Penetration Testing Assessment-2 (TECH5100) Assignment Help

Subject Code:

TECH5100

Subject Name:

Penetration Testing

Assessment Title:

Cyber Attack Analysis and Mitigation Report

Assessment Type:

Individual Analytical Report

Word Count:

1500 Words (+/-10%)

Weighting:

30 %

Total Marks:

30

Submission:

MyKBS

Due Date:

Week 8

Your Task

This assessment is to be completed individually. In this assessment, you will conduct individual research  and produce an incident analysis report for any two cybersecurity incidents that might have happened to  an organisation based on a case study scenario below.

Assessment Description

In this assessment: 

• You will research cyber security incidents and document different observable attack  techniques, tactics, and procedures (TTPs), their impact on the organisation, and potential  risks associated with these attacks based on the scenario below.

• You are to provide a critical analysis of each attack phase, detailing vulnerabilities and entry  points exploited by attackers for any incident.

The objective of this assessment is to help you develop research skills and the ability to assess and  analyse various cybersecurity incidents, and threats. You are then required to recommend  countermeasures based on the content covered during Weeks 4 to 7 using a real-world scenario  focusing on:

1. Social Engineering Assessment

a. Analyse the different social engineering methods that could have been used in the  recent incident above to gain unauthorised access.

b. Investigate and document how the social engineering tactics used affected the  organisation’s security posture.

2. Scanning and Enumeration Analysis

a. Explore the different ways that the intruders could have used to conduct scanning and  enumeration to identify potential vulnerabilities within the organisation network. b. Identify any weaknesses that the intruders could have exploited through the scanning  and enumeration phases.

3. Network Exploitation and Post-Exploitation Assessment

a. Investigate the different methods that the intruders may have used to exploit  vulnerabilities in the network, gain unauthorised access, and pivot into sensitive areas. b. Analyse how the post-exploitation activities such as privilege escalation or data  exfiltration may have been done.

4. Active Directory Attack Evaluation

a. Highlight the impact that may have been witnessed because of Active Directory  attacks on the organisation’s infrastructure and user accounts.

b. Explain how the attackers may have gained control or manipulated the directory  services.

Scenario

As a newly employed cybersecurity consultant, you are presented with an incident involving a  medium-sized organisation. The organisation recently experienced a series of cyber incidents, and  your task is to conduct a comprehensive incident analysis and propose defence strategies against  various cyber-attack techniques that have impacted it.

The organisation runs an extensive network infrastructure comprising hospital patient databases,  medical records, and administrative systems. The recent cyber incidents have caused disruptions in  service, potential data breaches, and concerns about the integrity of patient information.

Assessment Practical Business Purpose

• The incident analysis report you will generate in this assessment will equip you with the skills  needed to assess, understand, analyse, and mitigate specific cybersecurity threats, which is  essential for organisations aiming to strengthen their security posture.

Assessment Targeted Audience

• This assessment is useful to different organisations and people including Security analysts,  IT administrators, and organisations looking to enhance their security posture. • Finishing this assessment will equip you with confidence to contribute knowledge about  cybersecurity incidents, threats and countermeasures for different roles in different  organisations.

This assessment aims to achieve the following subject learning outcomes:

LO1

Evaluate appropriate countermeasures to mitigate the risk of unauthorised access, hacks  and exploits to systems, networks, and applications.

LO2

Investigate cyber-attack techniques on computer systems, networks, and web applications.

LO3

Evaluate existing defensive security measures.

Assessment Instructions

Assessment instructions for this assessment:

1. Individually, you are required to analyse two cyber security incidents and the threat’s potential  impact on the organisation’s systems, networks, and applications.

2. Conduct external research that will give you at least five (5) sources of information from various  sources. E.g., websites, social media sites, industry reports, census data, journal articles, and  newspaper articles

a) ChatGPT or other generative AI tools may be used for brainstorming purposes, but your  conversation must be attached to your report in an appendix to show the brainstorming  process. Any copying and pasting of AI text is a form of plagiarism and will be detected by  Turnitin.

b) You can use any referencing style of your choice, but KBS’s Academic Success Centre team  can support you in using Kaplan Harvard Referencing.

3. Suggest a range of defensive security measures to prevent exploitation, enhance network  monitoring and segmentation, and implement secure Active Directory configurations. 4. Finally, prepare a detailed and professional incident analysis report outlining the analysis of each  incident technique and recommended countermeasures or proposed defensive strategies. 5. Present findings in a structured and clear format suitable for organisational stakeholders.

Additional tips

• You must use clear and concise language to communicate your ideas effectively.  • Follow a professional report format with a cover page, table of contents, headings for  sections, page numbers, and reference section following any professional and consistent  styling.

• You must submit your report in Word or PDF format via MyKBS.

• Refer to the assessment marking guide to assist you in completing all the assessment  criteria.

Important Study Information

Academic Integrity Policy

KBS values academic integrity. All students must understand the meaning and consequences of  cheating, plagiarism and other academic offences under the Academic Integrity and Conduct Policy.

What is academic integrity and misconduct?

What are the penalties for academic misconduct?

What are the late penalties?

How can I appeal my grade?

Word Limits for Written Assessments

Submissions that exceed the word limit by more than 10% will cease to be marked from the point at  which that limit is exceeded.

Study Assistance

Students may seek study assistance from their local Academic Learning Advisor or refer to the  resources on the MyKBS Academic Success Centre page. Click here for this information.

Assessment Marking Guide

Marking Criteria

F (Fail)

P (Pass)

C (Credit)

D (Distinction)

HD (High Distinction)

_____| 30 marks

0 – 49%

50 – 64%

65 – 74%

75 – 84%

85 – 100%

Introduction to

incident analysis.

_____| 5 marks

Lacks clear

understanding and

Introduction to

cybersecurity incident  analysis.

Demonstrates a basic  understanding and

introduction of the

specific type of cyber  threat chosen but

misses or misinterprets  some key concepts.

Demonstrates a good  understanding and

introduction of

cybersecurity incident  analysis.

Demonstrates a deep  understanding and

thorough coverage of  the introduction of

cybersecurity incident  analysis.

Demonstrates an

expert-level

understanding and

introduction of the

specific type of

cybersecurity incident  analysis and offers

unique insights into the  topic.

Discussion of two  different cyber–

Incidents Identified  highlighting Attack  techniques, tactics,  and procedures

(TTPs), that might  have been used with  clarity throughout  with the help of

Diagrams, Charts, or  Visuals.

_____| 5 marks

Lacks discussion and  evidence of the

cybersecurity incidents  including the Attack  techniques, tactics, and  procedures (TTPs) with  no clarity or the use of  Diagrams, Charts, or  Visuals.

It has a basic

discussion and

evidence of the

cybersecurity incidents  including Attack

techniques, tactics, and  procedures (TTPs) of  the chosen threats but  lacks flow or clarity and  the use of the use of  Diagrams, Charts, or  Visuals.

Well-organised with a  clear discussion and  evidence of the

cybersecurity incidents,  including techniques,  tactics, and procedures  (TTPs) with a good flow  or clarity and the use of  Diagrams, Charts, or  Visuals.

Strong discussion of  evidence and the

cybersecurity incidents  Attack techniques,

tactics, and procedures  (TTPs) with great flow  or clarity.

Exceptionally

discussion of evidence  and the cybersecurity  incidents Attack

techniques, tactics, and  procedures (TTPs),  well-organised with  excellent flow or clarity.

Using Examples

explain the Potential  Vulnerabilities that  might have been

exploited for the two

Does not provide or  inaccurately provides  examples that explain  the Potential

Vulnerabilities that

might have been

Provides minimal or  generic examples that  explain the Potential  Vulnerabilities that

might have been

exploited.

Offers relevant and  clear examples that  explain the Potential  Vulnerabilities that  might have been  exploited.

Provides detailed and  highly relevant

examples that explain  the Potential

Vulnerabilities that

might have been

Integrates unique,

insightful, and highly  relevant examples that  explain the Potential  Vulnerabilities that

might have been

incidents.

_____| 5 marks

exploited.

exploited.

exploited.

Explaining how the  incident might have  impacted the

organisation’s

Systems, Networks,  and Applications.

_____| 5 marks

Lacks an explanation of  the incident’s Potential  Impact on an

Organisation’s

Systems, Networks,  and Applications.

Contains a basic

explanation of the

incident’s Potential

Impact on an

Organisation’s

Systems, Networks,  and Applications.

Contains a relevant  well-researched

explanation of the

incident’s Potential

Impact on an

Organisation’s

Systems, Networks,  and Applications to  support the text.

Contains a detailed  explanation of the

incident’s Potential

Impact on an

Organisation’s

Systems, Networks,  and Applications.

Seamlessly integrates  top-quality, original, or  uniquely insightful

explanations of the  incident’s Potential

Impact on an

Organisation’s

Systems, Networks,  and Applications.

Recommended

Countermeasures or  defensive strategies  discussion.

_____| 2.5 marks

Lacks evidence of well researched

recommended

Countermeasures

Contains a basic

discussion of the

recommended

Countermeasures.

Contains evidence of  relevant discussion of  the recommended

Countermeasures.

Contains a detailed  discussion and

evidence of the

recommended

Countermeasures.

Seamlessly integrates  top-quality, original, or  uniquely insightful

discussion evidence of  the recommended

Countermeasures.

Conclusion, or key  takeaways.

_____| 2.5 marks

Lacks conclusion, or  key takeaways related  to the cybersecurity  incidents

Has a basic conclusion,  or key takeaways of the  cybersecurity incidents  with some errors.

contains well-structured  conclusions, or key  takeaways related to  the cybersecurity

incidents.

Almost perfect

conclusion, or key

takeaways related to  cybersecurity incidents.

Impeccable conclusion,  or key takeaways

related to the

cybersecurity incidents.

Format Structure &  Organisation (cover  page, table of

contents, headings  for sections,

subsections, and

Lacks clear structure,  professional

organisation, and easy to-follow headings for  different sections.

It has a basic structure  and professional

organisation but lacking  in flow, headings for  different sections as  well as grammar, and  spelling.

Well-organised with a  clear structure and

professional

organisation, easy-to follow headings for

different sections,

grammar, and spelling.

Strong structure and  professional

organisation with great  flow, headings for

different sections, and  good grammar, and  spelling.

Exceptionally

professional-organised  structure, seamlessly  leading the Learner  through the content  with great headings for  different sections, good

page numbers)

_____| 2.5 marks

grammar, and spelling.

Citation &

Referencing

_____| 2.5 marks

Lacks citations or has  many errors in

referencing.

Has basic citations with  some errors.

Mostly accurate

citations with a

consistent style.

Almost perfect citations  and references with a  consistent style.

Impeccable citation and  referencing, strictly

adhering to a consistent  style.

Feedback and grades will be released via MyKBS