CSE1ICB Introduction to Cyber Security Assignment
Assignment 2: Data Breaches – Threat Assessment
- Please submit via CSE1ICB LMS page Assignment submission section.
- This assignment is due on Sunday 14th May 2022 before 11.59 pm.
- Evaluation: 20 marks (= 20% of your final grade) + 2 marks bonus (part 2)
- You must submit your assignment only as a PDF file for Part 1 and Packet Tracer file (.pkt) for Part 2.
- Please write your full name and student number on the top of the first page.
Section 1: Examining Data Breaches (10 Marks)
Data breach is when data is stolen or shared by an unauthorised person or third-party. Cyber criminals around the world can take advantage of massive company breaches to steal your money, identity, and other valuable information. Data breaches are one of the most impactful security breaches that occur annually not only for small businesses and organisations, but also for famous companies and governmental sectors.
You need to use the following link to explore some of the biggest data breaches occurred between 2020 and 2022. You can scroll down on the website to explore the data breaches in various large and small companies all over the world. The size of the bubbles indicates the impact and number of people affected. You can click “Read a bit more” to see the original report.
Select Only Two data breaches occurred between 2020 to 2022 and write a short report about the data breach and include the following points into your report.
- Identify the victims and impacts of damage.
- What was the method of leak or explain how the data was stolen or revealed (find the weakness)
- Which security control of mechanism could have prevented the leak
|World’s Biggest Data Breaches||https://www.informationisbeautiful.net/visualizations/worlds-biggest- data-breaches-hacks|
You should use between 300 and 700 words in total to answer these questions.
Section 2: Threat Assessment (10 Marks)
The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This Database is one of the most well-known vulnerability repositories that provides useful information regarding current vulnerabilities and quantifies them based on some important metrics such as Base score, exploitability, Impact, and so on.
The NVD vulnerability search engine: https://web.nvd.nist.gov/view/vuln/search
Understanding the importance threat and risk assessment, a small business wants to strengthen its security posture by analysing the vulnerabilities and threats in its network (shown in Figure 1) to assess the risks involved. After risk assessment the company will decide to accept, avoid, or mitigate the risk.
The company’s network has three subnets: i) Staff subnet, ii) Finance subnet, and iii) HR subnet. At least one host in each subnet is connected to internet and can be the entry point of cyber-attacks. Only PC0 in staff subnet, PC 4 in finance, and Server 0 in HR are given public IPs and are connected to the internet.
The company purchases the Nessus vulnerability scanner tool to scan its subnets and hosts for possible vulnerabilities. The results of the Nessus scanner tool for vulnerabilities of only the hosts that are connected to the internet are reported in table below:
|Host||Vulnerability discovered||Description of vulnerability||CVSS exploitability score||CVSS Impact score|
Step 1: Complete the above table (Table 1) by searching each vulnerability in NVD vulnerability search website.
Step 2: The risk assessment team suggests the following formula to compute risk for each Host:
Risk = Likelihood * Impact
- Likelihood (probability of attack success): this can be achieved based on the exploitability metric divided by 10 based on Table 1 for each vulnerability. For example, if exploitability is 8.6, the likelihood is (8.6 / 10 = 0.86)
- Impact: this can be achieved based on the Impact metric in for each vulnerability in Table 1. Complete Table 2 by assessing the risks for each host given in the table 2 (based on the above formula).
|Hosts||Likelihood (Exploitability / 10)||Impact||Risk||Rank Severity based on the Risk (Priority of patching Vulnerabilities) Rank 1 (top) – 3 (low)|
Part 2: Network Simulation – Access Control List (Bonus: +2 Marks)
To reduce of the risks of malicious access to the server, the company plans to restrict access to the server 0 (in HR) from the hosts that are connected to the internet (PC0 in staff subnet and PC 4 in finance).
Your task is to build an access list policy, using the Packet Tracer, for the company’s network shown in Figure 1 that satisfies the following firewall policy (networks are given in Figure 1).
- PC 0 in Staff network and PC 4 in Finance subnet cannot ping Server 0 in HR. Here is hint for assigning IP addresses to PCs, Routers’ interfaces, etc.
|Subnets||Network address||Broadcast address||Hosts from||To|
|Staff||192.168.0.0 /24||192.168.0.255 /24||192.168.0.1 /24||192.168.0.254 /24|
|Finance||192.168.2.0 /24||192.168.2.255 /24||192.168.2.1 /24||192.168.2.254 /24|
|HR||192.168.1.0 /24||192.168.1.255 /24||192.168.1.1 /24||192.168.1.254 /24|
Submit two files: File 1 (a PDF) including a report for Part 1-Section 1 and Completed tables for Part 1- Section 2. File 2: Packet tracer solution (.pkt) for Part 2.
*Note: As your submission will be checked by Turnitin – Don’t submit a zip file!
This assignment is weighed 20% (+2% bonus) of the overall subject marks.