Task 1 old one
Singh_H_107557087_Task1
Page 0 of 17
TASK 1
HARDEEP SINGH
12 MAY 2025
THOMAS TELFORD UTC
Singh_H_107557087_Task1
Page 1 of 17
Contents
INTRODUCTION........................................................................................................ 2
CURRENT ISSUES WITHIN THE COMPANY NETWORK ....................................... 3
WEAK CREDENTIALS: .......................................................................................... 3
ADMINSTAROR PRIVALAGES:............................................................................. 3
STAFF INDUCTION ISSUES:................................................................................. 4
FIREWALL CONFIGURATIONS:............................................................................ 4
TEST PLAN ............................................................................................................... 6
HARDWARE TESTING: ....................................................................................... 15
CONCLUSION ......................................................................................................... 17
Singh_H_107557087_Task1
Page 2 of 17
INTRODUCTION
Longstaff Marketing Solutions is a small sized enterprise offering digital marketing
services to other business. The company has grown over the past 12 months from a
small business from there family home to a city centre office with 25 staff members.
They currently have several staff members that currently operates from home due to
the small nature of the business, staff require access to shared files stored on a
network attached storage (NAS) device in the local area network (LAN).
It is particularly concerned about security and would like to implement solutions to
protect against malware attacks and data loss. It is my responsibility to provide
sophisticated recommendations to make sure that the network is secure and to find
solutions to some specific issues that have been brought to my attention in the office.
Singh_H_107557087_Task1
Page 3 of 17
CURRENT ISSUES WITHIN THE COMPANY NETWORK
WEAK CREDENTIALS:
One of the major concerns is the continued use of default credentials on critical
infrastructure components, including the SOHO router and NAS device. These
default admin usernames and passwords (e.g., “admin/admin” and
“LMSAdmin/Pa$$word”) are publicly known and widely documented, making them
easy targets for brute-force attacks or password-cracking software. This software is
used by hackers to gain access to data, it involves exploiting people who have easy
or repetitive passwords which can be guessed quite easily. There are 2 types of
techniques that the software tends to use, dictionary which will use a list of
predefined passwords to gain access, or brute force attacks which is when you try
different combinations of letters, digits, and characters to gain access to the data.
Simple passwords can be cracked very easily and that’s why users should ensure to
set strong passwords which consist of a variety of letters, digits, and characters.
Failure to enforce strong passwords policies reflects poorly on the company
commitment to cybersecurity practices and could possibly result in regulatory noncompliance, especially under widely known data protection frameworks such as the
UK GDPR.
ADMINSTAROR PRIVALAGES:
Equally concerning is the fact that all users in the organization currently operate with
local administrator privileges on their devices. This lack of privilege separation
permits staff to install any software- authorized or not- onto their systems. Such a
setup has already resulted in unauthorized applications, including video games and
other software concerning overall security, being installed and stored on company
devices and the NAS. This not only degrades system performance but also
introduces a high risk of malware infections and software conflicts (e.g., Worms and
Viruses). A virus is a program that is installed into the user’s computer, this then
replicates itself and spreads throughout the computer and to other users’ computers
as well. They do this by simply affecting files and when the user sends this to other
users, they will download the file which then can affect their system as well as the
virus is carried over to their system. Additionally, a worm is a type of malware uses
the network to spread itself. Unlike a virus this doesn't to be attached to an existing
program, there harm is very minimal as they only affect the user’s bandwidth by
consuming it. Furthermore, it places the company in legal jeopardy, particularly if the
content installed is unlicensed or copyrighted material, the absence of the application
control can mechanisms also increase the chances of data leakage or insider
threats. By limiting the credentials to a specific user in the organization who has the
responsibility to meet all regulations and legal frameworks it will reinsure the
Singh_H_107557087_Task1
Page 4 of 17
company from any unauthorised installations of software. Shared credentials are
especially dangerous in a growing company where staff turnover is rising, as it
becomes harder to ensure former employees no longer have access.
STAFF INDUCTION ISSUES:
Staff training is crucial to keep staff members informed of new threats and
vulnerabilities on a regular basis as it is proven that human error is approximately
90% of the cause to successful data breaches. Consequences of data breaches can
be crucial in different aspects of the business, it can affect the company financially,
legally, and socially. Longstaff Marketing Solutions tend to provide short videos that
are provided by the company on induction, which provides them with a broad
understanding on organization, network, software and security systems. Thereafter,
they are provided with a copy of relevant policies on email and are asked to
thoroughly read through and complete an online form to confirm the policies have
been read and understood. Sometimes, some of the staff may have a large amount
of workload and may not have enough time to carefully read through such policy,
therefore they may tend to just complete the form without understanding the policy
which can later lead staff unconsciously leaving vulnerabilities in the security system.
Therefore, I would recommend to reinforce their policy and make sure that all staff
has thoroughly read through the policy by perhaps printing physical copies and
arranging meetings with induvial explaining them the policies. Furthermore, they
should arrange regular meetings for staff to deliver new threats and security
vulnerabilities to raise awareness to minimise the risk of cyber threats.
FIREWALL CONFIGURATIONS:
Longstaff Marketing Solutions is currently facing a range of cybersecurity and
network configuration issues that threaten both operational efficiency and information
security. One of the most critical problems lies in the misconfiguration of the
company's firewall rules. Specifically, the firewall currently denies internal SMB
(Server Message Block) traffic for IP ranges outside of a narrow scope
(192.168.1.251–253), which unintentionally blocks access for most office-based
users trying to reach the NAS device. This issue has already resulted in users, such
as the sales executive who holds an important role in the organization, being unable
to access essential shared resources while working from the office. The
misconfiguration not only disrupts workflows and collaboration but also leaves the
network open to external threats due to the overly unregulated "allow by default"
firewall policy. If exploited, such weaknesses could lead to data breaches or
unauthorized access to critical systems. Firewalls and other networks settings can
be a potential security vulnerability if they are not configured correctly. This usually
occurs when there are open ports which are allowing unauthorized external
connections to the network. This can be vulnerable to the network as hackers can
intercept data throughout the network which can disrupt the way the users access
data. I would make sure that all firewall settings are changed to meet staff and
Singh_H_107557087_Task1
Page 5 of 17
company efficiency requirements and test out any other issues that may be involved
around it.
Singh_H_107557087_Task1
Page 6 of 17
TEST PLAN
In order to find the root cause behind each induvial problem I have attached tests that should be carried out in order to find the
issues involved with the problems. This will help us find a solution much quicker and effectively. It is important for the company to
implement any health and safety measures accordingly to each test. For example, they should make sure that they have the right
people with the right skills to be completing each task to make it more efficient and precise. Moreover, they should hire
professionals for some tests such as pen testing as it will require a more in-depth knowledge in order to tackle the testing.
USER DATE/TIME HARDWARE
/
SOFTWARE
OPERATING
SYSTEM
PROPOSED TEST PURPUSE OF
TEST
EXPECTED
OUTCOME
ACTUAL
OUTCOME
SOLUTION/
CHANGES
MADE
1 12/05/2025 User Laptops Not stated CPU test:
Open Task Manager
(Ctrl+Shift+Esc), go to
“performance” tab, and
click on “CPU” to view
details including the
CPU mode, core
count, and clock
speed.
The company has
provided the users
with laptops;
therefore, we should
also check the
laptops performance
in case they affect
staff productivity.
If the computer runs
on high CPU usage,
the chart will be
primarily red.
TBD
RAM test:
Search for “Windows
memory diagnostics in
the window search bar
and select the
application. Then
choose “Restart now
and check for
problems” or “check for
problems the next time
The company has
provided the users
with laptops;
therefore, we should
also check the
laptops performance
in case they affect
staff productivity.
There should be no
errors when
checking the Event
Viewer.
TBD
Singh_H_107557087_Task1
Page 7 of 17
I start my computer”.
The computer will
restart and run the
memory test
automatically. After the
test is complete, check
the Event Viewer for
results.
2 13/05/2025 VPN server Windows
Server 2019
Load testing:
Set up an environment
that is similar to
companies’
environment. Develop
scripts and actions the
user would be
simulating. Run the
test against
application.
To determine how
the system performs
under peak load
conditions.
We will be able to
determine if the
system performance
under extreme load
testing.
TBD
Stress testing:
You will require to plan
the test and correctly
identifying the
resources required and
monitor system while
gradually increasing
the load on the
application.
To determine how
reliable the system
is under extreme
workload.
It will allow identify
system
vulnerabilities, and
potential failure
points under
extreme conditions.
TBD
Ping scan:
To run a ping scan,
you require to open the
command prompt on
windows, type “ping”
It will help identify
any active devices
on a network.
The ping scan will
reveal all different
hostname of each
device connected to
the network.
TBD
Singh_H_107557087_Task1
Page 8 of 17
followed by a space
and the IP address to
test, and simply press
enter.
3 14/05/2025 SOHO router N/A DHCP Server Logs:
analyse the server logs
to identify devices with
duplicate IP address.
(Expert
recommended)
To determine users
with the same IP
address.
This will outline
users with same IP
address and help to
act upon it.
TBD
Reconfiguring IP
addresses:
Modify the IP settings
of the conflicting
devices to use different
IP addresses.
(Expert recommended)
Makes sure that
everyone has a
unique IP address
to reduce IP
address conflict.
This will reset
everyone’s IP
address and makes
sure that everyone
has a unique IP
address
TBD
Ping scan:
To run a ping scan,
you require to open the
command prompt on
windows, type “ping”
followed by a space
and the IP address to
test, and simply press
enter.
It will help identify
any active devices
on a network.
The ping scan will
reveal all different
hostname of each
device connected to
the network.
TBD
Traceroute:
Open command
prompt and type
“tracert
<destination_IP_or_
Determines the
route packets take
from a source to a
destination.
The results show
each hop in the
path, including IP
addresses and
latency. Missing
TBD
Singh_H_107557087_Task1
Page 9 of 17
Hostname> hops or timeouts
indicate network
issues along the
path.
Enable Conflict
Detection:
Set the “conflict
detection attempts”
property to a value
greater than 0.
Enables IPv4
address conflict
detection which
eliminates the
conflicts by the
DHCP server.
Next time, there is
an issue the DHCP
server will ping the
address before
assigning it to a
client.
TBD
4 15/05/2025 Network
attached
storage
(NAS)
Linux-Based NAS test:
Install “fio” software
which allows us to
carry out the test,
thereafter configure
‘fio’ to write to a file on
the NAS using the
SBM protocol,
specifying the direct
flag. Execute and
monitor the results.
Ensure that the NAS
device meets the
specific needs and
is performing
optimally.
Check the IOPS,
latency, throughput,
and CPU usage and
make sure that all
are performing well.
TBD
Ping NAS test:
To run a ping scan,
you require to open the
command prompt on
windows, type “ping”
followed by a space
and the IP address to
test, and simply press
enter.
Determines the
route packets take
from a source to a
destination.
The ping scan will
reveal all different
hostname of each
device connected to
the network.
TBD
Singh_H_107557087_Task1
Page 10 of 17
5 16/05/2025 Firewall N/A Port Scanning:
In order to carry out a
port scanning test it
will require the user to
use online tools like
DNS checker to check
for any open ports on a
system.
This helps identify
any open ports on a
network or server,
which can introduce
any vulnerabilities to
the system.
It will provide a
detailed overview of
what data is
currently entering
the system and if
there are any open
ports.
TBD
Singh_H_107557087_Task1
Page 11 of 17
Firewall port 139/445
Step 1) Press windows and search up PowerShell in the windows search bar:
Step 2) Once PowerShell is open, copy the following line codes by readjusting the IP
address and Port Number 139/445: When the code is executed at the bottom there
should be a line of code as follows “TcpTestSucceeded: True” it will either say ‘True’
or ‘False’. If it says TRUE, it means that the port is open and not blocked by the
firewall.
Singh_H_107557087_Task1
Page 12 of 17
Accessing NAS via File Path:
Step 1) Open file explorer:
Step 2) Once you in File explorer, in the bottom left click ‘This PC’, the following
should be presented:
Singh_H_107557087_Task1
Page 13 of 17
Step 3) By clicking the 3 dots in top navigation bar you should be able to access the
map network drive.
Step 4) You will need to choose the letter drive and enter the NAS path and Login
details. This will allow you to access to all shared folders and make sure that they
are visible to users.
Singh_H_107557087_Task1
Page 14 of 17
(Side note: the image above is on a Windows 10 computer, there may be slight
changes on the new operating system)
Access Router Admin Page:
Step 1) Identify the IP address of the router, majority of the times it should be written
on the router itself. However, we can go to settings and go on the network to identify
the IP address for the router.
Step 2) Search up “https:// ‘the IP address’” for example (https://129.168.1.1)
thereafter enter admin passwords and user name to access the settings. If that is
your first time accessing the admin page. Then credentials should be stated on the
router itself, it is recommended to change the credentials as soon as you login in to
the admin page.
Step 3) Following the steps, we should be able to see the router accounts
credentials and make sure that they are strong:
Singh_H_107557087_Task1
Page 15 of 17
HARDWARE TESTING:
RAM test:
Step 1) search for “Windows Memory Diagnostics” in the window search bar and
select the application.
Step 2) You can choose to “restart now and check for problems or “check for
problems the next time I start my computer”.
Step 3) If you choose to restart now, the computer will restart and run the memory
test automatically.
Singh_H_107557087_Task1
Page 16 of 17
Step 4) after the test is complete, check the Event Viewer for results. If error is
found, you may need to replace your faulty RAM module.
CPU Test:
Step 1) there are many ways to check the limitation of CPU. They can vary from
stress testing, load testing, and many others. By carrying out a stress test we can
identify the limits of CPU, by putting the computer under allot of instructions until it
can not handle it.
Step 2) Using online tools such as (https://mprep.info/gpu/) it can determine how
good or bad the CPU stress levels are.
Step 3) The results will outline the final records for the CPU which will state its limits
and weather it can withstand a high volume of instructions or not.
GPU Test:
Step 1) Common ways to test out a GPU is by running high level videogames or
videos with a high graphics.
Step 2) tools to determine different factors such as ping, latency, and framerates can
be found as software or online.
Step 3) If the GPU is able to withstand high volume of graphics, it results in being
able to carry out a high volume of instructions
Singh_H_107557087_Task1
Page 17 of 17
CONCLUSION
This cyber security fault-finding investigation has highlighted critical vulnerabilities
and associated threats within the organization's network. By adding all the
recommended security measures and testing that were discussed, the company can
strengthen its defence and minimize any external threats and cyber-attacks. Regular
security assessments, user training, and regular monitoring are crucial to maintaining
a secure IT environment within the company and ensuring all users with online
safety.
Comments
Post a Comment