Scanning, Reconnaissance and Vulnerability Assessment
Coursework 1: Part A
Course: COMP07075 Security Fundamentals

Subject: Important Note for Coursework Submission
Dear Students,
Please ensure that all snapshots provided as outputs display your Student ID and Name (only in Englih) on the terminal/Operating System GUI. This is necessary for verifying the authenticity of your work.
To do this, you can create a new username (your name or Banner ID) in Kali/Ubuntu Linux so that it appears on the terminal while running your commands.
Failure to comply with this requirement may impact your score, as it will be difficult to confirm whether you have performed the experiments yourself.
Thank you for your cooperation! Babak 
Subject: Important Note on AI Tool Usage and Academic Integrity
Dear Students,
Please do not use ChatGPT or any other generative AI tools to produce your solution. Any detected use of AI-generated content will result in your case being forwarded to the Academic Integrity Committee.
Plagiarism is a serious offense, and it is essential to ensure that all submitted work is your own. Please adhere to academic integrity guidelines to avoid any penalties.
If you have any questions or need clarification, feel free to reach out.
Best regards, Babak
Task 01: List the various common threats to your IT/Network infrastructure against each component/device.  (Marks assigned 10). 

Task 02: Demonstrate the TCP three-way handshake using Wireshark. (Marks assigned: 18)
1.In your Kali VM, capture the network traffic using the Wireshark tool. Open a website and generate website traffic. 
2.Using captured traffic, explain DNS, TCP-Three-way handshake and HTTP GET/POST methods. 
3.Explain how the TCP three-way handshake can be used to carry out a DoS attack and how to stop that attack. 
4.Provide proper evidence in the form of screenshots and an explanation. 
Task 03: Vulnerability Assessment of the target machine (Marks assigned 10)
5.Create a network of Metasploit VM and Kali Linux. The network should have IP addresses from network ID 192.168.2.0/24. 
6.Use a scanning tool like nmap and list all the vulnerable/open ports of your target machine. Provide an output snapshot with a caption. 
7.Discuss the top 5 open ports and their associated vulnerabilities. For example, if you see port 80 open, what can be vulnerabilities a target machine can face if port 80 is open? Provide a brief explanation for each opened port.
Task 04: Security Policies (Marks assigned 12)
1.Discuss how security policies and cyber security essential training can mitigate the risk of cyber-attacks on a company.
2.Consider yourself as a Cyber Security Analyst of a company, list the most important points of various cyber security policies that are helpful in mitigating the risk of cyber-attacks and why?  
请加QQ：99515681  邮箱：99515681@qq.com   WX：codinghelp