Assignment 1 (5%)
Submission Deadline: 10 October 2015 (Postponed to 14 Oct 2015)
You have already performed vulnerability scanning using Nessus at the 2 servers
(web server VM and database server VM) during lab session week 3. There should
be "Critical vulnerabilities" being identified in Nessus report.
For this assignment, it is assumed that you are the IT Security Consultant to compose
a vulnerability scanning report for IT support team to rectify the identified
vulnerabilities from the scanning results of the two machines.
As IT security consultant, you will have to review, report Nessus results and verify
if the vulnerability is correct together with the rectification method before it
could be reported.
The report can be written in Word or spreadsheet format. The report should be easy
for IT support team to understand and read the document.
Refer to the Home Work Assignment 1 Lab Sheet for more details.
Assignment 2 (10%)
Submission Deadline: 30 October 2015 (HARD DEADLINE!!!!)
In week 6, you will have to develop and implement a web application based on PHP,
Javascript. You will have to continue developing the web application from Task 5
onwards.
There are program codes that you need to develop yourself as in week 6 class.
For implementation details, please refer to the week 6 lab sheet.
Important Notes:
- Please use your student number as filename (e.g. 12345678.zip)
- Please use ZIP format
- Please add all subfolders and files of your website to the zip file
- Do NOT need to include the database content in the zip file
- Do NOT include your mobile application
Assignment 3 (15%)
Submission Deadline: 20 November 2015
In week 8 and 9, you should have learnt how to perform web application scanning and
testing on some pre-defined web applications.
In week 6 and home work assignment 2, you have implemented a web application. In
this assignment, you will have to perform the web application test at your
implemented web application and provide web application vulnerability testing
report.
A report template is provided.