Skip to content
Permalink
1c4df72ab6
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

DADA/CW/Coursework.md

Go to file
 
 
Cannot retrieve contributors at this time
Overview Assessment Brief Learning Outcomes Coursework Scenario Tasks Marking Scheme Report Contents (90%) Report Structure (10%)
120 lines (86 sloc) 3.8 KB
Raw Blame
title subtitle
Introduction to Cyber Security
Coursework

Overview

Assessment Brief

The assessment requires students to individually produce a security assessment of an organisation. The output will be in the form of a report of approximately 1500 words.

The submission deadline is 16/4/2020

Learning Outcomes

  1. Identify a range of cyber security threats faced by individuals and organisations.
  2. Evaluate prevention, identification and mitigation methods appropriate to a variety of security scenarios
  3. Demonstrate an understanding of the legal and ethical issues surrounding cyber security

Coursework

Scenario

The Cirrus Cybernetic Corporation is an organisation that develops next generation robotics.

The organisation has several hundred employees, and includes departments for:

  • Management
  • HR
  • Accounting
  • Maintenance

The organisation has a Website, showing company information, and providing "Chat" and Forums for Customers to ask questions.

There is also a staff Portal accessible VIA the web interface. The staff portal allows authenticated staff members to search and display customer account information. Access to the staff area is through a single sign on system (IE the staff member has the same Username and password for their Desktop PC and the Intranet)

Recently there was a web security incident, where an attacker was able to access the organisation database. The initial analysis of the attack suggests that it was launched from somewhere inside the company network.

Tasks

You have been asked to develop a report on the security of the organisation above. All of the information you require about the organisation is given in the "Scenario" section, although you are expected to do some research on cyber security issues that might relate to the organisation.

This report should be written at a high level, suitable for a non-technical management audience. Your report should focus on two selected aspects of your choice, one each of:

  • A Technical aspect to security (such as how do we secure data, recommendations for security software)
  • A Human Aspect to security (what issues do the staff face, how can we protect against them)

Foe each aspect, select ONE factor (for example, Phishing, or a specific Web vulnerability) that is a threat to the organisation, and give details of:

  • What the Threat is
  • How the threat occurs
  • Examples of the Threat in the Real world
  • Suggestions to mitigate the threat.

Marking Scheme

Report Contents (90%)

  • Introduction (10%)

    Should introduce the subject, and provide context to the issues discussed in the report

  • Background Research (10%)

    Introduction to Cyber Security, what are the key threats, and how are they relevant to the organisation

  • Technical Threat (30%)

    Should include details of:

    • What the Threat is
    • How the threat occurs
    • Examples of the Threat in the Real world
    • Suggestions to mitigate the threat.

  • Human Factors Threat (30%)

    • What the Threat is
    • How the threat occurs
    • Examples of the Threat in the Real world
    • Suggestions to mitigate the threat.

  • Conclusions (10%)

Report Structure (10%)

  • Appropriate structure, use of diagrams and referencing
Grade Element
0-39 Work mainly incomplete and /or weaknesses in most areas
40-49 Most elements completed; weaknesses outweigh strengths
50-59 Most elements are strong, minor weaknesses
60-69 Strengths in all elements
70+ work exceeds the standard expected
80+ All work substantially exceeds the standard expected