User Account

All Pages

Penetration testing project for ecommerce website

Assignment Help Computer Network Security
Reference no: EM132293244 , Length: word count:1500

Penetration Testing Project for eCommerce Website

Learning Outcome

The purpose of the assignment is to analyse the botnet attacks in cybersecurity; evaluate available defensive resolutions, and recommend a security solution. Students will be able to complete the following ULOs:
a. Analyse cyber security threats and attacks
b. Implement and evaluate security testing tools in a realistic computing environment

Assignment 1: Penetration testing on eCommerce Website

Assignment Description

You are a new IT engineer at PureHacking.com located in Australia.

Your client is Mr. Daniel Gromer who runs a chain of clothing shops in Australia. Mr Gromer runs over 50 clothing shops in Sydney and Melbourne targeting female customers in their early twenties with moderate budget. Mr. Gromer has recently taken an interest in online business as he realized that many of his competitions have moved onto the online platforms reducing their expenditure significantly. Mr. Gromer has hired a team of web developers (located overseas) to develop and their new online shop is ready to launch in May 2019. Mr. Gromer has no IT background but he is aware of many cases where the websites were hijacked and lost fortunes alongside ruining their digital reputations.

Mr. Gromer has approached the PureHacking.com to assess his new eCommerce website and report any vulnerabilities ahead of its launch as Mr. Gromer is aware that he may get only one chance at the online success and if the website security is breached, he can face major loss in his investment.

Mr. Gromer informs: his eCommerce website is using WooCommerce plugin implemented on the WordPress website platform and the entire website is running on Linux webserver. The website developers have been using FTP to upload the website contents to the Linux webserver. The developers are fairly certain that their FTP passwords were complex enough not to be compromised. The password is given to PureHacking (your lecturer).

Your task is to write a report on how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.

In this report, you are to report:

1. Potential risks and threats to the eCommerce website and their web server.

2. Penetration testing tools and technologies you will use
a. Description of tools and technologies
b. Other case episode of their usages

3. Expected outcomes from the penetration testing

4. Resources you will require to complete the penetration testing (including security credentials in red teaming).

5. Expected business benefits to the client (Mr. Gromer).

6. Conclusion and remarks on future works.

Reference no: EM132293244

Questions Cloud

Develop building services design documentation : BBE102 Sustainable Building Services - Holmesglen - develop and produce a comprehensive document that evaluates and appraises all the relevant information
Need an analysis of two survey data sets : Instructions: Need an analysis (a write up) of 2 Survey data sets individually. And then need a comparison and a contrast of the 2 data sets
Propose solution to avoid data vulnerability : MN506 - System Management - Server Availability Monitoring and Metrics - Melbourne Institute of Technology - Propose a solution to avoid data vulnerability
Create a forecast - convert all the case data : Create a forecast, convert all the case data into a realistic P&L for the initiative and find the baseline net present value (profits and losses)
Penetration testing project for ecommerce website : Penetration Testing Project for eCommerce Website - Potential risks and threats to the eCommerce website and their web server - Expected outcomes
Identify a key management challenge : MBA 501 - Managing Organizations - Identify a key management challenge faced by an organization of your choice - Discuss the key dimensions of Planning
Determine the activation energy for the catalyzed reaction : Determine the activation energy for the catalyzed reaction (assuming T = 25°C). Show your work - what are the first order rate constant (kuncat)
Describe the companys culture based on your analysis : Evaluate whether the company's actions seem to align with their vision and mission statements.
Give the name of the leader who has been instrumental : You are the Vice President for a medium size company. It has been a long standing rule that to be eligible for a certain job classification.

Reviews

len2293244

4/25/2019 4:25:43 AM

Grade Mark HD Excellent Introduction /3 All topics are pertinent and covered in depth. Ability to think critically and source material is demonstrated Report Layout /3 Exceptional report layout, style and language used The Botnet attack modules and structures /10 Modules and structures addressed exceptionally clearly with clear external links and sources Botnet attack types and their implications to the victim services /10 Exceptional analysis of botnet attack types and their implication to the victim’s

len2293244

4/25/2019 4:25:39 AM

Section to be included in the report Description of the section Marks Introduction Outline of the report ( in 3-4 sentences) 3 Report Layout Report layout, style and language 3 Potential threats and risks Identify the potential threats and risks of your concern in terms of penetration testing planning 10 Penetration tools and technologies Recommend penetration tools and technologies and rationalize your choice. 10 Expected outcomes What are the signs you are looking within penetration testing 5 Resources required Resources you will require to complete the penetration testing (including security credentials in red teaming). 5 Practical demonstration Demonstration of use of ethical hacking tools in labs 5 and 6. 5 Business benefits Expected business benefits to the client (Mr. Gromer). 5 Conclusion and remarks Write summary of the report and future work 2 Reference style Follow IEEE reference style 2 Total 50

Write a Review

Computer Network Security Questions & Answers

  Design a modern network for a private high school

Design a Modern Network for a Private High School. The network is proposed to achieve the above objectives considering the school's following business and technical goals.

  What architecture does a ddos attack typically use

What architecture does a DDoS attack typically use? What is the primary defense against many DoS attacks, and where is it implemented?

  Create a personal disaster recovery plan

Locate reviews for at least four tools and create a chart that list describes the tool, features, cost and support available. Which would you recommend if cost was an issue? Which would you recommend if cost were not an issue?

  In the past several years incidences such as school

in the past several years incidences such as school shootings have caused loss of many lives in us schools and

  Discuss security concerns that the free hot spots can create

Research and discuss the security concerns that these free hot spots can create for the end user.

  Controversial topic in recent media stories

The escalation in computer crime is becoming an increasingly controversial topic in recent media stories. However, the way in which cybercrime is handled differs depending upon the country that has jurisdiction.

  Usual methods used in toxicology

COS721 - Forensic toxicology is the use of toxicology and other disciplines such as analytical chemistry, pharmacology and clinical chemistry to aid medical

  Study on web application honey pots

Study on Web application Honey pots - To study about the web application honey pots and their applications with critical evaluation

  Explain what fiona meant using the concept of the business

Fiona told her friend that she is very fortunate as the slow-down in the economy has not decreased sales in her grocery store by much

  Develop detailed plan to approach and secure incident scene

Discuss the initial steps you would take for the investigation, depending on whether or not the attack is still in progress. Include how your actions would differ based on the current status of the incident.

  Most difficult type of cyber attack to defend against

Consider how this information could be used by an organization for its security program. Was anything surprising to you - Post a message to the forum regarding your experience with any of the cyber attacks described in the text.

  Access control list

DNS Cache Poisoning attack, Turtle Shell Architecture,

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd