Demonstrate an understanding of the fundamental concepts and theories of Cybersecurity: Cyber Security Course Work, UOWL, UK

University University of West London (UoWL)
Subject Cyber Security

Learning Outcomes, 

  1. Demonstrate an understanding of the fundamental concepts and theories of Cybersecurity.
  2. Demonstrate evidence of critical thinking, analysis, synthesis, and evaluation in the design and formulation of Cybersecurity solutions.
  3. Select relevant Cybersecurity tools and techniques, and show how they can be effectively

Task 1:

Network Diagram (addressing LO1): With reference to the network description in the scenario, you are required to draw a network diagram following the approach covered in the week 6 seminar. You must label all devices with reference to the following: operating system version, I Tech’s domain name is mapped to IP address 134.83.62.1); and role of the device (e.g., web server, workstation, network switch). You can create subnets for each space (e.g., Office, Server room, etc.) using all the IP addresses in the range 134.83.62.1-134.83.62.254 in order to keep spaces separate.

During a Red Team exercise, it is discovered that the Windows server which hosts the public-facing website and the internal document storage runs an outdated version of the Microsoft SharePoint 2019 server which has a known software vulnerability (see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41344). This vulnerability can be exploited by an attacker who accesses the document storage service from a remote location to deploy and execute unauthorized code to the Windows server.

This enables attackers to create Windows user accounts on the infected machines and to access the infected machines through Remote Access software such as TeamViewer, Go2Assist, and LogMeIn. In addition to the vulnerability discovered during the Red Team exercise, the National Cyber Security Centre has recently issued an advisory that UK businesses are actively being targeted by crypto-jacking attacks.

Cryptojacking is the act of taking over infected machines to utilize idle CPUs for mining cryptocurrencies such as Bitcoin and Ethereum. In this type of attack, corporate employees are sent phishing e-mails

Do You Need Assignment of This Question

Task 2

Threat Reporting and Attack Vector Mapping (addressing LO1 and LO2): Taking into account the Red Team exercise findings and the NCSC advisory, you are required to identify potential threats to the assets in the network. You must identify and justify at least one threat based on the findings of the Red Team exercise and at least one threat based on the NCSC advisory. In addition, you must identify the attack vectors that should be employed if a threat agent gives rise to these threats, describe how these attack vectors can pose a threat to an asset, and map these vectors to the MITRE ATT&CK framework. Specifically, you should match the attack vectors to the Tactics and Techniques in the ATT&CK framework

Task 3 

Risk Assessment (addressing LO2): Having identified the required number of threats, you are required to conduct a risk assessment for the Brunel Tech start-up network. You must use the risk register that is provided in the coursework template and explain the Confidentiality, Integrity, and Availability implications for Brunel Tech

Task 4 

Risk Controls (addressing LO3): Using the risk register that you have compiled in your response to Task 3, you are required to select the appropriate controls to mitigate the risks that you have identified and give the reasons for your chosen controls. At least one control must be selected for each of the risks that you have specified and you must specify the Cybersecurity tools that implement the risk controls that you have chosen

Buy Answer of This Assessment & Raise Your Grades

Hire a top-notch coursework writing service at StudentsAssignmentHelp.co.uk. our coursework writers are experienced and knowledgeable to design step-by-step coursework solutions on cyber security assignments at the lowest price.

Answer