This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization.

Page | 1 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D

Unit Code and Title: SBM4304 IS Security and Risk Management

Assessment 3: Applied Project

Due date: Week 13

Group/individual: Individual

Word count / Time provided: 2500 words

Weighting: 50%

Unit Learning Outcomes: ULO-1, ULO-2, ULO-3, ULO-4, ULO-5, ULO-6, ULO-7

Course Learning Outcomes: CLO-1, CLO-2, CLO-3, CLO-4, CLO-9

Graduate Attributes: GA-52, GA-10, GA-11, GA-12

Assessment Details:

This assessment is designed to assess your technical skills in investigation IS security, risk threats and

management to an organization. The assessment is also assessing your skills to evaluate risk

management techniques and IS auditing. You are required to select an organization that uses

information systems to perform daily business operations. You have to identify the most valuable

assets for the organisations and investigate the security threats and mitigation techniques. You have

also to propose/evaluate the risk management techniques adopted by the selected organization to

ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan and

processes used by the organization and investigate the impact of human factors on security and risk

management.

Task Specifications

This assessment includes two tasks as follows:

Task-1:

Each student should select an organisation. The organization must provide information systems

services to the staff and customers. You have to write a report to answer the followings related to

the selected organization:

1. Network devices are highly vulnerable and can be exposed. Discuss two types of threats against network routers/switches of the selected organization. Illustrate how these devices are vulnerable to destruction and abuse.

2. Propose with justification two types of network security devices can be used to control security and mitigate threats related to the web and email servers.

3. Assume the organization used Windows server 2016 to host the organization web site. Discuss how the organization can ensure the availability of the web service using windows server 2016.

4. Discuss the impact of employee on information security of the selected organization. Provide risk management recommendation to reduce the risk of employee.

Assessment-3 Details

Page | 2 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D

5. Windows server 2016 supported with different tools for auditing. Illustrate windows server 2016 auditing tools and discuss how they can be used by the selected organization to monitor and analyzing the web server and email server problems.

You may need to make some assumptions with the required justifications.

Task-2:

Use the online encryption tool at: https://www.tools4noobs.com/online_tools/encrypt to encrypt your student ID and name using Data Encryption Standard (DEC) according to the following table:

Table 1: Encryption student details using DEC

Item Settings/Result

Key SBM4304

Algorithm Data Encryption Standard

Mode CBC

Encode the output using Base64

Text to encrypt {Student ID:Student name}

Encrypted with dec (Result) {Encrypted text}

You have to replace:

• {Student ID:Student name} with your student ID and your name

• {Encrypted text} with the encrypted text

In your report, you have to provide:

1. Table-1 with completed fields with a support of screenshot of encryption website.

2. Screenshot demonstrate the verification of your work by decrypting the cipher obtain in Table-1 using: https://www.tools4noobs.com/online_tools/decrypt/

Please note you have to use Harvard reference style and the report should be submitted as a Word file.

In completing this assessment successfully, you will be able to investigate IS security, risk threats and

propose the suitable security controls, which will help in achieving ULO-1, ULO-2, ULO-3, ULO-4 , ULO-

5, ULO-6 and ULO-7, this in turn will help you in achieving CLO-1, CLO-2, CLO-3, CLO0-4 and CLO-9,

which collectively with other unit learning outcomes will help in achieving GA-52, GA-10, GA-11 and

GA-12.

Page | 3 Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College 55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111 PRV12007; CRICOS 03048D

Marking Information: The applied project will be marked out of 100 and will be weighted 50% of

the total unit mark.

Marking Criteria

Not satisfactory

(0-49%) of the criterion mark)

Satisfactory

(50-64%) of the criterion mark

Good

(65-74%) of the criterion mark

Very Good

(75-84%) of the criterion mark

Excellent

(85-100%) of the criterion mark

Introduction (5 marks)

Poor Introduction with irrelevant details

Introduction is presented briefly and is missing the report outline

Introduction is generally presented along with the report outline

Introduction is well written, and the report outline is also discussed

Introduction is very well written, and the report outline is also discussed

Threats against network

routers/switches (15 marks)

Poorly discussion about threats and not related to routers/switches

Brief discussion about threats and not related to routers/switches

Good discussion about threats related to routers/switches

Well discussion about threats related to routers/switches

Excellent discussion about threats with clear specifications related to routers/switches

Network security devices

(15 mark)

Poor discussion about network security devices with irrelevant information

Brief discussion about network security devices

Generally good discussion network security devices

Very clear discussion about network security devices

A very clear and in- depth discussion about network security devices

Availability of the web service

(10 mark)

Lack of evidence of understanding of availability for web service.

Evidence of basic understanding of availability of the web service with limited examples.

Evidence of good understanding and identification of techniques to improve the availability of the web service

Very clear understanding and identification of techniques to improve the availability of the web service

Has excellent understanding and identification of techniques to improve the availability of the web service

Impact of employee on information

security (15 mark)

Lack of evidence of understanding of impact of employee on information security

Evidence of basic understanding of impact of employee on information security

Evidence of good understanding of impact of employee on information security

Very good understanding of impact of employee on information security

Excellent understanding of impact of employee on information security

Windows server 2016 auditing tools

(10 mark)

Lack of evidence of understanding of audit process

Evidence of basic understanding of audit process and not related to the selected sector.

Good understanding of audit process with discussion related to the selected sector

Very good understanding of audit process with discussion related to the selected sector

Excellent understanding and demonstration of audit process related to the selected sector

Student details encryption (Table-1

and Screenshot) (10 mark)

Lack of evidence of using the website for encryption

Table -1 not completed or with errors.

Table -1 completed with many settings errors.

Table -1 completed with some settings errors.

Table -1 completed correctly with correct result.

Verification by decryption (10 mark)

Lack of evidence of understanding of the process of decryption with no screenshot

Screenshot is provided with not complete or incorrect settings and not related to Table-1

Screenshot is provided related to Table-1 with some settings errors

Screenshot is provided related to Table-1 but with incorrect result.

Screenshot is provided related to Table-1 with correct result.

Summary (5 marks)

Summary not relating to the report

Brief summary of the report with some relevance

Generally good summary of the report

A section clearly summarizing the overall contribution

A section very clearly summarizing the overall contribution

References using Harvard style

(5 marks)

Lacks consistency with many errors.

Unclear referencing/style

Generally good referencing/style

Clear referencing/ style

Clear styles with excellent source of references.

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.