User Account

All Pages

Analyse issues associated with organisational data networks

Assignment Help Management Information Sys
Reference no: EM133668937 , Length: word count:1500

Cybersecurity

Assessment - Threat Model Report

Learning Outcome 1: Explore and articulate cyber trends, threats and staying safe in cyberspace, plus protecting personal and company data.
Learning Outcome 2: Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution.
Learning Outcome 3: Evaluate and communicate relevant technical and ethical considerations related to the design, deployment and/or the uses of secure technologies within various organisational contexts.

Case Scenario  - ANU data breach: Hackers got inside Australia's top university

Assessment Task and Context
The goal of this assessment is to identify the threats or vulnerabilities in the case scenario described in the associated file, Assessment Initial Case Scenario.docx. NOT all threats or vulnerabilities you "discover" are in the initial case scenario. "Discovery" of threats is important. For each threat you need to indicate how it would be discovered in a business and in three cases, expand with a viable explanation of discovery, with small relevant details of an interview or survey, etc.
You should use this assessment brief document to guide what to include in this assessment and use the provided case study to help demonstrate understanding of the topic.

Instructions

Title page
The title page should include subject code and name, assessment number, report title, assessment due date, word count (actual), student name and surname, student ID, Torrens's email address, learning facilitator name and surname.

Executive Summary
The best time to write the Executive Summary is when you have finished working on your assessment. Top-level executives often only read the executive summary, so it is a brief summary of what was done with a very brief overview of major results.
Introduction
Since you already have an executive summary, this can be quite brief. You will need to provide a short description of the case organization. Overall, the introduction section is about "What the assessment is going to be about?"
Main Discussion
IMPORTANT NOTE: The required discussions for sub-sections 2.1, 2.2 and 2.3 are discussed earlier in this assessment brief document (see above).
Data Flow Diagrams (DFDs)
The DFDs must relate to the business described in the initial case scenario. You must remember that the DFDs are the FIRST step in the "Risk Analysis" process, and so they are not the main output of this assessment. The main output of MIS607 Assessment 2 is the categorized threats (see below).
For the DFD section of your report, you will need to present at least a "Context
Diagram" (level-0) and a "Level-1 Diagram" (DFD). You can include further levels of DFD (e.g., Level-2, Level-3, etc.) if you feel they are needed to show a trust boundary, but it's not necessary.
The level-1 diagram (and further level diagrams, if needed) must not break the rule for proper DFD formation/development. And the DFDs (excluding the Context Diagram) MUST have labelled trust boundaries.
You MUST use the symbol conventions shown below:
Threat List, Threat Discovery, and STRIDE Categorisation
For the threat list you should have a table of at least 10 threats with at least the following headings: threat brief name, brief description, brief discovery technique, STRIDE category, trust boundary, and whatever else may be handy. Make the table as readable as possible.
After the table, you need to expand on at least three of the threats (one of these must be the main threat mentioned in the case). These should be related to research material. You should also go into some explanation of how you discovered the threat

(as if you found them within the organization).You need to discuss the other seven threats in brief(2-3 lines at least)

Conclusion
In this section, you will wrap up your discussion in a clear and simple way. Overall, the conclusion section reminds the reader what the report/assessment has been about. Indicate and discuss the major findings and/or recommendation of your report.
References
A minimum of ten (10) references are required in this assessment. At least one (1) reference needs to be a "peer-reviewed" journal article or a conference paper.
You are welcome to use more than ten (10) references in your MIS607 Assessment 2 based on your decision and preference; however, the minimum number of references to be used in this assessment is ten (10) references. Make sure to list the references alphabetically and where possible, make sure to use the most recent references. At least three (3) references MUST be from peer reviewed sources (e.g., conferences, journals).
You need put a "**" before such peer-reviewed references in the references section when you want to highlight, they are peer reviewed. One mark will be deducted for not putting a
** in front of the peer reviewed article in references.


Important points on STRIDE and threat discovery:
Threats Discovery - The main output of MIS607 Assessment 2 should be a table with a set of minimum 10 threats or vulnerabilities that need mitigation in the case scenario organisation. Out of these 10 threats or vulnerabilities, choose 3 and explain them in more depth below the table. You will discover these threats or vulnerabilities with the help of the DFDs and the trust boundaries.
Imagine yourself as a consultant called into work inside the business to discover threats. For this assessment, business acumen and business logic in approaching threats is what is required.
The main threat for this assessment resembles a real-world attack. You need to develop a brief, factual overview of the real-world attack (web links can count as references here since the attack might not yet be covered academically).
IMPORTANT NOTE: Any explanation of the real-world case is based on real
information/data, NOT speculation or simulated "discovery".
It is important to understand that you need to "discover" additional threats or vulnerabilities on the associated initial case scenario. The case scenario is only an initial assessment of the organisation. The "discovery" can be simulated based on your

simulated investigation. Obviously, you must cover the main threats already identified in the case scenario, but other threats or vulnerabilities should be "discovered" by you. In this regard, inform the reader about what discovery techniques were used.
STRIDE Methodology - Note that the DFDs are NOT the main output of this assessment. The main result of this assessment is a "set of threats or vulnerabilities". Important points to consider are:
Try to map these threats or vulnerabilities as best you can against trust boundaries.
And categorize the identified threats or vulnerabilities as best you can, against STRIDE categories.
The STRIDE categories are NOT the threats. Do not be concerned if the threats you discover do not fit all STRIDE categories. In a full real-world assessment with hundreds of threats, this would be the case, but with around 10 threats this will probably not be possible. You can make assumptions, but the report is written from the point of view of a consultant who has made "discoveries" from their investigations. In the simulation you may gather needed information from stakeholders. Assessment markers are aware that the technical information "discovered" by you might not be 100% accurate in all details. However, your discoveries
should be somewhat realistic.

Referencing
It is essential that students use appropriate APA style for citing and referencing research.

Reference no: EM133668937

Questions Cloud

Explain the bodies reaction to stress : Explain the bodies reaction to stress. Make sure to discuss the fight or flight response, the actions of the sympathetic and parasympathetic nervous systems,
Identify at least one internal process breakdown : Identify at least one internal process breakdown each from the front-end, middle, and back-end workflows that could lead to a claim denial.
How insurance participation may or may not contribute : Describe how insurance participation may or may not contribute to a denial and how you would communicate with the insurance company when filing an appeal.
What errors can occur that will impact revenue integrity : What is the significance of the patient financial responsibility agreement? What errors can occur that will impact revenue integrity?
Analyse issues associated with organisational data networks : MIS607 Cybersecurity, Torrens University - Analyse issues associated with organisational data networks and security to recommend practical solutions towards
Online high school vision and mission statement : Research and choose an online high school vision and mission statement.
About the test and your own abilities : you quickly realize that the test focuses on areas not covered in class and not included in the review. How do you feel about the test and your own abilities?
Describe social comparison theory : Describe self-presentation and how social media is a form of self-presentation. Describe social comparison theory.
How do all of the elements align with one another : Which methodology and design aligns with your research the most? How do all of these elements align with one another? What is your justification?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Identify specific sections of the complaint form

Describe the overall process of submitting a health information privacy complaint to the OCR.

  Prepare a short paper explaining your proposed it solution

Set the context bybriefly describing the analysis previously provided and IT and business requirements already defined in previous stages. Introduce what is to come in your paper, and include the generic strategy for competitive advantage and the ..

  Solution to supply chain management question

Need help writing a paper involving the requirments, technology, benefits, advantages and disadvantages, implementation consideration, and cost for an idustry that uses supply chain for its core business.

  Explain the role of an activity map

Explain the role of an activity map in illustrating the strategic fit of a firm's operations and Discuss how operations and supply chain management has evolved as a field.

  Neural networks recognize and categorize patterns

If someone were to have a neural network that could scan information on all aspects of your life, where would that neural network potentially be able to find information about you?

  How are virtual office visits conducted

What is meant by patient-centered medical care? Define this term and give examples.Why would a patient choose an E-visit instead of an in-office visit?

  Research the tool volatility

Research the tool volatility and discuss 4 processes you can find within a memory image (part of this week's lab will be conducting memory analysis).

  What is the profession of graphic processor improvements

What is the profession of graphic processor improvements? How has it differed from the path of CPU progression? What unique differences exist with GPUs?

  What ways could your organization use its crm system

What opportunities can CRM provide in terms of business strategy and goals for your organization? IT Support: Within your organization, what type of IT support would you need for "front office" versus "back office" systems? Please justify your ans..

  How organization manage different level of security required

Assignment: The Role of Information Security Policy- Discuss how organizations manage different levels of security required for differing levels of personnel.

  Explain the future uses of your technology

Explain the Future uses of your technology, the benefits and possible applications that have not been attempted yet, but that will be in the future.

  Discuss the potential areas of vulnerability

McNick's fast food is a multinational organization that sells burgers and fries in nearly every country in the world. The corporation consists of a corporate.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd