Hacking Techniques and Countermeasures assignment

Hacking Techniques and Countermeasures assignment

Module Name:

Hacking Techniques and Countermeasures Assignment Title:

Hacking Techniques and Countermeasures

Individual

Weighting: 100 Magnitude: 2500 words

Blackboard submission Y/NTurnitin submission Y/N Format: e.g. Word

Planned feedback date:

Mode of feedback: In-module retrieval available: Yes/No

Module Learning Outcomes

Employ advanced hacking techniques to compromise computer systems and networks

Review and evaluate advanced reconnaissance and scanning techniques used by Attackers

Critically analyse techniques used by attackers to gain and maintain access to computer systems and cover tracks of the attack

Develop the skills required to assess the impact of security incidents to an organization review, assess and critique different categories of computer incidents so that appropriate countermeasure can be designed and applied

Gain some experience with the key phases of an incident handling process and develop the skills to appropriately react to a range of security incidents

Learn and employ advanced techniques and tools used by hackers to compromise computer systems so that you can better prepare and react to them in an incident handling situation

Assessment Brief

With regards to 3 machines (to be confirmed on week 9 of teaching) on Hackthebox platform, you are required to demonstrate your ability to carry out advanced exploitation techniques by creating a penetration testing methodology. Specifically, you are required to perform and report on the following(Suggested word count 1500):

Design of a methodology

Host enumeration and fingerprinting

Service enumeration and fingerprinting

Vulnrebility scanning

Vulnrebility exploitation

Marking Criteria Comment Weight

Methodology Design This section focuses on

Design of a methodology

Firstly a clear methodology

should be presented,

with sufficient detail so that a technical reader can

understand the approach taken and what each stageattempts to do.

This can include but is not limited to:

The types of scans performedThe types of vulnerabilities assessedThe techniques usedThe tools to be used 15%

Methodology Effectiveness & Efficiency This section focuses on

Host enumeration and fingerprinting

Service enumeration and fingerprinting

Vulnerability Scanning

The report should then reflect you executing each step of the methodology. It should show each stage being executed efficiently with the least number of commands used, each command should run with the optimal options. The way the tools/commands are used should simulate attack from a malicious hacker. The output of the commands should also be show clearly and the output should be in its most efficient form. Or with a filter (i.e grep) used to extract the most important/key pieces of information Overall - You should show the execution of each step of the Ethical Hacking Methodology you present. Marks are awarded for how effective and efficient you are. 10%

Specific Results

Machine 1,2,3

Each 15% This section focuses on each machineVulnerability Exploitation

A clear and concise description of what the vulnerability is.

A comment or indicator on how serious the issue isA repeatable example should be given.

An explanation on why each item presents a security riskAdvice on how to fix/remediate the issues found. 45%

Report Summary A technical and management summary are both presented which are tailored for each audience and highlight the key findings and approach 5%

With regards to Generative Artificial Intelligence, please write a 1000 words report to explain how this new technology can help the automation of penetration testing (25%)