Subject Code : CIS098
Country : United Kingdom
Assignment Task

 

Operational Information Security Management CIS098

Learning Outcomes:
1. Provide a systematic understanding of knowledge and awareness of information and systems security management processes, frameworks, tools, and techniques used in different organizational contexts.
2. Flexibly design, implement and apply solutions related to information security management and assurance systems, strategies, and technologies to evaluate the loss, respond to multi-faced attacks, and mitigate against constantly evolving threat landscapes.

What am I required to do in this assignment?
This is a case study of an external network penetration test conducted on behalf of Zeus Customs Ltd in a single office of a large UK branch using an external IP address range. Zeus Customs Ltd is a company selling custom build high-end PCs for enthusiasts. The consultants carried out the penetration test identified most of the services of Zeus Customs run in a single geographical location and proceed with the four stages of a penetration test:
    • Information gathering
    • Scanning for services
    • Vulnerability identification and exploitation
    • Reporting and communication

Description of the Environment:
Zeus Customs Ltd consists of two store locations selling custom build high-end PCs for enthusiasts. All stores are identically configured. The stores are connected to the corporate site using a VPN. The network at each site is segmented into two segments; a Point of Sales network (POS) segment, a management server and workstations, and a CCTV server segment. The POS network includes the cardholder data environment consisting of 2x POS Devices, 1x POS server. The other segment consists of a number of staff workstations (fixed and mobile), and 1x CCTV server as shown in the diagram presented in Figure 1. The POS network has not been tested by the consultants.
Information Gathering:
The consultants have verified that the IP address range supplied was assigned to Zeus Customs by querying the RIPE Database. The information-gathering process has also included all the software running in the company. DNS information is then queried for more information including registration details and/or skills of individuals. Additional information has been collected using the Internet, newsgroups and forum search about job roles, technologies used in relation to the company targeted.
Scanning for services:
The external IP address range was scanned by the consultants for common TCP and UDP services such as FTP, Mail, DNS, Web, and remote access control services. More in-depth scans were conducted during the course of the test using a variety of tools with an attempt to also evade the intrusion detection and preventions system deployed in the network. The TCP scanning port revealed no replies to ICMP requests with several hosts’ web services on ports 80 and 443. There were several SMTP gateways identified at risk with a checkpoint firewall port 264 open. The services’ banners showed that the web and FTP servers were Microsoft based with a mixture in both operating systems and versions used.
Identifying and exploiting vulnerabilities:
During the course of the penetration testing, certain mail relay variants attempted with certain success. The consultants were also able to download firewall topology and reveal certain internal network information. Commercial Web vulnerability scanners have been used to check for potential vulnerabilities including the use of open-source software. These tools identified several anonymous access to FTP servers and that some web servers had not been locked down with certain services vulnerable to remote command execution. Automated scans have also revealed vulnerabilities in Windows Operating systems running internally and the online booking system deployed. Several of these hosts allowed remote code execution where credentials for administrator accounts were obtained. The surrounding network was enumerated also, showing that a vulnerable host was located in the DMZ with access to other hosts. Web application vulnerabilities were also identified using a mixture of open and bespoke source scripts and tools used to test the company’s dynamic web sites. Common problems discovered including SQL injection allowing arbitrary SQL statements to be executed and also commands on the server itself granting full access to resources.

 

This CIS098 - IT Assignment has been solved by our IT experts at UniLearnO. Our Assignment Writing Experts are efficient to provide a fresh solution to this question. We are serving more than 10000+ Students in Australia, UK & US by helping them to score HD in their academics. Our experts are well trained to follow all marking rubrics & referencing style.

Be it a used or new solution, the quality of the work submitted by our assignment experts remains unhampered. You may continue to expect the same or even better quality with the used and new assignment solution files respectively. There’s one thing to be noticed that you could choose one between the two and acquire an HD either way. You could choose a new assignment solution file to get yourself an exclusive, plagiarism (with free Turnitin file), expert quality assignment or order an old solution file that was considered worthy of the highest distinction.

  • Uploaded By : Bella
  • Posted on : December 02nd, 2018
  • Downloads : 324

Whatsapp Tap to ChatGet instant assistance