网络安全代写｜6005-CEM Security CW1: Security Audit
1. Critically evaluate a range of encryption and authentication methods for a given set of requirements.
4. Critically evaluate the security of an IT ecosystem.
In this coursework you are required to perform a security audit of a computer system and write a report on the results of the audit.
You will have access to a copy of the system, and the source code, you can find details on the learning platform.
You will need to perform an audit to find potential flaws in the system. You are free to choose appropriate method(s) for the audit process.
This can include (and is not limited to):
Use of Automated tools
Automated Code Review
While you are free to use any appropriate method for the audit. You will be expected to justify the decision. Why are the approaches chosen appropriate for the audit process, what are the benefits and drawbacks of the audit methods chosen.
You are expected to write a report suitable for a technical audience.
The report should describe the process used to Audit the system, and discuss any security issues found.
It is expected that the report will contain.
A description of the Audit method(s) used.
Methods used, and Justification.
Brief Description of any issues found, and an assessment of their seriousness
Overview and description of ALL vulnerabilities found in the system.
Detailed description of ONE issue.
What is the problem
How Severe is the problem
Any Suggestions for mitigation.
It is expected you make use of the supporting literature, and relevant citations, to support your findings.
A suggested structure for the report would be:
Description and justification for the Audit methods chosen.
Summary of results from code audit.
Summary of security vulnerabilities discovered.
Discussion of chosen vulnerability
Detailed description of a single vulnerably
Please submit your final report in PDF format, via the submission link.