59996 – Unit CybersecurityUnit code CMP71001Assignment 2 Security

SOLUTION AT Australian Expert Writers

Unit CybersecurityUnit codeCMP71001 2 Security consultation report and guideline.Due DateLearning 25th of September 2020 ,11:00 PmOutcomesGraduate 3 – 6Attributes 3, 4 & 5Weight 30% of overall unit assessmentSuggestion This is developmental and cumulative. You are strongly advised to start doing this from the date it become available. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit.Marks A marking scheme will be posted on MySCU to help you direct your efforts successfully.Task DescriptionYou are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the threats the university is facing. Your tasks are the following:• Task 1: your team has identified webserver, student Information database, AI lab as the most critical assets for the university. You need to provide a risk table (a template given) for these assets.• Task 2: After the assessing the risk you suggest the university to replace the current password-based authentication scheme with a Certificate-Based Authentication. To justify your suggestion, explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.• Task 3: You have identified Spamming is among the top cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to a guideline for the university students and staff to combat with the threat. The guideline will include the following:o Definition of spam and its distinctive characteristics.o At least three (3) real examples of spams showing the spam characteristics. o Instruction to the users of how to recognise and safely handle a spam.o Instructions to the IT administrator of how to minimize the spam threat.Assignment-2 guidelineTask 1: risk assessmentTo complete this task, use the following guidelines: The most critical assets are Identified for you so you do not need to list more assets.• Identify 3 potential vulnerabilities and associated threats for each asset. do a and make sure the vulnerabilities and threats are specific and related to the asset.• Assess the risk to the university’s information system using a semi-quantitative risk assessment approach and document the risk assessment table as shown in the example below• of two are carefully chosen to mitigate each risk correctly • Top 3 risks should be highlightedFor this task the table should have following format for risk assessment table with the headings.Asset Vulnerability & threat Likelihood Risk Control(safeguard)Student Info DB lack of proper access control could lead to unauthorised access by maliciousintruder/hacker 4 3 12(major) • proper privilege scheme like RBAC• renaming/disabling the default admin user and password• creating and implementing least privilege policy fordatabase usersYou can use the suggested risk matrix as below.Figure 1: sample risk matrix, obtained from https://www.project-risk-manager.com/blog/qualitative-and-quantitativerisk-analysis/Task 2: Certificate-based AuthenticationTo complete this task, use the following guidelines:• Perform necessary to understand the working principle, pros and cons of the Certificate-based Authentication mechanism. Document all reference sources.(no more than 500 )• Explain the working principle of the Certificate-based Authentication mechanism. Compare the certificate-based authentication against the password-based authentication and highlight the features you think are useful for combating some of the threats from previous task. (no more than 500 )• Note that you are not allowed to cut and paste from online resources. Use your own and figures. Acknowledge all reference sources.Task 3: Anti-spam guidelineTo complete this task, use the following guidelines:• Read and understand Spam Act 2003. The Spam Act 2003 document is available at: https://www.legislation.gov.au/Details/C2016C00614. The Act will help you to define what type of electronic messages should be treated as spams, what are the distinctive characteristics of a spam and what act is considered as spamming?(no more than 200 )• Search for 3 representative examples of spams or use your own spams as examples. (no more than 200 )• Use samples from reputable online resources to help you with the development of spam handling instructions. The instructions should be clear, concise and precise.(no more than 200 )Presentation:The report must have a cover page, table of content, introduction and must follow proper formatting and referencing method. It Is important that you choose right choice of vocabulary and grammar.Assignment-2 Marking GuideFollowing table helps you to itemise exactly what tutors will be looking at in relation to marking your assignment. It contains a detailed breakdown of the marking criteria for this assignment. I strongly suggest you peruse this spreadsheet.Criteria Marks Mark breakdownTask1 13.5minimum 3 vulnerabilities& associated threats per asset identified 4.5The risk is calculated correctly and top three risks are highlighted 4.5two controls(safeguards) per risk are elaborated 4.5Task 2 8.5Clearly explains the working principle of the certificate-based authentication. Using a diagram 2.5list pros and cons of Certificate based authentication (at least 3 Pros and 3 Cons) 2.5Compare and contrast the certificate-based authentication and password-based authentication. 2.5Quality of references 1Task 3 6Correctly identify the characteristics of a Spam and Spamming act. 2Provide three representative examples of Spams 2Spam handling policy 2PresentationThe work should follow proper formatting, it must have a cover page, TOC and introduction. 2 2Total 30Submission Format and Instructions:When you have completed the assignment, you are required to submit your assignment in the PDF/DOC format. The file will be named using the following convention:filename = FirstInitialYourLastName_CMP71001_A2.pdf (i.e. FJones_CMP71001_A2.pdf)The final work must be submitted to two links under assignment two folder on MySCU. One link Is for grading and one link Is for checking your work for similarity rate. the similarity rate must be below 20%.Note to IBS students: Please check with your local lecturer/tutor the submission requirements for your assignments. Typically, they will be different from on-shore students of Southern Cross University.Original workIt is a University requirement that a student’s work complies with the Academic Policy, Chapter 4.20 on Student Academic Integrity. It is a student’s responsibility to be familiar with the Policy.Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Chapter 4.20 on Student Academic Integrity at the following website:http://www.scu.edu.au/governance/academicboard/policy/As part of a University initiative to support the development of academic integrity, assessments may be checked for plagiarism, including through an electronic system, either internally or by a plagiarism checking service, and be held for future checking and matching purposes.Retain duplicate copyBefore submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy.School Extension PolicyIn general, I will NOT give extension unless where there are exceptional circumstances. Students wanting an extension must make a request at least 24 hours before the assessment item is due and the request must be received in writing by the unit assessor or designated academic. Extensions within 24 hours of submission or following the submission deadline will not be granted (unless supported by a doctor’s certificate or where there are exceptional circumstances – this will be at unit assessor’s discretion and will be considered on a case by case basis). Extensions will be for a maximum of 48 hours (longer extensions supported by a doctor’s certificate or alike to be considered on a case by case basis).A penalty of 5% of the total available grade will accrue for each 24-hour period that an assessment item is submitted late. Therefore, an assessment item worth 20 marks will have 1 marks deducted for every 24-hour period and at the end of 20 days will receive 0 marks.Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied until the specified submission guidelines are followed.Marks and FeedbackAll assessment materials submitted during the semester will normally be marked and returned within two weeks of the required date of submission (provided that the assessment materials have been submitted by the due date).Marks will be made available to each student via the MySCU Grade book.

Order from Australian Expert Writers
Best Australian Academic Writers