Recent Question/Assignment
CIS2005 Principles of Information Security - Assignment 2 Practical SAP Report
Description Marks out of Weighting Due date
Assignment 2 – Practical report using SAP 100 15% 5th September 2014
The key concepts and frameworks covered in modules 1–4 are particularly relevant for this assignment. Assignment 2 relates to the specific course learning objectives 1, 2 and 3:
1. analyse information security vulnerabilities and threats and determine appropriate controls that can be applied to mitigate the potential risks
2. demonstrate an ability to communicate effectively both written and orally about the management of information security in organisations
And assesses the following graduate skills: The Academic & Professional Literacy and Written & Oral Communication at level 2.
Assignment 2 requires you to cover two specific tasks regarding SAP security. Your Assignment 2 report must be professionally structured, worded and presented for readability and appropriate for the intended audience.
Your assignment 2 must be structured as follows:
? Cover page for your assignment 2
? Table of contents
? Body of report – main section for each task with appropriate use of subsections for
each task sub report
? Task 1 – with appropriate sub section headings for each report (include excel spreadsheet or Access database with your task 1 submission of Assignment 2 report)
? Task 2 – with appropriate sub section headings for each report
Task 1 Specifications – Analyze SAP Security Audit Log Data.
You are provided with a data file – Userdata.xls.
Userdata.xls is a summarized record of user activity on a client’s SAP system. Each record contains the following fields:
USERID
YYYYMM
TCODE
TEXT
TCODESTAT
TCD
TSTATUS
TCOUNT
TTEXT
YYYYMM describes when the user action took place. YYYYMM is useful for summarising user activity by month. TCODE refers to the transaction (option on the menu) performed by the user. TEXT describes the outcome of the action, including its success or failure. Some tcodes are blank. Accordingly, TCODESTAT is an invented transaction code for each action indicating whether the action was successful (-0) or failed (-1). TCD is the same as TCODESTAT, except there is no -0 or -1. TSTATUS indicates whether the action was successful or not (0/1). TCOUNT is the number of times the user has performed this action, with this outcome, in the month YYYYMM. TTEXT is the narrative description of the TCODE.
Task 1 Requirements
You can use software of your choice (spreadsheet, database, statistical package etc) to analyze the provided SAP security audit log data (Userdata.xls), generate appropriate reports and provide an analysis of your findings (hint this assignment 2 task 1 can be done using excel pivot tables or Microsoft Access database SQL queries). Of particular interest are the following reports:
1. Alphabetic list of all actions and their frequency by any selected user, e.g. USER-040.
2. List of users performing unsuccessful activities.
3. List of transaction codes performed, with their frequency by each user.
4. List of users engaging in security-related actions.
5. Top 10 users in terms of frequency of activity.
6. List of users who are dormant – in the range USER-001 to USER-050.
7. You should also produce at least 3 reports/charts/plots based on any of the above previous reports that summarise activity over time using YYYYMM.
TASK 2 Specifications – Analyze SAP System-Wide Security Settings.
You are required to review the system-wide security settings on our SAP system. The data file RSPARAM contains an extract from the client’s system (Note you should open this file using excel spreadsheet to view the system-wide security settings with the fields aligned correctly. Hint you can use the search function to locate the appropriate SAP system wide security settings and their related values in the data file RSPARAM.txt.
You required to produce a report for Task2 of Assignment 2 summarizing the current user settings, default settings and recommended settings based on the RSPARAM.txt file.
Your report will consist of a written evaluation of the current settings highlighting any weaknesses, with explanations, and recommendations (1000 words approx.). The report should take the following form:
ACME DISTRIBUTION COMPANY
SAP System-Wide Security Settings
Date:
Prepared by:
System Setting Value User Default Value Recommended
Value Actual Value
No auto user SAP*
Failed logins to end
Failed logins to lock
Auto failed unlock
Min password length
Password expiry (days)
Idle logout (seconds)
No check on Tcodes
Default login client
Note: Submission of your assignment 2 report documents (two documents a word document, and an excel spreadsheet for task 1 if you use a spreadsheet for task1 or an Access database if you use a database for task 1) will be via Ease Assignment 2 submission link
Description Marks out of Weighting Due date
Assignment 2 – Practical report using SAP 100 15% 5th September 2014
The key concepts and frameworks covered in modules 1–4 are particularly relevant for this assignment. Assignment 2 relates to the specific course learning objectives 1, 2 and 3:
1. analyse information security vulnerabilities and threats and determine appropriate controls that can be applied to mitigate the potential risks
2. demonstrate an ability to communicate effectively both written and orally about the management of information security in organisations
And assesses the following graduate skills: The Academic & Professional Literacy and Written & Oral Communication at level 2.
Assignment 2 requires you to cover two specific tasks regarding SAP security. Your Assignment 2 report must be professionally structured, worded and presented for readability and appropriate for the intended audience.
Your assignment 2 must be structured as follows:
? Cover page for your assignment 2
? Table of contents
? Body of report – main section for each task with appropriate use of subsections for
each task sub report
? Task 1 – with appropriate sub section headings for each report (include excel spreadsheet or Access database with your task 1 submission of Assignment 2 report)
? Task 2 – with appropriate sub section headings for each report
Task 1 Specifications – Analyze SAP Security Audit Log Data.
You are provided with a data file – Userdata.xls.
Userdata.xls is a summarized record of user activity on a client’s SAP system. Each record contains the following fields:
USERID
YYYYMM
TCODE
TEXT
TCODESTAT
TCD
TSTATUS
TCOUNT
TTEXT
YYYYMM describes when the user action took place. YYYYMM is useful for summarising user activity by month. TCODE refers to the transaction (option on the menu) performed by the user. TEXT describes the outcome of the action, including its success or failure. Some tcodes are blank. Accordingly, TCODESTAT is an invented transaction code for each action indicating whether the action was successful (-0) or failed (-1). TCD is the same as TCODESTAT, except there is no -0 or -1. TSTATUS indicates whether the action was successful or not (0/1). TCOUNT is the number of times the user has performed this action, with this outcome, in the month YYYYMM. TTEXT is the narrative description of the TCODE.
Task 1 Requirements
You can use software of your choice (spreadsheet, database, statistical package etc) to analyze the provided SAP security audit log data (Userdata.xls), generate appropriate reports and provide an analysis of your findings (hint this assignment 2 task 1 can be done using excel pivot tables or Microsoft Access database SQL queries). Of particular interest are the following reports:
1. Alphabetic list of all actions and their frequency by any selected user, e.g. USER-040.
2. List of users performing unsuccessful activities.
3. List of transaction codes performed, with their frequency by each user.
4. List of users engaging in security-related actions.
5. Top 10 users in terms of frequency of activity.
6. List of users who are dormant – in the range USER-001 to USER-050.
7. You should also produce at least 3 reports/charts/plots based on any of the above previous reports that summarise activity over time using YYYYMM.
TASK 2 Specifications – Analyze SAP System-Wide Security Settings.
You are required to review the system-wide security settings on our SAP system. The data file RSPARAM contains an extract from the client’s system (Note you should open this file using excel spreadsheet to view the system-wide security settings with the fields aligned correctly. Hint you can use the search function to locate the appropriate SAP system wide security settings and their related values in the data file RSPARAM.txt.
You required to produce a report for Task2 of Assignment 2 summarizing the current user settings, default settings and recommended settings based on the RSPARAM.txt file.
Your report will consist of a written evaluation of the current settings highlighting any weaknesses, with explanations, and recommendations (1000 words approx.). The report should take the following form:
ACME DISTRIBUTION COMPANY
SAP System-Wide Security Settings
Date:
Prepared by:
System Setting Value User Default Value Recommended
Value Actual Value
No auto user SAP*
Failed logins to end
Failed logins to lock
Auto failed unlock
Min password length
Password expiry (days)
Idle logout (seconds)
No check on Tcodes
Default login client
Note: Submission of your assignment 2 report documents (two documents a word document, and an excel spreadsheet for task 1 if you use a spreadsheet for task1 or an Access database if you use a database for task 1) will be via Ease Assignment 2 submission link
Looking for answers ?
Recent Questions
Assessment 2: (20%) Case Study Presentation Due Date weeks 10This assessment builds on your theoretical knowledge and tests your ability to apply this knowledge to practice.you are required to formulate...Assessment 2Assessment 2Report: 30%Word count: 1400 – 1600 wordsDue date: Sunday of Week 8DescriptionYou are playing the role of a community service worker supporting a young adult son who is 18 years...1500-1800 wordsInstructions From TutorPlease download the eTask3 spreadsheet from Canvas and save the eTask spread as an Excel file. The main content of the force method is taught in Lectures 6,7&8.eTask3.1 is a...ASSIGNMENT INSTRUCTIONSAssessment Practical assessmentAssessment code: 011Academic Year: 2023/2024Trimester: 2Module Title: Critical Perspectives on Cross-Border BusinessModule Code: MOD009194Level: 6Module...Information Systems Analysis & DesignAssignmentDue date: Week 5 Friday (5 Apr 2024) 11:59 pm AESTWeighting: 30%Length: 1,200 to 1,500 words (penalty will apply if the length is outside this limit)Assessment...Problem:University of Technology Sydney 48353: CONCRETE DESIGN Autumn 2024 - Assignment 2 (13 Marks)The figure illustrates the cross-section of a reinforced concrete column with a hexagonal shape (equal...Show All Questions