User Account

All Pages

What are the legal and ethical issues

Assignment Help Basic Computer Science
Reference no: EM13317110

Create a report exploring the stages involved in a specific attack (of your choice) against a computing system.

Select and research an attack of your choice. The attack should be technical in nature and exploit a vulnerability to compromise the security of a process, service, system, or network. You are required to show evidence that you have successfully carried out this exploit within a lab environment. If you wish, you may choose to use one of the vulnerabilities that you exploit within the lab exercises: for example, the RPC DCOM or WebDav exploit. However, selecting an attack it should be better.

You are required to use attack software of your choice (such as Metasploit, Armitage, sqlmap, a stand-alone custom exploit, or other software of your choosing), and take screenshots demonstrating each of the stages in the attack. These screenshots are used to illustrate the content of your report.

A bibliographic tool, such as Zotero, may be helpful.

Your report should have the following outline and content:

Front matter

Title, student details, word count, and table of contents.

Introduction

Begin your report with a brief paragraph noting the attack software used, and the vulnerability and exploit covered in your report.

Description of the vulnerability, exploit, and attack software

Describe the vulnerability that the attack exploits, including how or why the vulnerability exists, what versions of software are vulnerable. Include a technical overview of the category of vulnerability (for example, SQL Injection, buffer overflow, or other as appropriate). Then introduce the exploit and attack software you have chosen to use, and give a detailed description in technical low-level terms of how the attack software is able to exploit the vulnerability. Be sure to describe and differentiate between the vulnerability, exploit, and the attack software.

Anatomy of an attack

Describe each of the steps of the attack using the attack software of your choice to exploit the vulnerability you have chosen. This will typically include information gathering (such as footprinting, scanning, and enumeration), exploitation, and postexploitation.

Throughout this section use screenshots demonstrating how each of the stages of attack are carried out, and to illustrate the practical implications of the attack.

Information gathering: How can an attacker gather all of the information needed to identify a target, determine that it is vulnerable to attack, and gain all the information needed to attack the target?

Exploitation: How can an attacker exploit the vulnerability to impact a process, system, or network? Describe the technical goings on behind the steps taken by the attacker.

Post-exploitation: What malicious actions are possible after a successful attack? For example, can the attacker modify a user's file, add user accounts, modify system files/programs, modify the kernel, and so on? What are the limitations of what the attacker can do? What actions could the attacker take to maintain access and cover their tracks?

Recommendations for preventing the attack

In this section, describe recommendations that you believe should be implemented for a system/organisation that is vulnerable to this attack. Briefly describe the various layers of security controls (such as firewalls, access controls, anti-malware, IPS, or as appropriate) that can be used to mitigate the risk posed by the attack, and explain which stages of the attack can be thwarted by those security controls. Provide any other recommendations for mitigating the risk, (for example, choosing different software, or training users). Only make recommendations that apply to defend or prevent against the attack you have described.

Provide a screenshot demonstrating a failed attack attempt against a protected (or not vulnerable) system. For additional marks, show evidence that you have secured the originally vulnerable target against the attack.

Related software
Provide a summary of the attack software you have used, and further describe the scope of the attack software: what else can the software be used to do? Briefly describe other attack software that can be used as an alternative to achieve the attacks demonstrated in the report.

Critical reflection
Describe what you think the underlying deficiency is that has resulted in this vulnerability. What impact could this have on businesses and organisations that are vulnerable? What are the legal and ethical issues?

Conclusion
Conclude your report with a summary of your attack, software, and the implications for ICT security.

References
Harvard references, each of which should be cited within your report. I recommend using a bibliographic tool, such as Zotero.
Your report should be 2500-3500 words.

Reference no: EM13317110

Questions Cloud

What is the break-even number of units per year : A semiautomated system has been developed as an alternative. The costs for the proposed method are $40,000 for equipment and $1.00 per manufacturing cost per unit. What is the break-even number of units per year
Instructions and specifications for project : Shows the major and minor sections and outlines the structure. It should also contain a list of diagrams, charts, tables and so on.
Compute the magnitude of the force supported by the pin at c : The portable floor crane in the automotive shop is lifting a 420 lb engine. For the position compute the magnitude of the force supported by the pin at C and the oil pressure p against the 2.70 in. diameter piston of the hydraulic cylinder unit AB..
What is the angular displacement of the ball : A ball of radius 0.200 m rolls with a constant linear speed of 3.22 m/s along a horizontal table. What is the angular displacement of the ball while the ball is in the air
What are the legal and ethical issues : Describe what you think the underlying deficiency is that has resulted in this vulnerability. What impact could this have on businesses and organisations that are vulnerable? What are the legal and ethical issues?
Find the tangential speed of a point on equator of baseball : A baseball pitcher throws a baseball horizontally at a linear speed of 42.5 m/s (about 95 mi/h).  find the tangential speed of a point on the "equator" of the baseball
Find velocity of bullet immediately after passing through b : A 30 g bullet is fired with a horizontal velocity of 450 m/s through 3-kg block B and becomes embedded in carrier C which has a mass of 30 kg. After the impact, block B slides 0.3m on C before coming to rest relative to the carrier.
Find the average angular speed and the radius of the track : An auto race takes place on a circular track. A car completes one lap in a time of 19.5 s, Find the average angular speed and the radius of the track
Identify the potential sale and department store transaction : Evaluate whether the use of a distributed DBMS structure is appropriate and identify the optimization techniques that should be factored in to enhance the operations of the database in your design.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Calculates how many km had went a man

Write a program that calculates how many km had went a man and how far he was from the initial point .

  Write a program that reads three integers and print

Write a program that reads three integers and print "In order" if they are sorted in ascending order or descending order, or "not in order" otherwise. For example: 1 2 5 in order 1 5 2 not in order 5 2 1 in order 1 2 2 in order 5 1 2 not in order.

  What factors are involved in selecting architecture

Under what architecture would you classify technologies such as virtualization, cloud computing, and Web-based applications? Last, what factors are involved in selecting the architecture that is right for your organization?

  How large video memory is required to store image

How large a video memory is required to store a 640 X 480 image during display? A 1600 X 900 image? A 1440 X 1080 image?

  Examine work-related project using systems analysis

Create 4-6-page paper which examines work-related project which used systems analysis for selected business system at department or division level.

  Provide an explanation of hashtables

Provide an explanation of hashtables, including a description of a realistic scenario that could be solved with the application of a hashtable

  What staffing we would need for two possible scenarios

What could those be? If we outsource would we need to have someone from the company that monitors them? What skills or knowledge would they need.

  Give pseudocode to reconstruct an lcs from completed c table

Give pseudocode to reconstruct an LCS from the completed c table and the original sequences X = and Y = in O(m+n) time, without using the b table. Do this by writing a modified version of PRINT-LCS?

  Explain classic five-stage risc integer pipeline

Assume that the initial value of R3 is R2 + 496. Use the classic five-stage RISC integer pipeline and assume all memory accesses take 1 clock cycle.

  Question about compiler theory

Determine some common compilers available? Based on regular expressions, can all input be validated if it is correct, or not, based on compilation?

  Eliminate the transitive dependency in this relation

Vendor is functionally dependent on Compname and Compname is functionally dependent on Prodname. Eliminate the transitive dependency in this relation and form 3NF (third normal form) relations.

  Analyze the use of gestures in ipads

Analyze the use of gestures in iPads. Address how users feel about gestures. Evaluate how users feel about the user input when it comes to filling out complicated forms on the iPad.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd