Get Cheapest Assignment in Australia, UK, US, UAE, Canada and NZ Order Now

7024CEM Ethical Hacking

0 Comments

Do you need help for 7024CEM Ethical Hacking

Faculty of Engineering, Environment and Computing

7024CEM Ethical Hacking

Assignment Brief

Module Title Ethical HackingIndividualCohort (Sept/Jan/May)Module Code 7024CEM
Coursework Title (e.g. CWK1) Assignment: Pentesting AssignmentHand out date: 26/5/2022
Lecturer Dr. C. PanchevDue date: 8/8/2022
Estimated Time (hrs): Word Limit*: 2000Coursework type: Assignment% of Module Mark 100
Submission arrangement online via Aula: File types and method of recording: Single PDF file   Mark and Feedback date (DD/MM/YY): Mark and Feedback method: via Aula

Module Learning Outcomes Assessed:

  1. Understand and implement penetration testing methodology, and be able to communicate this with a detailed comprehensive report structure, demonstrating an understanding of the legal and ethical considerations in the context of offensive security.
  2. Critically evaluate and discuss potential vulnerabilities in digital systems.
  3. Critically review preparation, use and application of appropriate tools for attacks performed across multiple platforms
  4. Apply appropriate defences and countermeasures for vulnerabilities discovered and document findings in an appropriate fashion and report findings in accordance with industry standards.

Instructions

You will be given a number of Virtual Machines representing a small office of an SME. You are required to perform a Professional Penetration Testing examination and write a report about your findings and recommendations to improve the security of the system.

The report should have the following (or equivalent) structure:

  • Reconnaissance and target analysis
    • Exploitation (describing in detail the steps you have taken, tools you used)
    • Post-exploitation
    • Recommendations (how to make the target machines secure – this should address all

vulnerabilities which you have identified in your assessment, not just the ones you have exploited)

  • Conclusions (this should contain evaluation of your work and also describe some alternative approaches you could have taken)

You do not need to provide an Executive Summary. Sections 1-3 of report should contain appropriate screen-shots and sample sessions from your work and any references supporting your findings/decisions. As a guide, your report should be about 2000 words.

Notes:

  1. You are expected to use the Coventry University APA style for referencing. For support and advice on this students can contact Centre for Academic Writing (CAW).
  2. Please notify your registry course support team and module leader for disability support.
  3. Any student requiring an extension or deferral should follow the university process as outlined here.
  4. The University cannot take responsibility for any coursework lost or corrupted on disks, laptops or personal computer. Students should therefore regularly back-up any work and are advised to save it on the University system.
  5. If there are technical or performance issues that prevent students submitting coursework through the online coursework submission system on the day of a coursework deadline, an appropriate extension to the coursework submission deadline will be agreed. This extension will normally be 24 hours or the next working day if the deadline falls on a Friday or over the weekend period. This will be communicated via your Module Leader.
  6. Assignments that are more than 10% over the word limit may result in a deduction of 10% of the mark i.e. a mark of 60% will lead to a reduction of 6% to 54%. The word limit includes quotations, but excludes the bibliography, reference list and tables.
  7. You are encouraged to check the originality of your work by using the draft Turnitin links on Aula.
  8. Collusion between students (where sections of your work are similar to the work submitted by other students in this or previous module cohorts) is taken extremely seriously and will be reported to the academic conduct panel. This applies to both courseworks and exam answers.
  9. A marked difference between your writing style, knowledge and skill level demonstrated in class discussion, any test conditions and that demonstrated in a coursework assignment may result in you having to undertake a Viva Voce in order to prove the coursework assignment is entirely your own work.
  10. If you make use of the services of a proof reader in your work you must keep your original version and make it available as a  demonstration  of  your written efforts.
  11. You must not submit work for assessment that you have already submitted (partially or in full), either for your current course or for another qualification of this university, with the exception of resits, where for the coursework, you
7024CEM
7024CEM

Marking Ribric

Pass marks will be awarded for basic scanning of the targets, identifying a vulnerability and exploiting it. Report describing the above work will some analysis and recommendations but no critical evaluation. Shortcomings in the structure/presentation of the report. Good presentation and answers demonstrating understanding of the approach and tools used in the assignment.

Good marks will be awarded for comprehensive scanning and fingerprinting, identifying most security vulnerabilities, and exploiting more than one of them. Good conclusions with some critical evaluation and recommendations to secure the system. Good structure/presentation of the report and suitable references. Good presentation and answers demonstrating understanding of the approach and tools used in the assignment.

Excellent marks will be awarded for comprehensive scanning and fingerprinting, identifying all security vulnerabilities, and exploiting all of them. Able to maintain your presence on the target systems. Good conclusions with critical evaluation and recommendations to secure the system. Good structure/presentation of the report and suitable references. Excellent presentation and answers demonstrating understanding beyond the approach and tools used in the assignment.

The table below shows the detailed marks breakdown that you can achieve by completing the different aspects of the assignment.

Scanning2510 
InfoSomeCompleteDetailed
gathering,scanningscanning withscanning and
scanning andwithoutsome analysisanalysis of
fingerprintingappropriateof the resultsthe results
 analysis of  
 the results  
Desktop2510 
PenetratingPartialSuccessfulEffective
the Desktopsuccess in(adminpost-
machinepenetratingprivileges)exploitation
 of thepenetration 
 desktopof the 
  desktop 
Server Penetrating2 Partial5 Successful15 Successful20 Effective post-
the Server machinesuccess in penetrating of the server(user privileges) penetration of the server via a single attack vector(admin privileges) penetration of the server via multiple different attack vectorsexploitation
Recommend5102030
ationsLimited andDesktop andDesktop andExtending beyond
RecommendagenericServer basic:ServerDesktop and Server
tions onrecommendarecommendadetailed:technical
securing thetions.tions withoutAdequate 
systems muchtechnical 
  technicalrecommenda 
  detailtions 
   covering all 
   vulnerabilitie 
   s 
Presentation2510 
(Viva andSome issuesWellVery good
Report)withstructured/prpresentation
 structure/preesented butwith relevant
 sentation orlimitedconclusions
 timingargumentsand
   arguments
Arguments251020
(Viva andLimitedGood overallSome validExcellent arguments
report)understandinanalysis, butarguments,and critical thinking
 g, no validno clearbut no clear 
 argumentsarguments orcritical 
  conclusionsthinking