Embed Size (px)
DESCRIPTION
Ethical Hacking 2015 Assignment
Citation preview
In-course Assignment Information Sheet
Ethical Hacking and Incidence Response
Intakes: UC2F1505FC-ISS
Date Assigend: 21-OCT-2015
Date Due:
Lecturer: Meisam Eslahi
Assignment Overview
This assignment will contribute 100% towards the incoure marks and consists of three
sections as follows:
Section A:
This section is an individual research on latest techniques on ethical hakicng and
penteration testing and carries 40% of total module assessment marks. Each group member
should select a unique title in related domains such as:
1. FootPrinting and Reconnaissance
2. Computer and Network Scanning (Nmap Scripting is preferred)
3. System Enumeration and Hacking
4. Computer and Mobile Malwares (Frameworks to create undetectable viruses is preferred )
5. Social Engineering
6. Denial of Service
7. Hacking Mobile Devices (Android platform is preferred)
8. WEB application breaches and attacks (Is highly recommended!)
9. Wireless Hacking (WEP and WPA Cracking is not accepted!)
10. Any other relevant domains!
Each student is requeired to conduct a research and provide a report on any recent
technique, tool or framework that may used by etchial hackers in any of afformentioed
domains. The report must be typed with Times New Roman font and size 12 with maximum length of
3000 words (excluding diagrams, appendixes and references) in different subsections as follows:
1. Introduction to the technique/tool/framework that you have selected
2. Create scenario to explain the attack nature if its needed.
3. Impact of the selected technique/tool/framework on the security
4. General functionality of selected technique/tool/framework
5. Step by step tutorial on how to use technique/tool/framework
6. Critical analysis of technique/tool/framework and any countermeasure if applicable.
WARNING: DO NOT try the aforementioned tools or techniques on real systems! You should
test and create your tutorials by using Isolated/Testbed environments such as VMWare,
Metasploitable, DVWA, and etc.)
Section B:
This section is a group task focuses on vulnerability assessment and carries 40% of total
module marks. Vulnerability scanning identifies vulnerabilities and weaknesses of a system and
network in order to determine how a system can be exploited. The students provided with a
windows operating system in virtual machine format. Each team must use proper scanning tool
and methodologies to locate and remediate vulnerabilities in the given operating system. In
addition each team is required to provide detailed reports as follows:
1- List of discovered vulnerabilities and findings
2- Select six top vulnerabilities and briefly explain them.
3- Select one of the vulnerabilities and explain in details.
4- Use any exploit or technique to hack into the target by using selected vulnerability.
5- Patch the vulnerability and countermeasure the attack.
Section C:
This section is a group task and carries 20% of total module marks. The main obejctive
of section C is to anlyze a given memory dump from infected machine using volatility
framework.
Guidelines for the Report
Document the results of your work in a professional and systematic manner and submit one
soft copy and one hard copy. Your completed documentation should meet the following
requirements:
1. Table of contents for every detailed chapter/section.2. Introduction3. Individual 1: Title4. Individual 2: Title5. Individual ….6. Section B: Title7. Section C: Title8. Conclusion9. References10. Appendices 11. Workload matrix.
Submission requirements
1. A CD containing an electronic version of the document.
2. Your report must be typed using Microsoft Word with Times New Roman font with 1.5
spaces.
3. The report has to be well presented and should be typed.
4. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper. Paper weight
of 80 grams and above is highly recommended.
5. The report should have a one (1”) margin all around the page as illustrated below:
1 inch
The Typed Text
1 inch
1 in
ch1
inch
1 in
ch1
inch
1 inch 1 inch
6. Every report must have a front cover. A transparent plastic sheet can be placed in front of the
report to protect the front cover. The front cover should have the following details:-
a) Name
b) Intake code.
c) Subject.
d) Project Title.
e) Date Assigned (the date the report was handed out).
f) Date Completed (the date the report is due to be handed in).
7. All information, figures and diagrams obtained from external sources must be referenced
using the Harvard referencing system accordingly.
Workload Matrix
The marking table must be placed on a single page, located as either the second or third page of the final assignment documentation. Ensure to fill up of the team members’ full names and their respective student IDs.
Student’s Name Student 1 Student 2 Student 3 Student 4
Individual Components (A)Introduction to the technique/tool/framework that you have selected (3)Nobility of selected item (10)Impact of the selected technique/tool/framework on the security (4)General functionality of selected technique/tool/framework (3)Step by step tutorial on how to use technique/tool/framework (10)Critical analysis of technique/tool/framework and any countermeasure if applicable (10)Total Marks (out of 40)
Group Components (B,C)Technical accuracy (10)Critical analysis & justification (Research) (20)Demonstration (10)Presentation (10)Referencing (10)Total Marks (out of 60)
Total mark (100)
