User Account

All Pages

Software security in the context of a penetration test

Assignment Help Computer Network Security
Reference no: EM132875755

Learning Outcome 1: Critically analyse and evaluate security techniques used to protect complex heterogeneous environments and apply their findings for offering advice regarding solutions to decision makers.

Learning Outcome 2: Apply advanced and current concepts/issues of computer systems risks, vulnerabilities, threats analysis, and software security in the context of a penetration test

Learning Outcome 3: Use initiative for autonomously conducting and managing a penetration test, within a complex and unpredictable environment, demonstrating a systematic approach of creatively applying knowledge in unfamiliar contexts for solving problems

Assignment Brief:

Scenario:
Assume that you are working as a consultant for an SME which is building its capability in penetration testing. Your client has asked your employer to conduct the penetration test against a server, as they fear they might have already been breached. To their best of their knowledge, the company assumes that the server offers only the following online services: http, b) ssh, and c) vnc.

This is an individual assignment that will assess your ability to conduct a full-scale penetration test. Please ensure that in completing these tasks you deploy the techniques you have been taught in your course and, especially, in this module. If you produce work that is not concise and to the point, then marks may be reduced. The deadline for this assignment is the 10.05.2021.

Task 3

You are expected to undertake a grey-box Penetration Test. To guide your activities, you are expected to use the plans that you have produced in Assignment 1.

Information about the IP address of target of your test as well as the schedule to access it is available on Canvas. Specifically, please navigate to the module on Canvas and select the "Your Assignment IP address and your Access Schedule" page, which is available under the "Module Information" Unit, in order to find more information.

Please look at the Assessment Criteria table, which is provided below, for understanding the expected structure of your report. You are required to present your findings in a factual manner to convince decision makers of a large corporation on business strategies. Do not provide a narrative of your intelligence gathering activities in the main report. You may include this in an appendix.

In the Attack Narrative section, you are expected to discuss the attacks you have undertaken and what vulnerabilities you have tested in each attack. In the Vulnerability Details & Mitigation section you are expected to provide a technical explanation of the vulnerabilities you have tested and confirmed (e.g., with a working exploit), as well as offer advice on how to mitigate it. To get full marks for this section you are expected to provide confirmed details and mitigation for three (3) vulnerabilities from the total vulnerabilities that you have found on the target.

Attachment:- Assignment Briefing Sheet.rar

Reference no: EM132875755

Questions Cloud

Leadership and personality assessments : Explain your personal leadership style through the use of leadership and personality assessments.
Improve the shortcoming of unstructured interviews : Discuss THREE (3) features of structured interviews that improve the shortcoming of unstructured interviews.
How can prevent biases from impacting : As a manager of a diverse team, how can you prevent biases and microaggression from impacting your team's ability to communicate?
Context of employment-what is discrimination : In the context of employment, what is discrimination? And how do direct discrimination and indirect (sometimes called "systemic") discrimination differ?
Software security in the context of a penetration test : Demonstrating a systematic approach of creatively applying knowledge in unfamiliar contexts for solving problems
Business writer hotline-telephone and e-mail service : Who teach business communication at Iosco Community College, are interested in setting up a business writer's hotline-a telephone and e-mail service
Why do you think the various quality problems described : Why do you think the various quality problems described in the case occurred? Analyze several possible reasons. Is there a different reason in each situation
What does social responsibility mean to personally : Do you think business organizations should be socially responsible? What do you think is the best way for managers to ensure their employees act ethically?
Research paper on the role of organizational communication : When doing a research paper on the role of organizational communication on employee job satisfaction at a department where dissatisfaction in the communication

Reviews

len2875755

5/3/2021 11:51:04 PM

Hello Team, In the Above Grey-box Penetration we requested to find out 3 vulnerabilities in which two should be passed result and one failed result vulnerability. As We don''t need all 3 vul''s to be passed. Kindly let me know if any questions. Thanks

Write a Review

Computer Network Security Questions & Answers

  Describes the ideal information system security plan

Write a 1,750- to 2,450-word paper that describes the ideal information system security plan for your selected organization. Provide a clear description of the organization that includes the following: Business purpose and Primary functions

  Discuss the considerations that should come into play

Discuss the considerations that should come into play when deciding on locations for wireless NIDS sensors.

  Selection of a dynamic routing protocol

Selection of a dynamic routing protocol, explanation of how that protocol will be implemented, and justification for the selection/design - Logical network design, explanation, and justification for how the proposed design addresses the requirement..

  Develop a paper about child-pornography

Develop a 12 pages paper about child-pornography - You need to submit a 12 pages paper about child-pornography.

  Help us understand how to stop spreading

The online service should be easy to use, give us good information about any IP's the malware references, and help us understand how to stop spreading.

  Calculate the average avalanche effect

INCS-741 Cryptography - Draw a chart which shows the relation between P, C, and K according to this cipher - Implement the above mentioned cipher and calculate

  Perspective of current hot topics in information security

Build an understanding and perspective of current hot topics in Information Security and build generic skills including

  Implementation and evaluation of penetration testing tools

Implement and evaluate security testing tools in a realistic computing environment and evaluate and applies contemporary intelligent cyber security solutions

  Why are anti-social engineering and dumpster diving safeguar

Attackers are becoming more ingenious in their attack methods every day. A part of this evolving methodology is the physical aspect of security. Please respond to all of the following prompts: 1. Why are anti-social engineering and dumpster diving sa..

  Cyber security practices of an organisation

Demonstrate critical and in-depth understanding of key information governance and cyber security principles and methods

  Why is an e-mail and internet use policy needed

Why is an e-mail and Internet use policy needed? What are the benefits of developing an incident response capability?

  Security mechanisms needed to protect the dms systems

Analyze the security mechanisms needed to protect the DMS systems from both state employees and users accessing over the Internet

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd