1. Kertas soalan ini mengandungi TIGA (3) bahagian. Calon perlu menjawab SEMUAbahagian.This question paper contains THREE (3) parts. Candidate must answer ALL parts.

2. Di Bahagian 2, calon mempunyai pilihan soalan. Pilih salah satu. In Part 2, candidate has two options. Pick either one.

4. Calon boleh menggunakan sebarang pakej Python sedia ada untuk membantu proses pembangunan. Candidate may use any available Python libraries to help with the development.

5. Calon amat digalakkan untuk menghantar hasil kerja dalam format papan pemuka. Walaubagaimanapun, format terminal dan buku nota turut diterima. Candidate is strongly encouraged to submit the output as a web-based dashboard. Otherwise, a terminal or notebook-based output is also accepted.

6. Calon perlu membentangkan hasil kerja sewaktu sesi kuliah pada 14 Januari 2025, jam 6.00 PM.

(This question paper consists of 4 parts on 2 printed pages)

In the modern digital era, the surge of connected devices has made network security more intricate than ever. Each new device introduced to a network can be a potential entry point for cyber threats, putting valuable assets and sensitive information at risk. Understanding the situation’s urgency, TitanTech Solutions—a global leader in technology and innovation—seeks to strengthen its security defences with a cutting edge, automated network protection platform.

As the newly appointed Network Security Automation Engineer, you are entrusted with developing an all-encompassing solution capable of continuous monitoring, threat detection, and customised reporting. Your mission is to design a versatile platform that fortifies the network against vulnerabilities and provides actionable insights through detailed, automated reports. It’s time to leverage your expertise to build a dynamic system that meets TitanTech Solutions’ rigorous security standards and safeguards its digital infrastructure against evolving threats.

Network vulnerability monitoring plays a critical role in the network security pipeline. An automated approach to monitor network vulnerabilities allows a more efficient and rapid security response, such as patching and implementing appropriate policies. Your tasks are:

a) Monitor the network using network sniffers or port scanners to detect network services (5 marks)

b) Detect vulnerabilities based on network services or web technologies in use. You may use tools like Shodan.io to assist with the process (5 marks)

c) Based on the vulnerabilities detected, perform an automated search for corresponding exploits, if available (5 marks)

Part 2: Intelligent Bot or Automation (15 marks)

The company is interested in exploring the latest technology, LLM-based bots. The company wants you to build a bot (chatbot, telegram bot or related). The bot shall be able to interpret the vulnerabilities found in Part 1. For example, when prompted What is the highest vulnerability in my network? the bot should be able to return an appropriate response. Your tasks are:

a) Build a knowledge base for the Bot (5 marks)

b) Build the Bot pipeline (i.e., prompts and responses) (5 marks)

c) Link the knowledge base to the Bot pipeline (5 marks)

You can explore solutions like BotPress, RASA Bot, LLamaIndex and/or OpenAI to help you get started.

Alternatively, build an automation pipeline where you will receive an email/telegram notification if any vulnerabilities are detected on your network.

c) Connect the automation pipeline to ensure notifications are sent correctly and promptly when vulnerabilities are detected (3 marks)

Part 3: Network Analytics (10 marks)

Previous sections have generated a lot of information - and there is no better way to handle them than to perform quick network analytics. Your tasks are:

a) Generate appropriate statistics based on findings from Part 1 and/or 2 (5 marks)

b) Map the statistics to appropriate visualisations (5 marks)

Explore the various Python libraries for quick visualisation, such as Matplotlib, Streamlit, or Apache Superset.