Examine a known vulnerability present in software

Assignment Help Computer Network Security

Reference no: EM132622290

CTEC5803 Host and Network Security - De Montfort University

Vulnerability Investigation

Learning outcome 1: Design and maintain a defensible computer host.
Learning outcome 2: Apply relevant computer security principles, tools and techniques.
Learning outcome 3: Explain, critically analyse and evaluate host-based security principles, tools and techniques.
Learning outcome 4: Solve problems systematically.

Tasks to be undertaken:

In this coursework you are expected to:

Part 1. Examine a known vulnerability present in software running on a host-machine or network component. The vulnerability should be chosen from one of the topic areas covered in the module. For example:

• Host-based security: software security, flaws in programs (buffer overflows, stack smashing), access control mechanisms (ACLs, UNIX file permissions, MAC, DAC, RBAC), authentication technologies (passwords, password management, biometrics, tokens, multi-factor)

• Network security: security protocols, cryptography (e.g., AES, RSA, digital signatures, key management (PKI, x.509)), link-layer security (e.g., ARP cache poisoning), transport-layer security (e.g., TLS), application-layer security (e.g., DNS/DNSSEC, firewalls, intrusion detection systems, wireless and mobile security)

Part 2. Analyse the underlying flaw, including describing technical details and making appropriate reference to the academic literature, the CVE and CWE databases.

Part 3. Find an exploit for this vulnerability and demonstrate how a successful attack can be launched in a virtual environment.

Part 4. Investigate how this particular attack can be detected, for example by a system administrator.

Part 5. Critically analyse countermeasures that can prevent or at least mitigate the risk of this attack, making appropriate reference to security design principles.

You will be given opportunity to find a suitable vulnerability during the lecture week and can ask advice from your tutor as to the feasibility of your choice.

Attachment:- Vulnerability Investigation.rar

Reference no: EM132622290

Questions Cloud

Advantages and disadvantages r programming language : Why are statistical programming languages important to data scientists? What are some advantages and disadvantages the R programming language

What are central values and beliefs set forth by theorist : What are the central values and beliefs set forth by the theorist? Which of the four metaparadigm concepts are included in the model?

What is the good forensic accountant : In the reading "What is the 'Good' Forensic Accountant? A Virtue Ethics Perspective", the author supports the use of a 'Virtue Ethics' approach

What is Dan s assessable income in the current tax year : Dan received a cheque for the net amount of $3600. In relation to the payment, what is Dan s assessable income in the current tax year

Examine a known vulnerability present in software : Examine a known vulnerability present in software running on a host-machine or network component. The vulnerability should be chosen from one of the topic areas

Three key attributes of human attackers : There are three key attributes of human attackers, What are your thoughts on this topic?

Find the depreciation for the current fiscal year : Equipment acquired, Determine the depreciation for the current fiscal year and for the following fiscal year by the double-declining-balance method.

Explain the capm concept : Explain the CAPM concept and discuss the interrelationship of its three components in accounting for systematic and unsystematic risk.

How do you encourage and ensure your team works together : How do you encourage and ensure your team works together, and how do you support that structure? Give an example with your explanation.

User Account

All Pages