Module Code

Staffordshire University, UK

COCS71153 Cyber Operations (on-

campus) individual coursework, Sem 1
Table of Contents
1 Coursework details ...................................................................................................... 1

2 Notes on Plagiarism ..................................................................................................... 1

3 Submission requirements ............................................................................................ 1

4 Introduction................................................................................................................. 2

5 Part A: The research, 2000 words ................................................................................ 3

6 Part B: Network packet analysis using Wireshark, 1000 words .................................... 3

7 Marking criteria ........................................................................................................... 3

1 Coursework details
• Contact: Mohammad S. Hasan

• Assessment weight: 100%

2 Notes on Plagiarism
• Your report must have citations and the references should be in Harvard style. You
are recommended to use a referencing tool e.g. Mendeley, Zotero etc.

• You are expected to explain the concepts in your own words or rephrase and avoid
quotes. You are referred to the University’s regulations on plagiarism available at
http://www.staffs.ac.uk/assets/academic_misconduct_tcm44-26770.pdf

• If the Turnitin system detects plagiarism, it will be reported to the school and
appropriate actions will be taken.

3 Submission requirements
1. The deadline is published on the Blackboard.

Mohammad S. Hasan Page 1 of 4

 Module Code
Staffordshire University, UK

2. Your report
a. Your report can be of up to 3000 words. However, you have a flexibility of
+10% and any further words will be ignored i.e. NOT marked. To improve the
document readability and reduce the number of words, you can use graphs,
figures etc. Word count guidance is available at
https://askus.staffs.ac.uk/academicskills/faq/252665
b. The report should be structured and should have a title page containing the
title of the coursework, student name, student ID etc., table of contents
(ToC), defined sections, diagrams, references, page numbers etc. Text font
size, image or diagrams must be readable. Margins must be sufficiently wide
to allow the work to be read easily.
c. Report submission through the Turnitin system ONLY. Turnitin system will
NOT accept submission after the deadline.
d. Paper submission or handwritten report / element will be ignored i.e. NOT
marked. Text, code etc. inserted as image will be ignored i.e. NOT marked.
e. An editable source file e.g. Microsoft docx MUST be submitted. Non-editable
source file e.g. PDF is NOT allowed. Do NOT attempt to submit other file
formats e.g. zip as these file formats might NOT be recognised by the Turnitin
system.
f. You will be allowed to upload ONLY once to the Turnitin system. Therefore,
please make sure that your coursework is free of plagiarism and you are
uploading the correct version.
g. It is strongly recommended that you attempt to submit bit early to avoid any
technical difficulty or missing the deadline.
3. Your simulation, if applicable
a. If you need to upload a simulation e.g., Packet Tracer, Riverbed, Qualnet etc.,
it must be uploaded to the Blackboard using a separate link.

4 Introduction
You have applied for a job as a Cybersecurity Operations Analyst. You have just passed the
first stage of the interview. The second stage will test your research and network packet
analysis skills based on a report using Wireshark as explained below. Your report should
have the following sections.
1. Title page
2. Clear heading for each section
3. Citations and references
a. At least 10 references

Mohammad S. Hasan Page 2 of 4

 Module Code
Staffordshire University, UK

b. Presence of proper citation in the report body and references at the end of
the report.

5 Part A: The research, 2000 words

You have been asked to research on the common types of cyber attacks and their controls
to reduce the risk or impact. See section 7 for further details and marking criteria.

6 Part B: Network packet analysis using Wireshark, 1000

words
Blackboard has a Wireshark file containing some pre-captured network frames. You will
have to analyse that file and include your findings in the report. The tool that you will be
using to examine the file is the Wireshark network protocol analyser which is a free tool and
available from https://www.wireshark.org/. See section 7 for further details and marking
criteria.

7 Marking criteria

Mohammad S. Hasan Page 3 of 4

 Module Code
Staffordshire University, UK

Part
Criterion # Description Mark
Man-in-the-middle (MITM) attack: explain the attack and possible
1A control mechanisms. 10
Denial-of-Service (DoS) attack: explain the attack and possible
2A control mechanisms. 10
SQL injection attack: explain the attack and possible control
3A mechanisms. 10
Zero-day exploit attack: explain the attack and possible control
4A mechanisms. 10
DNS tunneling attack: explain the attack and possible control
5A mechanisms. 10
Methodology: explain the steps you have taken to analyse the
given Wireshark file based on the hosts, traffic etc. This could be
presented as a table or flowchart showing various aspects e.g.
6B syntax for filters, expected results etc. 10
Network attack 1: show a relevant screenshot from Wireshark and
7B explain the attack. 10
Network attack 2: show a relevant screenshot from Wireshark and
8B explain the attack. 10
Network attack 3: show a relevant screenshot from Wireshark and
9B explain the attack. 10
Network attack 4: show a relevant screenshot from Wireshark and
10 B explain the attack. 10
11 A, B Citation and reference 10
Total 110

Mohammad S. Hasan Page 4 of 4