CO4509 – Computer Security
April 28, 2020
Due date: 31st May 2020 11:59pm
Size: 12 pages, 3000 words
WidgetsInc has contracted Benny Vandergast Inc to develop their new webbased store. Benny Vandergast Inc has provided a VMware virtual machine for
testing. WidgetsInc have decided to give you the job of evaluating the security
of the system provided by Benny Vandergast Inc.
You should perform a security evaluation on the provided virtual machine
image. You have not been supplied with either the IP address of the system or
any usernames and passwords, you have have to discover these as part of your
Your report should include:
• A description of how you investigated the security of the system.
– include fully cited information on tools and techniques you used.
• A description of the results obtained.
• A proposal on how to secure the system.
– you should address each of the security issues you fnd.
2. Propose and justify suitable security for a networked computer system.
3. Use a range of security-related tools.
4. Critically evaluate tools and techniques for system security.
6. Research and report on a security-related topic, using appropriate
The assignment work should be submitted as a Word document or Portable
Document Format to the correct assignment slot on Blackboard1 before 11:59pm
on the 31st May 2020.
Late work must be submitted to Blackboard in the required assignment slot.
Penalties for late submission
Except where an extension of the hand-in deadline date has been agreed (using
extenuating circumstances forms), lateness penalties will be applied in accordance with University policy as shown in Table 12.
(Working) Days Late Penalty
|up to 5||maximum mark 50%|
|more than 5||0%|
Table 1: Late submission penalty
If you believe that you have circumstances that justify an extension of the
hand-in deadline for your assignment work, you should use the Extenuating
Circumstances procedure. Extensions (to a maximum of 10 working days) can
be granted when there are serious and exceptional factors outside of your control.
Everyday occurrences such as colds and hay fever do not normally qualify for
extensions. Where possible, requests for extensions should be made before the
The University considers extenuating circumstances to be conditions that
signifcantly impact on your work. Normally these will cover more than one
module. Requests for consideration of extenuating circumstances in respect
of assignment work submission, should be made using the MyUCLan3. You
shoud speak to your Academic Advisor prior to submitting. Whilst extenuating
circumstances are being considered, you should inform relevant module leader,
and continue with the assignment.
Feedback will be given to the class within 15 working days of the assignment
hand-in date. This may be done in the frst ffteen minutes of the lecture. This
will be followed by individual written feedback tying to the Learning Outcomes
listed in the assignment brief, together with any additional helpful feedback
such as areas for improvement and areas for improvement.
The University uses an electronic plagiarism detection system where your work
could be uploaded, stored and cross-referenced against other material. You
should know that the software searches the WWW, an extensive collection of
reference material and work submitted by members of the same cohort to identify duplicates.
For detailed information on the procedures relating to plagiarism, please see
the current version of the University Academic Regulations4.
Reassessment and Revision
Reassessment in written examinations and coursework is at the discretion of
the Course Assessment Board and is dealt with strictly in accordance with
University policy and procedures. Revision classes for referrals will take place
during ’reassessment revision, appeals and guidance week’ as marked on the
The mark for the reassessed component is subject to a maximum of 50%.
|Fail (10)||Pass (50)||Merit (60)||Distinction (70)||80 (80)|
|Investigation (30)||Brief description.||Investigation is superfcial.
Some security issues have
been identifed via the use of
automatic tools. Only inves
tigates one area of the sys
tem e.g. just web shop, OS
or the running services.
|Investigation includes mul
tiple aspects (OS, services,
application etc). Or goes in
depth into a single aspect of
|Good coverage across three
or more aspects (OS, ser
vices, application etc). Or
goes in depth into a two as
|Excellent coverage across all
aspects of the system. Pass
words have been recovered
rather than overwritten.
|Implications (30)||Brief description.||Poor or obvious implications
for each vulnerability found.
Or only some implications
are addressed or the impli
cations don’t match up with
the severity of the problem.
|Limited description of the is
sue and the implications .
Either all aspect covered but
to a superfcial level or only
goes into detail of a few of
the issues found.
|Good description of the is
sue and its implications. All
|Excellent description of the
issue and its implications.
Accurate and concise de
scription of each issue. Each
issue includes a description
of how to exploit the prob
|Securing (30)||Brief description doesn’t re
ally secure the system.
|Poor or obvious way of
securing the system, e.g.
overall recommendation of
just frewall/patching rather
than the way of dealing with
|Limited description of how
to secure the issues found.
|Good description of how
to secure the issues found.
Each identifed issues is ad
|Excellent description of
how to secure the problems
|Documentation(10)||Very poor. For example not
referenced, doesn’t address
the question or very poor
spelling and grammar mak
ing it hard to understand.
|Some items are referenced.
Poor grammar, spelling.
|Referenced. Good spelling,
grammar. Layout is consis
tent and make sense.
|Good quality documenta
tion. All items referenced,
fgures are labelled.
|Excellent. Publishable qual
- Assignment status: Already Solved By Our Experts
- (USA, AUS, UK & CA PhD. Writers)