User Account

All Pages

Perform penetration testing on the ecommerce platform

Assignment Help Computer Network Security
Reference no: EM132294419 , Length: word count:2000

Cybersecurity and Analytics Assignment - Penetration Testing Project for eCommerce Website

Purpose of the assessment - The purpose of the assignment is to analyse the botnet attacks in cybersecurity; evaluate available defensive resolutions, and recommend a security solution. Students will be able to complete the following ULOs:

a. Analyse cyber security threats and attacks.

b. Implement and evaluate security testing tools in a realistic computing environment.

Assessment - Penetration testing on eCommerce Website

Assignment Description -

You are a new IT engineer at PureHacking.com located in Australia.

Your client is Mr. Daniel Gromer who runs a chain of clothing shops in Australia. Mr Gromer runs over 50 clothing shops in Sydney and Melbourne targeting female customers in their early twenties with moderate budget. Mr. Gromer has recently taken an interest in online business as he realized that many of his competitions have moved onto the online platforms reducing their expenditure significantly. Mr. Gromer has hired a team of web developers (located overseas) to develop and their new online shop is ready to launch in May 2019. Mr. Gromer has no IT background but he is aware of many cases where the websites were hijacked and lost fortunes alongside ruining their digital reputations.

Mr. Gromer has approached the PureHacking.com to assess his new eCommerce website and report any vulnerabilities ahead of its launch as Mr. Gromer is aware that he may get only one chance at the online success and if the website security is breached, he can face major loss in his investment.

Mr. Gromer informs: his eCommerce website is using WooCommerce plugin implemented on the WordPress website platform and the entire website is running on Linux webserver. The website developers have been using FTP to upload the website contents to the Linux webserver. The developers are fairly certain that their FTP passwords were complex enough not to be compromised. The password is given to PureHacking (your lecturer).

Your task is to write a report on how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.

In this report, you are to report:

1. Potential risks and threats to the eCommerce website and their web server.

2. Penetration testing tools and technologies you will use

a. Description of tools and technologies

b. Other case episode of their usages

3. Expected outcomes from the penetration testing

4. Resources you will require to complete the penetration testing (including security credentials in red teaming).

5. Expected business benefits to the client (Mr. Gromer).

6. Conclusion and remarks on future works.

Section to be included in the report -

Introduction - Outline of the report ( in 3-4 sentences).

Report Layout - Report layout, style and language.

Potential threats and risks - Identify the potential threats and risks of your concern in terms of penetration testing planning.

Penetration tools and technologies - Recommend penetration tools and technologies and rationalize your choice.

Expected outcomes - What are the signs you are looking within penetration testing.

Resources required - Resources you will require to complete the penetration testing (including security credentials in red teaming).

Practical demonstration - Demonstration of use of ethical hacking tools in labs 5 and 6.

Business benefits - Expected business benefits to the client (Mr. Gromer).

Conclusion and remarks - Write summary of the report and future work

Reference style - Follow IEEE reference style.

Reference no: EM132294419

Questions Cloud

Discuss a situation in which data storage using a flat file : Discuss a situation in which data storage using a flat file would be preferable over using a database table.
Prepare a presentation on software engineering : MITS5002 Software Engineering Methodology: Presentation on a recent academic paper on a topic related to Software Engineering or Software Engineering.
Different approaches to system analysis and design : Compare and contrast different approaches to system analysis and design, such as object-oriented, agile, and service oriented techniques
Describe the scope and analyze how to control the scope : Describe the scope and analyze how to control the scope. Speculate and give justifications for how to control scope.
Perform penetration testing on the ecommerce platform : MN623 Cybersecurity and Analytics Assignment - Penetration Testing Project for eCommerce Website, Melbourne Institute of Technology, Australia
Describe in detail the reason for the hardware choice : ISYS201 : Describe in detail the reason for the hardware choice and describe how the various sections of the plan serve the business needs.
Company to deal with this type of situation in the future : What specific steps (e.g., change in systems, policies, etc.) would you recommend a company take to either prevent an ethical challenge
How to educate their staff and team on such efforts : There are many ways to creating a team by assembling internal staff members for various roles and outsourcing the team members to be call for CSIRT team.
The topic of managerial issues of a networked organization : Research at least two articles on the topic of managerial issues of a networked organization. Write a brief synthesis and summary of the two articles.

Reviews

len2294419

4/27/2019 12:48:41 AM

Word limit - 1500 – 2000 words. Follow IEEE reference style. Submission Guidelines - All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.

len2294419

4/27/2019 12:48:35 AM

Marking Rubric - Introduction - All topics are pertinent and covered in depth. Ability to think critically and source material is demonstrated. Report Layout - Exceptional report layout, style and language used. The Botnet attack modules and structures - Modules and structures addressed exceptionally clearly with clear external links and sources. Botnet attack types and their implications to the victim services - Exceptional analysis of botnet attack types and their implication to the victim’s services with consolidating examples. Recommendation of your choice in protective solution - Exceptional recommendation with clear and convincing rational and some case examples. Practical demonstration Exceptional demonstration of use of ethical hacking tools. Conclusion and remarks on future works - Logic is clear and easy to follow with strong arguments. Reference style - Clear styles with excellent source of references.

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd