Task 1: The university is currently using a password- based authentication system to control user access...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
Task 1: The university is currently using a password- based authentication system to control user access to the university's information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system. (25 marks) Identify the most critical 5 (Five) components of the university's information system - the critical information assets. Identify five (5) threats the BYOD policy may bring to the identified critical assets. Identify potential vulnerabilities (at least one) of each asset against the identified threats. . Assess the risk to the university's information system using either a quantitative or qualitative risk assessment approach and document the risk assessment process. Do the cost benefit analysis for 2 years to recommend at least one (1) security measure againt each assest to mitigate the risk indentifed. Task 2: You have identified that Spamming is among the top cybersecurity threats faced by the university. Use the Spam Act 2003 and available online resources to develop a guideline for university students and staff to combat the threat. (16 marks) . Definition of spam and its distinctive characteristics. At least three (3) real examples of spam, show the spam characteristics. An instruction to the users on how to recognise and safely handle spam. An instruction to the IT administrator on how to minimize the spam threat. Task 3: Investigate and document the Australian legal requirements that SCU will need to comply with. (16 marks) What would be the consequence(s) for non- compliance for SCU? What is ethical behaviour and what ethical considerations may SCU have in their sector? What is the distinction between ethical behaviour and illegal behaviour? How does ethical behaviour relate to security positions within the SCU organization? Your report should have correct grammar and spelling: Well supported Arguments; Cite all reference sources (3 marks). Submission Format: There is no report template for this assignment. However, the report should be well presented in a standard report format (refer to online resources) and you must make use of adequate in-text references throughout your entire report. The report should be a minimum of 2000 words. Be creative in how you chose to communicate your findings. The report does not have to be a large collection of paraphrased text. Diagrams and tables are much more effective ways of communicating an idea or concept. The first page of the report should have your name, student ID, ISYS1002 Assignment 2, and the date you submit your assignment. When you have completed the assignment, you are required to submit your assignment in PDF/DOC format. The file will be named using the following convention: Filename= FirstinitialYourLastName_ISYS1002_A2.pdf (i.e. Falaei ISYS1002_A2.pdf) Marking Criteria: The rubric for this assignment is available on the MySCU site and will give the criteria for marking. The difference between a "Pass" and higher grades will be based on how much you look at the whole Task 1: The university is currently using a password- based authentication system to control user access to the university's information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system. (25 marks) Identify the most critical 5 (Five) components of the university's information system - the critical information assets. Identify five (5) threats the BYOD policy may bring to the identified critical assets. Identify potential vulnerabilities (at least one) of each asset against the identified threats. . Assess the risk to the university's information system using either a quantitative or qualitative risk assessment approach and document the risk assessment process. Do the cost benefit analysis for 2 years to recommend at least one (1) security measure againt each assest to mitigate the risk indentifed. Task 2: You have identified that Spamming is among the top cybersecurity threats faced by the university. Use the Spam Act 2003 and available online resources to develop a guideline for university students and staff to combat the threat. (16 marks) . Definition of spam and its distinctive characteristics. At least three (3) real examples of spam, show the spam characteristics. An instruction to the users on how to recognise and safely handle spam. An instruction to the IT administrator on how to minimize the spam threat. Task 3: Investigate and document the Australian legal requirements that SCU will need to comply with. (16 marks) What would be the consequence(s) for non- compliance for SCU? What is ethical behaviour and what ethical considerations may SCU have in their sector? What is the distinction between ethical behaviour and illegal behaviour? How does ethical behaviour relate to security positions within the SCU organization? Your report should have correct grammar and spelling: Well supported Arguments; Cite all reference sources (3 marks). Submission Format: There is no report template for this assignment. However, the report should be well presented in a standard report format (refer to online resources) and you must make use of adequate in-text references throughout your entire report. The report should be a minimum of 2000 words. Be creative in how you chose to communicate your findings. The report does not have to be a large collection of paraphrased text. Diagrams and tables are much more effective ways of communicating an idea or concept. The first page of the report should have your name, student ID, ISYS1002 Assignment 2, and the date you submit your assignment. When you have completed the assignment, you are required to submit your assignment in PDF/DOC format. The file will be named using the following convention: Filename= FirstinitialYourLastName_ISYS1002_A2.pdf (i.e. Falaei ISYS1002_A2.pdf) Marking Criteria: The rubric for this assignment is available on the MySCU site and will give the criteria for marking. The difference between a "Pass" and higher grades will be based on how much you look at the whole
Expert Answer:
Related Book For
Database Systems Design Implementation and Management
ISBN: 978-1337627900
13th edition
Authors: Carlos Coronel, Steven Morris
Posted Date:
Students also viewed these computer network questions
-
List three specific parts of the Case Guide, Objectives and Strategy Section (See below) that you had the most difficulty understanding. Describe your current understanding of these parts. Provide...
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
A job order cost accounting system is fully integrated into the general ledger of a company. Identify the major general ledger accounts used in a job order cost system. Explain how manufacturing...
-
The equation given below 1/do + 1/di = 1f is called the Gaussian form of the thin-lens equation. The drawing shows the variables do, di, and f. The drawing also shows the distances x and x', which...
-
Assume you are Latisha and you will write a proposal to Jeff asking that Eastmond develop a stress management program. You can use any of the facts she has discovered and even search for some online...
-
Refer to the Arctic Springs Filtration Department Data Set. Complete Steps 3 and 4 of the process costing procedure: Summarize total costs to account for and then compute the cost per equivalent unit...
-
For each lettered space in the following table, determine the appropriate dollar amount: Total Quantity of Fixed Average Output, Cost Fixed Total Variable Variable Cost Total CostMarginal...
-
Show work in terms of time lines or formulas ( No Excel) 4. A investment project generates the following incremental cash inflows over the next 5 years, C = $1.5 million, C = $1.3 million, C3 = $1...
-
Graph the function. Determine the symmetry, if any, of the function. OA No symmetry + O B. Symmetric about the origin 1 3 OC. Symmetric about the y-axis Q OD Symmetric about the origin +
-
Discuss the possible characteristics and profile of a person who commits occupational fraud. Then further discuss how behavioral red flag indicators of fraud can be used to detect and prevent...
-
Sampson & Laub argue that childhood antisocial behavior (juvenile delinquency, temper tantrums, conduct disorder) can be linked to problematic adult behaviors, such as deviance, unstable marriages...
-
Problem 21-5 Statement of cash flows; direct method [LO21-3, 21-8] Comparative balance sheets for 2018 and 2017 and a statement of income for 2018 are given below for Metagrobolize Industries....
-
Defence lawyers are always eager to prove lack of malice (i.e., that harm was not intended). Not only may it be necessary for a defence, but it can also affect the amount of damages if they lose the...
-
A polyethylene film 0.15 mm thick is being considered for use in packaging a pharmaceutical product at 30 C. If the partial pressure of O2 outside is 0.21 atm and inside the package it is 0.01 atm,...
-
What is the expected return on this portfolio? Expected Return 11% Stock Number of Shares Stock Price A 300 $22 16% 100 $65 7 400 $15
-
Keating & Partners is a law firm specializing in labour relations and employee-related work. It employs 25 professionals (5 partners and 20 managers) who work directly with its clients. The average...
-
Protecting data security, privacy, and integrity are important database functions. What activities are required in the DBA's managerial role of enforcing these functions?
-
As a discipline As a discipline, data visualization can be studied as _a group of visual communication techniques used to explore and discover data insights by applying: pattern recognition, spatial...
-
Briefly explain the concepts of information engineering (IE) and information systems architecture (ISA). How do these concepts affect the data administration strategy?
-
We are a global, science-led biopharmaceutical business. Return to shareholders Revenue from the sale of our medicines generates cash flow, which helps us fund business investment. It also enables us...
-
A hydrogen-oxygen fuel cell operates at a temperature of \(450 \mathrm{~K}\) and the reactants and products are all at a pressure of 3 bar. Due to internal resistances the emf of the cell is only...
-
Oxfams purpose is to help create lasting solutions to the injustice of poverty. As stated in its Memorandum of Association, the objects for which Oxfam is established for the public benefit are: to...
Study smarter with the SolutionInn App