Guaranteed Higher Grade!
Free Quote
This Assignment assesses the following module Learning Outcomes (from Definitive Module Document):
You are only required to undertake this assignment if you have an FREFC for Assignment 1 and Assignment 2, i.e. you have not passed both Assignment1 AND Assignment 2.
This portfolio has one individual Task, i.e., one that you must complete on your own, and one group Task, which you complete as a group of 3 students. The portfolio will be in the region of 3,000 words.
Task 1: Attack Tree Against Web Server (Group work)
Task 1 is mainly a group exercise which is allocated 750 words. Your module leader will allocate you to a group. As a group, you will have to decide on how you will manage this task, what roles you will each have and how you will manage change during the lifecycle of this assignment. The Group Management section
of the report is an individual activity and should be treated as confidential information. Each student is expected to report on group management activities, without sharing them with the other group members.
Discrepancies between group members will affect the grades. Note that on the field, a customer does not care about problems and issues. The customer will expect a report for his money. In reporting for the Group Management Section, it is important to focus on the solutions your group will implement in order to deliver on time, and not on the problems.
You are expected to work together as a group of three develop an Attack Tree. As we have discussed in Unit 3, an Attack Tree shows different ways in which a system can be attacked. For this task, your target system is a web server. Assume for this task that you have completed your port scanning activities and only one service exists on the system, i.e. port 80 where Apache server executes and presents you will the following login page when you connect to it with your browser.
Each group member must include the same, agreed by the group, Attack tree to his/her report. Please do not submit hand-written decision trees. Make sure that your attack tree includes at least three (3) attacks that you would undertake against the server.
Deliverable (750 words):
Task 2 (Individual work)
Task 2 is an individual exercise, which consists of three subtasks. For the completion of all the subtasks consider the following scenario.
Scenario:
You are asked to deliver a penetration testing project. Your client, which is a SME operating in the UK, has asked your employer to conduct the penetration test against a server, as they fear they might have already been breached.
Information about the IP address of target of your penetration test as well as the schedule to access it is available on Canvas. Specifically, please navigate to the module on Canvas and select the “Your Assignment IP address and your Access Schedule” page, which is available under the “Module Information” Unit, in order to find more information.
Subtask A:
It is expected that this subtask will be in the region of 500 words. You are expected to comment on the legal considerations of your work for this subtask. If you fail to provide references using the Harvard referencing style as per the University regulations, your work will be marked as superficial and it is unlikely to obtain a pass grade.
Subtask B:
It is expected that this task will be in the region of 100 words. You are expected to provide an executive summary for the penetration testing activities that you have undertaken. Assume that this subtask delivers the executive summary of a penetration testing report, thus the expected audience is upper management. Please refer to the lecture slides for the information that you need to include here.
It is expected that this task will be in the region of 1650 words. You are expected to provide a technical documentation of the exploitation of four (4) vulnerabilities, as well as a description of their mitigation. Thus, for each vulnerability, you need to provide evidence of the identification of the vulnerability, its exploitation, and describe the steps that your client must undertake in order to mitigate the vulnerability.
Assessment Criteria Mark Available
Task 1: Group management 10
Task 1: Attack Tree 20
Task 2: A Legal consideration of Task 2 10
Task 2 B. Executive Summary 10
Task 2: C. Vulnerability Exploitation and Mitigation 40
For clarification questions please make use of the discussion forums on Canvas so that the whole of the student cohort may benefit from the discussion.
You are required to submit a text report in a PDF document using the submission link provided on Canvas. Please note it is your responsibility to ensure you will submit on time. Canvas is a stable platform with alarge technical team supporting it. Apropos, it is a software platform. It is advisable to submit before the day of the deadline.
You are expected to demonstrate an insight into the implications of the problem introduced in each task by using clear and concise arguments. The report should be well written, showing good skills in creativity and design. Sentences should be of an appropriate length and the writing style should be brief but informative. Any images or Tables that you provide should be referred by text in the report. Work that is not making sense will be marked down. Write to impress! Aim for excellence. Be pedantic about formatting and presentation.
Discover Engaging Exploratory Essay Topics
Are you looking forward to writing an interesting exploratory essay that will attract the atten
Literature Essay Topics for Academic Excellence
A literature essay is like a placid stream of startling similes, mesmerizing metaphors, picturesque
How to Write a Research Paper - A Step-By-Step Guide
Research papers involve many elements, and students need to properly understand all of them before
How to Write a Term Paper (Format, Structure, Outline)
Did you get nervous every time you are asked to submit a term paper? If this is your first time
WhatsApp
