User Account

All Pages

Software security in the context of a penetration test

Assignment Help Computer Network Security
Reference no: EM132875755

Learning Outcome 1: Critically analyse and evaluate security techniques used to protect complex heterogeneous environments and apply their findings for offering advice regarding solutions to decision makers.

Learning Outcome 2: Apply advanced and current concepts/issues of computer systems risks, vulnerabilities, threats analysis, and software security in the context of a penetration test

Learning Outcome 3: Use initiative for autonomously conducting and managing a penetration test, within a complex and unpredictable environment, demonstrating a systematic approach of creatively applying knowledge in unfamiliar contexts for solving problems

Assignment Brief:

Scenario:
Assume that you are working as a consultant for an SME which is building its capability in penetration testing. Your client has asked your employer to conduct the penetration test against a server, as they fear they might have already been breached. To their best of their knowledge, the company assumes that the server offers only the following online services: http, b) ssh, and c) vnc.

This is an individual assignment that will assess your ability to conduct a full-scale penetration test. Please ensure that in completing these tasks you deploy the techniques you have been taught in your course and, especially, in this module. If you produce work that is not concise and to the point, then marks may be reduced. The deadline for this assignment is the 10.05.2021.

Task 3

You are expected to undertake a grey-box Penetration Test. To guide your activities, you are expected to use the plans that you have produced in Assignment 1.

Information about the IP address of target of your test as well as the schedule to access it is available on Canvas. Specifically, please navigate to the module on Canvas and select the "Your Assignment IP address and your Access Schedule" page, which is available under the "Module Information" Unit, in order to find more information.

Please look at the Assessment Criteria table, which is provided below, for understanding the expected structure of your report. You are required to present your findings in a factual manner to convince decision makers of a large corporation on business strategies. Do not provide a narrative of your intelligence gathering activities in the main report. You may include this in an appendix.

In the Attack Narrative section, you are expected to discuss the attacks you have undertaken and what vulnerabilities you have tested in each attack. In the Vulnerability Details & Mitigation section you are expected to provide a technical explanation of the vulnerabilities you have tested and confirmed (e.g., with a working exploit), as well as offer advice on how to mitigate it. To get full marks for this section you are expected to provide confirmed details and mitigation for three (3) vulnerabilities from the total vulnerabilities that you have found on the target.

Attachment:- Assignment Briefing Sheet.rar

Reference no: EM132875755

Questions Cloud

Leadership and personality assessments : Explain your personal leadership style through the use of leadership and personality assessments.
Improve the shortcoming of unstructured interviews : Discuss THREE (3) features of structured interviews that improve the shortcoming of unstructured interviews.
How can prevent biases from impacting : As a manager of a diverse team, how can you prevent biases and microaggression from impacting your team's ability to communicate?
Context of employment-what is discrimination : In the context of employment, what is discrimination? And how do direct discrimination and indirect (sometimes called "systemic") discrimination differ?
Software security in the context of a penetration test : Demonstrating a systematic approach of creatively applying knowledge in unfamiliar contexts for solving problems
Business writer hotline-telephone and e-mail service : Who teach business communication at Iosco Community College, are interested in setting up a business writer's hotline-a telephone and e-mail service
Why do you think the various quality problems described : Why do you think the various quality problems described in the case occurred? Analyze several possible reasons. Is there a different reason in each situation
What does social responsibility mean to personally : Do you think business organizations should be socially responsible? What do you think is the best way for managers to ensure their employees act ethically?
Research paper on the role of organizational communication : When doing a research paper on the role of organizational communication on employee job satisfaction at a department where dissatisfaction in the communication

Reviews

len2875755

5/3/2021 11:51:04 PM

Hello Team, In the Above Grey-box Penetration we requested to find out 3 vulnerabilities in which two should be passed result and one failed result vulnerability. As We don''t need all 3 vul''s to be passed. Kindly let me know if any questions. Thanks

Write a Review

Computer Network Security Questions & Answers

  An overview of wireless lan security - term paper

Computer Science or Information Technology deals with Wireless LAN Security. Wireless LAN Security is gaining importance in the recent times. This report talks about how vulnerable are wireless LAN networks without any security measures and also talk..

  Computer networks and security against hackers

This case study about a company named Magna International, a Canada based global supplier of automotive components, modules and systems. Along with the company analysis have been made in this assignment.

  New attack models

The Internet evolution is and is very fast and the Internet exposes the connected computers to attacks and the subsequent losses are in rise.

  Islamic Calligraphy

Islamic calligraphy or Arabic calligraphy is a primary form of art for Islamic visual expression and creativity.

  A comprehensive study about web-based email implementation

Conduct a comprehensive study about web-based email implementation in gmail. Optionally, you may use sniffer like wireshark or your choice to analyze the communication traffic.

  Retention policy and litigation hold notices

The purpose of this project is to provide you with an opportunity to create a document retention policy. You will also learn how to serve a litigation hold notice for an educational institute.

  Tools to enhance password protection

A report on Tools to enhance Password Protection.

  Analyse security procedures

Analyse security procedures

  Write a report on denial of service

Write a report on DENIAL OF SERVICE (DoS).

  Phising email

Phising email It is multipart, what are the two parts? The HTML part, is it inviting the recepient to click somewhere? What is the email proporting to do when the link is clicked?

  Express the shannon-hartley capacity theorem

Express the Shannon-Hartley capacity theorem in terms of where is the Energy/bit and is the psd of white noise.

  Modern symmetric encryption schemes

Pseudo-random generators, pseudo-random functions and pseudo-random permutations

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd