focused on installing, configuring, and utilizing Wireshark, a packet-sniffing tool, to analyze network traffic and assess potential security vulnerabilities. Conducted on Kali Linux, this project explored real-time packet capture, filtering techniques, and the distinction between encrypted (HTTPS) and unencrypted (HTTP) communication.​
Why This Project Meets Objective 2 -
This project is a guide about Wireshark, as it goes over with installing, configuring, and testing Wireshark’s role in network troubleshooting and security auditing. This hands-on experience in configuring and testing security software tools reinforces fundamental skills in network security assessment, vulnerability detection, and incident response.
Project 2 - Firewall Software/Appliance Management
Summary -
The Firewall Software and Appliance Management Project focused on configuring and testing the Sophos Firewall, a security appliance used for network protection, content filtering, and traffic management. The project involved reviewing existing firewall rules, including DMZ and outbound traffic policies, as well as creating custom security policies to restrict access to websites like Netflix and YouTube during work hours. By utilizing Sophos’ Server Access Assistant (DNAT), the project demonstrated how to create and enforce rules for network security.
Why This Project Meets Objective 2 -
This hands-on experience aligns with Objective 2, as it encompasses the installation, configuration, and testing of firewall policies, intrusion prevention settings, and email security controls—demonstrating essential skills in network defense and security appliance management.
Project 3 - Project 3: Enumeration And Scanning
Summary -
The Network Enumeration and Scanning Project focused on using Nmap, a powerful tool for port scanning and vulnerability detection, to analyze a Metasploitable2 Linux system. The project involved executing active reconnaissance techniques to identify live hosts, open ports, running services, and potential vulnerabilities. By using commands such as `nmap -sC -sV --script vuln` and `nmap -A`, we successfully gathered information on the operating system, IP addresses, and security weaknesses.
​​
Why This Project Meets Objective 2 -
This project aligns with Objective 2, as it provides me with a hands-on experience in installing, configuring, and testing security assessment tools (Nmap) for vulnerability detection.
Projects
