Reference no: EM133011669
Assessment Task 1: Project / Portfolio - Test concepts and procedures for cyber security
Task instructions:
The learners are required to correctly answer all questions to a satisfactory level for each question of this assessment task to be given a satisfactory result by the assessor. If this is not achieved on the first attempt, then an opportunity to resubmit is allowed.
Once learners have completed all the questions, the assessment must be uploaded and submitted along with the signed assessment coversheet via Brightspace.
There are observation components which the assessor will need to observe the learner demonstrating as part of this assessment. The learner only needs to demonstrate this once. If the learner is unable to demonstrate one or more of the required Observation tasks to a satisfactory level, they will be given a second opportunity to demonstrate the unsatisfactory Observation task(s).
This assessment task is comprised of 2 main parts as follows:
Part A: Prepare the environment & Create the Virtual Machines
1. Install Required VM Machines
2. Verify if the relevant services and ports are enabled
3. Verify connectivity within the testing environment
4. Confirm Host IP Addressing
5. Port Scanning
6. Enumeration
7. Create credential lists for Hydra
8. Exploitation - Hydra
Part B: Team Configuring & Troubleshooting Processes
1. Install new Network Adapter
2. Verify & Test adapter settings for connectivity
3. Issue scripting commands - Networking
4. Troubleshooting Connections with documented steps.
Part C: Python Scripting
Auto mate at least one step in Part A using Python.
• The learners are required to correctly answer all questions to a satisfactory level for each question of this assessment task to be given a satisfactory result by the assessor. If this is not achieved on the first attempt, then a resubmission is required.
• Once learners have completed all the questions, the assessment must be uploaded and submitted along with the signed assessment coversheet via Brightspace.
This is an individual task and must be submitted to Brightspace.
• If a supplied answer is incorrect or requires further information the learner will be requested to correct the issues and resubmit the assessment via Brightspace.?
• Learners must contribute to and abide by organisational standards including intellectual property and privacy
The Print Screen (PRT SCREEN) function MUST be used to produce your screenshots, or learners are to use notepad with their Student number and name within the screenshot.
Although VMWare Workstation is the virtualization software of choice, it is acceptable to use Oracle VirtualBox if the student feels the software functions better with their device.
Assessment Task 2 - Practical
Assessment Task 2 comprises of TWO (2) Parts with several steps to each part. To be satisfactory you must complete both Part A and Part B. Screenshots of your work are required. Students will use the PRT SCRN function ONLY.
All the questions in this assessment should only be completed in order.
You are required prepare the virtual environment, create & install a Kali Linux and a Broken Virtual Machine, configure & test connectivity, complete maintenance tasks and troubleshoot.
Both your Virtual Machines should be on the HOST ONLY network adapter. The network adapter should be enabled with DHCP.
Part A: Prepare the environment & Create the Virtual Machines
Step 1: Install Broken VM machine and Kali Linux. Provide screenshot of each machine.
Step 2: Build a virtual VM network
2.1 Create a virtual network that is "host only" and with DHCP enabled. You can decide the network address by yourself. Provide a screenshot of the virtual network configuration.
2.2 Attach the Kali machine and Broken machine to the virtual network above.
Step 3: Use proper Linux command to verify Kali VM is correctly configured with an ipv4 address. Provide screenshot of the result.
Note: Because the login to the Broken machine is unknown yet. You are not required to login to the Broken machine to check its IP.
Step 4: Confirm the IP address of the target VM (Broken) by issuing the netdiscover or arp-scan commands. Provide a screenshot of your results.
Step 5: Now you are required to run a scan of the target IP address (discovered in Step 4).
5.1 Discover any running services and open ports. Issue the appropriate nmap commands and screenshot your results.
5.2 You are required to identify and explain the types of service of all discovered ports. An example has been given in the answer box.
Step 6: Enumeration - the process of discovering potential attack vectors in the target system.
In step 5, you have identified that http service is running on port 80. You are required to commence the enumeration process against the host machine by examine the website. You will see a list of files within the web browser. Use Firefox ESR or Iceweasel as a web browser. There should be six (6) files in total.
6.1 Screenshot each of the file and explain your findings. One of them has been done for you as an example.
6.2 Decode "README.md" file
The content of .html and .jpg files are straight forward, while the file "README.md" is mysterious. It is a plain text file contains many hex numbers. Here is a sample of the content and you are required to decode the data.
Theory #1. These represent a serial of meaningful numbers. To verify this theory, you are required to
1. Convert the hex numbers to decimal format. You may use this online tool to perform the conversion. And Provide a screenshot of the result.
2. You are required to analyse these decimal data and explain your conclusion below
Theory #2. Each octet in this file represent a character in ascii table. To verify this theory, you are required to
What is Ascii table
1. Convert the hex numbers to ascii characters. You may use this online tool to perform the conversion. And Provide a screenshot of the result
2. You are required to analysis these decimal data and reach a conclusion. Explain your conclusion below
Theory #3. All the data in this file represent a binary file of a kind of format (ideally a video, a piece of audio or a picture). You required to
1. Convert all the hex numbers to a binary file. You may use this online tool to perform the conversion. And Provide a screenshot of the binary file in file system.
2. You are required to run Linux "file" command against the binary file and provide a screenshot of the result
3. What is the file format of the binary file?
4. Once the format of the file is determined, open this file with proper software (e.g. image viewer for image file) and provide a screenshot of the result.
5. You are required to analysis the content of this binary file. Explain your finding below?
Step 7: You have identified some key words in the previous steps (file name of the pictures, special word in the README.md picture etc..). You will now prepare a wordlists that will be used in a brute force password attack against the Broken machine. To begin, create two (2) lists of words as you see below which will act as your username and password lists.
• 5terre
• forrest
• lights
• mountains
• broken
• gallery
Step 8: Exploitation
You are now tasked with launching your brute-force password attack against Broken. The tool of choice is ‘Hydra'. You will attack on port 22 for SSH login credentials. Remember to be persistent with Hydra.
Part B: Team Configuring & Troubleshooting Processes
NB: For Part B of the assessment task, you must now add another Network Adapter to your Kali VM Machine.
Step 1 - Add another network adapter card and issue the command on CLI that will confirm the installation of the second network adapter. Screenshot your result. (The new adapter should be on Host Only also).
Step 2: Connectivity testing.
Turn on Wireshark within Kali Linux and select the eth0 interface. Ensure Kali can still connect to Broken VM. Screenshot your results here that verify connectivity. Do not stop the ping from Kali to Broken.
Step 3: Open a new terminal in Kali and then issue the following script commands:
sudo ifconfig eth0 down
sudo ifconfig eth1 192.168.231.129 netmask 255.255.255.0
sudo route add default gw 192.168.231.253 eth1
If you have stopped the ping in Step 2, re - issue the ping command from Kali to Broken Machine. Remember Kali has a continuous ping.
Can you still ping Broken VM? Screenshot your results.
Step 4: Troubleshoot the connection issues. Document your troubleshooting methods below and issue a short report to your TSD team leader. Your report should document the steps taken before and after diagnosis. (Answer in one short paragraph or two.)
Part C: Python scripting
Now you have finished all the testing procedures manually in Part A and Part B. In this part, you are required to automate at least one of the testing steps above using Python language. Below is a list of recommended testing procedures for you to select. If you would like to automate anything outside this list, you must discuss with your assessor about the idea and obtain approval from your assessor.
Attachment:- Test concepts and procedures for cyber security.rar