Artefacts
Group work results
The preparations of the group work and seminar tasks:
Seminar 1: Team Contract
Seminar 2: DREAD Rating
Seminar 3: Practical team activity
Seminar 3: TCP/IP vs ISO/OSI 7-layer Model discussion notes
Seminar 4: Rating of penetration testing tools
Seminar 5: Security Standards
Seminar 6: Data Breach case study
Seminar 7: Debate Vote
Collaborative Discussion 1
The topic of the collaborative discussion were the major threats and vulnerabilities and how to mitigate against these in medical devices, especially under the aspekt of the development of the Internet of Medical Things (IoMT). The discussion was based on the paper: Glisson, W., Andel, T., McDonald, T., Jacobs, M., Campbell, M. & Mayr, J. (2015) Compromising a Medical Mannequin. Healthcare Information Systems and Technology (Sighealth).
Initial Post
Peer Response 1
Peer Response 2
Peer Response 3
Received Response 1
Received Response 2
Received Response 3
Received Response 4
Received Response 5
Summary Post
Collaborative Discussion 2
The subject of the collaborative discussion was the results of the practical scan activity in which a website was examined with the help of basic troubleshooting tools.
Initial Post
Peer Response 1
Peer Response 2
Received Response 1
Received Response 2
Received Response 3
Summary Post
Collaborative Discussion 3
The collaborative discussion dealt with specific aspects of the General Data Protection Regulation (GDPR) in relation to case studies. The circumstances under which companies could have made themselves liable to prosecution were examined. For this purpose, the GDPR was examined in order to apply the regulations to the respective case studies.
Initial Post
Peer Response 1
Peer Response 2
Received Response 1
Received Response 2
Received Response 3
Received Response 4
Summary Post
E-Portfolio Activity
An analysation of the Derbian-based digitial forensic and penetration testing Linux distribution Kali Linux, as well as a comparison of our own determined assessments of penetration testing tools with the results of a comparative study of penetration testing tools by Bhingardeve & Franklin (2018) and a reflective evalutation of usage of the Nessus Vulnerability Scanner and Kali Linux.
E-Portfolio Activity document
Kali Linux scanning exercise
An investigation of the website loadedwithstuff.co.uk using Kali Linux and its tools. Information about the web server, open ports of the website, protective mechanisms such as firewalls and the software used and its version were determined.
Kali Linux scanning exercise
More tests carried out
OWASP-ZAP scan result
Brute force attempts
Assessment 1 - Design Document
Task of this assessment was an analyse of the appropriate governing body and associated regulations of an e-commerce website. Possible security vulnerabilities based on the regulations and potential mitigations and recommendations which could reduce the risk were discussed.
Design Document
Peer review
Assessment 2 - Executive Summary
The Executive Summary deals with an examination of the security aspects and vulnerabilities of the e-commerce website "loadedwithstuff.co.uk" based on standards and regulations concerning the industry. Penetration testing and ethical hacking were carried out as part of the investigations. More results of the site investigation can be found in the "Kali Linux scanning exercise" section.
Executive Summary
Peer review