Reference no: EM133106842
4064CEM Foundations of Cyber Security - Coventry University
Assignment 1:
Learning Outcome 1: Relate current events in cybersecurity to the technological and theoretical aspects of their course.
Learning Outcome 2: Use common tools to enumerate networks and hosts.
Task 1 :
You are required to investigate a real security incident that has been reported in English-speaking online public media since January 2022, and produce a report (up to 1000 words) that should consist of:
• Description of the incident, including the possible techniques and tools employed.
• Analysis of the incident including the following:
o Value of the assets at risk
(If necessary make reasonable assumptions and state them clearly.)
• Identification of the CIA properties of the valuable assets that were reduced as a result of the incident.
• Describe two (2) countermeasures, either existing or proposed by you, that would reduce the risks associated with the threats and assets.
Task 2:
When people log on to the system (Unix/Linux/Windows) and create their files, they want to protect those files: some of them may be public, and some are only intended for a restricted audience, and some are private.
For stage-two 5064CEM (Networking) module, the following materials will be onto a Linux (Debian) server:
• Documents such as MID (module information), lecture notes, and portfolio reports that are group projects.
• Some tools/applications.
All these documents and tools may be grouped into various directories. Below are the access policies:
Policy 1: Everyone can read 5064CEM MID;
Policy 2: For the module lecturers, in addition to Policy 1, they can also:
o write 5064CEM MID,
o read and write all the lecture notes,
o read, write and run the tools/applications;
Policy 3: For students enrolled on the module, in addition to Policy 1, they can
o read all the lecture notes,
o run the tools/applications;
o read and write their own portfolio reports (group projects).
To simplify the scenario, suppose there are four students that are enrolled on this module, there is one module leader, and there is one student who is not enrolled. Table 2 gives the user names (accounts) for these users.
Table 2: user names for Task 2
|
Roles
|
Name
|
User name
|
|
module leader
|
John
|
john
|
|
group 1 student1
|
Roy
|
roy
|
|
group 1 student2
|
Randy
|
randy
|
|
group 2 student1
|
Mark
|
mark
|
|
group 2 student2
|
Mike
|
mike
|
|
student that is not enrolled onto 5064CEM
|
Luke
|
Luke
|
Please complete the following sub-tasks for Task 2. Apart from Task 2-3, please provide your solutions (e.g. commands) together with the screenshots of the output of your solutions.
Task 2-1: Assuming you log in as root, create an account for Mark:
Task 2-2: Assuming you log in as root, provide a weak password for Mark, and then employ an offline dictionary-based tool to crack Mark's password. You may use the wordlist provided by your Linux system, or download from the Internet, or create your own wordlist.
Task 2-3: Construct an Access Control Matrix to express the access control policies for users and 5064CEM materials as shown in Table 3:
Table 3: Access Control Matrix
|
|
5064CEM MID
|
Lecture3 Note
|
Group1 Report
|
Group2 Report
|
Tool
|
|
John
|
|
|
|
|
|
|
Roy
|
|
|
|
|
|
|
Randy
|
|
|
|
|
|
|
Mark
|
|
|
|
|
|
|
Mike
|
|
|
|
|
|
|
Luke
|
|
|
|
|
|
Task 2-4: Assuming you log in as john, create 5064CEM MID (the content of 5064CEM MID is not essential and can be any content constructed by you), and then implement the access rights for 5064CEM MID.
Task 2-5: Assuming you log in as mark, create Group2 Report (the content of Group2 Report is not essential and can be any content constructed by you), and put it in the directory of /home/mark/group2/; and then implement the access rights for Group2 Report.
Task 2-6: Further to Task 2-5, assuming you log in as mark who is the group leader of Group2 Report. Configure appropriate directories and/or files to avoid careless deletion of Group2 Report by his group members (e.g. Mike).
Attachment:- Foundations of cyber security.rar
|
Determine the initial measurement of the bonds
: On January 1, 2021, Luke Company issued its 9%, P5,000,000 face value bonds at a premium. Determine the initial measurement of the bonds
|
|
How much is the monthly payment
: A loan of P30,000 is to be repaid monthly for 5 years that start at the end of 4 years. If interest rate is 12% converted monthly, how much is monthly payment
|
|
What is the appropriate cost for retained earnings
: The return on the S&P 500 index is 12%. What is the appropriate cost for retained earnings in determining the firm's cost of capital
|
|
What is the display filter expression
: Identify well-known security issues and Demonstrate how well-known security vulnerabilities can be both exploited - explain how message integrity is provided
|
|
Use common tools to enumerate networks and hosts
: Relate current events in cybersecurity to the technological and theoretical aspects of their course and Use common tools to enumerate networks and hosts
|
|
Prepare the journal entries for sheffield
: Sheffield completes installation on September 15, 2021, and the customer pays the balance due. Prepare the journal entries for Sheffield in 2021
|
|
What amount of interest expense should blossom report
: In its 2021 income statement, what amount of interest expense should Blossom report from this lease transaction
|
|
What is the minimum amount that you would accept
: Based on what you know today, what is the minimum amount that you would accept in exchange for the asset just before the payoff is revealed
|
|
Calculate the present value
: Question - Calculate the present value of $100,000 to be received in 10 years assuming an annual interest rate of 4%
|