Late submission of any item of coursework for each day or part thereof (or for hard copy submission only, working day or part thereof) for up to five days after the published deadline, coursework relating to modules at Levels 0, 4, 5, 6 submitted late (including deferred coursework, but with the exception of referred coursework), will have the numeric grade reduced by 10 grade points until or unless the numeric grade reaches or is 40. Where the numeric grade awarded for the assessment is less than 40, no lateness penalty will be applied.
Late submission of referred coursework will automatically be awarded a grade of zero (0).
Coursework (including deferred coursework) submitted later than five days (five working days in the case of hard copy submission) after the published deadline will be awarded a grade of zero (0).
Where genuine serious adverse circumstances apply, you may apply for an extension to the hand-in date, provided the extension is requested a reasonable period in advance of the deadline.
This Assignment assesses the following module Learning Outcomes:
1.The ethical issues relating to penetration testing and how to incorporate them operationally.
2.A deep and systematic application of the tools, methods and procedures (theoretical and methodological) used within the cyber security arena in the context of a penetration test
3.How to apply advanced and current concepts/issues of computer systems risks, vulnerabilities, threats analysis, and software security in the context of a penetration test
Successful students will typically be able to:
4.Critically analyse and evaluate security techniques used to protect complex heterogeneous environments and apply their findings for offering advice regarding solutions to decision makers
5.Use initiative for autonomously conducting and managing a penetration test, within a complex and unpredictable environment, demonstrating a systematic approach of creatively applying knowledge in unfamiliar contexts for solving problems
Work in teams (as leader or member) adapting to changing requirements for effectively communicating the results of a penetration test
Is weighted at 50% of the overall portfolio mark. It is expected that this task of the portfolio will be the equivalent of 2000 words. You are expected to undertake research and critically compare the published penetration testing methodologies.
You are expected to comment on the statutory and ethical considerations of a penetration tester. You are expected to design/develop a Standard Operating Procedure (SOP), including a decision-making tree, to describe how you will undertake task 2. In particular: intelligence gathering (target profiling), vulnerability identification and analysis, and target exploitation (including post exploitation). An SOP is defined as a set of step-by-step instructions compiled by an organisation to help workers carry out routine operations.
The Milestone report and Final Portfolio report must be submitted through Canvas. Please make a note of the following dates on your calendars.
Element Date
Milestone for Task 1 12.03.2020
Portfolio Deadline (including Task 2) 30.04.2020
You are expected to unify your work into one cohesive portfolio report. The final portfolio report is an academic report and as such the following report structure is expected:
1.Task 1 (50%)
2.Task 2 (50%)
3.References: one fused reference list. Do not have a separate reference list for each task of the portfolio,
You are required to submit the final portfolio report via Canvas in a PDF format using your student ID as the file name. This is imperative as the naming template will be used for corroborating the work in your reports with the log files your PenTest activities will generate.
Type f Feedback to be given for this assignment:
In-course formative feedback and individual personalised summative feedback.
Formative feedback will be given for the portfolio milestone reports through Canvas and during the scheduled sessions as per the module delivery plan. Individual personalised summative feedback will be given through Canvas for the final submission. Every week, Review & Reflection questions related to the assessment activities will be posted on Canvas. These questions will help you to reflect on the activities you will be undertaking as part of the assessed work for the module, self-assess your work as you progress through the module and help you understand the subject better.
For the group activity during unit 3, you read a fictitious case study of an attack against a web server. Your group scoped a penetration test by answering the relevant questions within the ‘Scoping a Penetration Test’ document under unit 3.
The important aspect for the group task was not necessarily answering all the questions in the scoping document, but how you worked as a team in a high-pressure scenario.
Create a script called my_new_whois.sh that utilises the provided whois_yahoo_mnt.txt file to create a script that prompts the user to perform the following tasks:
1.Obtain all unique people in the file sorted in alphabetical order and place them in the specified file.
2.Obtain all inetnums in the file sorted in ascending numerical order and place them in the specified file.
3.Obtain all unique netnames sorted in alphabetical order and place them in the specified text file.