Faculty of Technology – Coursework Brief 2020/21
|Module name:||Foundation of Cyber Security|
|Title of the Assignment:||Combined Coursework|
|This coursework item is: (delete as appropriate)||Summative|
|This summative coursework will be marked anonymously: (delete as appropriate)||Yes|
|The learning outcomes that are assessed by this coursework are: 1. Create a new or modify an existing C program in order to complete a given specification 2. Explain and demonstrate understanding of an operating system’s persistent storage 3. Evaluate and justify the use of cryptographic tools and techniques in an application context 4. Critically analyse network traffic to identify potential vulnerabilities 5. Relate knowledge of topics to cyber security domain|
|This coursework is:||Individual|
|If other or mixed … explain here:|
|This coursework constitutes 100% of the overall module mark.|
|Date & Time Due:||14/01/21 23:59pm|
| Your marked coursework and feedback will be available to you on: If for any reason this is not forthcoming by the due date your module leader will let you know why and when it can be expected. The Associate Professor Student Experience (firstname.lastname@example.org) should be informed of any issues relating to the return of marked coursework and feedback.
Note that you should normally receive feedback on your coursework by no later than 20 University working days after the formal hand-in date, provided that you have met the submission deadline.
| When completed you are required to submit your coursework via: Electronic copy to blackboard through Turnitin.
If you need any support or advice on completing this coursework please visit the Student Matters tab on the Faculty of Technology Blackboard page.
|Late submission of coursework policy: Late submissions will be processed in accordance with current University regulations which state: “the time period during which a student may submit a piece of work late without authorisation and have the work capped at 50% at PG level if passed is 14 calendar days. Work submitted unauthorised more than 14 calendar days after the original submission date will receive a mark of 0%. These regulations apply to a student’s first attempt at coursework. Work submitted late without authorisation which constitutes reassessment of a previously failed piece of coursework will always receive a mark of 0%.” Word Limits Word limits are set as appropriate to individual modules. The policy is to usually to allow answers to exceed the word limit by up to 10% without penalty, and then a penalty of up to 20% of the marks for answers that exceeded the word limit by up to 30%. Any content that exceeds the word limit by over 30% would not be marked and hence not contribute to the final mark.|
|Academic Offences and Bad Academic Practices: These include plagiarism, cheating, collusion, copying work and reuse of your own work, poor referencing or the passing off of somebody else’s ideas as your own. If you are in any doubt about what constitutes an academic offence or bad academic practice you must check with your tutor. Further information and details of how DSU can support you, if needed, is available at: http://www.dmu.ac.uk/dmu-students/the-student-gateway/academic-support-office/academic-offences.aspx and http://www.dmu.ac.uk/dmu-students/the-student-gateway/academic-support-office/bad-academic-practice.aspx|
| Tasks to be undertaken: Write a C program to implement a Vigenère cipher. You may use whatever IDE you wish but the program must be compiled with the standard gcc compiler. Your program should give the user the option to either encrypt or decrypt a message. The user should be prompted to enter the passphrase to be entered and the keyword to be used in the cipher. The output should be text printed to stdout. Comments should be used to explain the rationale behind the design of your code. You must also provide a critical analysis as to the robustness of the Vigenère cipher and provide a recommendation as to whether or not it would be it would be sufficient for use in communications between colleagues within a non-technical environment. (25 MARKS) In your role as an Information Security Specialist for Global Designs Limited, you have been tasked with creating a set of policies for secure data. The data stored by Global Designs Ltd has a useful lifetime of 1 year, after which it is deleted. This deletion is done simply using the delete functionality of the Operating System. You are required to determine if this is adequate to fully delete the data, if not provide potential ways to recover the data and recommendations for how the data could be securely destroyed. They have asked that the report contains an overview of how data is deleted and recovered at a level the non-technical staff can understand as well as a more technical explanation of the architectural differences between the two for the IT Department. You may include any images or other supporting material within a single appendix. The report should not exceed 1,500 words. (25 MARKS)
In your role as a consultant for Data Storage Solutions, you have been tasked with providing a report into the current state of the art encrypted e-mail solutions. Identify if information can be extracted from e-mails if the network traffic has been intercepted. If it can, identify how the solutions you have assessed solve this problem. Different existing solutions should be considered, critically analysed and compared. Additionally, an overview of the current state of the art research in the field should be included. At the end of the report, clear guidelines should be included detailing when it would be most appropriate to use each solution covered in the main report. The report should not exceed 1,500 words. (25 MARKS) Download the pcap file CTEC5801_coursework.pcap and analyse the traffic. Identify, analyse and explain all connections and interactions you can identify. Assess whether or not any of the connections might be suspicious, identify these and explain why they might pose a danger. You must include: – Start frame – Mac address of host initiating the connection – Mac address of destination host – IP address of host initiating connection – IP address of destination host – The port used by the initialising host – The port used by the destination host (25 MARKS)
|Deliverables to be submitted for assessment: Report detailing the criteria mentioned within the tasks to be undertaken section.|
|How the work will be marked: Refer to marking grid|
|Module leader/tutor name:||Mehmet Sabir Kiraz|