User Account

All Pages

Penetration testing on ecommerce website

Assignment Help Computer Networking
Reference no: EM132291010

Penetration Testing Project for eCommerce Website

Learning Outcome

The purpose of the assignment is to analyse the botnet attacks in cybersecurity; evaluate available defensive resolutions, and recommend a security solution. Students will be able to complete the following ULOs:
a. Analyse cyber security threats and attacks
b. Implement and evaluate security testing tools in a realistic computing environment

Assignment 1: Penetration testing on eCommerce Website

Assignment Description

You are a new IT engineer at PureHacking.com located in Australia.

Your client is Mr. Daniel Gromer who runs a chain of clothing shops in Australia. Mr Gromer runs over 50 clothing shops in Sydney and Melbourne targeting female customers in their early twenties with moderate budget. Mr. Gromer has recently taken an interest in online business as he realized that many of his competitions have moved onto the online platforms reducing their expenditure significantly. Mr. Gromer has hired a team of web developers (located overseas) to develop and their new online shop is ready to launch in May 2019. Mr. Gromer has no IT background but he is aware of many cases where the websites were hijacked and lost fortunes alongside ruining their digital reputations.

Mr. Gromer has approached the PureHacking.com to assess his new eCommerce website and report any vulnerabilities ahead of its launch as Mr. Gromer is aware that he may get only one chance at the online success and if the website security is breached, he can face major loss in his investment.

Mr. Gromer informs: his eCommerce website is using WooCommerce plugin implemented on the WordPress website platform and the entire website is running on Linux webserver. The website developers have been using FTP to upload the website contents to the Linux webserver. The developers are fairly certain that their FTP passwords were complex enough not to be compromised. The password is given to PureHacking (your lecturer).

Your task is to write a report on how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.

In this report, you are to report:

1. Potential risks and threats to the eCommerce website and their web server.

2. Penetration testing tools and technologies you will use
a. Description of tools and technologies
b. Other case episode of their usages

3. Expected outcomes from the penetration testing

4. Resources you will require to complete the penetration testing (including security credentials in red teaming).

5. Expected business benefits to the client (Mr. Gromer).

6. Conclusion and remarks on future works.

Verified Expert

The work is in 1500 words where the focus is on determining the security and the planning of the sector for the penetration testing.It includes the forms and the sectors which defines through the system section which helps in defining the forms and the planning which is done in an effective manner.

Reference no: EM132291010

Questions Cloud

What is the definition of inventory management : What is the definition of inventory management and Why is proper inventory management important?
About the customer service desk from your interview : What you learned about the Customer Service Desk from your interview.
Different with external communications initiative : How might the metrics be similar or different with an external communications initiative?
Business contact information-social media presence : Business Contact Information, e.g. phone, email address or biography. Social Media Presence, e.g. Facebook, Twitter or Instagram
Penetration testing on ecommerce website : MN623 Cybersecurity and Analytics - Melbourne institute of technology - Penetration Testing Project for eCommerce Website - Learning Outcome
Show the resulting tree right after the insertion : CS6033 Design and Analysis of Algorithms Assignment Questions, New York University, USA. Show the resulting tree right after the insertion
Discuss at least one opposition or barrier : Discuss at least one opposition or barrier they may come across with each proposed action plan. Each action plan must include an evidence based in-text citation
Design benefits packages that their employees will value : What, if any, are the implications for organizations as they try to design benefits packages that their employees will value?
How you intend to use the resources : Clearly and thoroughly explain in detail how you intend to use these resources, and how they might benefit you academically and professionally.

Reviews

len2291010

4/22/2019 11:07:09 PM

Practical Exceptional Excellent Very good good Did not demonstration demonstration demonstration demonstration demonstration demonstration of use of of use of of use of of use of ethical of use of ethical hacking ethical hacking ethical hacking hacking tools. ethical hacking tools. tools. tools. tools. Conclusion and Logic is clear Consistency Mostly Adequate Argument is remarks on and easy to logical and consistent cohesion and confused and future works follow with convincing logical and conviction disjointed /2 strong convincing arguments Reference style /2 Clear styles with excellent source of references. Clear referencing style Generally good referencing style Sometimes clear referencing style Lacks consistency with many errors

len2291010

4/22/2019 11:07:04 PM

Botnet attack types and their implications to the victim services /10 Exceptional analysis of botnet attack types and their implication to the victim’s Good analysis of botnet attack types and their implication to the victim’s services Analysis of botnet attack types and their implication to the victim’s services Evaluation of a few botnet attacks and their implications Did not analyse the required botnet attack types and their implications to the business services with consolidating examples. Recommendatio Exceptional Good Some A few No proper n of your choice recommendatio recommendatio recommendatio recommendation recommendatio in protective n with clear and n with good n is provided but s provided but n is provided. solution convincing rationale and with limited with limited /15 rational and some examples rationale and rationale some case sample cases examples

len2291010

4/22/2019 11:06:55 PM

Marking Rubric for Assignment #1: Total Marks 50 Grade Mark HD DI CR P Fail Excellent Very Good Good Satisfactory Unsatisfactory Introduction /3 All topics are pertinent and covered in depth. Ability to think critically and source material is demonstrated Topics are relevant and soundly analysed. Generally relevant and analysed. Some relevance and briefly presented. This is not relevant to the assignment topic. Report Layout /3 Exceptional report layout, style and language used Very good report layout, style and language used Good report layout, style and language used Acceptable report layout, style and language used. Poor report layout, style and language used. The Botnet attack modules and structures /10 Modules and structures addressed exceptionally clearly with clear external links and sources Modules and structures addressed clearly with some links and sources Modules and structures addressed with few links and sources Modules and structures addressed with minimum resources The modules and structure not addressed clearly

len2291010

4/22/2019 11:06:48 PM

Marking criteria: Section to be included in the report Description of the section Marks Introduction Outline of the report ( in 3-4 sentences) 3 Report Layout Report layout, style and language 3 Potential threats and risks Identify the potential threats and risks of your concern in terms of penetration testing planning 10 Penetration tools and technologies Recommend penetration tools and technologies and rationalize your choice. 10 Expected outcomes What are the signs you are looking within penetration testing 5 Resources required Resources you will require to complete the penetration testing (including security credentials in red teaming). 5 Practical demonstration Demonstration of use of ethical hacking tools in labs 5 and 6. 5 Business benefits Expected business benefits to the client (Mr. Gromer). 5 Conclusion and remarks Write summary of the report and future work 2 Reference style Follow IEEE reference style 2 Total 50

len2291010

4/22/2019 11:06:40 PM

Submission Guidelines ? All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page. ? The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2 cm margins on all four sides of your page with appropriate section headings. ? Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.

Write a Review

Computer Networking Questions & Answers

  Distinguish local area networks and wide area network

Identify hardware and software needed to secure your choice of networks against all electronic threats. Distinguish between local area networks (LANs), wide area networks (WANs), and wireless technologies.

  Segment network to reduce scope of compliance

To avoid having whole network subject to PCI specifications, how will you segment network to reduce scope of compliance?

  Explain a tcp connection between host a and host b

Is it possible for an application to enjoy reliable data transfer even when the application runs over UDP? If so, please be specific in your answer of how this takes place.

  Write primary advantage of deterministic local area network

Write the primary advantage of a deterministic local area network protocol over a nondeterministic local area network protocol.Give a real-life example of this advantage.

  What was the response from the dns server for each query

Using a Protocol Analyzer to Troubleshoot DNS Time Required: 30 minutes or more Objective: Troubleshoot DNS by capturing the packets in a DNS query.

  Analyse internet traffic and study the IP traffic

Analyse internet traffic and study the IP traffic, different major network KPIs between different applications and different IP Versions

  Compare the wireless communication technologies

compare the wireless communication technologies and evaluate their performance - Test and evaluate various wireless networks performance

  Business data communications and networking

Business Data Communications and Networking 12th Edition Author:FitzGerald, Jerry; Dennis, Alan Chapter 6, Problem 3MC

  You are working as the network administrator in abc

you are working as the network administrator in abc technologies. your companys network has been experiencing many

  Should you develop a standard package solution for customers

Should you develop a standard package solution for each of your customers? What advantages accrue from a standard solution? What are the disadvantages?

  Difference between symmetric and public key system

What is the most important difference between a symmetric key system and a public key system and in what way does a hash function provide a better message integrity check than a checksum

  What is needed to accelerate its deployment

Discuss some of the problems NATs create for IPsec security. (See [Phifer 2000]). Can we solve these problems by using IPv6? Why deployment of IPv6 has been slow to date. What is needed to accelerate its deployment?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd