Category: Cyber Security

“””

Title: [Problem Title]

Author: Your Name

Description:

Brief explanation of what the program does.

“””

def solve_problem(input_data):

“””

Function:

Explain what this function does.

Parameters:

input_data (type): Description

Returns:

type: Description

“””

# Step 1: Process input

processed = input_data.strip()

# Step 2: Main logic

result = processed.upper()

return result

if __name__ == “__main__”:

user_input = input(“Enter input: “)

output = solve_problem(user_input)

print(“Result:”, output)

This assignment requires acting as a Managed Security Service Provider (MSSP) analyst and using the ConnectSecure platform to assess the security posture of a company called XYZ Test Company.

The work involves logging into ConnectSecure using the tenant name usf-bellini, reviewing Windows and Mac assets, vulnerability severities (Critical, High, Medium, Low), asset risk scores, vulnerable applications, and network exposure.

The assignment contains 15 questions, which include:

• Comparing vulnerability severity counts between Windows and Mac systems
• Identifying the operating system mix and most vulnerable applications
• Listing the top three highest-risk assets and their vulnerability breakdowns
• Checking for VMware-based assets with vulnerabilities
• Explaining how ConnectSecure assesses internal and dynamic environments
• Identifying vulnerabilities with non-standard scoring approaches
• Prioritizing vulnerabilities based on likelihood of exploitation
• Assessing exposure to HTTP (port 80) and Telnet (port 23)
• Evaluating macOS patch urgency using threat intelligence
• Checking for expired SSL certificates
• Responding to CISA known exploited vulnerabilities
• Identifying end-of-life software
• Assessing ransomware robustness
• Selecting the most urgent Microsoft-related remediation action

Some questions require short explanations and justifications, and one question requires a screenshot from ConnectSecure. No programming, hacking, or reverse engineering is involvedthis is strictly a security analysis and reporting task.

The final deliverable should be clear, well-justified written answers based on the data visible in ConnectSecure.

see rubrics plz

see rubrics plz

– A detailed lab report that should include:

oCode: Copy/Screenshot your code on each tasks

oOutput: Screen shots showing you successfully achieve the attacks. You may also include texts on: the design of your attacks, including the attacking strategies, the packets that you use in your attacks, the tools that you used, etc..

oObservation and Explanation: Is your attack successful? How do you know whether it has succeeded or not? What do you expect to see? What have you observed? Is the observation a surprise to you?

– A detailed lab report that should include:

oCode: Copy/Screenshot your code on each tasks

oOutput: Screen shots showing you successfully achieve the attacks. You may also include texts on: the design of your attacks, including the attacking strategies, the packets that you use in your attacks, the tools that you used, etc..

oObservation and Explanation: Is your attack successful? How do you know whether it has succeeded or not? What do you expect to see? What have you observed? Is the observation a surprise to you?

Many times employers like to see a portfolio of work. Depending on your field of study, this could take many different forms. This is the first part of a 3 part assignment.

1. Design a Multiphase Portfolio Project
2. Prework Reflection
3. Complete Phase 1 of a Multiphase Portfolio Project.

Design a multiphase project. The project must be an original work of yours. It cannot be used for any previous class or work. The design of your project should:

1. List all tools necessary to complete Phase 1.
2. Verify through the instructor (or other means) that all tools necessary to complete Phase 1 of your project are available to you as a student of CSCC.
3. Research your project. Find other similar projects/products which have been done. You must document how your project will be differentiated from previous similar work.
4. Write an executive summary of your project
5. The required length is 400-600 words (about one page).
6. The target audience is all potential employers in your field of study.
7. Share who you are, what your major is, the kinds of classes you have taken and other projects you have done
8. Share what your project is. How will it be different from other similar projects.
9. If you have multiple deliverables, share why you made some parts more important than others
10. Show how your experience at CSCC relates to the project you chose
11. Write up what the deliverables will be for Phase 1. Your deliverables should be able to be turned in using Blackboard. Weight the importance of each deliverable. Importance levels should add up to 100%.

Fill out the “Completed Assignment” section of the OneNote notebook that you created in a previous unit. You can refer to the sample in the OneNote for an idea on how a completed section will look.

Turn in a publicly available View Only link to your OneNote notebook.

, and don’t forget to test in an Incognito tab.

In this lab, static and dynamic reverse engineering techniques were applied to the RoboAuth executable using tools such as Ghidra and Windows debugging utilities. The purpose of the analysis was to understand how the application validates user input and to identify the mechanisms used to protect or obscure sensitive data such as passwords.

During static analysis, the program structure and memory layout were examined by reviewing the .text, .data, and .rdata sections. Key imported functions such as scanf, strcmp, and puts were identified as part of the input-handling and validation process. The control flow revealed that user input is collected using scanf and then compared against an internally stored value using strcmp. A successful comparison results in the program printing a success message indicating that the first authentication level has been passed.

Further analysis showed that the program does not store all authentication data in plain text. Instead, certain values are referenced indirectly through pointers or are processed at runtime, demonstrating a basic anti-reverse engineering technique. This design makes it more difficult to extract sensitive information through simple string inspection alone.

Overall, this exercise provided hands-on experience with executable analysis, function tracing, and understanding how common C runtime functions are used in authentication logic, while also highlighting simple countermeasures against reverse engineering.

This assignment requires acting as a Managed Security Service Provider (MSSP) analyst and using the ConnectSecure platform to assess the security posture of a company called XYZ Test Company.

The work involves logging into ConnectSecure using the tenant name usf-bellini, reviewing Windows and Mac assets, vulnerability severities (Critical, High, Medium, Low), asset risk scores, vulnerable applications, and network exposure.

The assignment contains 15 questions, which include:

• Comparing vulnerability severity counts between Windows and Mac systems
• Identifying the operating system mix and most vulnerable applications
• Listing the top three highest-risk assets and their vulnerability breakdowns
• Checking for VMware-based assets with vulnerabilities
• Explaining how ConnectSecure assesses internal and dynamic environments
• Identifying vulnerabilities with non-standard scoring approaches
• Prioritizing vulnerabilities based on likelihood of exploitation
• Assessing exposure to HTTP (port 80) and Telnet (port 23)
• Evaluating macOS patch urgency using threat intelligence
• Checking for expired SSL certificates
• Responding to CISA known exploited vulnerabilities
• Identifying end-of-life software
• Assessing ransomware robustness
• Selecting the most urgent Microsoft-related remediation action

Some questions require short explanations and justifications, and one question requires a screenshot from ConnectSecure. No programming, hacking, or reverse engineering is involvedthis is strictly a security analysis and reporting task.

The final deliverable should be clear, well-justified written answers based on the data visible in ConnectSecure.