COMP3781 : Understand, Evaluate & Identify Network Security Threats - IT/Computer Science Assignment Help

Assignment Task:

TASK:

PURPOSE The purpose of this assignment is to support the following Learning Outcomes (LO) for this Topic:

LO1: Understand, Evaluate & Identify Network Security Threats

LO2: Secure Ethernet, Wireless and Mobile Networks

LO3: Security Design at Different Levels of the OSI model

LO5: Apply Authentication, Authorization and Accounting Tools & Techniques

LO7: Ongoing Management of a Secure Network

ASSIGNMENT BRIEF

You are a Cybersecurity consulting company, offering penetration testing services. You have been contracted with performing a full penetration test of an IT environment as a security professional. This simulated penetration test will involve the discovery of specific ‘flags’ that are present within the simulated environment. You will be required to perform all aspects of a penetration test, including reporting of findings and possible solutions to each problem. The vulnerable VM can be downloaded from the link provided below. Your goal is to remotely attack the VM and find all four flags, eventually leading you to full root access. You have to provide all the possible mitigation techniques and should enumerate all the things. Required Resources

• Kali Linux

• Vulnerable VM (download it here)

The network setting is either host-only or bridge-mode. The vulnerable VM has a static IP 192.168.1.67. You need to configure your Kali IP to the same subnet using ifconfig eth0 192.168.1.xx. Once you configure, your IP then ping the vulnerable VM and make sure that vulnerable VM is reachable.

TASKS As a security consultant company, generic.com has asked you to provide a report on any vulnerabilities in their online environment, as well as mitigations. Your report should also cover your enumeration of the entire environment in the vulnerable VM. Students are expected to provide a detailed report on identified security vulnerabilities. The report should also explain the mitigation techniques. This is an internal security audit as provisioned by a client; thus, the report is to be written in the context of a client. The intended audience for this report is both technical and non-technical. Ensure to document all the stages of your investigation, and failing to do so would result in fail (partial) marks.

Additional Notes Students MUST:

• Reference any code that has been found online. Code (if any) must be included in the report as appendices. It must be explicit what modifications, if any, have been made to the exploit code.

• Reference where appropriate in the context of academic integrity.

• Document any new discovery that you find out during the enumeration phase.

DELIVERABLES

A client-centric report detailing the following:

• Enumeration of the vulnerable VM

• The process followed for the penetration test (Reconnaissance, scanning, modelling, exploitation etc.)

• Vulnerabilities identified

• Flags located (copy the flags in your report)

• Mitigations to vulnerabilities

This IT Assignment has been solved by our IT experts at My Uni Paper. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing style.

Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.