INTE2547 - Security Testing - IT Assignment Help

Assignment Task

Overview
Cryptography is all about securing messages. Digital signatures and cryptographic hashes have become common parts of modern cryptography. Information security is the subject of all of these tasks. And penetration testing is about testing security. Penetration testers should ideally be able to test the security implementation at least to some extent. Part-1of this assignment examines the following:
your understanding of basic cryptographic concepts incorporated with secure protocols and security services
to conduct some reconnaissance in order to discover how much information an attacker would be able to gather
The objective of Part2 will be for the student to gain experience conducting a wireless networking site survey, this can be done by using mainly Wireshark and some other tools you’ve learned in this course. Wireshark is a very versatile packet sniffer. You have practiced specific instances to see running a packet sniffer can be quite useful. While there are certainly other packet sniffers that you became familiar with in this course, Wireshark is one of the most widely known. The Wireshark website provides some information for learning more:

Learning Outcomes
This assessment relates to the following learning outcomes:
CLO 1: Investigate methods that are appropriate for the realisation security testing (Software, Web, Network);
CLO 2: Investigate and model the possible vulnerabilities and threats for a given application system;
CLO 3: Design, implement and produce test procedures and perform evaluation (Kali Linux, Nmap, Wireshark, Hashcat, etc.)

Assignment
Part 1.
1. A and B, are communicating over unsecure channel where openssl and gpg are used for symmetric and public key algorithms, respectively. Considering the following notations
• m: Message m:
• h(): SHA256
• E(): AES-128-CTR when symmetric, RSA when asymmetric
• ||: Concatenation
• KAB: Shared secret key between A and B
• PRA: Private key of A
• PUB: Public key of Bob
For each of the following protocols:
(a) A sends B: m||h(m)
(b) A sends B: E(PUB, m)
(c) A sends B: m||E(PRA, h(m))
(d) A sends B: E(KAB, m)
(E) A sends B: E(KAB, m||h(m))
Specify whether each of the following security services are provided and explain why or why not:
• confidentiality;
• integrity;
• authenticity; and
• non-repudiation.

2. Select a website from the list in Appendix-A and find out 4 types of information about it (a demo will be given to you in the class) using only the web-based tools covered in the Other OSINT Tools section of this course. Rank and Report (screenshots of each steps taken is required) the collected information base on their sensitivity.

3. When you are setting up a wireless router, you might be asked what kind of security you want. One of the choices is WPA2/AES and another is WPA2/TKIP. Which one is more secure? Find out by researching AES and TKIP online, and find at least two authoritative sources that agree. Write a paragraph explaining which one is better and why, citing your sources.

Part 2.
1. Phase1 - Choose a location which you can perform this phase without legal consequences (e.g your house). Create the floorplan of the location (you can use the existing one or draw). The chosen location should cover an area of at least 50 square meters with minimum of 2 Wi-Fi AP (if there is not enough Wi-Fi AP, you may hotspot your phone).
Use a WLAN sniffing tool (see below) at- least five different locations on your map. For each location, record the technical characteristics of all visible APs. Depending on the scanning tool you use, you can record features such as the network name, MAC address, signal strength, security, 802.11 version(s) supported, band (2.4 or 5 GHz) and channel(s) used.
Add the data gathered from the survey into the map of the covered area. On the map you should indicate the location of the access points and the locations where you took measurements. For the access points, use the actual location if you know it, or an approximation based on the observed signal strength (e.g. if it’s your neighbour access point and you don’t know exactly where it is). For each measurement point, you can either add the characteristics directly into the map, or create a separate table with the details. You can submit several maps if you choose to enter data directly into the maps, or a single map if you use additional tables. Create the map yourself, do not use the mapping features available in some commercial (i.e., paid) WLAN sniffing tools.

2. Phase 2
Answer the following questions:
Channel occupancy: Are different access points competing on the same channels? Are they configured to use overlapping channels?
Interference from walls, doors etc.: How do different materials affect signal strength and noise? Can you notice a difference in attenuation for different APs?

C) Coverage: Do the access points sufficiently cover the desired area? Could the placement or configuration be improved?

D and E) Two other aspects of your own choice. Here are a few suggestions:
– measure the attenuation caused by your own body
– measure the download and upload speeds in different locations
– determine the overlap that has been implemented to enable roaming
– describe how you interpolated the locations of access points from the signal strengths
– explain signal-to-noise ratio either using measured noise or by assuming that noise is slightly below the weakest signal your scanning software can detect.

Describe your findings and explain them with some technical detail (i.e., not only say what you found, but also how you performed the analysis or why you think the
network is behaving that way).

This INTE2547 - IT Assignment has been solved by our IT experts at My Uni Paper. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our Experts are well trained to follow all marking rubrics & referencing style.
Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.