THE ASSIGNMENT TASK:
All parts are small academic reports and as such the following report structure is expected for each milestone report:
- Introduction, where you will discuss your plan for solving the problem introduced by the module team
- Main Body, where you will develop your arguments
- Conclusions, where you will critically discuss your findings
- References, aim for an average of 20 references (yes, 20 for each task!)
- Appendixes
You are expected to demonstrate an insight into the implications of the problem introduced in each task by using clear and concise arguments. The reports should be well written (and word-processed), showing good skills in creativity and design. Sentences should be of an appropriate length and the writing style should be brief but informative.
During the teaching weeks you will have the opportunity to submit draft copies of your portfolio activities. The module team will provide feedback based on your draft copies and advice regarding your progress (if it is deemed necessary). The deadline for the complete Portfolio is the 19.12.2016.
Task A – “Hacking is not a criminal activity”
Task A is weighted at 25% of the overall portfolio mark. It is expected that this part of the portfolio will be in the region of 1000 words. You are required to expand on the title and develop your arguments to clearly state whether you agree or disagree with the statement in the title: “Hacking is not a criminal activity”. You should explain ‘criminal activity’, define ‘hacking’ and critically argue the statement.
The DRAFT deadline for Task A is on the 17.10.2016 by electronic submission via OnlineNet. You will then receive formative feedback on your work, allowing you the opportunity to reflect on your activities and improve your work where necessary. The final copy of Task A should be included in the final Portfolio. Although there are no allocated marks for references and bibliography you are expected to use appropriate peer reviewed sources for developing your arguments, and the Harvard referencing style as per the University regulations.
Task A, Assessment Criteria
|
Mark Available
|
Computer Crime definition
|
5
|
‘Criminal activity’ discussion
|
5
|
‘Hacking’ definition & explanation
|
5
|
Critical discussion (your justified & supported opinion)
|
10
|
Total
|
25
|
Note: please see next page for remaining tasks.
Task B – SOP for PenTesting
Task B is weighted at 25% of the overall portfolio mark. It is expected that this part of the portfolio will be in the region of 1000 words. You are expected to comment on the published penetration testing methodologies and design/develop a Standard Operating Procedure (SOP), including a decision making tree, to describe the phases of: intelligence gathering, target profiling, vulnerability identification, target exploitation and post exploitation. An SOP is defined as a set of step-by-step instructions compiled by an organisation to help workers carry out routine operations.
The DRAFT deadline for Task B is on the 14.11.2016 by electronic submission via OnyNet. You will then receive formative feedback on your work, allowing you the opportunity to reflect on your activities and improve your work where necessary. The final copy of Task B should be included in the final Portfolio. Although there are no allocated marks for references and bibliography you are expected to use appropriate peer reviewed sources for developing your arguments, and the Harvard referencing style as per the University regulations.
Task B, Assessment Criteria
|
Mark Available
|
PenTest Methodology Discussion
|
5
|
SOP for PenTesting
|
10
|
Decision Making Tree
|
10
|
Total
|
25
|
Task C – Penetration Test
Task C is weighted at 45% of the overall portfolio mark. It is expected that this part of the portfolio will be in the region of 1000 words. You are expected to conduct a penetration test against a target system that will be provided to you. You are required to present your findings in a PenTest report in a factual manner so as to convince decision makers of a large corporation on business strategies. The target system will be accessible via the Internet. Details regarding the target will be given to you closer to the release day of the Task. During the first weeks of the module you will setup the PenTest rig you will be using for the practical activities. A time booking system will be in place to ensure that all students get appropriate time on a target undertaking this activity.
There is no DRAFT deadline for this Task. The FINAL deadline for Task C and for the WHOLE portfolio is on the 19.12.2016 by electronic submission via OnyNet. Although there are no allocated marks for references and bibliography you are expected to use appropriate peer reviewed sources for developing your arguments, and the Harvard referencing style as per the University regulations.
Task C, Assessment Criteria
|
Mark Available
|
Attack Narrative
|
15
|
Vulnerability Detail & Mitigation
|
20
|
Report Structure
|
10
|
Total
|
45
|
Overall Portfolio Conclusion and Reflection
The overall portfolio conclusion, offering your reflection on the undertaken activities and the encountered problems carry 5% of the overall portfolio mark.
|