Description of the vulnerability, exploit, and attack software Describe the vulnerability that the.. 1 answer below »

Description of the vulnerability, exploit, and attack software

Describe the vulnerability that the attack exploits, including how or why the vulnerability

exists, what versions of software are vulnerable. Include a technical overview of the

category of vulnerability (for example, command injection, buffer overflow, or other as

appropriate). Then introduce the exploit and attack software you have chosen to use, and

give a detailed description in technical low-level terms of how the attack software is able to

exploit the vulnerability. Be sure to describe and differentiate between the vulnerability,

exploit, and the attack software.

Anatomy of an attack

Describe each of the steps of the attack using the attack software of your choice to exploit

the vulnerability you have chosen. This will typically include information gathering (such as

footprinting, scanning, and enumeration), exploitation, and post-exploitation. Throughout

this section use screen-shots demonstrating how each of the stages of attack are carried

out, and to illustrate the practical implications of the attack.

Information gathering: How can an attacker gather all of the information needed to

identify a target, determine that it is vulnerable to attack, and gain all the information

needed to attack the target?

Exploitation: How can an attacker exploit the vulnerability to impact a process, system, or

network? Describe the technical goings on behind the steps taken by the attacker.

11Post-exploitation: What malicious actions are possible after a successful attack? For

example, can the attacker modify a user’s file, add user accounts, modify system

files/programs, modify the kernel, and so on? What are the limitations of what the attacker

can do? What actions could the attacker take to maintain access and cover their tracks?

Note that there are marks allocated for describing and illustrating each of the above stages

of attack.

Recommendations for preventing the attack

In this section, describe recommendations that you believe should be implemented for a

system/organisation that is vulnerable to this attack. Briefly describe the various layers of

security controls (such as firewalls, access controls, anti-malware, IPS, or as appropriate)

that can be used to mitigate the risk posed by the attack, and explain which stages of the

attack can be thwarted by those security controls. Provide any other recommendations for

mitigating the risk, (for example, choosing different software, or training users). Only make

recommendations that apply to defend or prevent against the attack you have described.

Provide a screen-shot demonstrating a failed attack attempt against a protected (or not

vulnerable) system. For additional marks, show evidence that you have secured the

originally vulnerable target against the attack.

Related software

Provide a summary of the attack software you have used, and further describe the scope of

the attack software: what else can the software be used to do? Briefly describe other

attack software that can be used as an alternative to achieve the attacks demonstrated in

the report.


Conclude your report with a summary of your attack, software, and the implications for ICT



Harvard references, each of which should be cited within your report. I recommend using a

bibliographic tool, such as Zotero.

Your report should be 2000-3000 words.

The following marking criteria will be applied.

• 70% Content: Refer to the list above for the sections that should be covered. Marks will be

allocated based on the selection of tools and attacks, the breadth and depth of the

coverage of each section, and the evidence provided that you have put the attack/defense

12into practice.

Your report should include all of the information described in the sections above, and

follow the same structure. Marks will be assigned for the coverage of each of the

requirements, which are detailed above.

• Marks will be allocated for the front matter and introduction 5%, description and

choice of attack and software 15%, anatomy of attack 30%, prevention 10%,

related software 5%, conclusion 5%.

• 15% Overall quality: Marks are allocated based on the use of clear and grammatically

correct English. The report should be in third person, and should aim for a relatively formal

tone. Also, it should be formatted consistently.

• 15% Harvard referencing: Use of Harvard referencing. You should aim to include at least 10



Description of the vulnerability, exploit, and attack software Describe the vulnerability that the.. 1 answer below » was first posted on July 6, 2020 at 4:34 am.
©2019 "Submit Your Assignment". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at

"Are you looking for this answer? We can Help click Order Now"