Cybersecurity Assessment Brief for Zoom 2020

1.Introduce the concepts and wider context of ethical practices within the Computing discipline.

2.Demonstrate understanding of the ethical hacking methodologies.

3.Recognise and understand the basics of system security in respect to weakness and vulnerabilities.

4.Learn to protect against or remove weaknesses from the system.

1.Cyber-attack Report Essay (40%)(1500 words): Identify a cyber attack from last 3 years and write an essay on the cyber-attack reflecting the key findings and technical details. Email your module leader the topic you choose as it should be different for each student.

The report must include at minimum:

a. Cyber-attack attributions
b. Tools, techniques, and procedures used in the cyber-attack
c. Propose detective, preventive and remediation security controls to preventive this specific cyber-attack

Marking Criteria	Comment	Semester 1 Weight	Total weight
Executive summary	A summary customised for management audience and highlights the most important findings and approach. This can include but is not limited to: • APT or hacking group/s involved • Target industry • Target countries • Motivation and Mission	10%	4
Technical Analysis	Describe briefly how the attack works? Provide detailed step by step technical analysis of the attack to include the TTP’s (tools, techniques, and procedures) used at different steps of the cyber-attack? This can include but is not limited to: • Reconnaissance and scanning (Point of entry) • Gain access and escalate rights • Obfuscation & Sustainment (How does the attack remain undetected, and the attacker can come back in later point of time) • Exfiltration (How is data transferred or command control) You are expected to provide technical details for each step like snapshot of the email header for phishing email, and hash value of the malware used, registry key modification path and so on.	50%	20
Mitigation and Remediation	Depending on indicators provided in technical analysis, provide detection and prevention techniques both on host and network layers. This can include but is not limited to: · Propose general security approach like detection of specific registry key indicating the compromise · Third party protection mechanism like Sophos antivirus · Novel way of protections like critical evaluation of research papers to suggest potential security control	40%	16

2.Hacking techniques report (60%) (2500 words): With regards to 3 machines (to be confirmed) on Hackthebox platform, you are required to demonstrate your ability to carry out advanced exploitation techniques by creating a penetration testing methodology. Specifically, you are required to perform and report on the following:

a. Design of a methodology
b. Host enumeration and fingerprinting
c. Service enumeration and fingerprinting
d. Vulnerability scanning
e. Vulnerability exploitation

Marking Criteria	Comment	Semester 2 Weight	Total weight
Report Summary	A technical and management summary are both presented which are tailored for each audience and highlight the key findings and approach	10%	6
Methodology Design	Firstly, a clear methodology should be presented, with enough detail so that a technical reader can understand the approach taken and what each stage attempts to do. This can include but is not limited to: • The types of scans performed • The types of vulnerabilities assessed • The techniques used The tools to be used	40%	24
Specific Results	Specific findings should be presented covering the following areas. • A clear and concise description of what the finding is. • A comment or indicator on how serious the issue is. • A repeatable example should be given. • An explanation on why each item presents a security risk. • Advice on how to fix/remediate the issues found. Where you are using information from other sources these must be referenced correctly using APAv6	50%	30