Reference no: EM133668937 , Length: word count:1500
Cybersecurity
Assessment - Threat Model Report
Learning Outcome 1: Explore and articulate cyber trends, threats and staying safe in cyberspace, plus protecting personal and company data.
Learning Outcome 2: Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution.
Learning Outcome 3: Evaluate and communicate relevant technical and ethical considerations related to the design, deployment and/or the uses of secure technologies within various organisational contexts.
Case Scenario - ANU data breach: Hackers got inside Australia's top university
Assessment Task and Context
The goal of this assessment is to identify the threats or vulnerabilities in the case scenario described in the associated file, Assessment Initial Case Scenario.docx. NOT all threats or vulnerabilities you "discover" are in the initial case scenario. "Discovery" of threats is important. For each threat you need to indicate how it would be discovered in a business and in three cases, expand with a viable explanation of discovery, with small relevant details of an interview or survey, etc.
You should use this assessment brief document to guide what to include in this assessment and use the provided case study to help demonstrate understanding of the topic.
Instructions
Title page
The title page should include subject code and name, assessment number, report title, assessment due date, word count (actual), student name and surname, student ID, Torrens's email address, learning facilitator name and surname.
Executive Summary
The best time to write the Executive Summary is when you have finished working on your assessment. Top-level executives often only read the executive summary, so it is a brief summary of what was done with a very brief overview of major results.
Introduction
Since you already have an executive summary, this can be quite brief. You will need to provide a short description of the case organization. Overall, the introduction section is about "What the assessment is going to be about?"
Main Discussion
IMPORTANT NOTE: The required discussions for sub-sections 2.1, 2.2 and 2.3 are discussed earlier in this assessment brief document (see above).
Data Flow Diagrams (DFDs)
The DFDs must relate to the business described in the initial case scenario. You must remember that the DFDs are the FIRST step in the "Risk Analysis" process, and so they are not the main output of this assessment. The main output of MIS607 Assessment 2 is the categorized threats (see below).
For the DFD section of your report, you will need to present at least a "Context
Diagram" (level-0) and a "Level-1 Diagram" (DFD). You can include further levels of DFD (e.g., Level-2, Level-3, etc.) if you feel they are needed to show a trust boundary, but it's not necessary.
The level-1 diagram (and further level diagrams, if needed) must not break the rule for proper DFD formation/development. And the DFDs (excluding the Context Diagram) MUST have labelled trust boundaries.
You MUST use the symbol conventions shown below:
Threat List, Threat Discovery, and STRIDE Categorisation
For the threat list you should have a table of at least 10 threats with at least the following headings: threat brief name, brief description, brief discovery technique, STRIDE category, trust boundary, and whatever else may be handy. Make the table as readable as possible.
After the table, you need to expand on at least three of the threats (one of these must be the main threat mentioned in the case). These should be related to research material. You should also go into some explanation of how you discovered the threat
(as if you found them within the organization).You need to discuss the other seven threats in brief(2-3 lines at least)
Conclusion
In this section, you will wrap up your discussion in a clear and simple way. Overall, the conclusion section reminds the reader what the report/assessment has been about. Indicate and discuss the major findings and/or recommendation of your report.
References
A minimum of ten (10) references are required in this assessment. At least one (1) reference needs to be a "peer-reviewed" journal article or a conference paper.
You are welcome to use more than ten (10) references in your MIS607 Assessment 2 based on your decision and preference; however, the minimum number of references to be used in this assessment is ten (10) references. Make sure to list the references alphabetically and where possible, make sure to use the most recent references. At least three (3) references MUST be from peer reviewed sources (e.g., conferences, journals).
You need put a "**" before such peer-reviewed references in the references section when you want to highlight, they are peer reviewed. One mark will be deducted for not putting a
** in front of the peer reviewed article in references.
Important points on STRIDE and threat discovery:
Threats Discovery - The main output of MIS607 Assessment 2 should be a table with a set of minimum 10 threats or vulnerabilities that need mitigation in the case scenario organisation. Out of these 10 threats or vulnerabilities, choose 3 and explain them in more depth below the table. You will discover these threats or vulnerabilities with the help of the DFDs and the trust boundaries.
Imagine yourself as a consultant called into work inside the business to discover threats. For this assessment, business acumen and business logic in approaching threats is what is required.
The main threat for this assessment resembles a real-world attack. You need to develop a brief, factual overview of the real-world attack (web links can count as references here since the attack might not yet be covered academically).
IMPORTANT NOTE: Any explanation of the real-world case is based on real
information/data, NOT speculation or simulated "discovery".
It is important to understand that you need to "discover" additional threats or vulnerabilities on the associated initial case scenario. The case scenario is only an initial assessment of the organisation. The "discovery" can be simulated based on your
simulated investigation. Obviously, you must cover the main threats already identified in the case scenario, but other threats or vulnerabilities should be "discovered" by you. In this regard, inform the reader about what discovery techniques were used.
STRIDE Methodology - Note that the DFDs are NOT the main output of this assessment. The main result of this assessment is a "set of threats or vulnerabilities". Important points to consider are:
Try to map these threats or vulnerabilities as best you can against trust boundaries.
And categorize the identified threats or vulnerabilities as best you can, against STRIDE categories.
The STRIDE categories are NOT the threats. Do not be concerned if the threats you discover do not fit all STRIDE categories. In a full real-world assessment with hundreds of threats, this would be the case, but with around 10 threats this will probably not be possible. You can make assumptions, but the report is written from the point of view of a consultant who has made "discoveries" from their investigations. In the simulation you may gather needed information from stakeholders. Assessment markers are aware that the technical information "discovered" by you might not be 100% accurate in all details. However, your discoveries
should be somewhat realistic.
Referencing
It is essential that students use appropriate APA style for citing and referencing research.