系统安全代写 | SIT382 System Security Assessment 3 – Technical Report

本次澳洲代写是系统安全的一个assessment

To understand the most widespread and top-rated software errors

To demonstrate the capability of exploiting security vulnerabilities, verifying
experimental outcomes, and proposing technical solutions to rectify them

To gain experiences in writing a technical report for the conducted exploitation attacks

Total marks: 40

The SANS institute released the newest version of CWE/SANS Top 25 Most Dangerous Software
Errors in 2019. The list consists of top-rated and critical software weaknesses that may lead to
vulnerabilities being exploited by attackers.

In this assessment, you are required to choose a subset of CWE/SANS Top 25 Most Dangerous
Software Errors listed on SANS website (https://www.sans.org/top25-software-errors ) and
identify these vulnerabilities in selected systems. You need to complete a technical report to
document your experimental outcomes and findings. The report should consist of 3000-3500
words (minimum 3000 words, single spaced, 12pt font, on the A4-sized paper). The findings
should include exploitation of minimal 3 software errors chosen from the top 25 list. Each
error should have a different CWE ID.

This report needs to consist of following items:

– an overview of the chosen software errors
– description of the hacking environment
– description of technical findings and supporting evidence in screenshots
– critical analysis of technical findings
– discussion and justification of potential remedy actions based on findings

You are free to use the NetLab environment and any online pen testing platforms and follow
any instructions. The requirement is you will need to conduct the attacks by yourself. If we
find any content (e.g., screenshots) copied from lab instructions or online resources, we will
consider it as plagiarism.