COIT20246 ICT Services Management Weekly Tutorials

Week 05 Tutorial Activities 

Internet Applications 

 

Aim to complete Tasks 1 to 4 during the tutorial, and have all tasks completed before your next tutorial. 

Task 1. Complete the Knowledge Test [10 min] 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. Create Web Pages in OpenWRT [30 min] 

Your OpenWRT Linux server already has an example web page accessible via: 

The files served by the web server are in the directory: 

Make the following changes: 

a) Copy the index.html file to a new HTML file named by your student ID, e.g., 12345678.html. b) Add a link in index.html to the new HTML file. 

c) Edit the new file to include your details (e.g., name, ID), to display the date/time when a button is  clicked, and to use a new CSS file 

d) Create and edit the CSS file to change the color of some text. 

The result will be three files in (the file names  will include your student ID and the CSS can be named anything). An example of the web page is below. 

 

Help with HTML, CSS and JS: 

• CSS font color: 

• External CSS file: 

• Date and time button: 

You can either create/edit the files on your computer and use FileZilla to copy to OpenWRT, or you can edit  the files directly in OpenWRT. To edit in OpenWRT, consider the following commands: 

Change into the /srv/www directory, list the files, copy a file and edit a file with the nano text editor: 

cd /srv/www 

ls 

cp index.html 1234568.html 

nano 12345678.html

 

In nano, use Ctrl-O to save and Ctrl-X to exit. Include all of your files in your journal. 

In your journal: 

• Upload the files created/edited, e.g., index.html, 12345678.html, and mystyle.css (the file  names will include your student ID and the CSS can be named anything). 

• Screenshot of the web browser after the “Show date and time” button is pressed. The screenshot  should clearly show your name. 

Task 3. Capture HTTP Packets [20 min] 

On the OpenWRT Linux server, start a packet capture with tcpdump as follows: 

Change into your home directory: 

cd 

Start the packet capture, ignoring any SSH (port 22) packets (name the .pcap file based on your student ID): tcpdump -i eth0 -n -w http-12345678.pcap ‘not tcp port 22’ 

Now in Windows, open a new browser window in private/incognito mode, then do the following: 

a) Click on the link to visit your new HTML page 

b) Click on the button to show date/time 

c) Click on the button to show date/time again 

Return to OpenWRT and stop the capture by pressing Ctrl-C. You should see a summary such as “X packets  captured … 0 packets dropped by the kernel”.  

Use PowerShell to view the ARP Table for your primary physical interface (network adapter) on your  computer. Communicate with other devices on your LAN (e.g. ping other computers, access websites) and  then monitor how the ARP Table changes. Which devices are “Reachable” by your computer?  

In your journal: 

• HTTP packet capture file (.pcap) 

• Screenshot (or copy-and-paste) of the ARP Table 

Task 4. Analyze HTTP Packet Capture [40 min] 

Open the HTTP packet capture file in Wireshark and analyze the packets.  

First, focus on the HTTP packets only by filtering for http:

a) For each HTTP request/response, provide a short explanation of: what triggered the request, what  was requested and what was the response. For example: “The user clicked on the link … which  caused the browser to send a HTTP Request for /page.html. The server did not have that page so  responded with … “. 

b) For the first HTTP request/response, list the five (5) address values that identify the host, transport  protocol and application.  

c) When you clicked on the button to show the date and time, did your browser send a request to the  web server? Why or why not? 

d) One of the HTTP request/responses was for your newly created web page (e.g., 12345678.html).  Draw a packet diagram for the request, and include the following information: 

– Size, in Bytes, of each header and of the entire HTTP request 

– Addresses included in each header and/or HTTP request 

e) For the HTTP request from part (d), what is the value of the referrer? What does it identify? How  can web servers use this information? 

f) For the HTTP request from part (d), what information did the server learn about the web browser  (e.g., name, version)? 

Now remove the “http” filter so that all captured packets are shown. 

g) What version of HTTP is used and what transport protocol is used? 

h) A connection-oriented service involves setting up a connection before any data transfer, as well as  acknowledgements that are used to provide reliability. Identify the packets involved in connection  setup (e.g., the packet numbers). How long did it take between the start of connection setup and  the data transfer starting? 

i) Identify the acknowledgements. When is an acknowledgement

typically sent? In your journal: 

• Answers to questions a) to i) above. Make sure you refer to specific values from your capture (e.g.  packet numbers, times).  

• Packet diagram of a HTTP request for part d), including PNG export and .draw io file.

 

Task 5. View Your Cookies [20 min, Homework] 

Use the developer tools in your web browser to view your cookies when you visit a particular website that  you regularly visit. What information do the cookies store about you and/or your browser? As cookies can  reveal personal information, you do not have to include the exact values in your journal (and be careful if  

displaying cookies to others, such as your tutor, in class). Rather explain the type of information the cookies  store.  

In your journal: 

• Explanation of the type of information found in your cookies.

 

Week 06 Tutorial Activities 

Wireless Networks

Aim to have all tasks completed before your next tutorial. Task 3 may be completed at home (if you have  access to your home Wi-Fi AP/router). 

Task 1. Complete the Knowledge Test [10 min] 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. View Wi-Fi Details [20 min] 

Explore the Wi-Fi details of your own device. If you have a laptop (or PC with Wi-Fi) try to use PowerShell  with the WifiTools module (see lecture slides for commands). Otherwise, use your mobile phone to see  nearby Access Points. Try to collect the following information about 2 or 3 different APs: SSID, BSSID,  frequency band, channel, data rate you can connect with. While not required, the WiFi Analyzer app on  Android shows useful information.  

In your journal: 

• List information found about at least one AP.  

Task 3. Use Wi-Fi Access Point [30 min] 

Access the web management interface of a wireless AP or router, e.g., your home wireless router. Explore  the settings. If you do not have access, then try an emulator: TP-Link has web emulators for many devices , e.g. under Home -> Routers -> Wireless Routers, try  Archer C6 or TL-WR841N. What are the important settings that you should consider when designing a Wi-Fi  network?  

In your journal: 

• Select the important settings and discuss what you would consider changing them to and why.  

• Screenshot/photo of AP settings. 

Task 4. Self-Evaluation of Teamwork [15 min] 

As part of your project you are working in a team. Consider your teamwork so far, and write up answers to  the following questions in your journal. Hint: while this must be included in your personal journal, you should return to these questions later in the project as they will be useful in writing your reflection in  Project Final. 

In your journal: 

• What problems were encountered in the project so far? (people, communications, resources, etc.)

• When working in a team, being a good team member is important. How would your project team  describe you: as someone who is (a) not attentive to project results, (b) not responsible, (c) lacking  commitment, (d) fearful of disagreement, (e) being untrustworthy? Why or why not? 

Task 5. Continue Your Project [25 min] 

Use this tutorial to continue working on your project. Show your tutor your current progress. Seek feedback  from your tutor on any issues. 

Week 07 Tutorial Activities 

Cloud Computing 

 

Aim to complete Tasks 1 to 6 during the tutorial and have all tasks completed before your next tutorial  

You are NOT using your personal or CQU Microsoft Azure accounts for this tutorial. Instead, after you  create an account in Microsoft Learn on Demand, temporary Azure accounts will be provided to you for  each task.  

Task 1. Complete the Knowledge Test 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. Login to Microsoft Learn on Demand 

Go to and select Register with Training Key, using the key provided on  Moodle. Register with your @cqumail.com address to create a Skillable account. Log out, and then log in  again but this time selecting “Sign In” and “Skillable Account”. From now on you sign in with your Skillable  account (you no longer need to register with a training key).  

Once logged in, enter the class COIT20246 which takes you to Microsoft Azure Fundamentals activities.  See “Microsoft Learn On Demand – Getting Started for Students” for details. 

Task 3. Create an Azure Resource 

Complete Module 01: Create an Azure resource. Follow the instructions in Microsoft Learn On Demand. In your journal:  

• List the resources that were created and give a short explanation of what each resource is for. 

We’re having trouble locating your account? 

If prompted to use “Work or school account” or “Personal account”, then select “Work or school account”.  Remember the accounts inside Microsoft Learn are not your own accounts: they are temporary Azure  accounts created by the lab system.

Task 4. Create an Azure Virtual Machine and Allow Web  Access 

Complete Module 02: Create a Virtual machine. Follow the instructions in Microsoft Learn On Demand.  Before you end this module, complete the following: 

1. Try to access your website – you should get a connection timed out error. 

2. Via Azure Portal, add a Network Security Group rule to allow HTTP access. 

3. Try again to access your website – it should work this time. 

4. Login to the Ubuntu VM with SSH and change the web page to include your name. 5. Access the website again (refresh) – you should see your name. 

A 16-minute demo video of all these steps is at: 

Screenshots and commands of selected steps below.  

In Azure Portal, select View all resources, find the Network Security Group (NSG) and you see the Inbound  Security Rules. By default the NSG allows SSH (22) access. 

We want to also allow HTTP (80) access. 

Click on Inbound security rules then Add, then select HTTP as the Service and Add.

You should see the new rule added: 

Once added, access your website again – it should now be accessible. 

To edit the webpage, from the Cloud Shell, run the following to login: 

ssh -l azureuser IP ADDRESS 

where IPADDRESS is the Public IP address of your Ubuntu VM. 

Host Key Verification Failed error? 

If you receive a “Host Key Verification Failed” error, then try to add the -o StrictHostKeyChecking=no option  to the send of the ssh command as follows: 

ssh -l azureuser IPADDRESS -o StrictHostKeyChecking=no 

Once logged in, to edit the web page run: 


Then add your name to the HTML. Save with Ctrl-O and exit with Ctrl-X. Now access the website again and  you should see your name. 

In your journal:  

• Copy the az commands used to create the VM and install Nginx (copy the commands into your  journal, so you could copy-and-paste them in the future; do not use a screenshot).  

• Record the public IP address of your VM. 

• Include a screenshot of your web browser successfully accessing your website (the web page must  include your name) 

• There are two network security rules that allow access to your VM. For each rule, give the port  number and explain what that rule allows (e.g., what applications or protocols).

 

Task 5. Create a Storage Blob in Azure

Complete Module 04: Create a storage blob. Follow the instructions in Microsoft Learn On Demand.  

Upload multiple images to your storage account, so that some are private (no anonymous access) and some  are anonymous read access. You may use multiple containers. Select images which are free to use and  appropriate to show to the entire class (screenshots of Moodle or CQU websites are good examples; do not  include personal information in the images). 

Anonymous access blocked? 

When changing the access level to Public, you may see a warning that Anonymous access is blocked, and  you cannot change to Public. If that occurs, see the additional instructions at the end of this tutorial handout  that shows how to fix this. 

In your journal: 

• Include a screenshot that shows one of the images and the full URL to access the image.

• Include a screenshot of your Azure Portal resources that show the container(s).  

Task 6. Create a Resource Lock 

Complete Module 05: Create a resource lock. Follow the instructions in Microsoft Learn On Demand. In your journal: 

• Explain the difference between a read-only lock and a delete lock. 

Task 7. Compare Cloud vs On-premise Costs 

Find and report the specifications and cost of similar computers in the following forms: 

– Consumer desktop PC 

– Server 

– Cloud virtual machine, e.g., Azure VM 

You must use the Azure calculator (see link and video on Moodle). 

While the specifications of the three computers do not need to be identical, try to find ones which are  comparable (e.g., similar or same amount of RAM, similar class CPU). For example, do not compare a 4 GB  desktop Celeron computer with a 64 GB dual CPU server. You do not need to include peripherals such as  monitors, keyboards and mice. 

Consider the upfront cost and running costs over a 1-year and 3-year period. Discuss the trade-offs  between the three different options, including advantages and disadvantages. 

In your journal: 

• Include the specifications and costs. 

• Discuss the trade-offs.

 

Task 5 Additional Instructions – Allow Anonymous Access 

 

These instructions are only needed if you could not change the access level to Public. If Task 5 was  successful, then you can ignore these instructions. 

In Task 5 (Module 4 Create a Storage Blob), Step 3 requires you to change the access level to Public.  However, you may see a warning that Anonymous access is blocked, and you cannot change to Public. 

In this case go back to the Storage Account and under Settings category on the left menu select  Configuration: 

Change Allow Blob anonymous access to Enabled and Save: 

Note it may take a few minutes for this change to take effect. 

Now return to your container and change the access level:

You should now be able to access your blob via the website.


Week 08 Tutorial Activities

Attacks and Vulnerabilities

 

Aim to complete Tasks 1 to 4 during the tutorial, and have all tasks completed before your next tutorial. 

Task 1. Complete the Knowledge Test [10 min] 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. CIA Protections [20 min] 

For your Project, create a list of the important assets in the network, especially data and equipment. Then  use the CIA Triad to identify what you want to protect and why.  

For example, for a scenario that has security camera monitoring, you may identify the “security cameras”  as an important asset, in which case you may say: 

Asset 1: security cameras 

o Protection: availability 

o Reason: if the cameras are down, then no recordings will be available if a crime is  committed 

Or for a scenario that has customer data, you may identify the names and personal details of customers stored on a local server as important: 

Asset 2: customer personal details 

o Protection: confidentiality 

o Reason: a customer should not be able to see the personal details of other  

customers 

Try to identify multiple assets, and consider the different CIA protections on each, e.g. is the integrity  protection important for Asset 2? 

There is no set number of assets to consider. Feel free to discuss with other students in your class. The  assets you list will be helpful for your tutorial and project next week. 

In your journal: 

• List the assets, and for each asset, give the protection and reason. 

Task 3. Threat Sources and Motivation [20 min] 

For your Project, create a list of the most likely types of adversarial threat sources (attackers), and their  motivation.  

For example, for a scenario that has wireless internet, you may identify threat sources as: 

Threat Source 1: Neighbour 

o Motivation: wants to get free Internet access 

Threat Source 2: Competitor company 

o Motivation: … 

In your journal:

• List the threat sources, and for each threat source, give the motivation. 

Task 4. Explore Vulnerabilities [30 min] 

Using NIST NVD, explore CVEs over the past 12 months, and select three different CVEs, one with Critical  security, one with High severity and one with Medium severity. You either randomly explore several CVEs  from the full listing search for CVEs  

. Try to find CVEs from companies or software/hardware that you are  familiar with, and for vulnerabilities that you can understand (at least partially). That is, you may need to  read 5-10 CVEs before you select your chosen three CVEs to report on. 

For the three selected CVEs, identify the following: CVE ID; CVE Description; Date; CVSS Version 3 Score;  impact on Confidentiality, Integrity and Availability; at least one CWE (ID and Name); company; description  of the product affected (name and what it is for); simple explanation of the vulnerability; detection and/or  mitigation techniques. 

Most of the above information can be found from the CVE entry on NVD, except the following: 

o For the impact on CIA, click on the Base Score; it will take you to a page which is the CVSS  Calculate for the CVE, and you will find the CIA impact under Impact Metrics.  

o For the company name, product description and detection/mitigation, you may follow the links to  the vendor advisory and read more details. 

o For the simple explanation, you should write in your own words, based on reading: the CVE, the  CWE and the vendor advisory. (Hint: the CWE description is often the easiest to read). 

In your journal: 

• Include the details for the critical, high and medium CVE.  

Task 5. Vulnerability Disclosures [20 min] 

CVEs are normally created when reported to MITRE by product vendors (e.g., the company that makes the  software or hardware). The vendors may learn of the vulnerability in different ways, however a common  approach is that security researchers discover the vulnerability and report it directly to the vendor. Consider  the time from when a security researcher reports the vulnerability to the vendor (done privately), until  when the vendor reports the vulnerability to MITRE (creating a CVE and making it public). Why might a  vendor take time before making the vulnerability public? What is a reasonable time? If the vendor does not  make the vulnerability public within a reasonable time, should the security researcher make it public  without the vendor’s permission? Consider these and other issues regarding disclosure of vulnerabilities,  preferably discussing them in class. Also read about responsible/coordinated vulnerability disclosure and bug  bounty programs, e.g. 

In your journal: 

• Write up your own viewpoint that discusses the issues with vulnerability disclosure. 

 

Week 09 Tutorial Activities

 Cyber Security Management 

Aim to complete Tasks 1 to 3 during the tutorial, and get started on Task 4. These tasks contribute to your  project, so you may work in your project groups, but all students need to make contributions to their  individual journals. 

Task 1. Complete the Knowledge Test [10 min] 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. Select Security Objectives [20 min] 

Considering your Project, select four (4) different sub-categories of objectives from the NIST CyberSecurity  Framework. Select two (2) each from Protect and Detect functions, where both must be from different  categories. That is: 

• Function: Protect; Category: A; Sub-category: 1 

• Function: Protect; Category: B; Sub-category: 2 

• Function: Detect; Category: C; Sub-category: 3 

• Function: Detect; Category: D; Sub-category: 4 

For each objective selected, give a brief reason why it is important for your Project, and what  attack/vulnerability it may mitigate.  

In your journal: 

• For each of the selected sub-categories, give the function, category and sub-category, and then  explain why it is important and explain an attack/vulnerability it may mitigate. 

Task 3. Create Asset Inventory [20 min] 

Re-visit the task from last week where you listed important assets for your Project. Expand on the assets to  cover all asset types and specific assets. Use a table for each asset type (e.g., one table for Data assets,  another table for Hardware assets). Include identifying information for the assets (you may make up fake  values if unknown, e.g., MACs, serials). For the Data assets, include a classification based on value or access  (or both), and identify the important protections, e.g., CIA (you identified some protections in the task from last week).  

In your journal: 

• Tables of assets for the six (6) asset types, ensuring the Data assets also are classified.  

Task 4. Conduct a Risk Analysis [50 min] 

Conduct a risk analysis for your Project, using the risk assessment template spreadsheet. There is no need  to include this in your journal, as it will be in your project submission.

 

Week 10 Tutorial Activities 

Cyber Security Controls

 

Aim to complete Tasks 1 to 4 during the tutorial and get started on Task 5. Task 6 is optional. 

Task 1. Complete the Knowledge Test [10 min] 

Complete the Knowledge Test for this week within the first 10 minutes of class. 

Task 2. Encrypt a File [20 min] 

Encrypt a file (e.g., using 7-Zip – see the lecture demonstration), send it to another student and ask them to  decrypt it. 

In your journal: 

• Screenshot of the settings used to encrypt the file. 

• Discuss how you shared the secret key, the limitations of that approach, and recommendations for  more secure ways to share a secret key. 

Task 3. View Password Information Stored in Linux [20 min]

In your OpenWRT Linux VM, add a new user and then view the information stored about the password in  /etc/shadow. (See the lecture demonstration for how to add a new user and view the password  information). 

In your journal: 

• Screenshot or copy-and-paste of the /etc/shadow file entries that show your new user and  password information. 

• Explanation of the password information stored in /etc/shadow, and why the actual password is  not stored. 

Task 4. Essential Eight Mitigation Strategies [30 min] 

Select four (4) of the Essential Eight that are most relevant for your Project (ensuring the selected strategies  are from at least two (2) different groups; the groups are: Prevent Malware Delivery and Execution, Limit  the Extent of Cyber Security Incidents, and Recover Data and System Availability). For each strategy  selected, give a specific example of how you would apply that strategy in your Project scenario. For  example, refer to specific assets in your Project and what you would do to implement the strategy. 

In your journal: 

• For each of the selected strategies, a description of how it is applied for your Project. • Reasons why you selected these strategies (and not the other of the Essential Eight). 

Task 5. Explore and Select NIST Controls [20 min] 

Download the NIST SP 800-53 Control Catalog from Moodle (the spreadsheet includes extra filters so you  can filter by family). Select at least six (6) different base controls from at least (3) different families of  controls that are relevant for your Project. (The families are the two letter categories, e.g., AC is a family,  AT is a family; the base controls are numbered, e.g., AC-1 is a base control, AT-2 is a base control; you can ignore the control enhancements, e.g. AT-2(1)). For each base control selected, explain why  it is important and give a specific example of how you would implement that in your Project scenario. 

In your journal: 

• For each of the selected controls, an explanation of its relevance and description of how it is  applied for your Project. 

Task 6. Setup Key-Based Authentication [30 min, Optional]

This task is optional – you will not lose marks if you do not attempt this. Only attempt if you have  completed all other tasks. 

You can select from either of the two tasks (you don’t have to do both, although you may): 

A. Key-based SSH login for OpenWRT Linux VM using PuTTY (see lecture demonstration) b. Key-based SSH login for GitHub.com. For this, you need Git for Windows install and will use Git  Bash. Instructions are provided By GitHub for Generate new SSH key, Add a new SSH key, You’re  your SSH connection.