Reference no: EM133688544
APPLIED CYBERSECURITY
Learning Outcome 1: Investigate computer security systems, and generate and present a proposal to address security problems
Learning Outcome 2: Identify and analyse security vulnerabilities and propose justifiable technical solutions and potential remedy actions based on findings
Learning Outcome 3: Compare different types of security systems on the basis of functionalities, architectures, configurations, and ethical challenges
Learning Outcome 4: Communicate cybersecurity vulnerabilities and solutions to non-technical audiences to make informed decisions
Assessment 1: Security Tools and Applications
Purpose: This assessment will help students to explore the various networks tools/commands and test all those tools/commands on the laptop/PC for better learning and understanding
Assessment topic: Exploring, Implementing, and Testing
Network Security Tools Task details:
Title: Exploring, Implementing, and Testing Network
Objective:
The objective of this assignment is to familiarize students with various network security tools, their implementation, and testing procedures to assess network vulnerabilities. Students will explore, implement, and conduct tests using different security tools to evaluate the effectiveness of these tools in safeguarding network infrastructures.
Instruction:
Tool Selection: Each student must select and explore five network security tools. The tools should encompass a range of functionalities such as network scanning, intrusion detection, firewall management, encryption, etc. Some recommended tools include but are not limited to:
- Wireshark
- Nmap
- Snort
- Metasploit
- Nessus
- OpenVAS
- Firewall (specific brand or software)
- Burp Suite
- OpenSSL
- Security Onion
Implementation: Students are required to implement these tools within their own systems or a simulated network environment. Ensure proper installation, configuration, and understanding of the tool's functionalities.
Testing: Once implemented, conduct tests to evaluate the effectiveness of these tools. Perform activities such as network scanning, vulnerability assessments, intrusion detection, packet analysis, etc., using the selected tools. Record observations, strengths, weaknesses, and any issues encountered during testing.
Tool Descriptions: Detailed description of each selected tool, its functionalities, and intended use.
Implementation Process: Step-by-step guide on how the tools were implemented within the system or network.
Testing Methodology: Explanation of the testing procedures conducted using each tool, including the tests performed, results obtained, and observations made.
Evaluation: Analyze the effectiveness of each tool, highlighting their strengths, weaknesses, and potential real-world applications.
Conclusion: Summary of key findings, recommendations, and overall impressions of the tools used.
Assessment 2: Purpose: This assessment will allow students to investigate vulnerabilities in cybersecurity and understand the use of various tools for vulnerabilities analysis.
Task Details:
In this assignment, the students will perform network analysis on Kali Linux VM to identify any security vulnerabilities and threats. The students will apply the knowledge gained in the course and online knowledge to perform the analysis. The discussion in the assignment should be based on the CIA (Confidentiality, Integrity and Availability) triad and defence-in-depth. The students will discuss the risk/threat (vulnerability) identified in the analysis and suggest mitigation techniques to reduce those threats. Students must submit the assessment 2 by the end of week 11.
Assessment Description
Setting Up Analysis Environment:
Step 1: You need a Kali Linux VM for this assignment. Download the kali Linux 2021 or any other available. You can also use lab PCs for this assignment.
Students can download the Kali Linux for Virtual box from the following link:
Get Kali | Kali Linux
Step 2: The students also need a target VM with vulnerabilities. This can be done in a few ways.
By installing DVWA. (GitHub - digininja/DVWA: Damn Vulnerable Web Application (DVWA)
By creating a test VM using Metasploitable2
Using other Vulnerable VM
Step 3: After downloading you will need to import each VM into VirtualBox. Students must understand, analyse and demonstrate the use of 1 network analysis tools and utilities and identify vulnerabilities related to cybersecurity.
Performing Vulnerability Analysis
You will be demonstrating the use of 1 vulnerability analysis tools and utilities of your choice such as Nmap, Nikto, OpenVAS, Aircrack etc.
The students are required to make use of tools and utilities available in Kali Linux for network analysis. In other words, you have to get insights about host, it's IP address, OS, security details such as open ports, why they are open, security auditing, compliance testing and system hardening. Your report should contain the following sections:
Introduction: A brief introduction about the analysis tools and utilities used.
Vulnerability analysis: The section should include an introduction about vulnerability analysis tools used in the assignment. You will research a bit about tools usage and demonstrator the working of these tool to analyse network and identify any potential vulnerability and security issues. You must provide screenshot of the process in your report.
Summary: The report must include a summary section in which you have to compare the information gather through all the tools you have used to analyse the network. List down advantages and limitation of each tool.
Submission requirements details: The students will submit a report of approximately 1200 words with a screenshot of the analysis performed. The report should include the following sections:
Assessment 3
Assessment - Countermeasures
Assessment purpose: In this assessment, the students will understand and apply countermeasures for the vulnerabilities identified in the Assessment 2 on Kali Linux VM. The students will apply the knowledge gained in the course and online knowledge to suggest and apply countermeasures. This assessment contributes to learning outcomes b and c.
Task details: In this assessment, Student will understand the countermeasures to protect the system from vulnerabilities identified in Assessment 2. Student will select one vulnerability from the analysis in Assessment 2 and research about approaches that can be used to protect the system.
Introduction:
A brief introduction about the selected vulnerability
Countermeasures:
Recommend methods or tools to harden the system. The student needs to provide the counter measures available for security threats encountered during scanning of host and network. Apply the countermeasure in a Virtual Lab environment successfully.
Conclusive remarks.
Note: Need Assessment 2 and 3