ICT287 Computer Security

The main activities that you will undertake are as follows:1.Describe and explain thevulnerability with a reasonable high level of technical detailin your own words.A copy of a CVE report is not acceptable and a superficial description will attract low marks.The description must include outcomes of the vulnerability, i.e. what it can be used for, what level of access it provides, and which systems are affected by the vulnerability.2.Identify a system or systems where the vulnerabilityexists “in the wild”. You can use operating system or application statistics to proof your point or find vulnerable systems via search engines, such as Shodan. You can also take into consideration previous studies on the vulnerability, but make sure you properly reference these.3.Describe and explain mitigation and prevention strategies that can be used to protect against the vulnerability. These shouldbe specific strategies forthe chosen vulnerability and you must providesufficient detail. For example, simply saying “there is a patch” is not sufficient,but you should provide detailed information, such as a patch numberor a version number of the software that fixes the problem.4.Build a test environment that allows to demonstrate the vulnerability. The test environment should be saved as one or moreVirtual Box VM image(s)that are self-contained and need to be submitted.