Scenario

Assignment Brief
Scenario:
Assume that you are working for a company called PentestingPros, which has a track record of successful pentests. Your client has asked your employer to retest a server following a previous penetration test, which was conducted by another SME. Your penetration test will take place as soon as the client remediates the major findings from the initial pentest. During the first briefing meeting the client informed you that the retest of the server will take place during some weeks of March and April 2022. In particular, you will be assigned specific timeslots throughout the week in which you will be able to pentest the server. They also inform you that the main vulnerabilities found by the previous pentest include:
A backdoor listening on port 55
A number of compromised ssh credentials
Sensitive data exposure via the web server
This is an individual assignment that will assess your ability to conduct a full-scale penetration test. Please ensure that in completing these tasks you deploy the techniques you have been taught in your course and, especially, in this module. If you produce work that is not concise and to the point, then marks may be reduced.  
Task
You are expected to undertake a grey-box Penetration Test in response to the penetration test that has been described in the scenario above.  
Your target 192.168.2.27 will be available to you until the 14th of April 2022. Thus, plan your time and make sure that you complete all the technical work on time. The schedule to access the target IP is available on below Table. You must access your IP address only during your allocated slot.
Days
UK Time
Saturday, Monday
11:00 – 13:50
Tuesday
14:00 – 16:50
Wednesday
17:00 – 19:50
Thursday
20:00 – 22:50
Friday
8:00 -10:50
Please look at the Assessment Criteria table, which is provided below to understand the expected structure of your report. You are required to present your findings in a factual manner to convince decision makers of a large corporation on business strategies. Do not provide a narrative of your intelligence gathering activities in the main report. You may include this in an appendix.
In the Attack Narrative section, you are expected to discuss the attacks you have undertaken and what vulnerabilities you have tested in each attack. In the Vulnerability Details & Mitigation section you are expected to provide a technical explanation of the vulnerabilities you have tested and confirmed (e.g., with a working exploit), as well as offer advice on how to mitigate them. To get full marks for this section you are expected to provide confirmed details and mitigation for three (3) vulnerabilities from the total vulnerabilities that you have found on the target.
You must use the VPN for undertaking this assignment. You must use the allocated to you target (IP address) during your schedule. Failing to do this will result in the deduction of marks.
Assessment Criteria
Mark Available
Attack Narrative (not an activity narrative)
20
Vulnerability Detail and Mitigation
20
Report (Structure, Punctuation and Grammar)
10
Total
50
For clarification questions please make use of the discussion forums on Canvas so that the whole of the student cohort may benefit from the discussion.
Submission Requirements:
You are required to submit a 1500 words text report in a PDF document using the submission link provided on Canvas. Please note it is your responsibility to ensure you will submit on time. Canvas is a stable platform with a large technical team supporting it. Apropos, it is a software platform. It is advisable to submit before the day of the deadline. 
You are expected to demonstrate an insight into the implications of the problem introduced in each task by using clear and concise arguments. The report should be well written, showing good skills in creativity and design, as well as well-structured using sections and subsections to ensure its readability.
Sentences should be of an appropriate length and the writing style should be brief but informative. Work that is not making sense will be marked down. Write to impress! Aim for excellence. Be pedantic about formatting and presentation. 

YOU MAY ALSO READ ...  Write discussion post, name the element of psychological assessment, diagnosis, or research which seemed the most culturally bia…

:
Assume that you are working for a company called PentestingPros, which has a track record of successful pentests. Your client has asked your employer to retest a server following a previous penetration test, which was conducted by another SME. Your penetration test will take place as soon as the client remediates the major findings from the initial pentest. During the first briefing meeting the client informed you that the retest of the server will take place during some weeks of March and April 2022. In particular, you will be assigned specific timeslots throughout the week in which you will be able to pentest the server. They also inform you that the main vulnerabilities found by the previous pentest include:
A backdoor listening on port 55
A number of compromised ssh credentials
Sensitive data exposure via the web server
This is an individual assignment that will assess your ability to conduct a full-scale penetration test. Please ensure that in completing these tasks you deploy the techniques you have been taught in your course and, especially, in this module. If you produce work that is not concise and to the point, then marks may be reduced.  
Task
You are expected to undertake a grey-box Penetration Test in response to the penetration test that has been described in the scenario above.  
Your target 192.168.2.27 will be available to you until the 14th of April 2022. Thus, plan your time and make sure that you complete all the technical work on time. The schedule to access the target IP is available on below Table. You must access your IP address only during your allocated slot.
Days
UK Time
Saturday, Monday
11:00 – 13:50
Tuesday
14:00 – 16:50
Wednesday
17:00 – 19:50
Thursday
20:00 – 22:50
Friday
8:00 -10:50
Please look at the Assessment Criteria table, which is provided below to understand the expected structure of your report. You are required to present your findings in a factual manner to convince decision makers of a large corporation on business strategies. Do not provide a narrative of your intelligence gathering activities in the main report. You may include this in an appendix.
In the Attack Narrative section, you are expected to discuss the attacks you have undertaken and what vulnerabilities you have tested in each attack. In the Vulnerability Details & Mitigation section you are expected to provide a technical explanation of the vulnerabilities you have tested and confirmed (e.g., with a working exploit), as well as offer advice on how to mitigate them. To get full marks for this section you are expected to provide confirmed details and mitigation for three (3) vulnerabilities from the total vulnerabilities that you have found on the target.
You must use the VPN for undertaking this assignment. You must use the allocated to you target (IP address) during your schedule. Failing to do this will result in the deduction of marks.
Assessment Criteria
Mark Available
Attack Narrative (not an activity narrative)
20
Vulnerability Detail and Mitigation
20
Report (Structure, Punctuation and Grammar)
10
Total
50
For clarification questions please make use of the discussion forums on Canvas so that the whole of the student cohort may benefit from the discussion.
Submission Requirements:
You are required to submit a 1500 words text report in a PDF document using the submission link provided on Canvas. Please note it is your responsibility to ensure you will submit on time. Canvas is a stable platform with a large technical team supporting it. Apropos, it is a software platform. It is advisable to submit before the day of the deadline. 
You are expected to demonstrate an insight into the implications of the problem introduced in each task by using clear and concise arguments. The report should be well written, showing good skills in creativity and design, as well as well-structured using sections and subsections to ensure its readability.
Sentences should be of an appropriate length and the writing style should be brief but informative. Work that is not making sense will be marked down. Write to impress! Aim for excellence. Be pedantic about formatting and presentation. 

YOU MAY ALSO READ ...  lab #3 case study on pci dss noncompliance: cardsystems solutions

Assignment status: Already Solved By Our Experts

(USA, AUS, UK & CA Ph. D. Writers)

CLICK HERE TO GET A PROFESSIONAL WRITER TO WORK ON THIS PAPER AND OTHER SIMILAR PAPERS, GET A NON PLAGIARIZED PAPER FROM OUR EXPERTS

Order from Australian Expert Writers
Best Australian Academic Writers

QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER