Limited Offer Get 25% off — use code BESTW25
No AI No Plagiarism On-Time Delivery Free Revisions
Claim Now

6CC548 – Cyber Security & Ethical Hacking

Assessment Brief
6CC548 – Cyber Security & Ethical Hacking
January 2020
University of Derby Online Learning
www.derby.ac.uk/online
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 2 of 12
Module Overview
Cyber security is of crucial importance to all legitimate users of the Internet – from government
and commerce through to private users. However, the level, scale and profundity of cyberattacks and fraudulent activity continue to increase. As a result, there is a vital and continuous
need for organisations to adapt and enhance security in order to keep abreast of ever more
sophisticated forms of attack. In parallel it is necessary to verify the effectiveness of security
arrangements, to identify weaknesses (which are always present) and to determine the value
gained from financial investment in cyber defence.
In this module we focus on issues relating to cyber security, methods that can be employed in
evaluating system security and basic digital forensics techniques which can be used to accrue
information pertaining to an attack. We particularly focus on introducing ethical hacking (also
known as penetration testing) techniques by which organisations recruit appropriate
professionals who are charged with identifying and reporting on security weaknesses.
This module provides an opportunity to develop important and highly transferable practical
skills underpinned by theoretical understanding of key issues and methodologies. This is
reflected in the various assessment components, by the use of research informed content and
by the expectation that you will develop the breadth of your knowledge by making regular and
considered contributions to the virtual classrooms Discussion Forum
Learning Outcomes
On successful completion of the module, you will be able to:
1. Critically discuss the threat spectrum of cyberspace attacks and key defensive techniques
2. Apply basic tools and techniques in a structured, ethical and professional manner so as to
evaluate and report on system security using ethical hacking methodologies.
3. Apply appropriate basic digital forensics tools and techniques in a structured manner so
as to accrue information relevant to a cyber-attack and/or fraudulent activity.
NOTE: All class announcements and other emails relating to this module will be sent to the
University of Derby email address that you have been given. You are expected to regularly
check this email account (at least every 3 days). If you fail to do this, you will miss important
information. Any emails that you send relating to this module must also be sent from your
University of Derby email account. Within the title of any email that you send, you should
include your name and the course code of this module
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 3 of 12
Assessment types used in this module
Formative Activities & Assessment
Formative Activities and Assessments are opportunities for you to apply, practice and make
sense of the learning materials and content that you have encountered. These may take the
form of individual tasks (such as reading some text or watching a video and documenting your
reaction to it), responding to some discussion points on the discussion forum, considering a
case study, or participating in a live online classroom session. The main aim of formative
activities is for you to receive feedback on your contribution or performance that will help you
prepare for and complete your final module assessment.
Summative Assessment
Summative assessments are the pieces of coursework that you complete which contribute
towards your final grade in this module. You should take the feedback that you receive from
the completion of coursework in this module and use it to help you improve your performance
in future assessments.
Summative assessment in this module comprises two Coursework exercises. You will be
expected to submit your summative assignments via the Turnitin assessment points on the
Assessment page in My Learning section of the module.
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 4 of 12
Specific Assessment Component Guidelines
Coursework 1

Assessment
Component:
Assessment
weighting
Assessment limits: Assesses module
learning outcome/s:
1 30% 1500-2500 words, excluding
‘table of contents’ and
references.
1 & 3
Last submission Date/Time: Provisional feedback released:
Thursday March 12, 2020 by 2359hrs UK Time April 06, 2020

Title: Cyber exploits and vulnerabilities for ethical hackers
This is a report-based assignment, where you will discuss and evaluate cyber vulnerabilities,
exploits and IPDPS (Intrusion Detection and Prevention System) components from the
perspective of an ethical hacker. Specifically, you must attempt the following tasks:
1. Describe and critically evaluate any three cyber vulnerabilities both at personal and
organisational levels (you may elaborate these vulnerabilities from a social engineer’s
perspective.
2. Describe and critically evaluate any three cyber exploits with examples and the
damages when identified by an attacker.
3. What are appropriate IDPS components to fight against the vulnerabilities and exploits
discussed above?
For each task, you should be prepared to undertake research to find additional explanations,
diagrams or examples that support or extend the techniques covered in module units or
perhaps alternative techniques not raised in module units. For each IDPS component, you
must clearly evaluate its strengths, weaknesses and suitability.
You must fully cite and reference all material you use (adopt the Harvard referencing style).
Marking scheme
This report will be marked against four distinct criteria:
1. Technical Knowledge: This aspect covers the depth, clarity and quality of your technical
explanations – which can be drawn from the material in this unit but should be expressed in
your own words and using your own examples. Only students showing clear and strong
evidence of going beyond the unit materials will get very high marks (see next criterion). The

Assessment
description:
Development of in-depth knowledge of key subject content

University of Derby Online Learning
January 2018 www.derby.ac.uk/online 5 of 12
inclusion of good-quality, well-annotated diagrams to support your technical narrative will gain
bonus marks. (40 Marks)
2. Research: This aspect covers the amount, range and quality of wider reading – as
evidenced by the citations and references – plus your summary and evaluation of how that
new-found knowledge aligns with (or maybe contradicts) the ideas presented in this unit. The
quality of Harvard referencing will also be a factor. In order to gain a good mark, try and go
beyond simple web searches. It is fine to use (good-quality) websites but also incorporate
high-quality textbooks and more academic sources such as journal articles and conference
papers. Seek advice from the library if needed. Also obtain a guide to Harvard referencing.
(30 Marks)
3. Critical Analysis: This aspect covers the level to which you go beyond simple explanation
(‘what it does’ issues) and move into evaluation and analysis (‘why/why not and when to use’
issues). Higher marks will be awarded for detailed insights into the strengths and weaknesses
of each technique, plus comments upon the most suitable situations in which to apply these
techniques (and conversely situations in which particular techniques should not be used). (20
Marks)
4. Presentation and Writing: This aspect covers issues such as the general quality of writing
and spelling, good presentation, neat layout, inclusion of quality diagrams, tables and other
non-text items plus evidence of a logical flow and overall coherence. (10 Marks)
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 6 of 12
Coursework 2

Assessment
Component:
Assessment
weighting:
Assessment
limits:
Assesses module
learning outcome/s:
2 70% 3000- 3500 words,
excluding ‘table of
contents’ and
references.
2 & 3
Last submission Date/Time: Provisional feedback released:
Thursday April 09, 2020 by 2359hrs UK time May 04, 2020

Please note the above word count limit only applies to Component 1.
Coursework 2: Component-1
Weighting: 90% of the available marks for coursework 2
Title: Cyber Security Case Study Report
This assignment is based on a case study, in which you will demonstrate your ability to
manage a company’s global network infrastructure and conduct cyber security risk
assessment as an ethical hacker.
‘Versand’ is one of the leading shipping companies in the highly competitive world of container
shipment. It also has a major business share in ‘logistics and energy sectors’. The company
headquarters is in London. It has 70,000 employees with subsidiaries and offices across 100
countries.
About 90 percent of world trade is transported by sea, with ships and ports acting as the
arteries of the global economy. With Versand global reachability across all major global sea
port, the company heavily relies on communications systems for maintaining the smooth
running of its global shipment operations. Any IT glitches can create major disruptions for its
complex logistic supply chains
Versand has a globally connected IT infrastructure. Its data centers are located around the
globe for supporting its business. Versand typically has a regional office and a port-office that
is connected via a secure VPN (Virtual Private Network) to one of its regional data centers. All
of the major operations like shipping ordering management, inventory, container tracking,
booking systems, and other critical systems rely on this connection. All these applications and
voice/video servers (windows based) are hosted in regional data centers. The company uses
resources from the public cloud for applications scale-out (like Amazon AWS or Microsoft
Azure). The regional data centers are distributed as follows:

Assessment
description:
Undertake research into selected topic

University of Derby Online Learning
January 2018 www.derby.ac.uk/online 7 of 12
• Two data centers in American region (one New York and one in Seattle)
• Two data centers in Europe region (one in London and one in Frankfurt)
• One data center in Asia (in Singapore)
• One data center (in Sydney Australia)
All the data centers are connected through fiber optic connection. The connection between a
data center and any of its sea vessels id through a satellite connection.
All of the applications in its data centers are Microsoft Windows-based and are hosted on
Microsoft Windows Servers with Microsoft SQL Server databases (On Physical and Virtual
Machines). Some of the branch port offices have local Internet breakout and some have
regional internet breakout through their regional data centers. Some port offices have regional
security firewall and IPS/IDS systems, and some don’t have. Each port-office has 50 to 100
employees and each regional office has 200 to 1000 employees. A typical branch (port) office
includes:
• Desktop computers/ laptops have Windows 7 operating systems, client applications,
host based antivirus and an IPS (Intrusion Protection System)
• Network switches with 1 Gbps access port and 10 Gbps core ports.
• Wireless LAN access points (No wireless access policies defined)
• IP telephony and video room endpoints for voice/video communications
• A router that connects the site to the regional/other sites through VPN connections
In June 2017, Versand has been hit by ransomware cyber-attack (like Petya/NotPetya) that
prevented people from accessing their data unless they paid $500 in bitcoin. The ransomware
took advantage of certain security vulnerabilities in Microsoft Windows operating system (that
Microsoft patched after the attack). As soon as the attack hit, Versand shut down their entire
Global IT systems to avoid any risk of spread of infection across the whole company. After
applying the recommended patches in all sites, normal operation got restored gradually.
Although, none of its ship vessels were affected, but closely checked.
In response to this cybersecurity attack, the CEO of the company has contracted you – A
Cybersecurity Consultant- to advise her on what measures and steps need to be taken to
secure its global network infrastructure, data assets, to identify different types of threat
(internal or external) that the company faces and how to contain or eliminate those risks.
You are requested to recommend protective measures and a continual monitoring process for
reviewing its systems against future cyber security attacks. You are also required to produce
a threat and risk assessment report, supplemented by recommended solutions and actions.
Specifically, the CEO has requested that your report covers the following areas:
Evaluation of the network and data architecture – You may focus on the following:
a) Design of regional data centers and their connectivity with port/regional sites. Clearly
annotated diagram(s) is(are) required here
b) How is data transmitted to/from a port/regional site to regional data centers and/or
public cloud?
c) How suitable is this architecture from an application and the infrastructure perspective?
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 8 of 12
Possible exploits and vulnerabilities in the company’s global network infrastructure. You
may consider both internal staff in different roles at different sites and external users like
customers, suppliers or other possible malicious attackers.
Risk assessment for exploits and vulnerabilities: for each Point of Access and Systems
components (above) – how could any attacker (internal or external) exploits that access points
and systems for malicious reasons? What damage could they do?
Recommendations and possible solutions/actions: – so as to minimize or ideally eliminate
that risk and protect against that vulnerability (from both infrastructure and application
perspectives) even if the access point cannot (or perhaps should not) be closed itself. Your
recommended solutions and actions should address technical, social, legal, managerial and
procedural aspects.
A plan for both internal and external penetration testing of the infrastructure to identify
vulnerabilities and exploits. You should focus on voice/video communication servers.
A comparison of the company’s present and recommended security plan as compared
against industry standard IT security frameworks or benchmarks. How well does the company
compare now against the best and how will it compare once all your solutions and actions are
implemented?
It is expected that you will have to supplement this case study with your own intelligent
assumptions and additional research. You must fully document and explain all such
assumptions and fully reference any external sources you use via the Harvard referencing
systems
Assessment Presentation
When marking the formal report, we will be looking for the following:
• Properly developed Abstract.
• Clear legible presentation.
• Good use of spelling, grammar and language throughout.
• Good use of diagrams and other illustrations.
• Logical progression and structure of arguments.
• Well-developed Introduction and Conclusion sections.
• The introduction will include an exploration of the focus of the assignment and discuss
the way the assignment has been approached.
• Evidence of a range of relevant supporting reading.
• Use of accurate, evidence-based information to support the arguments made.
• Adherence to normal Academic Regulations in terms of Academic Offences, style and
language.
• Use of the Harvard system of referencing.
• A declaration statement which says that you have checked your Turnitin originality
report and that the work is your own (and has not been submitted for marking before
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 9 of 12
by you, or anyone else).
Marking scheme
1) Development of a sound introductory section which provides
an appropriate introduction to the subject area (10 marks).
2) Evidence of sound research activity and/or any agreed practically-based
development work (50 marks).
3) Presentation of work undertaken in a structured manner using a
scientific/technical style of writing (20 marks).
4) Development of a sound concluding section (10 marks).
5) Inclusion of appropriate references using the Harvard referencing style (10 marks).
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 10 of 12
Coursework 2: Component-2
Weighting: 10% of the available marks
In this module you are expected to make regular and considered interactive contributions to
the Discussion Board. In each unit of the module, you are provided with a number of
discussion-based activities. You are not expected to contribute to discussion relating to all
these activities – but you should select topics that match your interests and/or learning
aspirations.
As the module progresses, a number of articles, videos, etc will be posted on the Discussion
Board. These will relate to current events or interesting and relevant topics. You should also
contribute to discussion in relation to these materials.
Part 2 mark will be calculated on the basis of the Discussion Board postings that you make
during the last 5 weeks of the module (unit 6-10 of the module). Consequently, during
this period, you are required to copy each posting that you make into a single Microsoft
Word file. For each of the postings, you should clearly state the date on which it was made.
Posting Guidelines
1. All postings must be written in a professional way.
2. Postings should be written in your own words. Copying and reproducing material from
other sources and representing it as your own work constitutes plagiarism and is likely
to result in the instigation of a formal Suspected Academic Offence process.
3. Following on from (2), you are encouraged to share with others in the class any
relevant information that you locate when carrying out research into specific topics.
This information may take the form of articles, website content, videos, etc. This
content should add to your own discussion (rather than replacing it) and the source(s)
of information must be clearly indicated.
4. You should endeavour to enter into interactive discussion and proffer help when
questions are asked by others in the class.
5. The Discussion Board is intended to represent a dynamic virtual classroom in which
you share your experiences, research, thoughts, etc. It is also an environment in which
you are encouraged to ask and respond to questions.
6. Discussion Board postings such as I agree (i.e. which do not move discussion forward)
will not contribute to your grade for Assignment 1.
7. You are expected to demonstrate that you have regularly contributed to the Discussion
Board and have meaningfully engaged in a number of activities. This means that you
should frequently access the Discussion Board.
8. You are expected to demonstrate involvement in interactive discussion with other class
members.
9. You are expected to demonstrate that you have undertaken research in developing
postings.
Marking scheme
50%: Quality of postings.
University of Derby Online Learning
January 2018 www.derby.ac.uk/online 11 of 12
25%: Regularity of postings.
25%: Engagement in interactive discussion
Assessment Presentation
When marking this assignment the academics will also be looking for the following criteria:
• Clear legible presentation.
• Good use of spelling, grammar and language throughout.
• Appropriate focus, meeting learning outcomes/assignment criteria.
• Logical progression and structure of arguments.
• (Normally) an introduction, a well-developed discussion and a conclusion summarising the work.
• The introduction will include an exploration of the focus of the assignment and discuss the way the
assignment has been approached.
• Evidence of a range of relevant supporting reading.
• Use of accurate, evidence based information to support the arguments made.
• Follow normal Academic Regulations in terms of Academic Offences, style and language.
• Use the Harvard system of referencing and you may include a bibliography that lists all resources
referenced.
• A declaration statement which says you have checked your Turnitin originality report and certain that
the work is your own (and has never been submitted for marking before by you, or anyone else)
• Maintain the confidentiality of clients/customers and persons associated with them, colleagues and
organisations
This module uses a grading scale applicable to Levels 5, 6 and 7 in the University Credit Framework. The
grade descriptors (on the next page) are typical characteristics of the standard of work associated with each
grade.
Level 4,5 and 6 Grade Descriptor
This module uses a grading scale applicable to Level 6 in the University Credit Framework.
The grade descriptors given below (page 12) show typical characteristics of the standard of work associated
with each grade.

% mark Mark Descriptors Cla
ss
70-100% Excellent
Outstanding; high to very high standard; a high level of critical analysis and
evaluation, inclusive original thinking; commendable originality;
exceptionally well coherence and logic. Trivial or very minor errors. For the
highest marks (90-100%): an exceptional standard of work illustrating
thorough and in-depth understanding, communicated with exceptional
authority.
First
60-69% Very Good
A very good standard; a very good level of critical analysis and
evaluation; significant originality; well researched; a very good standard
of presentation; commendable clarity of ideas; thoughtful and effective
presentation; very good sense of coherence and logic; minor errors only.
Second
Div 1
50-59% Good
A good standard; a fairly good level of critical analysis and evaluation;
some evidence of original thinking or originality; quite well researched; a
good standard of presentation; ideas generally clear and coherent, some
evidence of misunderstandings; some deficiencies in presentation.
Second
Div 2
40-49% Satisfactory
A sound standard of work; a fair level of critical analysis and evaluation;
little evidence of original thinking of originality; adequately researched; a
sound standard of presentation; ideas fairly clear and coherent, some
significant misunderstandings and errors; some weakness in style or
presentation but satisfactory overall.
Third
35-39% Unsatisfactory
Overall marginally unsatisfactory; some sound aspects but some of the
following weakness are evident; inadequate critical analysis and
evaluation; little evidence of originality; not well researched; standard
presentation unacceptable; ideas are unclear and incoherent; some
significant errors and misunderstandings. Marginal fail.
Marginal
Fail
21-34% Poor
Below the pass standard; a poor critical analysis and evaluation, virtually
no evidence of originality; poorly researched; presentation unacceptable
and not up to graduate standard; ideas confused and incoherent, some
serious misunderstandings and errors. A clear fail, short and pass
standard.
1-20% Very Poor
Well below the pass standard, with many serious errors. Standard of
presentation totally unacceptable, incoherent and may be severely under
length. No evidence of evaluation or application. A very clear fail, well
short of the pass standard.
Fail
NS Non-submission
No work has been submitted.
Z Academic offence notation
Applies to proven instances academic offence.

Feedback, marking criteria and grading of your assessment
This section tells you how the marker will assess your work fairly. All markers aim for our feedback to be:
timely, individual to you, helpful, empowering and manageable.
They will also offer you opportunities to discuss the marking criteria they intend to use, and the type of
feedback they intend to give you. You should create a shared understanding of this with them and your
peers during the course of the module. They may also give you opportunities to assess your own work and
the work of your peers. Look out for these opportunities.
Assessment markers can give you feedback and allocate marks to you using a range of methods and tools
that are appropriate to the specific module and assessment. The marker may make comments within your
script (in bubbles) and may also give you written comments in the long box. They may give you a form of
audio or video feedback.
When they give you feedback on your assessment, as a minimum, your marker will tell you:
• if and how you have met the relevant learning outcomes
• the areas within which you did well in this assessment (they will commend you)
• the areas you could have improved in this assessment (they will make suggestions)
• what activities you can work on to help you in your next studies (you can take these ideas forward
with you, and may discuss them with your Personal Tutor. You can also build them into your Action
Planning.
In this module specifically, they will use the following tools. This feedback and marking structure will be
specific to each component as relevant.
Assessment regulations
The standard University assessment regulations apply for this assessment. Please note that in line with the
University common assessment regulations, failure to submit coursework (i.e. non-submission) could lead
to you failing the module.
Details of assessment regulations are available at: https://www.derby.ac.uk/about/organisation/academicregulations/ (sections F and E).
Work Submitted late, will be marked according to University regulation, please see the University guidance
on Late Submissions.
Where to get other help to do your assessment
During the course of the module your tutor will offer you a range of help and support. There are contact
details for them within the module.
Other colleagues will offer help and guidance on the Student Portal.
In addition, the Academic Administrators will post helpful notices on your module announcement board.
You could also use the following links if you want extra help with:
Referencing and avoiding making an academic offence
Study Skills

The post 6CC548 – Cyber Security & Ethical Hacking appeared first on My Assignment Online.

Plagiarism Free Assignment Help

Expert Help With This Assignment — On Your Terms

Native UK, USA & Australia writers Deadline from 3 hours 100% Plagiarism-Free — Turnitin included Unlimited free revisions Free to submit — compare quotes
Scroll to Top