Computer Security: Ethical Hacking


Writer should dis play screen shorts and name them whiles writing. Pls read the attached question carefully.

Ethical Hacking and Security (1900-2100 words count).
Scenario: You are employed as an ethical hacker for a major UK bank. Recently a computer system on the company network has been compromised. The head of cyber security has instructed you to investigate the compromised computer. A virtual machine (VM) image has been provided. You are required to write a two thousand (2000) word report as detailed in parts one, two and three. Include good academic references and citations in your report to support your analysis. Write a clear, concise and well-presented report.

Part one: Identify and exploit the vulnerabilities provided in the image.
Identify, evaluate and exploit five vulnerabilities from the image provided, this is known as the target of evaluation (ToE). Complete this in association with the relevant ethical hacking stages to compromise a target system. Document each stage of your ethical hack in accordance with a recognised ethical hacking methodology.

The scanning and enumeration documentation needs to include the following: open ports, associated services and identified vulnerabilities.

The system hacking documentation needs to include the tools and techniques used to ethically hack each of the vulnerabilities, only one tool and technique required per vulnerability. Document the attack vector used to exploit the associated vulnerability. Provide clear screenshots and evidence of the vulnerabilities including how they were exploited. Document and present all the evidence in your report. Your report should demonstrate a clear process of how you identified and exploited the vulnerabilities.

Part two: Provide detailed technical analysis of the protection techniques to help mitigate any two of the vulnerabilities identified from the image provided in part one.
It’s possible to exploit vulnerabilities in several ways. Identify any of the two vulnerabilities from the VM image. Critically evaluate each of these vulnerabilities. Your analysis should provide a detailed technical discussion of the identified vulnerabilities. Critically evaluate security techniques to mitigate each of the vulnerabilities.

Part three: How could you clear your tracks and maintain access to the image provided?
Document the process of how the hacker could have removed evidence of accessing the computer and how they could maintain access. Include the associated tools and techniques with explanations. Explain why you have selected the techniques.

Special Instructions:
1. Understand and synthesise the essential technical and nontechnical components of an ethical hacking methodology;
2. Recognise and analyse the stages an ethical hacker requires to take in order to compromise a Target of Evaluation;
3. Detail the tools and techniques to carry out an ethical hacking methodology on a Target of Evaluation;
4. Critically evaluate a network and system architecture to identify the vulnerabilities and attack vectors. Identify security techniques used to protect the system and data.
5. Avery good:
a) number of vulnerabilities identified and exploited (part one).
b) technical analysis and evaluation of the vulnerabilities, security controls and protection techniques (part two).
c) analysis of how to clear tracks and maintain access to the image provided (part three).
d) understanding of an ethical hacking methodology.
e) academic references and citations (Harvard Referencing not Bibliography).
f) good report provided.
g) Overall, understanding of the tasks demonstrated.

Harvard Referencing Not Bibliography:
Not less than “08”

The attached documents are for are the section one of the work so pls read it and put the pictures in the report whiles writing the report because the image cannot be send. I have been able to find 4 instead of 5 vulnerabilities which the teacher wants as to find. The teacher is more interested in how I got the flags. Please read the codes and you will understand how I got each flag.

Base on these open ports I arrived at the flags in the attached doccuments.

Check the other documents for how I got the “Flags”.


Sample Solution