Full Question

This assignment will contribute 50% towards the module assessment marks and consists of a list of tasks as follows: Work in a team of 3 or 4. Find 1 recent data breach or cyber-attack related case study (2015 2021). Generate a comprehensive technical report with necessary evidence

Assignment Question

This assignment will contribute 50% towards the module assessment marks and consists of a list of tasks as follows: Work in a team of 3 or 4. Find 1 recent data breach or cyber-attack related case study (2015 – 2021). Generate a comprehensive technical report with necessary evidence by completing the below tasks:

SECTION A (GROUP COMPONENT: 50%)

Critically analyze the important contexts in the selected case study and gather the following cyber threat intelligence on them:

1. Overview of the case study
2. Threat targets and potential impacts
3. Cybercrime profiling
4. Tactics, Techniques, and Procedures (type of attack, attack vector(s), and vulnerability(s) exploited
5. Summary and conclusion (combining Section A and B)

SECTION B (INDIVIDUAL COMPONENT: 50%)

1. Devise a plan on simulating the attack - mimicking the likely attack paths and techniques used by malicious actors (with tool based demonstration as proof of concept and screenshots as evidence) – Breach and Attack Simulation Plan
2. Devise a plan on detecting these types of attacks (with tool based demonstration as proof of concept and screenshots as evidence) – Detection Action Plan
3. Find 1 memory dump/hard disk image/pcap files/live data gathering relevant/similar to your case study to look for any evidence of malicious activities that can be used as forensics evidence. Critically analyze and present the findings with evidence containing traces of malicious activity (step by step screenshots and explanations) – Forensics Analysis
4. Devise a plan (Cybersecurity Playbook) on responding to incidents and capturing forensic evidence on these types of attacks. Suggest suitable prevention plan using any security technologies and propose suitable approaches to prevent these types of incidents happen in the future (Discussion might include Data Access Rights, Ethical Responsibility of IT Pros, Policies & Standards, etc.) - Incident Response Plan + Prevention Action Plan

WARNING: DO NOT try the chosen tools or techniques on real systems! You should test and create your simulations by using Isolated/Testbed environments such as VMWare, Metasploitable, DVWA, and etc.

 Guidelines for the Report

Each group is required to conduct research and provide a report on the aforementioned areas. The report must be typed with Times New Roman font and size 12 with an approximate length of 8000 words (excluding diagrams, appendixes, and references)

Document the results of your work in a professional and systematic manner and submit one soft copy per group. Your completed documentation should meet the following requirements:

1. Table of contents (for every section)
2. Introduction
3. Sections (with detailed findings and critical analysis)
4. Conclusion
5. References
6. Appendices (if any)
7. Workload matrix

Submission requirements

1. All report is to be submitted through the Moodle Online Submission.
2. Your report must be typed using Microsoft Word with Times New Roman font with 1.5 spaces.
3. The report has to be well presented and should be typed.

Download Full

×

Download Full Solution

Submit