Offensive Security Audit

Assignment 2: Offensive Security Audit This assignment involves exploring the multiple ways in which a business or an organisation’s security vulnerabilities can be exploited, by thinking like an offensive actor (or hacker). Instructions In this assignment, you will be provided with three context briefs, from which you will be required to select any one business or organisation for your analysis and complete the tasks below (A and B). As much as possible, focus on the details provided in the brief. Where information is not provided but integral to your analysis, make reasonable assumptions (which should be clearly stated and explained). At the end of this assignment, you will be required to submit: Vulnerability Analysis and Execution Plan (75%) Video (or audio) message (25%) 1. Vulnerability Analysis and Execution Plan This assignment will involve detailed analysis of your chosen organisation’s security vulnerabilities and the development of a possible hacking execution plan. The suggested research and content division for the two components is as follows: Vulnerability Analysis (50%) Execution Plan (25%) Vulnerability Analysis Identify three possible ways to breach the security of the organisation, and for each identified breach method, please: Identify the type of data you will attempt to obtain Discuss the potential target with respect to approach points Elaborate on your motivation behind the hack (i.e. from a hacker’s perspective) List the impacts of your chosen security breach on the organisation (i.e. financial costs, brand distortion, impact on employees) Identify a hacker or hacking group that could possibly be associated with this form of attack Describe example of where a similar approach has been used in a similar context Execution Plan Select one of the possible options from the Vulnerability Analysis (above) and develop an execution plan. Your implementation plan should detail: The resources required for this attack and how you will obtain them (e.g. tools, money, time, people) Methodology for the attack, both technical and non-technical The timeline for the planned attack and a step-by-step approach Discuss the impacts of your hacking attack on the organisation Video (or audio) message (25%) 2. Video (or audio) message (25%) Record a two-minute video or audio message to your target organisation. This message will be intended to let the organisation know about your hack. Include the following topics of discussion in your message: Why you have hacked the organisation What information you have obtained about the organisation How you will be utilising or exploiting this information to create the maximum level of impact Context 1: School Location and environment Inner suburb school On the outskirts of the city, with both residential and commercial buildings Mid to high-density area Technology Password-protected Wi-Fi for students and staff 3 computer labs with 10 computers and network-connected printers Use of personal iPads and laptop computers is allowed for students Use of externally hosted learning management system, which also manages grades and enrolment Externally hosted email for students (Gmail) Externally hosted file sharing (Google Drive) Staff files are secured within school firewall and cloud-synchronised on nightly basis All files are backed up on the school server every night Staff HR system runs on the school server (located on the premises) People 1000 student, from grade 10 to 12 48 teachers, 9 maintenance staff, 12 casual staff All permanent staff require police checks Students have given email address with their student ID and the school domain Other people engaged with the school include parents, community organisations, government staff and vendors Context 2: Cafe Location and environment Inner suburb cafe On the outskirts of the city, with both residential and commercial buildings Mid to high-density area Technology Password-protected Wi-Fi for staff and patrons iPads used for taking orders, sending orders wirelessly to kitchen, and transmitting to cashier counters Externally hosted file sharing for staff (Google Drive) Staff HR and POS systems run on the cafe server (located on the premises) POS (Point of Sales) system with integrated: Payment technologies Staff rosters Operating hours Hourly sales reports All files are backed up on the cafe server every night POS system and staff files secured within café firewall and cloud-synchronised on a nightly basis People Permanent full-time staff: 3 baristas, 5 waiters, 1 manager 2 maintenance staff who come in every evening after closing (8 pm) All permanent staff require police checks Maintenance staff require reference checks with their previous employer(s) Context 3: Hospital Location and environment Inner suburb hospital On the outskirts of the city, with both residential and commercial buildings Mid to high-density area Technology Password-protected Wi-Fi for visitors/patients Visitors and patients can request for password from any receptionist Hospital staff use different network, also password-protected Internally hosted email for staff Nurses and doctors are given a hospital iPad, receptionists use desktops Externally hosted software system to manage electronic medical and health records (EMR, EHR) Billing system Prescriptions Scanned documents Medication tracking Staff HR system runs on the hospital server (located on the premises) Staff files are secured within hospital firewall and cloud-synchronised on nightly basis All files are backed up on the hospital server every night Cloud files include those from 3 other hospitals in the chain, in surrounding suburbs People Permanent full-time staff: 200 doctors, 500 nurses, 20 receptionists Casual: 35 maintenance staff Operate on roster, 5 each day Permanent staff have thorough police and background checks with references Staff have given email address with their staff ID and the hospital domain Other people engaged with the hospital include community organisations, government staff and student volunteers

StudyAcer
Calculate your paper price
Pages (550 words)
Approximate price: -
StudyAcer

Quality Researched Papers

We always make sure that writers follow all your instructions precisely. You can choose your academic level: high school, college/university or professional, and we will assign a writer who has a respective degree.

StudyAcer

Qualified Writers

We have hired a team of professional writers experienced in academic and business writing. Most of them are native speakers and PhD holders able to take care of any assignment you need help with.

StudyAcer

Unlimited Revisions

If you think we missed something, send your order for a free revision. You have 10 days to submit the order for review after you have received the final document. You can do this yourself after logging into your personal account.

StudyAcer

Prompt Delivery

All papers are always delivered on time. In case we need more time to master your paper, we may contact you regarding the deadline extension. We will always strive to deliver on time.

StudyAcer

Original & Confidential

We use several writing tools checks to ensure that all documents you receive are free from plagiarism. Our editors carefully review all quotations in the text.

StudyAcer

24/7 Customer Support

Our support agents are available 24 hours a day 7 days a week and committed to providing you with the best customer experience. Get in touch whenever you need any assistance.

Try it now!

Calculate the price of your order

Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

StudyAcer

Place your order

Fill in the order form and provide all details of your assignment.

StudyAcer

Proceed with the payment

Choose the payment system that suits you most.

StudyAcer

Receive the final file

Once your paper is ready, we will email it to you.

Academic Writing Services

If you are looking for exceptional academic writing services, then you are in the right place. Studyacer offers customised academic assignments and academic papers for students at all levels.

StudyAcer StudyAcer

Essays

Essay Writing Help

Writing an essay can be a challenge. However, we know what every student needs. And we purpose to deliver. Here at StudyAcer, we do all we can to help with academic essays and assignments. We have a dedicated team of professional essay writers.

StudyAcer StudyAcer

Assignment

Assignment Help

We understand students need satisfactory results. Our cheap assignment writing service helps and never leaves any doubt. We always strive to ensure the ultimate and best results. It is our joy to offer a cheap reliable essay writing service.

StudyAcer StudyAcer

Term paper

Term Paper Help

Have you been asking yourself, where can get a pre written research papers for sale? Worry no more, the fact that you have a term paper that is due tonight and you haven’t touched it. At Study Acer it is our responsibility to get your paper on time.

StudyAcer StudyAcer

Dissertation

Dissertation Writing Service

Several master’s students seek professional help with their thesis.Students from different parts of the world experience different challenges. Dissertations have different stages and the challenges are different too. Do not struggle in silence, order now .