In order to keep networks secure you have use firewalls to enforce rules and IDS/IPS to detect funny business. In this lab you'll get some hands-on experience with both using two separate NetLab+ labs.

Netlab+ Assignment

You will do two different NetLab+ labs.

  • NISGTC Security+ Lab 02: Configuring the pfSense Firewall (Part 1 and 2 only)
    • Part 1 step 14 take a screenshot of your firewall rules.
    • Part 2 step 5 take a screenshot of the output of nmap.
  • NISGTC Security+ Lab 09: Identifying and Analyzing Network/Host IDS/HIDS Alerts
    • Part 1 step 18 take a screenshot of the list of Snorby sensors
    • Part 2 step 9 take a screenshot of the contents of report1
    • Part 3 step 21 take a screenshot of the event list

Questions

  1. Why is it useful to have two or more firewalls on a network? Draw a diagram of a network that connects to the internet and uses two firewalls. Give an example rule for each firewall and describe what the rule does.
  2. What is a sensor in an IDS/IPS? What is one place where you can download sensors?

Grading

  • 5 points for your screenshots
  • 15 points for answers to the questions

Turn in your assignment on Canvas.