Assessment 3: Applied Project
Due date: Week 11
Word count / Time provided: 2000 words
Unit Learning Outcomes: ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7
Course Learning Outcomes: CLO-1, CLO-2, CLO-3, CLO-4, CLO-9
Graduate Attributes: GA-52, GA-10, GA-11, GA-12
This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization. The assessment is also assessing your skills to evaluate risk management techniques and IS auditing. You are required to select an organization that uses information systems to perform daily business operations. You have to identify the most valuable assets for the organisations and investigate the security threats and mitigation techniques. You have also to propose/evaluate the risk management techniques adopted by the selected organization to ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan and processes used by the organization and investigate the impact of human factors on security and risk management.
This assessment includes two tasks as follows:
Each group should select an organisation. The organization must provide information systems services to the staff and customers. You have to write a report to answer the followings related to the selected organization:
1. Network devices are highly vulnerable and can be exposed. Discuss two types of threats against network routers/switches of the selected organization. Illustrate how these devices are vulnerable to destruction and abuse.
2. Propose with justification two types of network security devices can be used to control security and mitigate threats related to the web and email servers.
3. Assume the organization used Windows server 2016 to host the organization web site. Discuss how the organization can ensure the availability of the web service using windows server 2016.
4. Discuss the impact of employee on information security of the selected organization. Provide risk management recommendation to reduce the risk of employee.
5. Windows server 2016 supported with different tools for auditing. Illustrate windows server 2016 auditing tools and discuss how they can be used by the selected organization to monitor and analyzing the web server and email server problems.
You may need to make some assumptions with the required justifications. Please note you have to use Harvard reference style.
Steganography is the practice of concealing a file, message, image, or video within another file, message, image, or video. Use Steghide tool available in Kali Linux to hide a text file that includes the group students names and IDs on APIC logo image (Use: SBM4304 as passphrase). In your report, you have to provide screenshot demonstrate the steps you followed during the process of installation of Steghide, and the way you use to hiding group information text file into APIC logo image and finally the steps to extract the text file from APIC logo image for verification of your work.
Submission you have to submit two files:
1. report in word format for Task-1 and Task-2 processes.
2. APIC logo image that includes your group information for Task-2 .(make sure to use: SBM4304 as passphrase).
The two files must be submitted separately not in single compress file.
In completing this assessment successfully, you will be able to investigate IS security, risk threats and propose the suitable security controls, which will help in achieving ULO-1, ULO-2, ULO-3, ULO-4 , ULO-5, ULO-6 and ULO-7, this in turn will help you in achieving CLO-1, CLO-2, CLO-3, CLO0-4 and CLO-9, which collectively with other unit learning outcomes will help in achieving GA-52, GA-10, GA11 and GA-12.