User Account

All Pages

COM1068 Algorithms and Data Structures Assignment

Assignment Help Computer Network Security
Reference no: EM132831803

COM1068 Algorithms and Data Structures - Teesside University

Learning Outcome 1: The ethical issues relating to penetration testing and how to incorporate them operationally.

Learning Outcome 2: A deep and systematic application of the tools, methods and procedures (theoretical and methodological) used within the cyber security arena in the context of a penetration test

Learning Outcome 3: Work in teams (as leader or member) adapting to changing requirements for effectively communicating the results of a penetration test

Assignment Brief:

Scenario:
Assume that you are working as a consultant for an SME which is building its capability in penetration testing. You are part of a small team of three (3) consultants who are preparing to deliver a grey-box penetration testing project. Your client has asked your employer to conduct the penetration test against a server, as they fear they might have already been breached. To their best of their knowledge, the company assumes that the server offers only the following online services: http, b) ssh, and c) vnc.

In this context, this assignment has two tasks:

• Task 1 is an individual task that will assess your understanding of the statutory and ethical issues surrounding penetration testing
• Task 2 is a group task that will assess your understanding of the pentest process itself.

Please ensure that in completing these tasks you deploy the techniques you have been taught in your course and, especially, in this module. If you produce work that is not concise and to the point, then marks may be reduced.
The deadline for this assignment is the 25.03.2021. Task 1 (Individual work)
Task 1 is an individual exercise. It is expected that this task will be in the region of 1500 words. You are expected to:
• Comment on the statutory and ethical considerations of a penetration tester working in the UK.
• Undertake research and critically compare the published penetration testing methodologies (such as OWASP, PTES, OSSTMM...) in order to deduce their applicability for Assignment 2.

Please note, your task is to critically compare existing methodologies against the scope of Assignment 2. As a result, we are not expecting you to provide an overview of them, not to provide a critique on types of PenTests and certainly not to tell us what is your favorite "pentesting color" (white, black, grey). In order to undertake the comparison, you will have to justify your comparison criteria. Your comparison criteria should be extracted from the scope of Assignment 2.

Scope of Assignment 2: Undertake a grey-box infrastructure PenTest. The target of the second assignment will be one Linux server, which the company assumes that it offers the following online services: http, b) ssh, and c) vnc..

Your Task 1 findings must be used in Task 2.

If you fail to provide references using the Harvard referencing style as per the University regulations, your work will be marked as superficial and it is unlikely to obtain a pass grade.

Task 2

Task 2 is mainly a group exercise. Your tutor will allocate you to a group. As a group, you will have to decide on how you will manage this task, what roles you will each have and how you will manage change during the lifecycle of this assignment. The Group Management section of the report is an individual activity and should be treated as confidential information. Each student is expected to report on group management activities. Discrepancies between group members will affect the grades.

Note that on the field, a customer does not care about problems and issues. The customer will expect a report for his money. In reporting for the Group Management Section, it is important to focus on the solutions your group will implement in order to deliver on time, and not on the problems.

You are expected to work together and design/develop:
• a Standard Operating Procedure (SOP),
• a decision-making tree,

These will describe how you plan to undertake the penetration test of the server, which is Task 3 and you can find in the second Assignment Brief Document, entitled Assignment 2: Pentesting Server.

Each group member must include their final SOP and the decision tree to his/her report. In addition, each member should submit intermediary versions of the SOP and decision tree, as they are produced by the Team on each calendar week. Aim to submit at least one version of the outcomes of your work before your final submission.

In particular, the SOP should address: intelligence gathering (target profiling), vulnerability identification and analysis, and target exploitation (including post exploitation).

An SOP is defined as a set of step-by-step instructions compiled by an organisation to help workers carry out routine operations. The SOP must explain what PenTest activities you will undertake in Task 3 and you can find in the second Assignment Brief Document, entitled Assignment 2: Pentesting Server. The decision tree must report how you will execute your SOP. There must be no discrepancies between the SOP and the decision tree. The SOP is expected to have the following example structure:

• Phase 1
o Process 1.1
» Activity 1.1.1
» Name:
» Input:
» Function:
» Output:
» Resources/Tool:
» Details:

Please do not submit hand-written decision trees. A decision tree is a specific type of flow chart used to visualize the decision-making process by mapping out different courses of action, as well as their potential outcomes. The nodes of the tree must be the activities of your SOP.

You are expected to demonstrate an insight into the implications of the problem introduced in each task by using clear and concise arguments. The report should be well written, showing good skills in creativity and design. Sentences should be of an appropriate length and the writing style should be brief but informative. Work that is not making sense will be marked down. Write to impress! Aim for excellence. Be pedantic about formatting and presentation.

The following report structure is expected:
1. Task 1
a. Legal & Ethical Considerations
b. Comparison Criteria
c. PenTest Methodology Comparison
2. Task 2
a. Group Management
b. SOP
c. Decision Tree
3. References, (aim for at least of 20 references!)
4. Appendixes (optional but advisable)

Attachment:- Assignment Brief.rar

Reference no: EM132831803

Questions Cloud

Characteristics of successful leader in corrections : Let's talk about what you think some of the characteristics of a successful leader in Corrections might be.
How much was the company net income for the year : Rigel Company had the following adjusted account balances as of December 31, 2020: How much was the company net income for the year
Recruiting employees in corrections : Results indicate correctional systems face serious difficulties in recruiting and retaining an adequate staff of qualified correctional officers.
Identify the pricing strategy selected : FIND a company that manufactures products or offers a service. What products or services do they sell?
COM1068 Algorithms and Data Structures Assignment : COM1068 Algorithms and Data Structures Assignment Help and Solution, Teesside University - Assessment Writing Service
Correctional academy : You just graduated from the Correctional Academy. You have been assigned to an all-female unit for the first time.
What can you advise Jim about the tax consequences : What can you advise Jim about the tax consequences of converting his entire traditional IRA into a Roth IRA
Maximum security inmate classification : We learned how classification and risk assessment are used to improve the effectiveness of correctional agencies.
What are the causes of stress in jason life : 1. What are the causes of stress in Jason's life? How is stress affecting Jason's health? 2. How are these stressors impacting Jason's self-concept

Reviews

len2831803

3/18/2021 3:20:02 AM

Hello team, This is a pentesting assignment. In this Only Task 1 needs to be written, but findings and other matter should be in similar findings to task 2 as well. Task 2 is not required to make, but when we are writing for task 1, findings are should be in similar to task 2. So I hope you can read question paper once and present it carefully. Task 1 (individual work) work is to be done in 1500 words. Please go through the coursework paper and let me know if you have any doubts. Thanks

Write a Review

Computer Network Security Questions & Answers

  Explain the solutions for securing a wireless network

Prepare an initial researched and cited discussion post early in the week about the topic that you choose and follow with at least two more researched.

  What architecture does a ddos attack typically use

What architecture does a DDoS attack typically use? What is the primary defense against many DoS attacks, and where is it implemented?

  Compare room temperatures of the four simulations

Compare room temperatures of the four simulations in a single graph. At what point does the building become heated in winter with internal heat gains only

  What is the mutual information of the source and receiver

A source X sends 0's and 1's with probabilities π and 1-π, respectively, to a receiver Y. - What is the mutual information of the source and receiver?

  List network security measures to be implemented

List network security measures to be implemented. Justify the need for the network services, security measures, and devices you've selected.

  Discuss the impact of the lack of access controls

Discuss the specific recommendations that you would make based on your personal experience and research

  Cyber resiliency as a tool to aid business continuity

Project - Using Cyber Resiliency As a Tool to Aid Business Continuity - Fully accomplish this project work an education website will be developed to teach

  The deprivation and importation model of prisons

Compare and contrast the differences between the deprivation and importation model of prisons.

  Explain benefits of cloud-based office productivity software

IT 200- Explain Benefits of Cloud-based Office Productivity Software. Create a 5-slide presentation to department head or CEO to convince him or her that using a cloud-based office productivity suite would benefit the company.

  Identify and describe the organizational authentication

Identify and describe the organizational authentication technology and network security issues

  Critically analyse security tools and present their findings

This assessment is designed to improve the ability of students to critically analyse security tools and present their findings

  Economic adviser to the president and someone made

If you were an economic adviser to the president and someone made this suggestion, what would you say in response to this proposal?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd