NCSSEC804 – Global Homework Experts

Canberra Institute of Technology Page 1 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems NCSSEC 804 Assessment 1 INFT 1001 – Scan, test and ethically hack to protect network systems Read all instructions and questions carefully prior to writing. Ask your teacher to clarify any issues prior to commencing the assignment. Instructions: 1. You must present the practical solutions/ results with visible images captured and pasted into your document. 2. Make sure to use the cover page (available on eLearn) and include your name and student ID. 3. Your submitted assignment file should be a SINGLE PDF. See eLearn for due date and further assignment notes. 4. All answers should be in your own words and use appropriate referencing where required. 5. Assignments must be presented with a consistent font. All pages of your assignment must include your name and student ID in the footer area WARNING Use only machines you own, or machines you have permission to hack into. Please note hacking into machines without permission is a crime. Activities and instructions in the following sections are intended to train computer security professionals to help them learn cyber-security ethical hacking concepts. Some of the tasks in this assignment require you to have admin access to a computer. If you do not have access to physical equipment for this assessment, please notify your CIT instructor. Your CIT instructor will provide you with Azure VMs or access to NetLabs PoD for this assessment. Canberra Institute of Technology Page 2 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems Assessment Tasks TASK1: Examining Federal Computer Crime Laws For this activity, use Internet search engines or Australian Federal Register of Legislation website at www.legislation.gov.au to gather information on the Criminal Code Act 1995, Division 477-478, which outlines the serious computer offences, such as hacking, that can be prosecuted at the federal level. Write a summary explaining how this law can affect ethical hackers and security penetration testers. TASK 2: Determine Legal Requirements for Penetration Testing. Scenario – MonkeyNet Canberra Hospital Penetration testing Organizational Facts MonkeyNet Canberra Hospital is a medium-sized regional hospital located in Canberra, with approximately 500 staff members supporting up to 1000 patients. Hospital has contacted you to perform a penetration test on its computer network. Plans and Requirements Bruno Okada, the vice president, is your only contact for the hospital. You won’t be introduced to any IT staff or employee to avoid undermining the test you are conducting. Bruno wants you to determine what you can find out about the company’s network infrastructure, network topology, and discover any vulnerabilities’, without any assistance from Bruno or hospital’s IT personnel. Based on the preceding information: 1. Write a brief report to your instructor outlining the steps you should take before beginning the penetration test of the MonkeyNet Canberra hospital. 2. Research the legal requirement for penetration testing for the MonkeyNet hospital, and be sure to provide and to reference federal laws that might apply to the task you have been asked to do TASK 3: Examine Network and Computer Attacks Review and analyse a recent network security attack in Australia. Report any failures that exemplify the security principles i.e. easiest penetration, adequate protection, effectiveness, or weakest link. Address some of the controls in the ISO27K standard would have prevented this attack. Canberra Institute of Technology Page 3 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems PRACTICAL ACTIVITIES TASK 4: Using nslookup in any Windows PC (internet required) and gather the following information: a. IP address b. Elicit an authoritative answer from the DNS server c. Find name servers for a domain d. Find mail servers tor a domain e. Identify other DNS resource records Requirements: • Gather information for the following domain: ▪ google.com ▪ microsoft.com ▪ cit.edu.au TASK 5: Use recon-ng tool to gathering information with hosts, IP addresses, contacts and WHOIS, for the following domains (internet required) ▪ microsoft.com ▪ cit.edu.au ▪ contoso.com ▪ kali.org ▪ facebook.com Generate a html report using reporting modules in recon-ng. Report details are as following: • Creator: Your name • Customer: Ravi Chopra You must upload the report to eLearn TASK 6: DNS Enumeration 1. Using dig DNS enumeration tools on EH-Kali2 gather the following information from EH-SVR1: a. Domain names b. Transfer domain c. Resource records in the domain Note: There are more than one domain. You must not log on to EH-SVR1. Canberra Institute of Technology Page 4 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems TASK 7: Scanning with Nmap and AMAP 1. Use the Amap tool to perform port scanning against EH-SVR1 and know exactly what applications are running on each port found open. Requirements: Run this tool on Windows / Linux virtual machine 2. Sectools have set up this machine to help pentesters learn about Nmap and also to test and make sure that their Nmap installation (or Internet connection) is working properly. You are authorized to scan scanme.nmap.org with Nmap or other port scanners. In this task you will be using Nmap or Zenmap to scan scanme.nmap.org and find the following information: • List of Services and port numbers • Operating systems and version numbers • Firewall protection • Packets sent and received Requirements: • Use any Windows/ Linux machine • If you use Windows, then you can also download the Zenmap from the following link https://nmap.org/download.html • Run this tool on Windows / Linux virtual machine • Administrative privileges are required to run this tool Note: internet is required for the above task TASK 8: Demonstrate a network attack with scapy and nping. Using scapy tool, craft a packet to launch a network attack. Requirements: Please note the attack method must include the following: • Use Scapy to create and send following packets ▪ ICMP packet to launch a spoofing attack ▪ DNS A record request packet; and capture the result • Use nping – Create, and send ▪ TCP Probe mode ▪ TCP source port: 4444 ▪ TCP destination port: 80 ▪ TCP flags: RST, ACK ▪ TCP window size: 1024 Demonstrate your answers with clear images from scapy and nping terminal Configure Wireshark. display filter to display only the prob for scapy or nping packets Note: You may use VMs EH-SVR1, or EH-LinuxM2 as the victim Canberra Institute of Technology Page 5 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems TASK 9: Identify the network security attacks a. Analyse a network security attack Monkey Net Corp. suspects that one of their employees, Bruno Okada, is stealing secret documents for their competitor. Bruno has access to the company’s top-secret documents. IT security staff are worried that Bruno may try to leak the company’s top-secret information. Security staff have been monitoring Bruno’s activity for some time, but haven’t found anything suspicious– until now. Today an unexpected computer briefly appeared on the company’s network. Staff hypothesize it may have been someone in the cafe, because no strangers were seen in the building. Bruno’s computer, (192.168.100.22) sent access request for a file over the wireless network to this unexpected computer. “We have a packet capture of the activity,” said the security staff, “but we can’t figure out what was going on. Can you help?” Analyse the given packet capture file (A1-task9-a.pcap) to identify the following: • Attacker’s Address (IP and MAC) • Passwords • Attack method • Data stolen (file name, type and content of the file) b. Analyse the given packet capture file (A1-task9-b.pcap) to identify the following: • Victim’s Address (IP and MAC) • Attacker’s Address (IP and MAC) • Attack method Demonstrate your answers with clear images Wireshark and ensure to report the packet numbers. TASK 10: Research and demonstrate with documentation the Social-Engineer Toolkit (SET) The Social-Engineer Toolkit (SET) is an open-source, Python-driven tool aimed at penetration testing around social engineering. This tool is included in Kali Linux. Your task is to simulate a social-engineering attack using a malicious link and send it victim via E-mail. Main tasks must include • Clone a website/ or use template • Obtain user names and passwords using the Credential Harvester method • Generate reports for conducted penetration tests Canberra Institute of Technology Page 6 of 8 Assessment 1: NCSSEC804-Scan, test and ethically hack to protect network systems END Ensure you have written your name & CIT number on the first page. Are you sure you have answered every question? M A R K I N G G U I D E Student Name: ———————————————— INFT 1001 – Scan, test and ethically hack to protect network systems (NCSSEC 804): Task Details UoC Element Comments Attempt 1 Attempt 2 1 Examining Federal Computer Crime Laws 1.1 2 Determine Legal Requirements for Penetration Testing. 1.3 3 Examine Network and Computer Attacks Make sure you address the following: ▪ What was the name or type of attack? ▪ What was targeted? ▪ Who was affected? ▪ How did the attack occur? Describe the details of what happened. ▪ Could this attack have been prevented? ▪ Can it be defended against? ▪ What measures need to be implemented in order to mitigate these attacks or minimize the impact? ▪ IOS 27K controls ▪ What other information about the attack should be described? ▪ What is the source of your information? Include the URL. 7.1,7.2, 7.3 4 Using a reconnaissance attack tools ▪ NSLOOKUP o google.com o microsoft.com o cit.edu.au 4.1, 4.2 4.3, 4.4, 5 Using a reconnaissance attack tools ▪ recon-ng o microsoft.com o cit.edu.au 4.1, 4.2 4.3, 4.4, © Canberra Institute of Technology Page 8 of 8 Written Exam o contoso.com o kali.org o facebook.com • Report 6 DNS Enumeration • Dig • Multiple domains found 4.1, 4.2 4.3, 4.4, 7 Using an amap, Nmap/ Zenmap scanning attack tool 4.1, 4.2 4.3, 4.4 8 Using scapy and nping packet crafting tool ▪ Scapy and nping syntax ▪ Wireshark demonstrations with display filters 1.4, 1.5 9 Analyse a network security attack ▪ Source and Destination addresses ▪ IP, MAC, protocols, and port numbers ▪ Data files and sensitive information extracted. ▪ Wireshark packer IDs listed 1.4, 1.5 10 Research the Social-Engineer Toolkit (SET) ▪ Malicious email link created and sent to the victim. ▪ Attacker platform to capture/ harvest credentials demonisation and documentation 7.1,7.2, 7.3 S Satisfactory, NYS: Not yet Satisfactory

order now