汇编代写

程序代写 CS代考

M EM ORA ND UM

TO:       Project “WVTjiQj” Agents
FROM:     Agency Director Fry
RE:       OPERATION REVERSING

24 October 2018

This morning our internal servers, while doing some routine
history scans, discovered a newly cataloged executable that had
no tracking data available.  As this raises our Agency’s
security level to orange, your team has been assigned to
determine what this code does.

As new members of the team, let me remind you of a few security
items:
  • The behavior of this executable is unknown – it should NOT be executed before your team determine what it does.
  • Do not share any results with other teams – we suspect that there might be a mole in our organization that allowed this code to mysteriously appear.
  • The executable has been compressed and renamed (WVTjiQj.2334), but some virus detection software may still be able to identify it as a binary or executable file. You may need to issue an exception for this file on your computer. 
    The renamed executable is located on the CourseNotes wiki, under
CSI 2334 F18 Project.  To help in your evaluation of this
threat, each team can avail themselves of the use of a
disassembler (as we have used in class) and any of the freely
available online tools.  Thanks to the reconnaissance efforts of
agency analysts, we have intelligence on the internal structure
of WVTjiQj.2334.  Although not definitive, it is surmised that
this file could be an old game that was lost in the system, it
might be malicious code masquerading as a game, or it might be
both of these (a functioning game with some malicious segments).

    The following information is requested as part of your team’s
final report.

    1. In your report, address the following questions: a. What is the behavior of the executable?

b. Is the executable a simple game, a malicious piece with a game-like wrapper, a combination of both, or neither of these?

  1. If it is a simple game, modify game behavior.
  2. If it is malicious, quarantine the malicious code

    segment(s).

  3. If it is both, do both i. and ii. above.
  4. If it is neither, report on its detailed behavior.

c. What
challenge? How did you divide and conquer this challenge given the resources at your disposal?

approach did your team take in attacking this
  1. What are your team milestones? How will your team ensure you meet those milestones?
  2. As a team, what did you learn from this challenge? What recommendations would you make to new team members coming to the Agency in the future?
  1. Your
    your solution methods in detail. It is appropriate to include a brief summary of what you did, but the bulk of the report should focus on how you approached the problem, why you did what you did. Another agent who reads your report should be able to apply your techniques to any new similar threats, so make sure you document any tools and techniques that you use (describe each one thoroughly, along with its recommended/non-recommended uses and a list of advantages and disadvantages of each). The goal is to save time in the future by avoiding the need for slow and potentially dangerous brainstorming, so make sure your final report includes everything mentioned at the CSI 2334 F18 Project page on the ClassNotes wiki.
  2. As agents-in-training, part of your apprenticeship will include several communication artifacts:

a. Progress Reports, with updated Statement of Work (SoW) as the changes in your team’s specification is updated. These changes must be approved by the Agency Director before changes are implemented. The SoW will be used, in part, to assess the success of your team’s efforts.

final report to the Agency Director should describe
  1. Final Presentation of Findings will be conducted at the end of the training period. See the CSI 2334 F18 Project page on the ClassNotes wiki for details on how this presentation will be assessed.
  2. You will work with your partner to ensure optimum performance and assessment. To this end, you will complete both a formative and a summative evaluation, and you will be assessed on the thought and deliberation going into both of these evaluations.
Final presentations will be conducted on Thursday, November 29,
2018.  All project artifacts (with the exception of the
Summative Peer Evaluation) will be due at the start of lab on
that day.

Related Posts