TECH5100: Penetration Testing Assessment

Assessment Overview

1. You are supposed to work individually on this assignment.

2. You are to perform a simulated penetration testing exercise as described in the assessment description.

3. Identify only one vulnerability, which may include open ports and potential weak points in the simulated network that you can exploit using Kali Linux tools.

4. Record a video showing how you identified and exploited the vulnerability.

5. The video should also show the tools used to identify and exploit the vulnerability.

6. Briefly explain the potential risks and impact on the organisation's network based on the chosen vulnerability.

7. Include in the video a visual aid (diagram) to support your submission and any other claims.

8. Conclude the video by showcasing your recommendations and mitigation strategies.

9. Submit your video to MyKBS once completed.

Your Task

This assessment is to be completed individually. In this assessment, you are tasked with conducting penetration testing of an organisation's IT environment. The objective is to identify and exploit cybersecurity vulnerabilities using a simulated network for the organisation, replicating a real-world scenario. This assessment will cover the fundamental concepts learned in the initial weeks of the subject, focusing on reconnaissance, vulnerability assessments, and footprinting.

Assessment Description

The objective of this assessment is to assess your practical skills in identifying, analysing, exploiting, documenting, and reporting cyber-attack vulnerabilities, focusing on the content covered in Weeks 1 to 3. This will include the following:

1. Reconnaissance and Information Gathering

2. Footprinting and Enumeration

3. Vulnerability Assessment

4. Demonstration of Exploitation

In this assessment:

• You will simulate a penetration testing exercise using tools and systems relevant to penetration testing in a controlled lab environment that simulates a computer system, network, or web application.

• Submit a video recording of the simulated penetration testing exercise.

• The simulated exercise will include tasks related to:

  • Utilising Kali Linux and penetration testing tools to perform the simulated penetration testing scenario.

  • Conducting reconnaissance and vulnerability assessments using Kali Linux tools.

  • Picking only ONE vulnerability based on your vulnerability assessment, exploiting the vulnerability, and showing the methods and strategies used.

  • Providing recommended mitigation measures based on concepts learned from Week 1 to Week 3.

Assessment Practical Business Purpose

• This assessment is designed to equip you with basic practical penetration testing skills which are essential for securing organisations' digital assets and infrastructure.

• The assessment aligns with real-world scenarios where penetration testers are tasked with identifying and exploiting vulnerabilities to strengthen an organisation's security posture.

• This assessment therefore prepares you for cybersecurity roles that require you to proactively identify, exploit, and mitigate security vulnerabilities in different organisations.

Assessment Targeted Audience

• This assessment is useful for any aspiring penetration tester, cybersecurity professional, and organisations looking to strengthen their security teams by hiring individuals with hands-on penetration testing experience.

• Completing this assessment will equip you with the necessary practical skills needed to contribute positively to various cybersecurity roles.

Subject Learning Outcomes

LO1: Evaluate appropriate countermeasures to mitigate the risk of unauthorised access, hacks, and exploits to systems, networks, and applications.
LO2: Investigate cyber-attack techniques on computer systems, networks, and web applications.
LO3: Evaluate existing defensive security measures.

Summary of Assessment Requirements

The assessment requires students to independently conduct a simulated penetration testing exercise on a fictional organisational IT environment. The primary objective is to identify, analyse, exploit, and report a single cybersecurity vulnerability within the simulated network using Kali Linux tools.

Students must:

• Perform reconnaissance, footprinting, and vulnerability assessment activities.

• Select one exploitable vulnerability (e.g., open ports, weak services, misconfigurations).

• Use Kali Linux tools to demonstrate exploitation.

• Create and submit a video recording showcasing:

  • The reconnaissance and vulnerability scanning process

  • The selected vulnerability and exploitation steps

  • Tools used

  • A visual diagram supporting the findings

  • Risks and impacts of the vulnerability

  • Recommended mitigation strategies

• Apply concepts learned in Weeks 1–3, focusing on security principles, attack techniques, and defensive measures.

The purpose is to provide practical penetration testing experience relevant to real-world cybersecurity roles and the following Subject Learning Outcomes:

• LO1: Mitigating risks of unauthorised access and exploitation

• LO2: Investigating cyber-attack techniques

• LO3: Evaluating defensive security measures

How the Academic Mentor Guided the Student 

The Academic Mentor approached the assessment by breaking down each stage into clear, manageable steps, ensuring the student understood both the technical tasks and underlying principles.

Step 1: Understanding the Scenario and Requirements

The mentor first helped the student interpret the assessment brief:

• Identifying the purpose of the simulated environment

• Understanding the requirement to choose only one vulnerability

• Recognising the need for a video demonstration

• Reviewing Week 1–3 concepts relating to reconnaissance, vulnerabilities, and countermeasures

This ensured the student had full clarity before beginning any technical work.

Step 2: Setting Up the Lab Environment

The mentor guided the student in:

• Launching Kali Linux

• Verifying network connectivity with the simulated target system

• Listing essential tools such as Nmap, Netcat, Nikto, and OpenVAS

This prepared the student for accurate and safe testing within a controlled environment.

Step 3: Performing Reconnaissance & Footprinting

The mentor demonstrated how to begin with non-intrusive information gathering:

• Using Nmap to scan hosts and identify open ports

• Conducting basic footprinting to map services and potential weaknesses

• Documenting initial observations for inclusion in the final report/video

The student learned the importance of systematic scanning before attempting exploitation.

Step 4: Conducting Vulnerability Assessment

Next, the mentor helped the student:

• Interpret scan results

• Identify services with known vulnerabilities

• Perform targeted scans using tools such as:

  • Nmap scripts (NSE)

  • Nikto for web server vulnerabilities

The mentor stressed the requirement to choose one vulnerability that can be realistically exploited in the simulation.

Step 5: Selecting and Exploiting the Vulnerability

Once a vulnerability (e.g., outdated service version or open port with weak configuration) was identified, the mentor guided the student through:

• Understanding how the vulnerability works

• Using an appropriate exploitation tool (e.g., Metasploit)

• Executing a safe, controlled exploitation to gain access or privileges

The student was reminded to document commands and outputs for the video submission.

Step 6: Explaining the Risk and Impact

The mentor instructed the student on how to:

• Assess organisational risks associated with the exploited vulnerability

• Explain potential impacts such as unauthorised access, data leaks, or system compromise

• Present risks clearly and professionally for academic evaluation

Step 7: Creating the Diagram and Recommendations

To meet the visual aid requirement, the mentor showed the student how to:

• Develop a simple network diagram

• Highlight the attack path

• Present mitigation recommendations linked to LO1–LO3

Recommendations covered:

• Patching

• Access control improvements

• Firewall adjustments

• Monitoring and logging enhancements

Step 8: Preparing and Submitting the Video

The mentor guided the student in:

• Structuring the video for clarity

• Demonstrating each stage logically

• Using screen capture tools

• Summarising findings and mitigation strategies professionally

The student then submitted the completed video to MyKBS as required.

Final Outcome and Learning Achievements

By following the mentor’s structured guidance, the student successfully:

• Conducted a full penetration testing workflow

• Identified and exploited a valid vulnerability

• Demonstrated understanding of real-world cybersecurity testing processes

• Presented risks, impacts, and mitigation strategies

• Prepared a clear, evidence-based video submission

Learning Outcomes Achieved

LO1: Evaluated countermeasures by recommending mitigation strategies
LO2: Investigated and demonstrated cyber-attack techniques using Kali Linux
LO3: Assessed defensive measures and identified gaps in the simulated network

Get Your TECH5100 Penetration Testing Sample – Use Responsibly

Looking for guidance on completing your TECH5100: Penetration Testing Assessment? Our expertly prepared sample solution can help you understand the structure, approach, and expected academic standards for this task. The downloadable file is designed to support your learning, offering clarity on how to conduct reconnaissance, identify vulnerabilities, and present your findings effectively.

Important: This sample is strictly for reference and study purposes only. Submitting it as your own work may result in plagiarism penalties under your institution’s academic integrity policies. Always use sample solutions to learn not to copy.

If you need a personalised, high-quality submission, you can order a fresh, plagiarism-free assignment solution crafted exclusively for you by experienced academic writers. Your custom solution will be original, aligned with your requirements, and tailored to your university guidelines.

Why Order a Custom-Written Solution?

• 100% original and plagiarism-free content

• Written by qualified cybersecurity and IT academic experts

• Meets your exact assessment instructions and rubric

• Delivered on time with guaranteed confidentiality

• Helps you understand the topic deeply while staying academically safe

Take the Next Step

Download Sample Solution       Order Fresh Assignment