Module Learning Outcomes Assessed
1. Critically evaluate a range of encryption and authentication methods for a given set of requirements.
4. Critically evaluate the security of an IT ecosystem.
Task and Mark Distribution
In this coursework you are required to perform a security audit of a computer system and write a report on the results of the audit.
You will have access to a copy of the system, and the source code, you can find details on the learning platform.
You will need to perform an audit to find potential flaws in the system. You are free to choose appropriate method(s) for the audit
process. This can include (and is not limited to):
- Code Review
- Use of Automated tools
Automated Code Review
While you are free to use any appropriate method for the audit. You will be expected to justify the decision. Why are the approaches chosen appropriate for the audit process, what are the benefits and drawbacks of the audit methods chosen.
You are expected to write a report suitable for a technical audience.
The report should describe the process used to Audit the system, and discuss any security issues found.
It is expected that the report will contain.
- A description of the Audit method(s) used.
Methods used, and Justification.
- Brief Description of any issues found, and an assessment of their seriousness
Overview and description of ALL vulnerabilities found in the system.
- Detailed description of ONE issue.
What is the problem
How Severe is the problem
Any Suggestions for mitigation.
- It is expected you make use of the supporting literature, and relevant citations, to support your findings.
A suggested structure for the report would be:
- Audit Method(s)
Description and justification for the Audit methods chosen.
- Audit Results
Summary of results from code audit.
Summary of security vulnerabilities discovered.
- Discussion of chosen vulnerability
Detailed description of a single vulnerably
本网站支持 Alipay WeChatPay PayPal等支付方式
E-mail: firstname.lastname@example.org 微信号:vipnxx