In-course Assignment Information Sheet

CT080-3-2 Ethical Hacking and Incident Response

Intakes: UC2F1808IT(ISS)
Date Assigned: 12-Feb-2019
Date Due: Final document submission 13-May-2019
Progress Report: 1st April 2019
Presentation: 6th May 2019
Lecturer: Dr. Maryam Shahpasand

Assignment Overview

This assignment will contribute 100% towards the coursework marks.

Guidelines for the Report

Document the results of your work in a professional and systematic manner and submit one soft
copy and one hard copy. Your completed documentation should meet the following requirements:

1. Table of contents for every detailed chapter/section.

2. Introduction
3. Section x: Title
4. Section x: Title
5. Section x: Title
6. Conclusion
7. References
8. Appendices

Submission requirements

1. A CD containing an electronic version of the document.

2. Your report must be typed using Microsoft Word with Times New Roman font with 1.5 spaces.

3. The report has to be well presented and should be typed.

4. Ensure that the report is printed on standard A4 (210 X 297 mm) sized paper. Paper weight of 80
grams and above is highly recommended.
5. The report should have a one (1”) margin all around the page as illustrated below:

1 inch 1 inch

1 inch

1 inch
The Typed Text

1 inch

1 inch
1 inch 1 inch

6. Every report must have a front cover. A transparent plastic sheet can be placed in front of the
report to protect the front cover. The front cover should have the following details:-

a) Name(s)
b) Intake code
c) Subject
d) Assignment Title
e) Date Assigned (the date the report was handed out).
f) Date Completed (the date the report is due to be handed in).

All information, figures and diagrams obtained from external sources must be referenced using the
Harvard referencing system accordingly.
 CLO Analyze the procedures of ethical hacking and incident handling using Group
1 suitable tools and methodologies (C4,PLO3) Assignment

CLO Propose appropriate vulnerability assessment for Digital Assets in an Group

2 organization (A5,PLO7) Assignment

CLO Select suitable tools and methodologies for handling incidents Group
3 (A3,PLO6) Assignment

CLO Group
Cooperate as a team to respond to an incident (A2,PLO5)
4 Assignment

PLO3 - Problem Solving and Scientific Skills

PLO7 – Information Management and Lifelong Learning Skills
PLO6 – Values, Attitudes and Professionalism
PLO5 - Social Skills, Team Skills and Responsibilities

Assignment Question:

You have completed your BSc. Degree and are looking for a cybersecurity job. You have been
shortlisted in the position advertised below:
Company: GoSecure (https://gosecure.net/about-us/)

Since 2002, GoSecure’s mission is to provide organizations with expert cybersecurity services and
solutions that reduce IT security risk and address specific business challenges. By offering innovative
services and focusing on quality, respect and integrity, GoSecure has rapidly become a national
provider of professional and technical security services for organizations and governments of all sizes.

Our expertise in strategic, tactical and operational areas, combined with investments and industry
contributions in security research and development has enabled GoSecure to collaborate with
organizations that have unique and complex security requirements. With offices in Montreal, Toronto,
Quebec City, Halifax and London (U.K.), we leverage a team of more than 80 qualified analysts and
engineers with academic and Professional backgrounds dedicated to cybersecurity.

GoSecure has two Security Operational Centres (SOCs) which operate on a 24x7x365 basis. They
allow us to provide managed services for cybersecurity platforms including SIEM, firewalls, IPS,
EDR solutions, patch management, and incident response. Furthermore, our Halifax Advanced
Response Centre (ARC) is committed to Threat Hunting and Incident Response services.

Cybersecurity Analyst / Engineer: Ethical Hacking and Incident Response

JOB DESCRIPTION

In this position you will perform ethical hacking assessments on multi-protocol networks and
application systems to our various clients ranging from banking to law enforcement. Tasks will be
highly technical, requiring an excellent understanding of security technologies and strategies.
Qualified candidates will:

 Provide strategic and technical recommendations following identification of vulnerabilities in

operating systems, applications, and network infrastructure;
 Evaluate security controls and recommend corrective actions to mitigate technical risks;
 Deliver reports outlining test results and present to technical and non-technical staff;
 Develop and maintain methodologies and tools to enhance the company security testing
services;
 Participate as a subject matter expert in cyber security incident and breach investigations and
post-breach remediation work.

Potential candidates who have applied has been segregated into groups of 4 and are asked to prepare a
report on how they will protect the organization utilizing skills from these 3 areas as part of a
cybersecurity team: Vulnerability Assessments, Ethical Hacking and Incident Handling.
As a group participating in the interview, you are to prepare the report in an organized way according
to the phases involved. Your report needs to be convincing and must include suitable examples of
tools and technology that can be used, both open source and commercial.
The report should be around 5.000 words.
You must be able to present your findings through a team presentation and will be assessed on your
understanding of the subject matters in a question and answer session.
 Marking Scheme (based on SLT):

Individual Components (90%)

CLO1: Analyze the procedures of ethical hacking and incident handling using suitable tools and methodologies
(Problem Solving and Scientific Skills = 25 marks)

2
Marking 0-1 3 4 5 Marks
Criteria (Marginal Awarded
(Fail) (Pass) (Credit) (Distinction)
Fail)

Not able to Able to Able to evaluate Able to Able to

select evaluate several evaluate evaluate
appropriate several solutions and several several
alternative solutions but able to select a solutions and solutions and
solution. not able to solution that clearly and able to clearly
Evaluation select an partially solves accurately and accurately
appropriate a problem with select select
solutions with minimum alternative alternative
maximum assistance. solutions solutions in
assistance without detail.
assistance.

Marking 0-2 3-4 5-6 7-8 9-10 Marks

Criteria (Distinction) Awarded
(Fail) (Marginal (Pass) (Credit)
Fail)

Almost no Limited Sufficient Good Very good

analysis, analysis, analysis, analysis, analysis,
comparison comparison comparison and comparison comparison
Analytical and and evaluation evaluation of and and
& Critical evaluation of of facts. Very facts. Minimal evaluation of evaluation of
Thinking facts less critical critical facts. facts. Good
presented. discussion. discussion. Sufficient critical
critical discussion
discussion but with
lack of supporting
evidence evidence.
Not able to Able to Able to Able to Able to
integrate integrate integrate integrate integrate
existing existing ideas existing ideas existing ideas existing ideas
Integration
ideas. but unable to and provide and provide and provide
provide new new solutions new solutions new solutions
solution with assistance. clearly. very clearly.
 CLO2: Propose appropriate vulnerability assessment for Digital Assets in an organization
(Information Management and Lifelong Learning Skills = 30 marks)

Marking 0-2 3-4 5-6 7-8 9-10 Marks

Criteria (Distinction) Awarded
(Fail) (Marginal (Pass) (Credit)
Fail)

Criteria A

Criteria B

Criteria C

CLO3: Select suitable tools and methodologies for handling incidents

(Values, Attitudes and Professionalism = 35 marks)

2
Marking 0-1 3 4 5 Marks
Criteria (Marginal Awarded
(Fail) (Pass) (Credit) (Distinction)
Fail)

Criteria A

Marking 0-2 3-4 5-6 7-8 9-10 Marks

Criteria (Distinction) Awarded
(Fail) (Marginal (Pass) (Credit)
Fail)

Criteria B
Marking 0-4 5-8 9-12 13-16 17-20 Marks
Criteria (Distinction) Awarded
(Fail) (Marginal (Pass) (Credit)
Fail)

Criteria C

Group Components (10%)

CLO4: Cooperate as a team to respond to an incident
(Social Skills, Team Skills and Responsibilities = 10 marks)

Marking 0-2 3-4 5-6 7-8 9-10 Marks

Criteria (Distinction) Awarded
(Fail) (Marginal (Pass) (Credit)
Fail)

Criteria A

Criteria B

Total Marks (Group + Individual) /100