Professional Documents
Culture Documents
ENH811S Individual Assignment 2024
ENH811S Individual Assignment 2024
Objective
The assignment aims to equip students with the necessary skills to identify vulnerabilities in
IT systems and provide a detailed report of vulnerabilities and recommendations to address
such vulnerabilities. Additionally, to demonstrate skills in securing misconfigured systems and
services of any given organization.
Namibia E-Commence Pty Ltd has an Apache web server that they have envisioned to host
their company's official websites. Currently, the system administrator has set up the server
and installed the required Apache webserver services. Before installing WordPress Content
Management System that will run their official website, the Company would like you to assess
the current Apache configuration, discover the misconfiguration/vulnerabilities and harden
the Server. Compile a report that documents all the misconfigurations found and details all
the steps you followed to harden the Apache server. Include all the commands used and the
screenshot as evidence.
Guidelines Assessment of the Report
None Some with little Some with added effort Average Above average Commendable Outstanding
effort
Scope Scope not Some effort on Added effort on Scope somehow Outlined Above-average effort Some commendable Exceptional outline
(10 Marks) identified or outline the scope, outlining the scope. and somehow adhered to on outlining and effort on the of the scope and
defined but not adhered to (3-4) (5-6) adhering to the scope. presentation of the assignment was
(0) (1-2) (7-8) scope, and adherence done according to
to the scope. (9) the scope.
(10)
Structure The structure is Some information Added information is Moderate information Added information Commendable The structure
(20 Marks) not relevant. was included but included in the report, was presented. presented in the information was resembles a modern
(0-3) poorly done. but still lacks adequate (10-11) structure of the presented. Penetration Test
(4-6) information. report. (15-17) Report and features
(7-9) (12-14) all relevant
information.
(18-20)
Presentation of No vulnerabilities Some vulnerabilities Vulnerabilities are Vulnerabilities presented Vulnerabilities Vulnerabilities Vulnerabilities
vulnerabilities presented. are presented, but presented according to according to instructions, Presented according presented according presented according
(30 Marks) (0) out of scope. or instructions, some average effort on proof of to instructions, above to instructions, a to instructions,
failed to provide effort to provide proof exploit, plus added average effort in commendable effort outstanding
proof of exploit. of exploit, and recommendations. providing proof of in providing proof of presentation on
(1-6) recommendations. (13-18) exploit, and exploit, and proof of exploits as
(7-12) recommendations. recommendations. well as
(19-24) (25-28) recommendations.
(29-30)
Presentation of No, Little Little misconfiguration Average misconfiguration Above average All misconfiguration All misconfiguration
all steps taken misconfiguration misconfiguration identified, some identified, some misconfiguration identified, Hardening identified,
to secure the was identified, identified, some hardening done but not hardening done, sufficient identified, Hardening done sufficient Hardening done all
Webserver and no hardening hardening done but sufficient commands commands and done sufficient commands and the commands and
(40 Marks) was presented not all commands and screenshot screenshot presented commands and screenshot presented, screenshots
(0) and screenshots presented (19-25) screenshot presented, report properly presented, report
presented (11-18) report well structured structured exceptionally
(1-10) (26-28) (30-35) structured
(30-35)