Get Cheapest Assignment in Australia, UK, US, UAE, Canada and NZ Order Now

MN623 Cyber Security and Analytics

0 Comments

Assessment Details and Submission Guidelines
Trimester T2 2019
Unit Code MN623
Unit Title Cyber Security and Analytics
Assessment Type Individual Assessment (Assignment one)
Assessment Title Demonstration of penetration testing tools
Purpose of the assessment (with ULO Mapping) Students should be able to demonstrate their achievements in the following unit learning outcomes: a. Implement and evaluate security testing tools in a realistic computing environment
Weight 15%
Total Marks 100
Word limit 1000 – 1500 words for the report and the length of the video should be no more than 8 minutes
Due Date 11:55 PM, Wednesday Week 8 (4/9/2019)
Submission Guidelines All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page.The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2.54 cm margins on all four sides of your page with appropriate section headings.Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.
Extension If an extension of time to submit work is required, a Special Consideration Application must be submitted directly on AMS. You must submit this application three working days prior to the due date of the assignment. Further information is available at: http://www.mit.edu.au/aboutmit/institutepublications/policies proceduresandguidelines/specialconsiderationdeferment
Academic Misconduct Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policies- procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy- Procedure. For further information, please refer to the Academic Integrity Section in your Unit Description.

Assignment Description

For this assignment, you will evaluate two password cracking tools and write a report with video presentation on how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.

Marks will be awarded based on the sophistication and the difficulties the demonstration explored.

Your task is to complete and make a video presentation and writing a report on the following:

  1. Download and install (on your computer or on MIT Virtual box) any two of the password cracking tools from Table 1.
  • Outline of your presentation should include description of the tools.
  • Demonstrate how to use these tools to crack the password. Your demonstration should include:
    • Discussion    on   the    password    cracking                     counter Measures, and
    • Explanation of how to use these tools to crack the password.
  • Comparison of the tools that you used in this work. Your comparison could include:
  1. Time is taken to crack the password
    1. Ease of usage
  • Analyse the following scenarios and give your opinion on which of the tools that you investigated could be more suitable for these scenarios. In your analysis, please consider the following:
  1. Discuss how you will perform penetration testing on the eCommerce platform and Linux-based FTP webserver to identify their security vulnerabilities and breaches.
  • You should appear in the video at the first and last 30 secs to introduce yourself and draw a conclusion on your experience with the security tool.

Case Scenario: Your client is Mr. Daniel Gromer who runs a chain of clothing shops in Australia. Mr Gromer runs over 50 clothing shops in Sydney and Melbourne targeting female customers in their early twenties with moderate budget. Mr. Gromer has recently taken an interest in online business as he realized that many of his competitions have moved onto the online platforms reducing their expenditure significantly. Mr. Gromer has hired a team of web developers (located overseas) to develop and their new online shop is ready to launch in May 2019. Mr. Gromer has no IT background but he is aware of many cases where the websites were hijacked and lost fortunes alongside ruining their digital reputations.

Mr. Gromer has approached the PureHacking.com to assess his new eCommerce website and

report any vulnerabilities ahead of its launch as Mr. Gromer is aware that he may get only one chance at the online success and if the website security is breached, he can face major loss in his investment.

Mr. Gromer informs: his eCommerce website is using WooCommerce plugin implemented on the WordPress website platform and the entire website is running on Linux webserver. The website developers have been using FTP to upload the website contents to the Linux webserver.

Length of Video: Introduction (30 secs approximately, your appearance should be in the video) + Outline of the presentation (30 secs approximately) + Demonstration of the task (260 seconds approximately) + Comparison of the Tools (30 seconds approximately) +Analysis of the scenario (40 secs approximately) + Conclusion (30 secs approximately, with appearance). The total length of the presentation should not more than 8 minutes (mark would be deducted for over-length presentation).

Table 1: Password cracking tools

Serial # Name of the password cracking tool
1 John the Ripper
2 Rainbowcrack
3 Cain & Abel
4 Ophcrack

You may use any of the available open source software for screen capture. Please find the following as an example.

Submission Guidelines:

  1. Name your video with your student number and name.
  2. Upload Video on your Youtube account
  3. Copy the Video Link to a file (word document) and
  4. Upload it into the MOODLE

To upload on Youtube, you must create your account on youtube. If you have a google account (gmail), you already have one on youtube. Videos must be of one of the following formats: .MOV, .MPEG4, MP4, .AVI, .WMV, .MPEGPS, .FLV, .3GPP, and

.WebM. Once you have an account, to upload your video, click on the ‘upload’ button located at the top right-hand corner of your youtube.com webpage. To keep your uploaded video unsearchable by people so that random people cannot view your video(s), you have to select the privacy mode from the drop-down menu on the upload screen to be ‘Unlisted’. This way, your video is viewable by only those who have got the URL of your video. Make sure you copy and paste your video URL in the file submitted on MOODLE for your marker to be able to watch and mark it!

Marking criteria:

Example of marking criteria is shown in following table. Marks are allocated as follows:

Section to be included in the report Description of the section Marks
Introduction Student should introduce with his/her physical appearance in the video. 10
Outline Outline of the whole presentation including tool description. 5
Demonstration Demonstrate (narration of your actions recorded by video) all steps from the respective project. 30
Comparison Compare the two tools investigated. 10
Analysis Analysis of the scenario. 15
Penetration test Identifying vulnerabilities in Web and FTP server 15
Conclusion Draw a conclusion on your experience with the Security Software. 10
Reference style   5
  Total 100

Example Marking Rubric for Assignment #: Total Marks 100

Grade Mark HD 16-20 DI 14-15 CR 12-13 P 10-11 Fail <10
  Excellent Very Good Good Satisfactory Unsatisfactory
Introduction Appearance is Appearance is clear and easy to follow. Appearance is clear and understandable Makes an appearance and provides an introduction. Does not make an appearance in the video at the start of video
/10 clear, easy to follow, well
  prepared and
  professional
Outline Create a very A bullet point   Explained and there is screen showing a written outline but there is room for improvement.   Explained but no screen showing a written outline. The outline is not
/5 nice bullet point outline is provided done properly.
  outline and well and presented  
  presented it before the start of  
  before the the presentation  
  demonstration    
  started    
Demonstrati on /30 Very profession- al, clear and easy to follow. Professional, clear and easy to follow Clear and easy to follow but lacks professionalism Demonstration is done but there is Difficult to follow Tasks have not been demonstrated properly (difficult to follow)
Comparison Clear Clear comparison Clear comparison Some comparison is The comparison is
/10 comparison with with some with little there but there is very poorly done.
  valid justification and justification. room for  
  justification and easy to follow   improvement.  
  very easy to        
  follow        
Analysis Clear analysis Clear analysis with Clear analysis with Some analysis is The analysis is very
/15 with valid some justification little justification. there but there is poorly done.
  justification and and easy to follow   room for  
  very easy to     improvement.  
  follow        
Penetration test /15 Penetration test is fully performed. Penetration test is partially performed. Not Clear Very little Not done
Grade Mark HD 16-20 DI 14-15 CR 12-13 P 10-11 Fail <10
Conclusion /10   A very powerful conclusion with full confidence.   Very Good Conclusion   Appearance made and good conclusion provided   Appearance made and conclusion provided.   Barely appear at the end of the video.
Reference /5   Reference list is complete and has been formatted   Reference list is complete and generally follows a set of formatting guidelines but there are some minor errors   Reference list is complete and generally follows a set of formatting guidelines but there are many minor errors or omissions   Reference list is inadequate Reference list is inadequate because of one or more of the following: It is incomplete, or contains sources not cited.References lack detail required to locate the source.Formatting is inappropriate or inconsistent.References are fabricated.

Order Now