User Account

All Pages

Concepts and procedures for cyber security

Assignment Help Other Subject
Reference no: EM133011669

Assessment Task 1: Project / Portfolio - Test concepts and procedures for cyber security

Task instructions:
The learners are required to correctly answer all questions to a satisfactory level for each question of this assessment task to be given a satisfactory result by the assessor. If this is not achieved on the first attempt, then an opportunity to resubmit is allowed.

Once learners have completed all the questions, the assessment must be uploaded and submitted along with the signed assessment coversheet via Brightspace.

There are observation components which the assessor will need to observe the learner demonstrating as part of this assessment. The learner only needs to demonstrate this once. If the learner is unable to demonstrate one or more of the required Observation tasks to a satisfactory level, they will be given a second opportunity to demonstrate the unsatisfactory Observation task(s).

This assessment task is comprised of 2 main parts as follows:

Part A: Prepare the environment & Create the Virtual Machines
1. Install Required VM Machines
2. Verify if the relevant services and ports are enabled
3. Verify connectivity within the testing environment
4. Confirm Host IP Addressing
5. Port Scanning
6. Enumeration
7. Create credential lists for Hydra
8. Exploitation - Hydra

Part B: Team Configuring & Troubleshooting Processes

1. Install new Network Adapter
2. Verify & Test adapter settings for connectivity
3. Issue scripting commands - Networking
4. Troubleshooting Connections with documented steps.

Part C: Python Scripting
Auto mate at least one step in Part A using Python.

• The learners are required to correctly answer all questions to a satisfactory level for each question of this assessment task to be given a satisfactory result by the assessor. If this is not achieved on the first attempt, then a resubmission is required.
• Once learners have completed all the questions, the assessment must be uploaded and submitted along with the signed assessment coversheet via Brightspace.

This is an individual task and must be submitted to Brightspace.

• If a supplied answer is incorrect or requires further information the learner will be requested to correct the issues and resubmit the assessment via Brightspace.?
• Learners must contribute to and abide by organisational standards including intellectual property and privacy

The Print Screen (PRT SCREEN) function MUST be used to produce your screenshots, or learners are to use notepad with their Student number and name within the screenshot.

Although VMWare Workstation is the virtualization software of choice, it is acceptable to use Oracle VirtualBox if the student feels the software functions better with their device.

Assessment Task 2 - Practical

Assessment Task 2 comprises of TWO (2) Parts with several steps to each part. To be satisfactory you must complete both Part A and Part B. Screenshots of your work are required. Students will use the PRT SCRN function ONLY.

All the questions in this assessment should only be completed in order.

You are required prepare the virtual environment, create & install a Kali Linux and a Broken Virtual Machine, configure & test connectivity, complete maintenance tasks and troubleshoot.

Both your Virtual Machines should be on the HOST ONLY network adapter. The network adapter should be enabled with DHCP.

Part A: Prepare the environment & Create the Virtual Machines

Step 1: Install Broken VM machine and Kali Linux. Provide screenshot of each machine.

Step 2: Build a virtual VM network
2.1 Create a virtual network that is "host only" and with DHCP enabled. You can decide the network address by yourself. Provide a screenshot of the virtual network configuration.

2.2 Attach the Kali machine and Broken machine to the virtual network above.

Step 3: Use proper Linux command to verify Kali VM is correctly configured with an ipv4 address. Provide screenshot of the result.
Note: Because the login to the Broken machine is unknown yet. You are not required to login to the Broken machine to check its IP.

Step 4: Confirm the IP address of the target VM (Broken) by issuing the netdiscover or arp-scan commands. Provide a screenshot of your results.

Step 5: Now you are required to run a scan of the target IP address (discovered in Step 4).
5.1 Discover any running services and open ports. Issue the appropriate nmap commands and screenshot your results.

5.2 You are required to identify and explain the types of service of all discovered ports. An example has been given in the answer box.

Step 6: Enumeration - the process of discovering potential attack vectors in the target system.
In step 5, you have identified that http service is running on port 80. You are required to commence the enumeration process against the host machine by examine the website. You will see a list of files within the web browser. Use Firefox ESR or Iceweasel as a web browser. There should be six (6) files in total.

6.1 Screenshot each of the file and explain your findings. One of them has been done for you as an example.

6.2 Decode "README.md" file

The content of .html and .jpg files are straight forward, while the file "README.md" is mysterious. It is a plain text file contains many hex numbers. Here is a sample of the content and you are required to decode the data.

Theory #1. These represent a serial of meaningful numbers. To verify this theory, you are required to
1. Convert the hex numbers to decimal format. You may use this online tool to perform the conversion. And Provide a screenshot of the result.

2. You are required to analyse these decimal data and explain your conclusion below

Theory #2. Each octet in this file represent a character in ascii table. To verify this theory, you are required to
What is Ascii table
1. Convert the hex numbers to ascii characters. You may use this online tool to perform the conversion. And Provide a screenshot of the result

2. You are required to analysis these decimal data and reach a conclusion. Explain your conclusion below

Theory #3. All the data in this file represent a binary file of a kind of format (ideally a video, a piece of audio or a picture). You required to
1. Convert all the hex numbers to a binary file. You may use this online tool to perform the conversion. And Provide a screenshot of the binary file in file system.

2. You are required to run Linux "file" command against the binary file and provide a screenshot of the result

3. What is the file format of the binary file?

4. Once the format of the file is determined, open this file with proper software (e.g. image viewer for image file) and provide a screenshot of the result.

5. You are required to analysis the content of this binary file. Explain your finding below?

Step 7: You have identified some key words in the previous steps (file name of the pictures, special word in the README.md picture etc..). You will now prepare a wordlists that will be used in a brute force password attack against the Broken machine. To begin, create two (2) lists of words as you see below which will act as your username and password lists.
• 5terre
• forrest
• lights
• mountains
• broken
• gallery

Step 8: Exploitation
You are now tasked with launching your brute-force password attack against Broken. The tool of choice is ‘Hydra'. You will attack on port 22 for SSH login credentials. Remember to be persistent with Hydra.

Part B: Team Configuring & Troubleshooting Processes
NB: For Part B of the assessment task, you must now add another Network Adapter to your Kali VM Machine.

Step 1 - Add another network adapter card and issue the command on CLI that will confirm the installation of the second network adapter. Screenshot your result. (The new adapter should be on Host Only also).

Step 2: Connectivity testing.
Turn on Wireshark within Kali Linux and select the eth0 interface. Ensure Kali can still connect to Broken VM. Screenshot your results here that verify connectivity. Do not stop the ping from Kali to Broken.

Step 3: Open a new terminal in Kali and then issue the following script commands:

sudo ifconfig eth0 down
sudo ifconfig eth1 192.168.231.129 netmask 255.255.255.0
sudo route add default gw 192.168.231.253 eth1

If you have stopped the ping in Step 2, re - issue the ping command from Kali to Broken Machine. Remember Kali has a continuous ping.
Can you still ping Broken VM? Screenshot your results.

Step 4: Troubleshoot the connection issues. Document your troubleshooting methods below and issue a short report to your TSD team leader. Your report should document the steps taken before and after diagnosis. (Answer in one short paragraph or two.)

Part C: Python scripting
Now you have finished all the testing procedures manually in Part A and Part B. In this part, you are required to automate at least one of the testing steps above using Python language. Below is a list of recommended testing procedures for you to select. If you would like to automate anything outside this list, you must discuss with your assessor about the idea and obtain approval from your assessor.

Attachment:- Test concepts and procedures for cyber security.rar

Reference no: EM133011669

Questions Cloud

How additional paid-in-capital common account will increase : Perry corporation issues 20,000 shares of $0.50 par common stock for $6.00 per share; the additional paid-in-capital common account will increase by
Describe how are you going to perform sql injection : Describe how are you going to perform SQL Injection and what are the expected results and Describe how are you going to exploit the hijacked session token
Estimate the monthly fixed cost and variable cost per loan : State the cost equation for State Library of South Australia. Estimate the monthly fixed cost and the variable cost per loan using the high-low method.
Determine the differential income or loss : Salty Snacks would like to lease the half of the building for the next 5 years at $100,000 each year. Determine the differential income or loss
Concepts and procedures for cyber security : Demonstrate one or more of the required Observation tasks to a satisfactory level, they will be given a second opportunity to demonstrate the unsatisfactory
What would abc co estimated cost of equity : What would ABC Co's estimated cost of equity if it were to change its capital structure to 40 percent debt and 60 percent equity?
How much is the direct origination fee : On April 1, 2021, Lunar Company loaned P20,000,000 to Eclipse Company. How much is the direct origination fee
What will be the balance in the account : Suppose you deposit $1,000 today in an account that pays interest at an annual rate of 5%. What will be the balance in the account
What will be the company dividend six years from now : The last dividend it paid (T = 0) was $.90 a share. What will be the company's dividend six years from now

Reviews

Write a Review

Other Subject Questions & Answers

  What type of anemia does ms a most likely have

Considering the circumstances and the preliminary workup, what type of anemia does Ms. A most likely have? In an essay of 500-750 words, explain your answer and include rationale

  Determine how your legislator voted on the issue

Determine how your legislator/representative voted on the issue. Write a letter to the legislator, thanking him/her for voting as he/she did, and explaining.

  Write a brief paper analyzing a social problem

Write a brief paper analyzing a social problem and making an argument for how it should be addressed, using 3 ethical frameworks.

  Conduct an analysis by comparing childhood learning

Conduct an analysis by comparing and contrasting childhood learning using the concepts of classical conditioning and operant conditioning

  Identify and define the first of the two concepts

After reading one of the articles on Blackboard, students will consider 2 concepts from this course that can be applied to the article. These concepts will be defined according to the definitions in this class. No dictionary, encyclopedia or other..

  Discuss what are weapons of mass destruction

What are weapons of mass destruction. How is the United States working to mitigate the threat

  Crime causation by david.makin

The Discussion Board (DB) is part of the core of online learning. Classroom discussion in an online environment requires the active participation of students and the instructor to create robust interaction and dialogue

  Evaluate the american criminal court system

Evaluate the American criminal court system. Define the dual court system. Identify the role of courts in criminal justice today.

  Discuss the historical development of communication

Discuss the historical development of communication technologies and explain any pros and/or cons of these technological advances.

  Describe briefly the ahima code of ethics

For this assignment, write 2-3 pages following the APA style, including an introduction, headers, and a conclusion. Write clearly and precisely, be creative.

  What type of disaster is your local hospital likely to face

What type of disaster is your local hospital likely to face? Has this occurred in the past? Was the hospital prepared to respond appropriately? As a risk manager, what questions might you have about the hospital's response plan?

  Describe the event the client experienced

Create a mock case study of a client who is a survivor of a traumatic event and who has overcome the experience, and is now demonstrating resilience.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd