Skills in applying information security tools

This assessment is designed to assess your technical skills in applying information security tools. In
this assignment, you have to study and apply steganography techniques to embedded data within a
file. In addition, you have to understand Linux file systems and apply access control technologies.
The assessment is also assessing your skills to analyses information security principles against
security techniques including steganography and access control. In completing this assessment
successfully, you will be able to investigate IS security, risk threats and propose the suitable security
controls, which will help in achieving ULO-1, ULO-2, ULO-3, and ULO-4.
Task Specifications
This assessment includes three tasks as follows:

Task-1:
Steganography is the practice of concealing a file, message, image, or video within another file,
message, image, or video. Use Steghide tools available in Kali Linux/Linux to hide a text file that

includes your group students IDs on audio file. You have first to create audio file with no more than
30 second to record your group students IDs only. Then, you have to create text file to include group
details include first and last name for each student in your group. Finally, use Steghide tools (use
security as passphrase) to embedded your text file into the created audio file.
In your report, you have to provide screenshot demonstrate the steps with the commands you
followed during the process of installation of Steghide, and the way use used to hide group
information text file into audio file and finally the steps to extract the text file from audio for
verification of your work.

Task-2:
Access control is granting or denying approval to use specific resources. Technical access control
consists of technology restrictions that limit users on computers from accessing data.
In this task you have to work in a group to understand Access Control List (ACL) and files system
security using Linux environment. You have to complete the followings tasks using kali Linux or any
Linux OS:

1. Fill the following table with the information related to all member of your group:
Sn.
No
APIC Student ID First Name Last Name
1 {Student-ID1} {FirstName-1} {LastName-1}
2
3
Table 1: Group information
2. Create main directory named BIS3004 and set it permission to full access, fill the following
table:
Task Command/s
Create directory named :BIS3004
Set full access to BIS3004 directory
Table 2: Create Directories APIC
3. Create sub directories within BIS3004 directory according to Table-3:
Task Command/s
– Create directory {FirstName-1}
– Set read and write access permission only

– Create directory {FirstName-2}
– Set read access permission only

– Create directory {FirstName-3}
– Set read and execute access permission
only

Table 3: Create Student ID directories
Please note, {FirstName-x} is the first name of the APIC student according to Table-1.

4. Create users, with names according to the group member student IDs for of your group as
shown in Table-4

Task Command/s
– Create user {Student-ID1}
– Write ACL to enable:
1. full permission to {FirstName-1}
2. read and write permission to
{FirstName-2} and
3. read permission only to other
directories.

– Create user {Student-ID2}
– Write ACL to enable:
1. full permission to {FirstName-2}
2. read and execute permission to
{FirstName-1}
3. read permission only to other
directories.

Table 4: Create users
4. Create two groups and fill Table-5:
Task Command/s
– Create group {LastName-1}
– Add {Student-ID1} and {Student-ID2} users
to {LastName-1} group
– Write ACL that {LastName-1} group users
will get full access to {FirstName-1}
directory and read access to {FirstName-2}
directory.

– Create group {LastName2}
– Add ‘{Student-ID2} and {Student-ID3} to
{LastName-2} group
– Write ACL that {LastName-2} group users
will get full access to {FirstName-2}
directory and write and execute access to
{FirstName-1} directory.

Table 5: Create groups
Use the commands available in Linux or Kali Linux to complete the above tables. In your report, you
have to provide screenshot to demonstrate the steps you followed during the process of conducting
the assignment tasks and requirements according to your group details provided in Table-1 (student
ID, first name and last name).
Task-3:
Discuss with clear demonstration, how the steganography and access control techniques that you
conducted in Task-1 and Task-2, respectively, can achieve confidentiality, integrity, and availability
(CIA). You have to provide justification during your discussion.

Submission
1. You must submit a report in word format file include your answers for Task-1, Task-
2 and Task-3 with the required screenshots for Task-1 and Task-2. ALL SCREEN SHOTS
MUST SHOW THE USED PC TASK BAR WHICH SHOW DATE AND TIME. You must
include cover page that include group student ID and full name.
2. You have also to submit the created audio file that embedded your group information text
file for Task-1 (make sure to use: security as passphrase)
The two files must be submitted separately not in single compress file.