Reference no: EM132773245

CO4610 Foundations of Cybersecurity Concepts - University Of Chester

Learning Outcome 1: Show clear understanding of key cybersecurity terminologies. LO2: Discuss common technical weaknesses and security measures.
Learning Outcome 3: Demonstrate a conceptual understanding of threats and resolutions with respect to Information and System Security.
Learning Outcome 4: Demonstrate understanding of knowledge, and a critical awareness of cybersecurity core concepts and
techniques.

Exercise 1: Speaking Cyber

In 2016, a group of hackers known as the Hacking Team got hacked by a self-described black hat hacker. The hacker subsequently dumped their findings and also explained how the hack happened. It was alleged that "Hacking Team was a company that helped governments hack and spy on journalists, activists, political opposition, and other threats to their power". Read about ‘How Hacking Team got hacked' and address the following:

A. Briefly summarise what happened. Find out what you can on the actors, including the attacker and the target(s), and possible motivations.

B. Identify and explain at least three cybersecurity terminologies from (A) above. Where the term was used, define the term, describe in what context it was used, and give some details. E.g., if "attack vector" is mentioned, then what is ‘attack vector', what was the attack vector used and what did it achieve?

It is expected that you will use published materials like online articles, books, journals, conference papers, news articles etc. and these should be properly referenced. You may want to start from here and here.

Note: You can use any format of your choice. For example, you may address (A) and (B) separately, in separate sections, or together. So, whether you choose to cover both parts together or separately, the most important thing is that the report shows your understanding of what happened, the actors, possible motivations and terminology identification and explanation.

Note: The Portfolio as a whole is 2000 words equivalent with a ±10% flexibility. With the weighting of all the portfolio parts in mind, the aim of this exercise is roughly 500 words equivalent, though the word count of each exercise is not strictly controlled.

Exercise 2: Auditing

A. Briefly explain the use of Windows Registry and demonstrate how the registry can be analysed using RegShot.

Your discussion should show understanding of regedit and the structure of the registry. For the demonstration, you are required to do the following:
i. Install RegShot on a Windows machine. You are strongly advised to use a virtual machine (VM) as you may not be able to undo any registry changes you make. You can use a university provided VM or one on your personal PC.
ii. Take a snapshot of the system's registry.
iii. Perform some system changes or install a new software. That is, carry out any activity that will cause some registry entries.
iv. Take a second snapshot of the registry. This must be done after (iii) above.
v. Compare the two snapshots and briefly discuss your findings. Use screenshots to document this exercise.

B. Using the Group Policy Editor on Windows, modify the local audit policy to audit account logon events on the system, including both successful and failed account logon events. Apply the policy and attempt to generate logs by logging into the system with both valid credentials and invalid credentials in order to trigger the newly configured policy. You should then show the Windows Event Viewer logs generated as a result of the policy change and discuss what each security log shows in detail. You should detail and discuss all the steps taken to achieve this task throughout. You are advised to use a virtual machine (VM) for this exercise, to prevent unintended damage to your system, you may either use a university provided virtual machine (VM) or create one to use for this task on your personal PC.

Note: For this task using a Windows virtual machine, you will need to modify default Windows security policies using the Group Policy Editor to allow for account logon events to be audited in the event of both successful and unsuccessful account logon events. For higher marks you should ensure that all steps and your understanding are clearly shown. You should note that both screenshots and captions DO NOT count towards the overall word count, therefore your discussion should be detailed. For guidance on this task, you should refer to the lecture notes to remind yourself on how to configure security policies on Windows.

Note: The Portfolio as a whole is 2000 words equivalent with a ±10% flexibility. With the weighting of all the portfolio parts in mind, the aim of this exercise is roughly 600 words equivalent, though the word count of each exercise is not strictly controlled.

Exercise 3: Python

Alice and Bob need to individually and separately generate the same encryption (secret) key to allow them securely exchange a message (read about Diffie-Hellman key exchange). To do this, in this case, they both need two public numbers (p = 353 and α = 3). Alice calculates an individual public key (YA = 56) and sends it to Bob. Bob calculates an individual public key (YB = 260) and sends it to Alice. To generate the secret key (K), Alice and Bob would need their individual private keys (XA and XB respectively) and the individual public keys they received.
The relevant equations are:
Y_A = ∝^XA mod p
Y_B = ∝^XB mod p
K_A = Y_B^XA mod p OR K_B = Y_A^XB mod p

Write a python script that will crack (brute force) the values of X_A and X_B and use them to generate the secret key (K). You must comment your code and explain the steps.

Hint: You already know the values of (p = 353, α = 3, Y_A = 56, and Y_B = 260). mod p means ‘modulus p‘ (check the mathematical notation for modulus). Your range is 1 to p - 1, which means 1 - 352. You are looking for the values of X_A and X_B such that K_A = K_B.

Note: The Portfolio as a whole is 2000 words equivalent with a ±10% flexibility. With the weighting of all the portfolio parts in mind, the aim of this exercise is roughly 400 words equivalent, though the word count of each exercise is not strictly controlled.

Exercise 4: Security and Cryptography

A. What is Frequency Analysis?

B. Using Frequency Analysis technique, cryptanalyse the following ciphertext:

"dfi du cei tpwr du rdnsafm pf ifqkwxcig oirrpmi, au cei npfmvpmi du cei xnpafcizc ar lfdtf, ar cd uafg p gauuikifc xnpafcizc du cei rpoi npfmvpmi ndfm ifdvme cd uann dfi reiic dk rd, pfg ceif ti qdvfc cei dqqvkkifqir du ipqe niccik. Ti fdci pfg qpnn cei odrc ukijvifcnw dqqvkkafm niccik cei ‘uakrc', cei fizc odrc dqqvkkafm niccik cei ‘riqdfg' cei udnndtafm odrc dqqvkkafm niccik cei ‘ceakg', pfg rd df, vfcan ti pqqdvfc udk pnn cei gauuikifc niccikr af cei xnpafcizc rpoxni. Ceif ti nddl pc cei qaxeik cizc ti tpfc cd rdnsi pfg ti pnrd qnprrauw acr rwohdnr. Ti uafg cei odrc dqqvkkafm rwohdn pfg qepfmi ac cd cei udko du cei ‘uakrc' niccik du cei xnpafcizc rpoxni, cei fizc odrc qdoodf rwohdn ar qepfmig cd cei udko du cei ‘riqdfg' niccik, pfg cei udnndtafm odrc qdoodf rwohdn ar qepfmig cd cei udko du cei ‘ceakg' niccik, pfg rd df, vfcan ti pqqdvfc udk pnn rwohdnr du cei qkwxcdmkpo ti tpfc cd rdnsi"

Note: You are required to show and explain all the steps taken to deduce the plaintext. Marking criteria for this task will mainly focus on the steps taken (which needs to be explained) rather than getting the plaintext correct. Deducing the correct plaintext counts for only 20% (4 marks) while the steps taken and the knowledge shown count for 80% (16 marks). So, using an online tool to crack the ciphertext won't be that helpful.

The ciphertext doesn't count in the word count

Note: The Portfolio as a whole is 2000 words equivalent with a ±10% flexibility. With the weighting of all the portfolio parts in mind, the aim of this exercise is roughly 400 words equivalent, though the word count of each exercise is not strictly controlled. The ciphertext doesn't count in the word count.

Exercise 5: Critical review and Conclusion

Based on the previous 4 exercises, critically review and conclude the portfolio. The discussion here should address the following questions:

A. What is the one new thing you have learnt?
B. What is the most challenging exercise for you and why?
C. What can you do differently next time?

This is a free-form portion of the portfolio that is intended to show the student's reflection on process, demonstrating learning, awareness of strengths and weaknesses and identification of possible areas for improvement.

Note: The Portfolio as a whole is 2000 words equivalent with a ±10% flexibility. With the weighting of all the portfolio parts in mind, the aim of this exercise is roughly 100 words equivalent, though the word count of each exercise is not strictly controlled.

Attachment:- Portfolio.rar