Describe the basic methods that ethical and malicious hackers use to compromise computer systems.
Performance Criteria
(a) Describe current methods used to compromise computer systems.
(b) Describe the potential dangers of cyber-attacks to personal devices.
(c) Describe safety measures that can be taken to protect personal devices.
(d) Use basic hacking terminology correctly.
Outcome 3
Apply basic hacking methods to compromise computer systems in a controlled environment.
Performance Criteria
(a) Select basic features of software that could be used for hacking with guidance.
(b) Apply basic features of software that could be used for hacking with guidance.
(c) Use current methods to defend a computer system in a controlled environment.
(d) Use current methods to attack a computer system in a controlled environment.
(e) Practical activities are carried out in familiar contexts with guidance.
Level 5
eh5outcome
eh5PC
Level 5 outcomes and performance criteria
Outcome 1
Describe current tools and techniques used by ethical and malicious hackers to compromise computer systems.
Performance Criteria
(a) Describe the phases of an ethical hack and a malicious cyber-attack.
(b) Describe different computer tools and techniques that could be used to compromise computer systems.
(c) Describe different social engineering tools and techniques that could be used to compromise computer systems.
Outcome 2
Explain current legislation relating to computer crime and hacking.
Performance Criteria
(a) Explain the contemporary legislation relating to computer crime.
(b) Explain the contemporary legislation relating to hacking.
(c) Explain the use of a simple framework for engaging in penetration testing activities that protects organisations and individuals from prosecution.
(d) Explain the use of a simple framework for engaging in penetration testing activities that protects organisations and individuals from loss of confidentiality, integrity and availability of computer systems.
Outcome 3
Perform a routine penetration test on a computer system within a controlled environment.
Performance Criteria
(a) Identify the scope of a routine penetration test on a computer system.
(b) Perform reconnaissance on a penetration test scenario’s footprint.
(c) Perform scanning and enumeration on a penetration test.
(d) Perform vulnerability scanning on a penetration test.
(e) Identify the risks, threats and vulnerabilities that have been exposed by the penetration test.
(f) Communicate the results of the penetration test.
(g) Maintain professional and ethical standard throughout all phases of a penetration test.
Level 6
eh6outcome
eh6PC
Level 6 outcomes and performance criteria
Outcome 1
Analyse current trends in cybercrime.
Performance Criteria
(a) Describe real life historical and contemporary examples of cybercrime.
(b) Compare historical and contemporary threats in cybercrime.
(c) Compare historical and contemporary techniques deployed by malicious individuals, groups and nations.
(d) Explain changes in professional and ethical approaches in relation to cybercrime.
Outcome 2
Evaluate contemporary legislation relating to cybercrime.
Performance Criteria
(a) Describe contemporary legislation relating to cybercrime.
(b) Critique contemporary legislation relating to computer crime.
(c) Identify potential omissions in current legislation relating to cybercrime.
(d) Identify potential ethical threat caused by current legislation including threats to personal privacy and political freedom.
(e) Use legal and technical terminology relating to cybercrime correctly.
Outcome 3
Perform a complex penetration test on a computer system in a controlled environment.
Performance Criteria
(a) Scope a given system or web based penetration test.
(b) Conduct target information gathering reconnaissance.
(c) Use a range of hacking tools and techniques to demonstrate system or web based security vulnerability testing.
(d) Conduct system or web based vulnerability exploit attacks.
(e) Identify the risks, threats and vulnerabilities exposed by a penetration test, and how an attacker may leverage them.
(f) Communicate the results of the penetration test including basic remediation procedures.
(g) Maintain professional and ethical standard throughout all phases of a penetration test.
eh6 evidence task
elements
EoU test
LO 1, 2
SOLAR multiple choice
coursework LO 3
complex pentest
penetration testing agreement, learner’s final report, observation checklist
eh6 coursework
Assessment instructions
You should carry out a complex penetration test based on a scenario within a controlled environment.
Pentest Activity
You should identify and perform the following:
Scope a given system or web based penetration test.
Conduct target information gathering reconnaissance.
Use at least 3 hacking tools and techniques to demonstrate system or web based security vulnerability testing.
Conduct system or web based vulnerability exploit attacks.
Report:
Identify the risks, threats and vulnerabilities exposed by a penetration test, and how an attacker may leverage them.
Communicate the results of the penetration test including basic remediation procedures.
Maintain professional and ethical standard throughout all phases of a penetration test.
The steps you take performing the procedures are to be recorded on the observation checklist which will be carried out by the assessor.
Scenario
Background
Q_Industries are a Multi-national digital equipment manufacturing company, with a main headquarters in Edinburgh, Scotland. They design, develop and build digital equipment for both business and military use.
Due to the sensitive nature of some of the equipment under development, Q_Industries want only the research and development section of the business to be penetration tested to test for any vulnerabilities that may exist.
They wish to keep this investigation internal to the company and obviously do not wish any potential suspicious activity to be leaked for fear of bad publicity. To this end, they have asked you to draft a penetration test scope agreement which includes a non-disclosure agreement.
Note that you must NOT test anything outwith the agreed penetration test scope.
Penetration testing
You have been employed as a penetration tester by Q_Industries to perform an authorised penetration test which will test the security of a portion of their network. This portion is the research and development section of the business only.
You should carry out the following main tasks;
Information gathering reconnaissance using publicly available information from business records, WHOIS information, social media, ‘google site:’ information etc.
Pentest: use industry standard tools to:
undertake security vulnerability testing
undertake vulnerability exploit attacks
identify the risks, threats and vulnerabilities exposed by the penetration test
The results should be collated in a report (which should have a minimum of 800 words) to cover the five main areas below.
Penetration test scenario and your role.
The reasons for carrying out the routine penetration test and any laws associated with performing the test.
Outputs from the complex penetration test.
Detail any risks and vulnerabilities and how an attacker might leverage them.
Suggest basic remediation.
Report
Your report must include screenshots and/or recordings of your findings of any threats and vulnerabilities.
Pentest Agreement
Before any testing is carried out the penetration tester (you) and the managing director of Q_Industries John Smith should agree and sign off the rules of engagement in a Penetration Test Agreement. (This will form part of your report).
This will define which area of the network you are allowed to attack and within that area how far you are allowed to go, eg you may be allowed to access directories but do not access or delete files. You may create files and delete these files only. A sample Penetration Test Agreement has been provided for you, please edit as required.
Penetration Test Agreement
This agreement is made as of INSERT DATE HERE (in the format DD/MM/YYYY) By and between: INSERT NAME HERE, located in FULL ADDRESS; hereafter referred to as ‘INSERT NAME HERE’ and Q_Industries, located in Edinburgh, Scotland; represented by John Smith, hereafter referred to as the ‘customer’.
With regard to the Penetration Test, the customer hereby acknowledges and agrees:
1 That INSERT NAME HERE will perform a Penetration Test – Which will consist of a partially automated test that will attempt to remotely identify security vulnerabilities and/or any software misconfiguration – on one or more computer systems owned and/or operated by the customer.
2 That the customer has the legal right to subject the designated computer system to the aforementioned Penetration Test and that if it is not the owner of the computer system it has obtained such right from the legal owner of the system.
3 Not to hold INSERT NAME HERE liable for any indirect, special, incidental, or consequential damage, which will include but not be limited to loss of business, revenue, profits, use, or data, however it may arise.
4 That it has the sole responsibility for adequate protection and backup of data and/or equipment used in connection with this Penetration Test and will not make a claim against INSERT NAME HERE for lost data, backup restoration time, inaccurate output, work delays or lost profits resulting from the Penetration Test.
5 That INSERT NAME HERE will not divulge any information about the customer's network it received as a result of this Penetration Test. All results are confidential and belong to the customer.
6 That it should recognise that the results of this test will provide a reasonably accurate view of the current security level of the tested computer system(s), INSERT NAME HERE can not be held responsible if the Penetration Test fails to discover certain security or configuration issues on the target computer system(s).
7 The customer’s systems will respond in a normal fashion when they detect the Penetration Test in its firewall logs, alert systems, etc as it would do in the case of a real security penetration; this is so that it will not distort the results of the test. However, the customer agrees not to notify legal or public authorities of this penetration.
The customer requests INSERT NAME HERE to perform the Penetration Test on the following IP address(es) under the aforementioned conditions:
DEFINE SCOPE OF SYSTEMS TO BE TESTED HERE.
INSERT NAME HERE will inform the customer of the Penetration Test originating IP address.
Signed for and on behalf of INSERT NAME HERE,
Signed for and on behalf of the customer, Company legally binding signature required.
Environment profile
Learners could carry out the following complex penetration test procedures.
Scope a given system or web based penetration test.
Conduct target information gathering reconnaissance.
Use a range of hacking tools and techniques to demonstrate system or web based security vulnerability testing.
Conduct system or web based vulnerability exploit attacks.
Identify the risks, threats and vulnerabilities exposed by a penetration test, and how an attacker may leverage them.
Communicate the results of the penetration test including basic remediation procedures.
Maintain professional and ethical standard throughout all phases of a penetration test.
The complexity could be evidenced by: only testing a pre-defined area of the network
when vulnerabilities are found exploits should be carried out such as:
escalating to administrative access,
creating local administrator privileges,
using the compromised machine as a pivot point to target previously inaccessible machines within the network,
running a malicious payload
Task evidence
Scope a given system or web based penetration test.
Conduct target information gathering reconnaissance.
Use a range of hacking tools and techniques to demonstrate system or web based security vulnerability testing using a minimum of three tools.
Conduct system or web based vulnerability exploit attacks.
Identify the risks, threats and vulnerabilities exposed by a penetration test, and how an attacker may leverage them.
Communicate the results of the penetration test including basic remediation procedures.
Maintain professional and ethical standard throughout all phases of a penetration test.