{"id":43074,"date":"2021-08-31T22:30:12","date_gmt":"2021-08-31T22:30:12","guid":{"rendered":"https:\/\/papersspot.com\/blog\/2021\/08\/31\/assessmentdescription-answer-all-the-questions-below-youshould-compile-a-well-constructed-formally-written-report-of-no\/"},"modified":"2021-08-31T22:30:12","modified_gmt":"2021-08-31T22:30:12","slug":"assessmentdescription-answer-all-the-questions-below-youshould-compile-a-well-constructed-formally-written-report-of-no","status":"publish","type":"post","link":"https:\/\/papersspot.com\/blog\/2021\/08\/31\/assessmentdescription-answer-all-the-questions-below-youshould-compile-a-well-constructed-formally-written-report-of-no\/","title":{"rendered":"Assessment\nDescription\n\n\u00a0\n\nAnswer all the questions below. You\nshould compile a well-constructed, formally written report of no"},"content":{"rendered":"<p>Assessment<br \/> Description <\/p>\n<p> \u00a0 <\/p>\n<p> Answer all the questions below. You<br \/> should compile a well-constructed, formally written report of no more<br \/> than\u00a02,000 words\u00a0that encompasses industry standards and<br \/> fundamental digital security best practices. The assignment will specify a<br \/> different scenario on which to base the context of your answers. <\/p>\n<p> Whilst your target audience has some<br \/> level of IT knowledge, they have employed you as the subject expert. Answers to<br \/> each question should be provided at a level of technical detail sufficient to<br \/> that target audience in the given scenario. You should apply the knowledge<br \/> gained from the\u00a0lectures, and complement this with your\u00a0own<br \/> research\u00a0in order to demonstrate an understanding of the subject<br \/> material, explaining the technology and how it applies to the context of the<br \/> given scenario, providing suitable examples where appropriate. <\/p>\n<p> \u00a0 <\/p>\n<p> \u00a0Question 1: Computer Misuse<br \/> Act (15 Out of 100) [ ~ 400 words] <\/p>\n<p> \u00a0 <\/p>\n<p> You have just started a new job<br \/> at\u00a0Ruskin University\u00a0as a security specialist.\u00a0Ruskin<br \/> University\u00a0has established a new branch in Ipswich and has hired<br \/> over 200 new members of academic and non-academic staff. The new members of<br \/> staff are hired from different countries with different backgrounds, rules,<br \/> regulations, and security practices. This raises concerns about the security<br \/> awareness of the new personnel and their understanding of digital offences in<br \/> the United Kingdom.\u00a0 As your first task, you have been asked to promote<br \/> the security awareness of your new colleagues by creating an educational<br \/> brochure that outlines the UK Computer Misuse Act 1990. <\/p>\n<p> Your brochure should include the<br \/> following: <\/p>\n<p> Various computer misuse offences under<br \/> CMA with extensive details and examples related to the\u00a0university<br \/> environment. Details of each offence must be adopted and<br \/> reinterpreted for the university environment. <\/p>\n<p> Jurisdiction for computer misuse offences<br \/> under misuse Act. <\/p>\n<p> IMPORTANT: Your solution must be adapted to<br \/> the\u00a0university environment\u00a0and use cases. <\/p>\n<p> \u00a0 <\/p>\n<p> Question 2: Risk<br \/> Assessment (15 Out of 100) [~ 400 words] <\/p>\n<p> \u00a0 <\/p>\n<p> You have been asked to conduct<br \/> both\u00a0quantitative\u00a0and\u00a0qualitative\u00a0risk<br \/> assessments for\u00a0Ruskin University. Describe the steps that<br \/> you must take to conduct risk assessment. Use the following imaginary network<br \/> topology as a baseline to estimate the\u00a0Ruskin University\u00a0digital<br \/> assets (hardware, software) and their average monetary values. Try to<br \/> identify\u00a0THREE\u00a0security threats\u00a0that might<br \/> be critical to Ruskin University digital assets. Form your\u00a0quantitative\u00a0and\u00a0qualitative\u00a0risk<br \/> assessment based on those\u00a0security threats\u00a0and offer<br \/> mitigation plans for each.\u00a0\u00a0\u00a0 <\/p>\n<p> \u00a0 <\/p>\n<p> Figure 1:\u00a0Ruskin University Network Topology <\/p>\n<p> \u00a0 <\/p>\n<p> Question 3:<br \/> Cryptography (20 Out of 100)\u00a0 [ ~ 400 words] <\/p>\n<p> \u00a0 <\/p>\n<p> At Ruskin University, you are<br \/> responsible for safeguarding and protecting the sensitive and personal<br \/> information of students and staff. <\/p>\n<p> 3.1\u00a0Outline how and where\u00a0symmetric\u00a0and\u00a0asymmetric\u00a0cryptography<br \/> can contribute to the security of communications at Ruskin University? (Your<br \/> solution must be technical, and it should be adopted to the University<br \/> environment and use cases. \u00a0Elaborate your solution with examples, provide<br \/> a comparison if required). \u00a0 <\/p>\n<p> 3.2\u00a0Outline the possible\u00a0risks\u00a0and\u00a0attacks\u00a0that<br \/> can be mitigated through various cryptographic frameworks? \u00a0(Your solution<br \/> must be technical, and it should be adopted to the University environment and<br \/> use cases. Elaborate your solution with examples). <\/p>\n<p> \u00a0 <\/p>\n<p> 3.3\u00a0Outline how\u00a0PKI\u00a0and\u00a0Digital<br \/> Certificates\u00a0contribute to the security of the communications at<br \/> Ruskin University? (Your solution must be technical, and it should be adopted<br \/> to the University environment and use cases. Elaborate your solution with<br \/> examples). <\/p>\n<p> 3.4\u00a0Outline how your solutions at 3.1, 3.2, 3.3<br \/> delivers\u00a0CIA\u00a0and\u00a0AAA\u00a0framework? <\/p>\n<p> \u00a0 <\/p>\n<p> Question 4:<br \/> Incident Response Plan (15 Out of 100)\u00a0 [ ~ 400 words] <\/p>\n<p> \u00a0 <\/p>\n<p> You have been asked to develop<br \/> an\u00a0Incident Response Plan\u00a0for the\u00a0Ruskin<br \/> University\u00a0to protect the university assets and safeguard business<br \/> continuity in the case of a disaster, cyber-attack, or critical failure.<br \/> Elaborate your solution based on the\u00a0NIST\u2019s\u00a0Computer<br \/> Security\u00a0Incident Response lifecycle. \u00a0\u00a0\u00a0 <\/p>\n<p> NIST\u2019s\u00a0computer security incident handling<br \/> guide can be found here: <\/p>\n<p> https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-61r2.pdf\u00a0(Links<br \/> to an external site.) <\/p>\n<p> IMPORTANT:\u00a0Your solution must be technical, and it<br \/> should be adopted to the university environment and use cases. Elaborate your<br \/> solution with examples. <\/p>\n<p> \u00a0 <\/p>\n<p> Question 5: OWASP<br \/> Secure Coding (15 Out of 100)\u00a0 [ ~ 400 words] <\/p>\n<p> You have switched your job and now you<br \/> are working as a\u00a0security specialist\u00a0in a software<br \/> development company. Your company has recently signed a new contract with\u00a0Anglia<br \/> Council\u00a0to develop a new highly secure cloud-based office<br \/> management\/accounting software system capable to handle highly confidential<br \/> resident information, financial transactions, and their tax records. The system<br \/> should allow residents to log-in to the system, upload and download documents,<br \/> fill up online forms, contact consultants, and make online payments.<br \/> \u00a0\u00a0\u00a0\u00a0 <\/p>\n<p> \u00a0 <\/p>\n<p> \u00a0 <\/p>\n<p> Your first task is to make sure all<br \/> developments in this project are secure and meet software security principles<br \/> and guidelines.\u00a0\u00a0 <\/p>\n<p> Create a secure coding checklist for the<br \/> various component of the office management\/accounting software by adopting<br \/> the OWASP secure coding practices. Provide case-study related descriptions<br \/> and examples. You can find the OWASP secure coding practices here: <\/p>\n<p> https:\/\/owasp.org\/www-pdf-archive\/OWASP_SCP_Quick_Reference_Guide_v2.pdf\u00a0(Links<br \/> to an external site.) <\/p>\n<p> Using the OWASP Top 10 security risks,<br \/> identify five different attacks that office management\/accounting software<br \/> might be vulnerable against. Provide case-study related descriptions and<br \/> examples. You can find the OWASP top 10 security concerns here: <\/p>\n<p> https:\/\/owasp.org\/www-project-top-ten\/ <\/p>\n<p> \u00a0 <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Assessment Description \u00a0 Answer all the questions below. You should compile a well-constructed, formally written report of no more than\u00a02,000 words\u00a0that encompasses industry standards and fundamental digital security best practices. The assignment will specify a different scenario on which to base the context of your answers. Whilst your target audience has some level of IT [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[28],"class_list":["post-43074","post","type-post","status-publish","format-standard","hentry","category-research-paper-writing","tag-computer-science"],"_links":{"self":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/43074","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/comments?post=43074"}],"version-history":[{"count":0,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/posts\/43074\/revisions"}],"wp:attachment":[{"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/media?parent=43074"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/categories?post=43074"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/papersspot.com\/blog\/wp-json\/wp\/v2\/tags?post=43074"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}