Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave
Cybersecurity Assessment Brief for Zoom 2020

1.Introduce the concepts and wider context of ethical practices within the Computing discipline.

2.Demonstrate understanding of the ethical hacking methodologies.

3.Recognise and understand the basics of system security in respect to weakness and vulnerabilities.

4.Learn to protect against or remove weaknesses from the system.

1.Cyber-attack Report Essay (40%)(1500 words): Identify a cyber attack from last 3 years and write an essay on the cyber-attack reflecting the key findings and technical details. Email your module leader the topic you choose as it should be different for each student.

The report must include at minimum:

a. Cyber-attack attributions
b. Tools, techniques, and procedures used in the cyber-attack
c. Propose detective, preventive and remediation security controls to preventive this specific cyber-attack

Marking Criteria

Comment

Semester 1 Weight

Total weight

Executive summary

A summary customised for management audience and highlights the most important findings and approach. This can include but is not limited to:

• APT or hacking group/s involved

• Target industry

• Target countries

• Motivation and Mission

10%

4

Technical Analysis

Describe briefly how the attack works?

Provide detailed step by step technical analysis of the attack to include the TTP’s (tools, techniques, and procedures) used at different steps of the cyber-attack? This can include but is not limited to:

• Reconnaissance and scanning (Point of entry)

• Gain access and escalate rights

• Obfuscation & Sustainment (How does the attack remain undetected, and the attacker can come back in later point of time)

• Exfiltration (How is data transferred or command control)

You are expected to provide technical details for each step like snapshot of the email header for phishing email, and hash value of the malware used, registry key modification path and so on.

50%

20

Mitigation and Remediation

Depending on indicators provided in technical analysis, provide detection and prevention techniques both on host and network layers. This can include but is not limited to:

· Propose general security approach like detection of specific registry key indicating the compromise

· Third party protection mechanism like Sophos antivirus

· Novel way of protections like critical evaluation of research papers to suggest potential security control

40%

16

2.Hacking techniques report (60%) (2500 words): With regards to 3 machines (to be confirmed) on Hackthebox platform, you are required to demonstrate your ability to carry out advanced exploitation techniques by creating a penetration testing methodology. Specifically, you are required to perform and report on the following: 

a. Design of a methodology
b. Host enumeration and fingerprinting
c. Service enumeration and fingerprinting
d. Vulnerability scanning
e. Vulnerability exploitation

Marking Criteria

Comment

Semester 2 Weight

Total weight

Report Summary

A technical and management summary are both presented which are tailored for each audience and highlight the key findings and approach

10%

6

Methodology Design

Firstly, a clear methodology should be presented, with enough detail so that a technical reader can understand the approach taken and what each stage attempts to do.

This can include but is not limited to:

• The types of scans performed

• The types of vulnerabilities assessed

• The techniques used

The tools to be used

40%

24

Specific Results

Specific findings should be presented covering the following areas.

• A clear and concise description of what the finding is.

• A comment or indicator on how serious the issue is.

• A repeatable example should be given.

• An explanation on why each item presents a security risk.

• Advice on how to fix/remediate the issues found.

Where you are using information from other sources these must be referenced correctly using APAv6

50%

30

support
Whatsapp
callback
sales
sales chat
Whatsapp
callback
sales chat
close