can you please read this task 2
Page | 1 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D Unit Code and Title: SBM4304 IS Security and Risk Management Assessment 3: Applied Project Due date: Week 13 Group/individual: Individual Word count / Time provided: 2500 words Weighting: 50% Unit Learning Outcomes: ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7 Course Learning Outcomes: CLO-1, CLO-2, CLO-3, CLO-4, CLO-9 Graduate Attributes: GA-52, GA-10, GA-11, GA-12 Assessment Details: This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization. The assessment is also assessing your skills to evaluate risk management techniques and IS auditing. You are required to select an organization that uses information systems to perform daily business operations. You have to identify the most valuable assets for the organisations and investigate the security threats and mitigation techniques. You have also to propose/evaluate the risk management techniques adopted by the selected organization to ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan and processes used by the organization and investigate the impact of human factors on security and risk management. Task Specifications This assessment includes two tasks as follows: Task-1: Each student should select an organisation. The organization must provide information systems services to the staff and customers. You have to write a report to answer the followings related to the selected organization: 1. Network devices are highly vulnerable and can be exposed. Discuss two types of threats against network routers/switches of the selected organization. Illustrate how these devices are vulnerable to destruction and abuse. 2. Propose with justification two types of network security devices can be used to control security and mitigate threats related to the web and email servers. 3. Assume the organization used Windows server 2016 to host the organization web site. Discuss how the organization can ensure the availability of the web service using windows server 2016. 4. Discuss the impact of employee on information security of the selected organization. Provide risk management recommendation to reduce the risk of employee. Assessment-3 Details Page | 2 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D 5. Windows server 2016 supported with different tools for auditing. Illustrate windows server 2016 auditing tools and discuss how they can be used by the selected organization to monitor and analyzing the web server and email server problems. You may need to make some assumptions with the required justifications. Task-2: Use the online encryption tool at: https://www.tools4noobs.com/online_tools/encrypt to encrypt your student ID and name using Data Encryption Standard (DEC) according to the following table: Table 1: Encryption student details using DEC Item Settings/Result Key SBM4304 Algorithm Data Encryption Standard Mode CBC Encode the output using Base64 Text to encrypt {Student ID:Student name} Encrypted with dec (Result) {Encrypted text} You have to replace: • {Student ID:Student name} with your student ID and your name • {Encrypted text} with the encrypted text In your report, you have to provide: 1. Table-1 with completed fields with a support of screenshot of encryption website. 2. Screenshot demonstrate the verification of your work by decrypting the cipher obtain in Table-1 using: https://www.tools4noobs.com/online_tools/decrypt/ Please note you have to use Harvard reference style and the report should be submitted as a Word file. In completing this assessment successfully, you will be able to investigate IS security, risk threats and propose the suitable security controls, which will help in achieving ULO-1, ULO-2, ULO-3, ULO-4 , ULO- 5, ULO-6 and ULO-7, this in turn will help you in achieving CLO-1, CLO-2, CLO-3, CLO0-4 and CLO-9, which collectively with other unit learning outcomes will help in achieving GA-52, GA-10, GA-11 and GA-12. https://www.tools4noobs.com/online_tools/encrypt https://www.tools4noobs.com/online_tools/decrypt/ Page | 3 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D Marking Information: The applied project will be marked out of 100 and will be weighted 50% of the total unit mark. Marking Criteria Not satisfactory (0-49%) of the criterion mark) Satisfactory (50-64%) of the criterion mark Good (65-74%) of the criterion mark Very Good (75-84%) of the criterion mark Excellent (85-100%) of the criterion mark Introduction (5 marks) Poor Introduction with irrelevant details Introduction is presented briefly and is missing the report outline Introduction is generally presented along with the report outline Introduction is well written, and the report outline is also discussed Introduction is very well written, and the report outline is also discussed Threats against network routers/switches (15 marks) Poorly discussion about threats and not related to routers/switches Brief discussion about threats and not related to routers/switches Good discussion about threats related to routers/switches Well discussion about threats related to routers/switches Excellent discussion about threats with clear specifications related to routers/switches Network security devices (15 mark) Poor discussion about network security devices with irrelevant information Brief discussion about network security devices Generally good discussion network security devices Very clear discussion about network security devices A very clear and in- depth discussion about network security devices Availability of the web service (10 mark) Lack of evidence of understanding of availability for web service. Evidence of basic understanding of availability of the web service with limited examples. Evidence of good understanding and identification of techniques to improve the availability of the web service Very clear understanding and identification of techniques to improve the availability of the web service Has excellent understanding and identification of techniques to improve the availability of the web service Impact of employee on information security (15 mark) Lack of evidence of understanding of impact of employee on information security Evidence of basic understanding of impact of employee on information security Evidence of good understanding of impact of employee on information security Very good understanding of impact of employee on information security Excellent understanding of impact of employee on information security Windows server 2016 auditing tools (10 mark) Lack of evidence of understanding of audit process Evidence of basic understanding of audit process and not related to the selected sector. Good understanding of audit process with discussion related to the selected sector Very good understanding of audit process with discussion related to the selected sector Excellent understanding and demonstration of audit process related to the selected sector Student details encryption (Table-1 and Screenshot) (10 mark) Lack of evidence of using the website for encryption Table -1 not completed or with errors. Table -1 completed with many settings errors. Table -1 completed with some settings errors. Table -1 completed correctly with correct result. Verification by decryption (10 mark) Lack of evidence of understanding of the process of decryption with no screenshot Screenshot is provided with not complete or incorrect settings and not related to Table-1 Screenshot is provided related to Table-1 with some settings errors Screenshot is provided related to Table-1 but with incorrect result. Screenshot is provided related to Table-1 with correct result. Summary (5 marks) Summary not relating to the report Brief summary of the report with some relevance Generally good summary of the report A section clearly summarizing the overall contribution A section very clearly summarizing the overall contribution References using Harvard style (5 marks) Lacks consistency with many errors. Unclear referencing/style Generally good referencing/style Clear referencing/ style Clear styles with excellent source of references.