User Account

All Pages

Examining federal computer crime laws

Assignment Help Computer Engineering
Reference no: EM132150729

Instructions:

1. You must present the practical solutions/ results with visible images captured and pasted into your document.
2. Make sure to use the cover page (available on eLearn) and include your name and student ID.
3. Your submitted assignment file should be a SINGLE PDF. See eLearn for due date and further assignment notes.
4. All answers should be in your own words and use appropriate referencing where required.
5. Assignments must be presented with a consistent font.

Task 1: Examining Federal Computer Crime Laws

For this activity, use Internet search engines or Australian Federal Register of Legislation website at www.legislation.gov.au to gather information on the Criminal Code Act 1995, Division 477-478, which outlines the serious computer offences, such as hacking, that can be prosecuted at the federal level. Write a summary explaining how this law can affect ethical hackers and security penetration testers.

Task 2: Determine Legal Requirements for Penetration Testing.

Scenario - Telcomm Hudson Hospital Penetration testing

Organizational Facts
Telcomm Hudson Hospital is a medium-sized regional hospital located in Hudson, with approximately 500 staff members supporting up to 1000 patients. Hospital has contacted you to perform a penetration test on its computer network. Telcomm Hospital has 15 buildings in total on the campus, plus 5 small remote clinics.

There are two main hospital buildings and an auxiliary building. The two main buildings have seven floors each, with four wiring closets per floor. The Children's Place is connected to the two main buildings; the switches from these three buildings are connected with fiber connections in a ring. The Children's Place has three floors and the other 12 campus buildings are smaller office and support facilities, with 10 to 40 people per building, located on one or two floors.

Plans and Requirements
John, the vice president, is your only contact for the hospital. You won't be introduced to any IT staff or employee to avoid undermining the test you are conducting. Bruno wants you to determine what you can find out about the company's network infrastructure, network topology, and discover any vulnerabilities', without any assistance from Bruno or hospital's IT personnel.

Based on the preceding information:

1. Write a brief report to your instructor outlining the steps you should take before beginning the penetration test of the Telcomm Hudson hospital.
2. Research the legal requirement for penetration testing for the Telcomm hospital, and be sure to provide and to reference federal laws that might apply to the task you have been asked to do

Task 3: Examine Network and Computer Attacks

Review and analyse a recent network security attack in Australia. Report any failures that exemplify the security principles i.e. easiest penetration, adequate protection, effectiveness, weakest link.

Task 4: Examine Social Engineering Attacks

Which of the following social engineering attack more likely to succeed:

- In person,

- Over the telephone

- via e-mail? Justify your answer.

PRACTICAL ACTIVITIES

Task 5: Using reconnaissance attack tools

1. Using nslookup in any Windows PC (internet required) and gather the following information:
a. IP address
b. Change the server you want the response from 8.8.8.8
c. Elicit an authoritative answer from the DNS server
d. Find name servers for a domain
e. Find mail servers tor a domain
f. Identify other DNS resource records Requirements:
- Get the information for the following domain:

  • google
  • microsoft
  • cit
  • Gathering information with WHOIS for the following domains (internet required)
  • Google
  • Microsoft
  • Cit
  • Contoso

Whois is network information utility that allows you to look up most available information on a hostname, IP address, or domain, including country, state or province, city, name of the network provider, technical support contact information, and administrator.

a. The owner of the domain
b. The domain registration date and the owner's contact information
c. The owner of the IP address block

3. Using dig tool on EH-Kali2 gather the following information from EH-SVR1:
a. Domain names
b. Transfer domain
c. Resource records in the domain

Task 6: Using AMAP Scanning tool

Use the Amap tool to perform port scanning against EH-SVR1 and know exactly what applications are running on each port found open.

Requirements:

- Run this tool on Windows / Linux virtual machine

Task 7: Using Nmap/ Zenmap Scanning tool

Sectools have set up this machine to help pentesters learn about Nmap and also to test and make sure that their Nmap installation (or Internet connection) is working properly. You are authorized to scan scanme.nmap.org with Nmap or other port scanners. In this taks you will be using Nmap or Zenmap to scan scanme.nmap.org and find the following information:

- List of Services and port numbers

- Operating systems and version numbers

- Firewall protection

- Packets sent and received Requirements:
- Use any Windows/ Linux machine (internet required)

- If you use Windows, then you can also download the Zenmap from the following link https://nmap.org/download.html
- Run this tool on Windows / Linux virtual machine

- Administrative privileges are required to run this tool

Task 8: Identify the network security attacks

Analyse the given packet capture file (A1-task8.pcap) to identify the following:

- Victim's Address (IP and MAC)

- Attacker's Address (IP and MAC)

- Attack method

Task 9: Analyse a network security attack

Telcomm hudson Corp. suspects that one of their employees, John, is stealing secret documents for their competitor. Bruno has access to the company's top-secret documents. IT security staff are worried that Bruno may try to leak the company's top-secret information.

Security staff have been monitoring Bruno's activity for some time, but haven't found anything suspicious- until now. Today an unexpected computer briefly appeared on the company wireless network. Staff hypothesize it may have been someone in the car park, because no strangers were seen in the building. Bruno's computer, (192.168.100.22) sent access request for a file over the wireless network to this unexpected computer.

"We have a packet capture of the activity," said the security staff, "but we can't figure out what was going on. Can you help?" Analyse the given packet capture file (A1-task9.pcap) to identify the following:

- Attacker's Address (IP and MAC)

- Passwords

- Attack method

- Data stolen (file name, type and content)

Task 10: Research and demonstrate with documentation the Social-Engineer Toolkit (SET)

The Social-Engineer Toolkit (SET) is an open-source, Python-driven tool aimed at penetration testing around social engineering. This tool is included in Kali Linux. Your task is to simulate a social-engineering attack using a malicious link and send it victim via E-mail. Main tasks must include

- Clone a website/ or use template

- Obtain user names and passwords using the Credential Harvester method

- Generate reports for conducted penetration tests

Attachment:- test.rar

Reference no: EM132150729

Questions Cloud

What are the key components of an income statement : On your example of an income statement, is the organization making a profit or loss? How much is that profit or loss? Show the calculations.
Discuss the concept of abnormality : After reading Chapter 1-2 which is attached, discuss the concept of "abnormality" from a Biblical perspective. What is considered "normal" and "abnormal" types.
Properly functioning economic market : In a properly functioning economic market, where does the economic value created by firms go? In other words, who gets it? Why?
Function of hr and management : Discuss how performance appraisals are a function of HR and management.
Examining federal computer crime laws : Examining Federal Computer Crime Laws - Telcomm Hudson Hospital Penetration testing - Write a brief report to your instructor outlining the steps you should tak
Processes to fit the standard blueprint : In your own word, explain why an organization might choose to change its processes to fit the standard blueprint. What advantages does it accrue by doing so?
This asset qualifies as three-year property under macrs : A company purchases an asset that costs $30,000. This asset qualifies as three-year property under MACRS.
Bonds and mutual funds for various business customers : Your work at a brokerage where you buy and sell stocks/bonds/mutual funds for various business customers.
Think about your own healthcare facility in your community : Do you believe that this unit has helped you learn more about marketing procedures in healthcare organizations? Why, or why not?

Reviews

Write a Review

Computer Engineering Questions & Answers

  Create a predator-prey simulation in a 2-d ecosystem

Create a Predator-Prey Simulation in a two-dimensional ecosystem based on agent-based modeling. The Predator and Prey will act as agents in an ecosystem in this

  Given a 3-d point at position 20 35 10 determine the

given a 3-d point at position 20 35 10 determine the coordinates of the point that results from rotating the original

  Design a vi to measure the volume of a tank as it fills

Design a VI to measure the volume of a tank as it fills and empties. The diameter of the tank is 6 feet. The total height is 12 feet.

  Describe and define the scope of the project

Write a 8 page original business requirements document for the project plan using the template provided. Note: The template is provided under the Additional.

  Deduce the applicable laminar boundary-layer equations

Consider steady axisymmetric flow in the entrance region of a pipe, that is, in the region in which the velocity profile is developing.

  Discuss the impact the internet

How do you think the future changes of the Internet will impact the professional development of IT professionals?

  Describe how a sequential file is searched

suppose a sequential file contains 20,000 records and 2 seconds are required to interrogate an entry. How long will we wait when retrieving a record from the middle of the file?

  Discuss conduct a risk assessment for an organization

Describe a methodology that can be used to conduct a risk assessment for an organization

  How to create an exit button

make a VB GUI program that tracks your employees and their previous work history. List your employees names in a drop down combo box. When the user selects a employee, display in a text area all of their previous work performed under code name Jam..

  Explain relevant terms that will be used throughout project

Define relevant terms that will be used throughout project. Describe the scope and analyze how to control the scope. Identify possible risks, constraints, and assumptions.

  What is difference between client and a server

What are the differences between client and a server. What is function of each layer in a three-layer application?

  How many page misses does the lru algorithm incur

How many page misses does the LRU algorithm incur on the following page request sequence: (2,3,4,1,2,5,1,3,5,4,1,2,3)?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd