Place Order

Vulnerability assessment

Task 1:

 

The word count is 600 words

evaluate the website (http://zero.webappsecurity.com/) and produce an analysis document. It should consist of:

  • Details of possible security vulnerabilities.
  • A list of standards appropriate to their business and any non-compliance against those standards.
  • A list of potential tools to be used and justification for your choices.
  • A summary of recommendations and potential mitigations that could be used to ameliorate any risks. These should be ordered by importance.

For this this first assessment, you will need to produce an analysis document that promotes the benefit of what you will be doing for the business and sets a baseline for the subsequent scans to be evaluated against.

Your analysis document to your client should cover the following requirements.

Assignment Breakdown

The assignment breakdown is highlighted below, to be reviewed alongside the grading criteria in Module Resources.

Knowledge and Understanding, weighted at 25%:

  • A baseline assessment of the website, based on academic research.
  • A list of potential security challenges based on research/review.

Application of Knowledge, weighted at 25%:

  • A list of the tools you will use, justifications for why you selected the tools.
  • A list of any (potential) impacts on normal operations caused by using the tools.

Criticality, weighted at 25%:

  • A list of assumptions and limitations of the tools and outputs produced.
  • A timeline for the completion of the assessment tests and evaluation.

Presentation and Structure of your work, weighted at 25%:

  • Includes spelling, style, evidence of proofreading, correct use (and format) of citations and references.

It is recommended you use tables and bullet-point lists to stay within the word count.

 

Assignment Checklist

  1. Bulleted/tabular list of security challenges (generic plus ones specific to the business).
  2. Brief discussion of standards relevant to the business – i.e., GDPR
  3. Bulleted/tabular list of the tools you will use (as well as your justifications, matching them against challenges).
  4. Methodology (remote or local, automated, or manual, etc.).
  5. Discussion on the available models/methodologies/tools and approaches.
  6. Selection of methods/tools/approaches.
  7. Business impacts on use of tools and methods (scanning in or out of hours, traffic).
  8. Timeline of the completion of the task.
  9. Summary of limitations and assumptions.

 

Learning Outcomes

  • Identify and analyse security threats and vulnerabilities in network systems and determine appropriate methodologies, tools and techniques to manage and/or solve them.
  • Design and critically appraise computer programs and systems to produce solutions that help manage and audit risk and security issues.

Task_1_-_Vulnerability_Audit_and_Assessment_-_Baseline_Analysis_and_Plan