Page 1 of 6
[377]
COM7005D
Information Security Strategy
Development
Assignment: Part 1
Date for Submission: Please refer to the timetable on ilearn
(The submission portal on ilearn will close at 14.00 UK time on the date
of submission)
Page 2 of 6
[377]
Assignment Brief
As part of the formal assessment for the programme you are required to submit an
Information Security Strategy Development assignment. Please refer to your Student
Handbook for full details of the programme assessment scheme and general information on
preparing and submitting assignments.
Learning Outcomes:
After completing the module, you should be able to:
1) Evaluate the basic external and internal threats to electronic assets and
countermeasures to thwart such threats by utilising relevant standards and best
practice guidelines.
2) Analyse the legalities of computer forensics phases and the impact of the legal
requirements on the overall information security policy.
3) Critically assess the boundaries between the different service models (SaaS, PaaS,
IaaS) and operational translations (i.e. cloud computing) and to identify the associated
risks.
4) Critically investigate a company information security strategy to provide consultation
and coaching through reporting and communication.
5) Assess, compare and judge computer media for evidentiary purposes and/or root
cause analysis.
6) Apply relevant standards, best practices and legal requirements for information security
to develop information security policies.
7) Lifelong Learning: Manage employability, utilising the skills of personal development
and planning in different contexts to contribute to society and the workplace.
Your assignment should include: a title page containing your student number, the module
name, the submission deadline and a word count; the appendices if relevant; and a
reference list in Arden University (AU) Harvard format. You should address all the elements
of the assignment task listed below. Please note that tutors will use the assessment criteria
set out below in assessing your work.
Maximum word count: 2,500 words
Please note that exceeding the word count will result in a reduction in grade proportionate to
the number of words used in excess of the permitted limit.
You must not include your name in your submission because Arden University operates
anonymous marking, which means that markers should not be aware of the identity of the
student. However, please do not forget to include your STU number.
Page 3 of 6
[377]
Assignment Task: Part 1
This assignment is worth 50% of the total marks for the module.
Using your current or previous workplace1 as the case study, please answer the
following:
1) Critically analyse the different types of software acquisition models and try to relate that
to those systems you are u.
Capitol Tech U Doctoral Presentation - April 2024.pptx
Page 1 of 6 [377] COM7005D Info.docx
1. Page 1 of 6
[377]
COM7005D
Information Security Strategy
Development
Assignment: Part 1
Date for Submission: Please refer to the timetable on ilearn
(The submission portal on ilearn will close at 14.00 UK time on
the date
2. of submission)
Page 2 of 6
[377]
Assignment Brief
As part of the formal assessment for the programme you are
required to submit an
Information Security Strategy Development assignment. Please
refer to your Student
Handbook for full details of the programme assessment scheme
and general information on
preparing and submitting assignments.
Learning Outcomes:
After completing the module, you should be able to:
3. 1) Evaluate the basic external and internal threats to electronic
assets and
countermeasures to thwart such threats by utilising relevant
standards and best
practice guidelines.
2) Analyse the legalities of computer forensics phases and the
impact of the legal
requirements on the overall information security policy.
3) Critically assess the boundaries between the different service
models (SaaS, PaaS,
IaaS) and operational translations (i.e. cloud computing) and to
identify the associated
risks.
4) Critically investigate a company information security
strategy to provide consultation
and coaching through reporting and communication.
5) Assess, compare and judge computer media for evidentiary
purposes and/or root
cause analysis.
6) Apply relevant standards, best practices and legal
requirements for information security
to develop information security policies.
4. 7) Lifelong Learning: Manage employability, utilising the skills
of personal development
and planning in different contexts to contribute to society and
the workplace.
Your assignment should include: a title page containing your
student number, the module
name, the submission deadline and a word count; the appendices
if relevant; and a
reference list in Arden University (AU) Harvard format. You
should address all the elements
of the assignment task listed below. Please note that tutors will
use the assessment criteria
set out below in assessing your work.
Maximum word count: 2,500 words
Please note that exceeding the word count will result in a
reduction in grade proportionate to
the number of words used in excess of the permitted limit.
You must not include your name in your submission because
Arden University operates
anonymous marking, which means that markers should not be
5. aware of the identity of the
student. However, please do not forget to include your STU
number.
Page 3 of 6
[377]
Assignment Task: Part 1
This assignment is worth 50% of the total marks for the module.
Using your current or previous workplace1 as the case study,
please answer the
following:
1) Critically analyse the different types of software acquisition
models and try to relate that
to those systems you are using at your workplace. [LO3]
(10 marks)
6. 2) Do you have a handbook that describes the policies,
processes, and procedures in
place? Evaluate the security strategy in that handbook for
network activity monitoring,
for instance? What are the issues missing in the handbook? You
need to discuss the
legal issues raised by this handbook as many companies
consider a handbook as part
of the contract. [LO4]
(20 marks)
3) What is the information security strategic plan in place and
how it is implemented?
[LO4, LO6]
(10 marks)
4) Analyse the external and internal threats to information
systems in your workplace and
show how your security strategy should protect against those
threats. Report your risk
assessment methodology in a flowchart-like figure. You can
have a look at Stoneburner
(2002) work to understand how you should relate all the
activities together. Please do
7. not copy the work from (Stoneburner, 2002) as you need to
compile your own risk
assessment methodology as part of your security strategy plan.
You also need to
discuss how you are going to manage the identified risks. [LO1,
LO5]
(20 marks)
5) Critically analyse the access control strategy? If you are to
rewrite that part of your
security plan, what would you change? Why? What sort of a
strategy you will use here?
proactive or reactive? Justify your answer. [LO4, LO6]
(20 marks)
6) What do you recommend for a proper incident management
strategy? How would you
implement it? Hint: Stakeholders and role responsibilities.
[LO4, LO6, LO7]
(10 marks)
8. 7) Compile a brief security strategy that suits the business
requirements as well as the
security requirements of this workplace. [LO4, LO6, LO7]
(10 marks)
1 If you don't have one, please relate your answers to any other
contexts such as your previous university, school, etc.
Page 4 of 6
[377]
References:
Stoneburner, G., Goguen, A.Y. and Feringa, A., 2002. Sp 800-
30. risk management guide for
information technology systems.
Formative Feedback
You have the opportunity to submit your answer draft to receive
formative feedback.
The feedback is designed to help you develop areas of your
work and it helps you develop
9. your skills as an independent learner.
If you are a distance learning student, you should submit your
work, by email, to your tutor,
no later than 2 weeks before the actual submission deadline. If
you are a blended learning
student, your tutor will give you a deadline for formative
feedback and further details.
Formative feedback will not be given to work submitted after
the above date or the date
specified by your tutor - if a blended learning student.
Guidelines:
You MUST underpin your analysis and evaluation of the key
issues with appropriate and
wide ranging academic research and ensure this is referenced
using the AU Harvard system.
The My Study Skills Area contains the following useful
resources:
Guide to Harvard Referencing
http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Harvard_Quic
k_Ref_Guide.pdf
Guide to Harvard Citation
10. http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Guide_to_Har
vard_Citation.pdf
You must use the AU Harvard Referencing method in your
assignment.
http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Harvard_Quic
k_Ref_Guide.pdf
http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Harvard_Quic
k_Ref_Guide.pdf
http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Guide_to_Har
vard_Citation.pdf
http://moodle.bl.rdi.co.uk/guides/HarvardRef/AU_Guide_to_Har
vard_Citation.pdf
Page 5 of 6
11. [377]
Additional notes:
Students are required to indicate the exact word count on the
title page of the assessment.
The word count excludes the title page, tables, figures,
diagrams, footnotes, reference
list and appendices. Where assessment questions have been
reprinted from the
assessment brief these will also be excluded from the word
count. ALL other printed words
ARE included in the word count See ‘Word Count Policy’ on
the homepage of this module
for more information
Assignments submitted late will not be accepted and will be
marked as a 0% fail.
Your assessment should be submitted as a single Word (MS
Word) or PDF file. For more
information please see the “Guide to Submitting an
Assignment” document available on the
module page on iLearn.
12. You must ensure that the submitted assignment is all your own
work and that all sources
used are correctly attributed. Penalties apply to assignments
which show evidence of
academic unfair practice. (See the Student Handbook which is
on the homepage of your
module and also in the Induction Area).
Page 6 of 6
Assessment Criteria (Learning objectives covered - all)
Level 7 is characterised by an expectation of students’ expertise
in their specialism. Students are semi-autonomous,
demonstrating independence in the negotiation
of assessment tasks (including the major project) and the ability
to evaluate, challenge, modify and develop theory and practice.
Students are expected to
demonstrate an ability to isolate and focus on the significant
features of problems and to offer synthetic and coherent
solutions, with some students producing original
or innovative work in their specialism that is potentially worthy
of publication by Arden University. A clear appreciation of
13. ethical considerations (as appropriate) is also
a prerequisite.
Grade
Mark
Bands
Generic Assessment Criteria
Distinction 70%+
Excellent analysis of key issues and concepts/. Excellent
development of conceptual structures and argument, making
consistent use of
scholarly conventions. Excellent research skills, independence
of thought, an extremely high level of intellectual rigour and
consistency,
exceptional expressive / professional skills, and substantial
creativity and originality.
Excellent academic/intellectual skills. Work pushes the
boundaries of the discipline and demonstrates an awareness of
relevant ethical
considerations. Work may be considered for publication by
Arden university
Merit 60-69%
Very good level of competence demonstrated. High level of
theory application. Very good analysis of key issues and
concepts.
Development of conceptual structures and argument making
consistent use of scholarly conventions. Some evidence of
original thought
and a general awareness of relevant ethical considerations
Pass 50-59%
14. A satisfactory to good performance. Basic knowledge of key
issues and concepts. Generally descriptive, with restricted
analysis of existing
scholarly material and little argument development. Use of
scholarly conventions inconsistent. The work lacks original
thought. Some
awareness of relevant ethical considerations.
Satisfactory professional skills (where appropriate).
Marginal
Fail
40-49%
Limited research skills impede use of learning resources and
problem solving.
Significant problems with structure/accuracy in expression.
Very weak academic / intellectual / professional skills.
Limited use of scholarly conventions.
Errors in expression and the work may lack structure overall.
Fail
39% and
below
A poor performance in which there are substantial gaps in
knowledge and understanding, underpinning theory and ethical
considerations.
Little evidence of research skills, use of learning resources and
problem solving.
Major problems with structure/ accuracy in expression.
Professional skills not present. Very weak academic /
intellectual / professional skills. No evidence of use of
scholarly conventions
15. Week 8 Final Case Study: Regional Macroeconomic Analysis
Assignment Description
Evaluate at least fivemacroeconomic indicators for the region
where your state is located.
Examples of macroeconomic indicators are GDP, employment
indicators (labor market, unemployment, wages), consumer
price index, producer price index, retail sales, trade, interest
rates, manufacturing sector, agriculture sector, investment,
government fiscal policy, government monetary policy, housing,
healthcare system, poverty, urbanization, and education system.
Below are the sections that your paper should include.
Writing Style and Page Number Requirements
Font Type: Times New Roman or Arial
Font Size: 12
Spacing: Double
Number of Pages: 10 to 15 pages, including a separate Title
page and a separate References page
Structure and Requirements
· Title Page
· Title of the paper
· Name of the author
· E-mail address of the author
· Class name
· Professor's name
· Date
· Introduction and Region Evaluation
Provide an introduction and evaluation of your project including
the following.
· Include an overview of your region where you will include
information such as the region’s population size, GDP size and
16. GDP growth pattern, its unemployment rates, its major
industry(ies), its main tradable industry or commodity, and its
government budget size.
· State the five indicators that you are going to address and
provide status reports of the condition of the indicators you are
going to analyze.
· State the major challenges facing your region, and state the
major strengths that make your region unique.
· Data and Analysis
· Data: Obtain data from at least five credible sources to
provide facts and statistics about your region’s indicators. The
facts should be current and properly cited. Use tables, graphs,
and figures to support your argument. Make sure to provide
citations for your graphs and tables beneath each graph or table.
· Analysis: Taking into account your data, provide a full
analysis of your region. You will need to talk about each of the
five macroeconomic indicators that you selected and state
whether these indicators are facing challenges or opportunities
and state why. In addition, include in your analysis both the
strengths and challenges of your region regarding business,
industry, and markets. Basically, what business or industry
might thrive or lose in your region, and why?
·
Solution
Finally, what do you suggest in terms of economic policy to
assist your region and why? What outcomes are you anticipating
17. from your solution? Make sure you justify and defend your
position based on economic facts, laws, theories, and principles.
· Reference List
Use at least five professional sources to support your argument.
The references must be in APA format.
APA Resource
Revised 6/18/18
Page 1 of 6
[1514]
COM7005
Information Security Strategy Development
18. Assignment: Part 2
Date for Submission: Please refer to the timetable on ilearn
(The submission portal on ilearn will close at 14.00 UK time on
the date
of submission)
19. Page 2 of 6
[1514]
Assignment Brief
As part of the formal assessment for the programme you are
required to submit an
Information Security Strategy Development assignment. Please
refer to your Student
Handbook for full details of the programme assessment scheme
and general information on
preparing and submitting assignments.
20. Learning Outcomes:
After completing the module, you should be able to:
1) Evaluate the basic external and internal threats to electronic
assets and
countermeasures to thwart such threats by utilising relevant
standards and best
practice guidelines.
2) Analyse the legalities of computer forensics phases and the
impact of the legal
requirements on the overall information security policy.
3) Critically assess the boundaries between the different service
models (SaaS, PaaS,
21. IaaS) and operational translations (i.e. cloud computing) and to
identify the associated
risks.
4) Critically investigate a company information security
strategy to provide consultation
and coaching through reporting and communication.
5) Assess, compare and judge computer media for evidentiary
purposes and/or root
cause analysis.
6) Apply relevant standards, best practices and legal
requirements for information security
to develop information security policies.
22. 7) Lifelong Learning: Manage employability, utilising the skills
of personal development
and planning in different contexts to contribute to society and
the workplace.
Your assignment should include: a title page containing your
student number, the module
name, the word count; the appendices if relevant; and a
reference list in Arden University
(AU) Harvard format. You should address all the elements of
the assignment task listed
below. Please note that tutors will use the assessment criteria
set out below in assessing
your work.
Maximum word count: 2,500 words
23. Page 3 of 6
[1514]
Please note that exceeding the word count by over 10% will
result in a reduction in grade by
the same percentage that the word count is exceeded.
You must not include your name in your submission because
Arden University operates
anonymous marking, which means that markers should not be
aware of the identity of the
student. However, please do not forget to include your STU
number.
26. This assignment is worth 50% of the total marks for the module.
1) A Denial of Service attack (DoS) represents one of the most
widespread types of
cyber-threats to businesses of all sizes. DoS prevents users of
an online IT system
from accessing vital services for an extended period of time,
creating both financial and
reputational losses for the affected company. Many DoS attacks
have blocked websites
of private, public and government organisations from serving
their clients, customers
and partners for hours or even days. Addressing corporate
vulnerability to DoS attacks
is now becoming more and more critical due to the growing
adoption of cloud-based
27. architectures and information sharing platforms. As such, a
consideration of DoS
related risks should be placed at the core of any information
security strategy.
Critically analyse the most typical scenarios leading to the
increased exposure to DoS
attacks. Suggest specific counter-measures which could be
incorporated to the
corporate information security strategy. These should include:
a) infrastructures to minimise the likelihood of the occurrence
of such an event
(preventive approach)
b) mechanisms to mitigate the issues created by the occurrence
of such an event
28. (the reactive approach)
c) policies which recognise this threat as an overall business
risk rather than merely
technical risk.
(70 marks)
(LOs 1, 4, 5, 6 & 7)
2) Using WinHex or a similar tool, try to load your operating
system swap file for digital
forensics investigation. Report your findings about:
a) Recovered deleted files
b) Extracting used passwords
29. (30 marks)
(LO2)
Page 5 of 6
[1514]
Formative Feedback
You have the opportunity to submit your answer draft to receive
formative feedback.
The feedback is designed to help you develop areas of your
30. work and it helps you develop
your skills as an independent learner.
Your work must be submitted to your tutor at least two weeks
prior to the assessment
submission date. This is to allow time for you to reflect on the
feedback and draft your final
submission.
Formative feedback will not be given to work submitted after
the above date.
Guidelines:
You MUST underpin your analysis and evaluation of the key
issues with appropriate and
31. wide ranging academic research and ensure this is referenced
using the AU Harvard system.
The My Study Skills Area on iLearn contains useful resources
relating to referencing.
You must use the AU Harvard Referencing method in your
assignment.
Additional notes:
Students are required to indicate the exact word count on the
title page of the assessment.
The word count excludes the title page, tables, figures,
diagrams, footnotes, reference
list and appendices. Where assessment questions have been
reprinted from the
assessment brief these will also be excluded from the word
count. ALL other printed words
ARE included in the word count See ‘Word Count Policy’ on
32. the homepage of this module
for more information.
Submission Guidance
Assignments submitted late will not be accepted and will be
marked as a 0% fail.
Your assessment should be submitted as a single Word (MS
Word) or PDF file. For more
information please see the “Guide to Submitting an
Assignment” document available on the
module page on iLearn.
You must ensure that the submitted assignment is all your own
work and that all sources
used are correctly attributed. Penalties apply to assignments
which show evidence of
33. academic unfair practice. (See the Student Handbook which is
on the homepage of your
module and also in the Induction Area).
Page 6 of 6
Assessment Criteria (Learning objectives covered - all)
Level 7 is characterised by an expectation of students’ expertise
in their specialism. Students are semi-autonomous,
demonstrating independence in the negotiation of assessment
tasks (including the major project) and the ability to evaluate,
challenge, modify and develop theory and practice. Students are
expected to demonstrate an ability to isolate and
focus on the significant features of problems and to offer
synthetic and coherent solutions, with some students producing
original or innovative work in their specialism that is
34. potentially worthy of publication by Arden University. A clear
appreciation of ethical considerations (as appropriate) is also a
prerequisite.
Grade
Mark
Bands
Generic Assessment Criteria
Distinction 70%+
Excellent analysis of key issues and concepts/. Excellent
development of conceptual structures and argument, making
consistent use of scholarly
conventions. Excellent research skills, independence of thought,
an extremely high level of intellectual rigour and consistency,
exceptional expressive /
professional skills, and substantial creativity and originality.
Excellent academic/intellectual skills. Work pushes the
boundaries of the discipline and
35. demonstrates an awareness of relevant ethical considerations.
Work may be considered for publication by Arden university
Merit 60-69%
Very good level of competence demonstrated. High level of
theory application. Very good analysis of key issues and
concepts. Development of
conceptual structures and argument making consistent use of
scholarly conventions. Some evidence of original thought and a
general awareness of
relevant ethical considerations
Pass 50-59%
A satisfactory to good performance. Basic knowledge of key
issues and concepts. Generally descriptive, with restricted
analysis of existing scholarly
material and little argument development. Use of scholarly
conventions inconsistent. The work lacks original thought.
Some awareness of relevant
36. ethical considerations. Satisfactory professional skills (where
appropriate).
Marginal
Fail
40-49%
Limited research skills impede use of learning resources and
problem solving.
Significant problems with structure/accuracy in expression.
Very weak academic / intellectual / professional skills. Limited
use of scholarly conventions.
Errors in expression and the work may lack structure overall.
Fail
39% and
below
A poor performance in which there are substantial gaps in
knowledge and understanding, underpinning theory and ethical
considerations.
37. Little evidence of research skills, use of learning resources and
problem solving. Major problems with structure/ accuracy in
expression.
Professional skills not present. Very weak academic /
intellectual / professional skills. No evidence of use of
scholarly conventions