Your Perfect Assignment is Just a Click Away

We Write Custom Academic Papers

100% Original, Plagiarism Free, Customized to your instructions!

glass
pen
clip
papers
heaphones

CMIT 386 UMGC Cyber Security Project

CMIT 386 UMGC Cyber Security Project

Your report should include the following:

Introduction

Target System

Zenmap Scan

OpenVAS Scan

Open Socket Connection

Recommendations

References

There are two deliverables due for Project 2. Both are needed

  • A video showing your exploitation, credential theft, and data exfiltration.
  • A penetration test report that discusses the steps and actions in the video and how they are relevant to the client. The report also includes your recommendations for the client.

Use Microsoft Stream to create the video.

If you have not already done so last week:

Upload and submit two items for this assignment:

  • the Hacking Video Demonstration showing your exploitation
  • the Penetration Test Report document

You will need 2 Virtual machines that I can give you to download.

The following is the evaluation policies and the assignment must match.

Penetrating the system (gaining access) is only the beginning for a penetration tester. You must also be able to clearly communicate your findings and recommend corrective actions in a way that a nontechnical audience can understand. Therefore, the written report describing the engagement’s technical details is a critical part of the job.

Having the best keyboard penetration skills in the business will not help if you are not able to properly document findings and convey critical issues to the client. A successful penetration proposal could lead to additional business from the client’s subsidiaries and partners.

The following evaluation criteria aligned to the competencies will be used to grade your assignment:

2.1.2: Describe the context surrounding the issue or problem.

  • In the Hacking Video Demonstration and the Penetration Test Report, address the client in the correspondence. Provide a brief introduction explaining the services performed and a summary at the end of the report. Summarize the actions of the attacker during the penetration test. Validate the attack methodology using industry approved techniques. Include at least two to three references in IEEE format.

2.1.3: Explain the significance of the issue or problem.

  • In the Hacking Video Demonstration and the Penetration Test Report, discuss the vulnerability you exploited on the system. Explain how you were able to steal credentials and take data important to the company. Discuss the implications, including loss of revenue and company reputation.

10.1.2: Gather project requirements to meet stakeholder needs.

  • In the Penetration Test Report, you need to address the fact that the client has asked you to use other accepted practices and tools to exploit its systems. You will need to use tools such as Kali, Metasploit, John the Ripper, and include screenshots with date and time stamps, IP addresses, and ports that show how you connected the attack system to the victim machine.

12.2.1: Identify systems for the risk assessment.

  • In the Penetration Test Report, you need to address the fact that during any scan report, it is critical that you list the IP address of the system you are using to connect to the client’s corporate network (for auditing purposes) as well as the IP address of the system(s) that you are exploiting. Discuss the scope of engagement and the limitations of your actions to stay within the parameters of the penetration test.

12.2.2: Perform a risk analysis.

  • In the Hacking Video Demonstration and the Penetration Test Report, explain to the client in clear terms the security issues that are present on the system. Discuss the exploit you used to compromise the Linux system and the steps to mitigate this vulnerability. Provide detailed information on the versions of the vulnerability and application software.

13.1.1: Create documentation appropriate to the stakeholder.

  • In the Penetration Test Report, explain to the client the actions that you used during the engagement. Talk about how an attacker would know how to get into the system and what methods could be used to compromise the victim machine. Finally, discuss the post exploitation techniques that allowed the attacker to get the credentials of a user account and to extract confidential data from the target system.

Order Solution Now

Our Service Charter

1. Professional & Expert Writers: Assignment Geeks only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Assignment Geeks are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Assignment Geeks is known for timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Assignment Geeks, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.