Uploaded bycpatriciarpatricia
DOCX, PDF13 views

Student NameStudent IDMax MarkFinal Mark.docx

This document provides instructions and grading criteria for an assignment assessing a student's work as a cybersecurity consultant for a university. The assignment consists of three tasks: 1) assessing risks from a Bring Your Own Device policy to the university's information system, 2) justifying replacing password authentication with certificate-based authentication through a technical report, and 3) developing an anti-spam guideline for students and staff defining spam, providing examples, and giving instructions for handling and preventing spam. Detailed guidelines are provided for each task and rubrics outline how the assignment will be marked. The document specifies the required submission format and policies around extensions, original work, and receiving marks and feedback.

Embed presentation

Download to read offline
Student Name: Student ID: Max Mark Final Mark Comments Not done Poor (F) Average (P) Good (C) Very Good (D)
Excellent (HD) NOTE TO MARKERS: 30 0.00 Task 1 12 Task 1 Task 1 Identify the most critical components of the university's information system - the critical information assets. 3 0 Identify critical components - x Identify the critical components of the information system using correct methods. Provide sufficient arguments to support the results. Identify what threats the BYOD policy may bring to the identified critical assets. 3 0 Identify BYOD policy threats - x Correctly identify threats related to BYOD policy. Sufficient explanation is provided. Identify potential vulnerabilities of each asset against the
identified threats. 3 0 Identify vulnerabilities of assets - x Correctly identify the vulnerabilities associated with the identified assets. Sufficient explaination is provided. Assess the risk to the university's information system. 3 0 Risk assessment - Correctly carry the risk assessment using either quantitative or qualitative risk assessment process. Document the result correctly with sufficient explanation. Sub Total: 0 Task 2 10 Task 2 Not done Poor (F) Average (P) Good (C)
Very Good (D) Excellent (HD) Task 2 Clearly explains the working principle of the certificate- based authentication. 3 0 Explain certificate based authentication - x The explanation is correct and captures the working principle of the certificate based authentication mechanism. Compare and contrast the certificate-based authentication and password-based authentication. 3 0 Compare certificate and password authentication - x Clearly and sufficiently shows the pros and cons of each authentication mechanism. Correctly identify and highlight the useful features of the certificate-based authentication for BYOD policy.
3 0 Identify features of certificate based authentication - x Correctly identify and highlight the useful features of the certificate-based authentication for BYOD policy. Quality of references. 1 0 Quality of references - x The reference source is correctly cited according to the citation style. The source quality is high. Sub Total : 0 Task 3 8 Task 3 Not done Poor (F) Average (P) Good (C) Very Good (D) Excellent
(HD) Task 3 Correctly identify the characteristics of a Spam and Spamming act. 2 0 Identify Spam and Spamming act - x The Spam Act 2003 prohibits the sending of unsolicited commer cial electronic messages—known as spam— with an Australian link. A message has an Australian link if it o riginates or was commissioned in Australia, or originates overseas but was sent to an address accessed in Australia. Students should define the Provide three representative examples of Spams 3 0 Three examples of Spam - x The examples are correct with sufficient explaination according to the Spam Act 2003. If no explaination is given, half of the total mark is awarded as the maximum. Spam handling instruction 3 0 Spam handling instruction - x The instruction is correct, sufficient, clear, consised and takes
into account to the assignment context. If external reference is used, provide the source. Sub Total: 0 TOTAL 30 0.00 Less late Penalty (10% per day) No of Days 0 0.00 TOTAL (with LATE PENALTY) 0% 0.00 HD: High Distinction, D: Distinction, C:Credit, P:Pass, F:Fail CMP71001 - Assignment 2 Grade Rubric HD 85+ D 75+ C 65+ P
50+ F The project is incomplete and/or work well below industry standards. Functionality is poor or absent. Failure to meet project specifications. Little or no innovation. A large volume of work would be required to bring the project up to industry standards. Insufficient effort or competence is demonstrated to achieve a passing grade. Other Comments - The project is realised to a very high professional standard. Technically it is fully functional and meets all specifications. It demonstrates high levels of creativity and innovation both in terms of its function and usability. It has been carefully quality controlled to ensure full functionality and that no errors are evident. The project is realised to a high professional standard, with a good level of functionality and meets most specifications. It demonstrates occasional levels of creativity and innovation. While there may be a few errors, these are of a minor nature. Generally the product would be well-regarded by industry standards. The project is realised to an acceptable professional standard with generally adequate levels of functionality and generally meets specifications, although there are a number of problems evident. There is evidence of creativity and innovation although these are not sustained throughout. Further development could have improved this product.
Generally it would not be highly regarded by industry and would need more work before release, but still shows good developing competence. The project was completed, but to a less than acceptable industry standard. Functionally it was problematic and some aspects did not meet required specifications. There is little evidence of creativity or innovation in the project. Additional work would be required to bring this up to industry standards, but overall it demonstrates sufficient competence to merit a passing grade. 1 School of Business and Tourism Unit Cybersecurity Unit code CMP71001 Assignment 2 Security consultation report and guideline. Due Date Sunday 23:59:59 of the last study week. Learning Outcomes 3 – 6
Graduate Attributes 3, 4 & 5 Weight 30% of overall unit assessment Suggestion This assignment is developmental and cumulative. You are strongly advised to start doing this assignment from Week-6 in your study. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit. Marks A marking scheme will be posted on MySCU to help you direct your efforts successfully. Task Description You are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the university is facing. Your tasks are the following: is currently using a password based authentication system to control the user access to the university’s information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university
has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system. you suggest the university to replace the current password-based authentication scheme with a Certificate-Based Authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers. cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to develop a guideline for the university students and staff to combat with the threat. The guideline will include the following:
o Definition of spam and its distinctive characteristics. 2 o At least three (3) real examples of spams showing the spam characteristics. o An instruction to the users of how to recognise and safely handle a spam. o An instruction to the IT administrator of how to minimize the spam threat. Assignment-2 guideline Task 1: BOYD risk assessment To complete this task, use the following guidelines: information system - the critical information assets. identified critical assets. identified threats. either quantitative or
qualitative risk assessment approach and document the risk assessment process. Task 2: Certificate-based Authentication To complete this task, use the following guidelines: principle, pros and cons of the Certificate-based Authentication mechanism. Document all reference sources. the Certificate-based Authentication mechanism. Compare the certificate-based authentication against the password-based authentication and highlight the features you think are useful for combating the threats from the BYOD policy. resources. Use your own words and figures. Acknowledge all reference sources. Task 3: Anti-spam guideline To complete this task, use the following guidelines: document is available
at: https://www.legislation.gov.au/Details/C2016C00614. The Act will help you to define what type of electronic messages should be treated as spams, what are the distinctive characteristics of a spam and what act is considered as spamming? own spams as examples. the development of spam handling instructions. The instructions should be clear, concise and precise. Assignment-2 Marking Rubric A spreadsheet that will be used for the marking of your site is provided (co-located with this assignment specification) on MySCU to itemise exactly what tutors will be looking at in relation to marking your assignment. It contains a detailed breakdown of the marking criteria for this assignment. I strongly suggest you peruse this spreadsheet. 3
Submission Format When you have completed the assignment, you are required to submit your assignment in the PDF/DOC format. The file will be named using the following convention: filename = FirstInitialYourLastName_CMP71001_A2.pdf (i.e. FJones_CMP71001_A2.pdf) Note to IBS students: Please check with your local lecturer/tutor the submission requirements for your assignments. Typically, they will be different from on-shore students of Southern Cross University. Original work It is a University requirement that a student’s work complies with the Academic Policy, Chapter 4.20 on Student Academic Integrity. It is a student’s responsibility to be familiar with the Policy. Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Chapter 4.20 on Student Academic
Integrity at the following website: http://www.scu.edu.au/governance/academicboard/policy/ As part of a University initiative to support the development of academic integrity, assessments may be checked for plagiarism, including through an electronic system, either internally or by a plagiarism checking service, and be held for future checking and matching purposes. Retain duplicate copy Before submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy. School Extension Policy In general, I will NOT give extension unless where there are exceptional circumstances. Students wanting an extension must make a request at least 24 hours before the assessment item is due and the request must be received in writing by the unit assessor or designated
academic. Extensions within 24 hours of submission or following the submission deadline will not be granted (unless supported by a doctor’s certificate or where there are exceptional circumstances – this will be at unit assessor’s discretion and will be considered on a case by case basis). Extensions will be for a maximum of 48 hours (longer extensions supported by a doctor’s certificate or alike to be considered on a case by case basis). A penalty of 5% of the total available grade will accrue for each 24-hour period that an assessment item is submitted late. Therefore, an assessment item worth 20 marks will have 1 marks deducted for every 24-hour period and at the end of 20 days will receive 0 marks. Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied http://www.scu.edu.au/governance/academicboard/policy/ 4
until the specified submission guidelines are followed. Marks and Feedback All assessment materials submitted during the semester will normally be marked and returned within two weeks of the required date of submission (provided that the assessment materials have been submitted by the due date). Marks will be made available to each student via the MySCU Grade book.

More Related Content

DOCX
Page 1 of 6 [1514] COM7005 Information S.docx
bykarlhennesey
 
DOCX
Page 1 of 6 [377] COM7005D Info.docx
byhoney690131
 
DOCX
Assignment02 question file s1 2017
bySandeep Ratnam
 
DOCX
CIS333 – Assignments and Rubrics © 2017 Strayer Unive.docx
byAASTHA76
 
DOCX
CIS333 – Assignments and Rubrics Assignment 1 Creating an.docx
bysleeperharwell
 
DOCX
CIS333 – Assignments and Rubrics Assignment 1 Creatin.docx
byAASTHA76
 
DOCX
TaskBelow are listed a list of topics. You are required to -Sele.docx
byjohniemcm5zt
 
PDF
Security audit
byRahul Bhargava
 
Page 1 of 6 [1514] COM7005 Information S.docx
bykarlhennesey
 
Page 1 of 6 [377] COM7005D Info.docx
byhoney690131
 
Assignment02 question file s1 2017
bySandeep Ratnam
 
CIS333 – Assignments and Rubrics © 2017 Strayer Unive.docx
byAASTHA76
 
CIS333 – Assignments and Rubrics Assignment 1 Creating an.docx
bysleeperharwell
 
CIS333 – Assignments and Rubrics Assignment 1 Creatin.docx
byAASTHA76
 
TaskBelow are listed a list of topics. You are required to -Sele.docx
byjohniemcm5zt
 
Security audit
byRahul Bhargava
 

Similar to Student NameStudent IDMax MarkFinal Mark.docx

DOCX
Hide Assignment InformationTurnitin®This assignment will be subm.docx
bysimonithomas47935
 
PDF
Review ICS Guidelines
byOboni Riskope Associates Inc.
 
DOCX
IT 549 Scenario Assignment Module Six Guidelines and Rubric .docx
byvrickens
 
DOCX
Project 1CST630 Project ChecklistStudent Name DateNote This che
bydavieec5f
 
DOCX
Assignment 2 Organizational Risk Appetite and Risk AssessmentDu.docx
byjosephinepaterson7611
 
DOCX
Cis 341 Technology levels--snaptutorial.com
bysholingarjosh56
 
DOCX
Cis 341 Enthusiastic Study - snaptutorial.com
byGeorgeDixon100
 
DOCX
CIS 341 Success Begins / snaptutorial.com
byRobinson070
 
DOCX
Term Paper The Rookie Chief Information Security Officer.docx
bymanningchassidy
 
DOCX
Assignment 4-it409-IT Security & Policies questions and answers
byKarthik Srinivasan
 
PDF
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
byInternational Journal of Science and Research (IJSR)
 
DOCX
Phonemic Awareness TableTaskScriptingDescription and.docx
byJUST36
 
DOCX
CIS333 – Networking Security Fundamentals © 2017 Stray.docx
byAASTHA76
 
DOCX
CIS333 – Networking Security Fundamentals © 2017 Stray.docx
byaryan532920
 
DOCX
Running Header LEARNING RESOURCE1 NETFLIX4LEARNING RESO.docx
byanhlodge
 
DOCX
CIS 333 Entire Course NEW
byshyamuopfive
 
PDF
Final report
byRahul Sihag
 
DOC
Cis 560 Effective Communication / snaptutorial.com
byBaileyam
 
DOCX
Assignment 1 Single Sign-On AccessSome business and organizat.docx
bysherni1
 
DOCX
Tasks for Assignments 1 and 2- Two documents need to be submit.docx
byssuserf9c51d
 
Hide Assignment InformationTurnitin®This assignment will be subm.docx
bysimonithomas47935
 
Review ICS Guidelines
byOboni Riskope Associates Inc.
 
IT 549 Scenario Assignment Module Six Guidelines and Rubric .docx
byvrickens
 
Project 1CST630 Project ChecklistStudent Name DateNote This che
bydavieec5f
 
Assignment 2 Organizational Risk Appetite and Risk AssessmentDu.docx
byjosephinepaterson7611
 
Cis 341 Technology levels--snaptutorial.com
bysholingarjosh56
 
Cis 341 Enthusiastic Study - snaptutorial.com
byGeorgeDixon100
 
CIS 341 Success Begins / snaptutorial.com
byRobinson070
 
Term Paper The Rookie Chief Information Security Officer.docx
bymanningchassidy
 
Assignment 4-it409-IT Security & Policies questions and answers
byKarthik Srinivasan
 
Assessment and Mitigation of Risks Involved in Electronics Payment Systems
byInternational Journal of Science and Research (IJSR)
 
Phonemic Awareness TableTaskScriptingDescription and.docx
byJUST36
 
CIS333 – Networking Security Fundamentals © 2017 Stray.docx
byAASTHA76
 
CIS333 – Networking Security Fundamentals © 2017 Stray.docx
byaryan532920
 
Running Header LEARNING RESOURCE1 NETFLIX4LEARNING RESO.docx
byanhlodge
 
CIS 333 Entire Course NEW
byshyamuopfive
 
Final report
byRahul Sihag
 
Cis 560 Effective Communication / snaptutorial.com
byBaileyam
 
Assignment 1 Single Sign-On AccessSome business and organizat.docx
bysherni1
 
Tasks for Assignments 1 and 2- Two documents need to be submit.docx
byssuserf9c51d
 

More from cpatriciarpatricia

DOCX
Strengths-based nursing (SBN) is an approach to care in which eigh.docx
bycpatriciarpatricia
 
DOCX
Strategies for Negotiation & Conflict Resolution Dr. Janice Ba.docx
bycpatriciarpatricia
 
DOCX
Stream MorphologyInvestigation ManualENVIRONMENTAL SCI.docx
bycpatriciarpatricia
 
DOCX
StrategicCompetitive PositionApple Inc. is known for its state-of.docx
bycpatriciarpatricia
 
DOCX
Strengths-to-Strategies, Curriculum Vitae, and Action PlanDue.docx
bycpatriciarpatricia
 
DOCX
Strengths and Barriers to Program Implementation As you de.docx
bycpatriciarpatricia
 
DOCX
STRATEGIESWhat can I do with this majorAREAS EMPLOYER.docx
bycpatriciarpatricia
 
DOCX
Strict APA format 1 page and no references before 2015. Peer-reviewe.docx
bycpatriciarpatricia
 
DOCX
Strategic PlanningUnrestrictedthe managerial proc.docx
bycpatriciarpatricia
 
DOCX
Stress and Healthcare Workers Productivity at Lexington Medical .docx
bycpatriciarpatricia
 
DOCX
Strengths 1. Large Enrollment 2. Flexible class schedules1. The.docx
bycpatriciarpatricia
 
DOCX
Stratification and Prejudice in Current EventsThe purpose of t.docx
bycpatriciarpatricia
 
DOCX
StrengthsWeaknessesOpportunitiesThreatsSkillsK.docx
bycpatriciarpatricia
 
DOCX
Street Sense Media uses a range of creative platforms to spotl.docx
bycpatriciarpatricia
 
DOCX
Strategies for ChangeWeek 7 The Hard Side of Change Management.docx
bycpatriciarpatricia
 
DOCX
STRATEGYLeadershipLighting a fire under theniWhy urgen.docx
bycpatriciarpatricia
 
DOCX
Stress and Chronic Illness- Choose and describe chronic illness su.docx
bycpatriciarpatricia
 
DOCX
Strengths Paper Write a 2-page paper that identifies your top 5 str.docx
bycpatriciarpatricia
 
DOCX
Street CodeConsider this quote from Robert Sampson and William J.docx
bycpatriciarpatricia
 
DOCX
Street artist Shepard Fairey, who was graduated from the Rhode I.docx
bycpatriciarpatricia
 
Strengths-based nursing (SBN) is an approach to care in which eigh.docx
bycpatriciarpatricia
 
Strategies for Negotiation & Conflict Resolution Dr. Janice Ba.docx
bycpatriciarpatricia
 
Stream MorphologyInvestigation ManualENVIRONMENTAL SCI.docx
bycpatriciarpatricia
 
StrategicCompetitive PositionApple Inc. is known for its state-of.docx
bycpatriciarpatricia
 
Strengths-to-Strategies, Curriculum Vitae, and Action PlanDue.docx
bycpatriciarpatricia
 
Strengths and Barriers to Program Implementation As you de.docx
bycpatriciarpatricia
 
STRATEGIESWhat can I do with this majorAREAS EMPLOYER.docx
bycpatriciarpatricia
 
Strict APA format 1 page and no references before 2015. Peer-reviewe.docx
bycpatriciarpatricia
 
Strategic PlanningUnrestrictedthe managerial proc.docx
bycpatriciarpatricia
 
Stress and Healthcare Workers Productivity at Lexington Medical .docx
bycpatriciarpatricia
 
Strengths 1. Large Enrollment 2. Flexible class schedules1. The.docx
bycpatriciarpatricia
 
Stratification and Prejudice in Current EventsThe purpose of t.docx
bycpatriciarpatricia
 
StrengthsWeaknessesOpportunitiesThreatsSkillsK.docx
bycpatriciarpatricia
 
Street Sense Media uses a range of creative platforms to spotl.docx
bycpatriciarpatricia
 
Strategies for ChangeWeek 7 The Hard Side of Change Management.docx
bycpatriciarpatricia
 
STRATEGYLeadershipLighting a fire under theniWhy urgen.docx
bycpatriciarpatricia
 
Stress and Chronic Illness- Choose and describe chronic illness su.docx
bycpatriciarpatricia
 
Strengths Paper Write a 2-page paper that identifies your top 5 str.docx
bycpatriciarpatricia
 
Street CodeConsider this quote from Robert Sampson and William J.docx
bycpatriciarpatricia
 
Street artist Shepard Fairey, who was graduated from the Rhode I.docx
bycpatriciarpatricia
 

Recently uploaded

PPTX
From AI curious to AI conversant – a year of experimentation at TCD Library. ...
byCONUL Conference
 
PPTX
PixelX : Think Design Experience powerpoint presentation
byVinaySiddha
 
PDF
Cut off for Asst Professor Recruitment by HPSC i.e. Haryana Public Service Co...
byRajesh Verma
 
PPTX
LEARNING PART 1. SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
PDF
Pharmaceutical Organic Chemistry Unit 5 Cycloalkanes
bySandeshSul
 
PPTX
Empowering Equality: The Athena Swan Journey at Maynooth University Library. ...
byCONUL Conference
 
PPTX
What’s a Milestone in a Sales Order in Odoo 18
byCeline George
 
PPTX
Conduction System of the Heart, The Cardiac Cycle, The Cardiac Output, ECG.pptx
byAshish Umale
 
PPTX
Changing hearts at DCU Library: Confronting prejudice through The Human Libra...
byCONUL Conference
 
PDF
• Reinforcing the Human Firewall: Moving From Awareness to Applied Skill
byAdityarajsinh Gohil
 
PPTX
Spectrofluorometery one of the analytical technique
bySavitribai Phule Pune University
 
PDF
India Cybercrime Threats & Response 2025: Digital Arrests, 1930 Helpline & Ze...
bySanjay Rathod
 
PPTX
To Stand in Another’s Shoes: Using Archives, History and Performance to Enhan...
byCONUL Conference
 
PPTX
Spherocytosis_Heridetary Spherocytosis_ AIHA_Dr Dibyajyoti Prusty, MD.pptx
byDibyajyoti Prusty
 
PPTX
Collecting and preserving: new imperatives and new challenges. Speaker: Richa...
byCONUL Conference
 
PPTX
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
PPTX
Bookish Bats: a unique sustainable delivery service in the Russell Library. A...
byCONUL Conference
 
PDF
Behind the Studioz Report by LDMMIA 2026
by©LDMMIA, ©Reiki Yoga
 
PDF
Result Analysis of the Pre Board 2025 .pdf
byDirectorate of Education Delhi
 
PDF
Old Historicism vs New Historicism Slides
byDr. Ilyas Babar Awan
 
From AI curious to AI conversant – a year of experimentation at TCD Library. ...
byCONUL Conference
 
PixelX : Think Design Experience powerpoint presentation
byVinaySiddha
 
Cut off for Asst Professor Recruitment by HPSC i.e. Haryana Public Service Co...
byRajesh Verma
 
LEARNING PART 1. SHILPA HOTAKAR PSYCHOLOGY NOTES pptx
bySHILPA HOTAKAR
 
Pharmaceutical Organic Chemistry Unit 5 Cycloalkanes
bySandeshSul
 
Empowering Equality: The Athena Swan Journey at Maynooth University Library. ...
byCONUL Conference
 
What’s a Milestone in a Sales Order in Odoo 18
byCeline George
 
Conduction System of the Heart, The Cardiac Cycle, The Cardiac Output, ECG.pptx
byAshish Umale
 
Changing hearts at DCU Library: Confronting prejudice through The Human Libra...
byCONUL Conference
 
• Reinforcing the Human Firewall: Moving From Awareness to Applied Skill
byAdityarajsinh Gohil
 
Spectrofluorometery one of the analytical technique
bySavitribai Phule Pune University
 
India Cybercrime Threats & Response 2025: Digital Arrests, 1930 Helpline & Ze...
bySanjay Rathod
 
To Stand in Another’s Shoes: Using Archives, History and Performance to Enhan...
byCONUL Conference
 
Spherocytosis_Heridetary Spherocytosis_ AIHA_Dr Dibyajyoti Prusty, MD.pptx
byDibyajyoti Prusty
 
Collecting and preserving: new imperatives and new challenges. Speaker: Richa...
byCONUL Conference
 
CHAPTER NO. 05 BIOLOGICAL SOURCE,CHEMICAL CONSTITUENTS AND THERAPEUTIC EFFICA...
byGanu Gavade
 
Bookish Bats: a unique sustainable delivery service in the Russell Library. A...
byCONUL Conference
 
Behind the Studioz Report by LDMMIA 2026
by©LDMMIA, ©Reiki Yoga
 
Result Analysis of the Pre Board 2025 .pdf
byDirectorate of Education Delhi
 
Old Historicism vs New Historicism Slides
byDr. Ilyas Babar Awan
 

Student NameStudent IDMax MarkFinal Mark.docx

  • 1.
  • 2.
    Excellent (HD) NOTE TO MARKERS: 300.00 Task 1 12 Task 1 Task 1 Identify the most critical components of the university's information system - the critical information assets. 3 0 Identify critical components - x Identify the critical components of the information system using correct methods. Provide sufficient arguments to support the results. Identify what threats the BYOD policy may bring to the identified critical assets. 3 0 Identify BYOD policy threats - x Correctly identify threats related to BYOD policy. Sufficient explanation is provided. Identify potential vulnerabilities of each asset against the
  • 3.
    identified threats. 3 0 Identifyvulnerabilities of assets - x Correctly identify the vulnerabilities associated with the identified assets. Sufficient explaination is provided. Assess the risk to the university's information system. 3 0 Risk assessment - Correctly carry the risk assessment using either quantitative or qualitative risk assessment process. Document the result correctly with sufficient explanation. Sub Total: 0 Task 2 10 Task 2 Not done Poor (F) Average (P) Good (C)
  • 4.
    Very Good (D) Excellent (HD) Task 2 Clearlyexplains the working principle of the certificate- based authentication. 3 0 Explain certificate based authentication - x The explanation is correct and captures the working principle of the certificate based authentication mechanism. Compare and contrast the certificate-based authentication and password-based authentication. 3 0 Compare certificate and password authentication - x Clearly and sufficiently shows the pros and cons of each authentication mechanism. Correctly identify and highlight the useful features of the certificate-based authentication for BYOD policy.
  • 5.
    3 0 Identify featuresof certificate based authentication - x Correctly identify and highlight the useful features of the certificate-based authentication for BYOD policy. Quality of references. 1 0 Quality of references - x The reference source is correctly cited according to the citation style. The source quality is high. Sub Total : 0 Task 3 8 Task 3 Not done Poor (F) Average (P) Good (C) Very Good (D) Excellent
  • 6.
    (HD) Task 3 Correctly identifythe characteristics of a Spam and Spamming act. 2 0 Identify Spam and Spamming act - x The Spam Act 2003 prohibits the sending of unsolicited commer cial electronic messages—known as spam— with an Australian link. A message has an Australian link if it o riginates or was commissioned in Australia, or originates overseas but was sent to an address accessed in Australia. Students should define the Provide three representative examples of Spams 3 0 Three examples of Spam - x The examples are correct with sufficient explaination according to the Spam Act 2003. If no explaination is given, half of the total mark is awarded as the maximum. Spam handling instruction 3 0 Spam handling instruction - x The instruction is correct, sufficient, clear, consised and takes
  • 7.
    into account tothe assignment context. If external reference is used, provide the source. Sub Total: 0 TOTAL 30 0.00 Less late Penalty (10% per day) No of Days 0 0.00 TOTAL (with LATE PENALTY) 0% 0.00 HD: High Distinction, D: Distinction, C:Credit, P:Pass, F:Fail CMP71001 - Assignment 2 Grade Rubric HD 85+ D 75+ C 65+ P
  • 8.
    50+ F The projectis incomplete and/or work well below industry standards. Functionality is poor or absent. Failure to meet project specifications. Little or no innovation. A large volume of work would be required to bring the project up to industry standards. Insufficient effort or competence is demonstrated to achieve a passing grade. Other Comments - The project is realised to a very high professional standard. Technically it is fully functional and meets all specifications. It demonstrates high levels of creativity and innovation both in terms of its function and usability. It has been carefully quality controlled to ensure full functionality and that no errors are evident. The project is realised to a high professional standard, with a good level of functionality and meets most specifications. It demonstrates occasional levels of creativity and innovation. While there may be a few errors, these are of a minor nature. Generally the product would be well-regarded by industry standards. The project is realised to an acceptable professional standard with generally adequate levels of functionality and generally meets specifications, although there are a number of problems evident. There is evidence of creativity and innovation although these are not sustained throughout. Further development could have improved this product.
  • 9.
    Generally it wouldnot be highly regarded by industry and would need more work before release, but still shows good developing competence. The project was completed, but to a less than acceptable industry standard. Functionally it was problematic and some aspects did not meet required specifications. There is little evidence of creativity or innovation in the project. Additional work would be required to bring this up to industry standards, but overall it demonstrates sufficient competence to merit a passing grade. 1 School of Business and Tourism Unit Cybersecurity Unit code CMP71001 Assignment 2 Security consultation report and guideline. Due Date Sunday 23:59:59 of the last study week. Learning Outcomes 3 – 6
  • 10.
    Graduate Attributes 3, 4& 5 Weight 30% of overall unit assessment Suggestion This assignment is developmental and cumulative. You are strongly advised to start doing this assignment from Week-6 in your study. Leaving your starting date to the week before the due date is a very poor strategy for success in the unit. Marks A marking scheme will be posted on MySCU to help you direct your efforts successfully. Task Description You are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the university is facing. Your tasks are the following: is currently using a password based authentication system to control the user access to the university’s information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university
  • 11.
    has raised somesecurity concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system. you suggest the university to replace the current password-based authentication scheme with a Certificate-Based Authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers. cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to develop a guideline for the university students and staff to combat with the threat. The guideline will include the following:
  • 12.
    o Definition ofspam and its distinctive characteristics. 2 o At least three (3) real examples of spams showing the spam characteristics. o An instruction to the users of how to recognise and safely handle a spam. o An instruction to the IT administrator of how to minimize the spam threat. Assignment-2 guideline Task 1: BOYD risk assessment To complete this task, use the following guidelines: information system - the critical information assets. identified critical assets. identified threats. either quantitative or
  • 13.
    qualitative risk assessmentapproach and document the risk assessment process. Task 2: Certificate-based Authentication To complete this task, use the following guidelines: principle, pros and cons of the Certificate-based Authentication mechanism. Document all reference sources. the Certificate-based Authentication mechanism. Compare the certificate-based authentication against the password-based authentication and highlight the features you think are useful for combating the threats from the BYOD policy. resources. Use your own words and figures. Acknowledge all reference sources. Task 3: Anti-spam guideline To complete this task, use the following guidelines: document is available
  • 14.
    at: https://www.legislation.gov.au/Details/C2016C00614. The Actwill help you to define what type of electronic messages should be treated as spams, what are the distinctive characteristics of a spam and what act is considered as spamming? own spams as examples. the development of spam handling instructions. The instructions should be clear, concise and precise. Assignment-2 Marking Rubric A spreadsheet that will be used for the marking of your site is provided (co-located with this assignment specification) on MySCU to itemise exactly what tutors will be looking at in relation to marking your assignment. It contains a detailed breakdown of the marking criteria for this assignment. I strongly suggest you peruse this spreadsheet. 3
  • 15.
    Submission Format When youhave completed the assignment, you are required to submit your assignment in the PDF/DOC format. The file will be named using the following convention: filename = FirstInitialYourLastName_CMP71001_A2.pdf (i.e. FJones_CMP71001_A2.pdf) Note to IBS students: Please check with your local lecturer/tutor the submission requirements for your assignments. Typically, they will be different from on-shore students of Southern Cross University. Original work It is a University requirement that a student’s work complies with the Academic Policy, Chapter 4.20 on Student Academic Integrity. It is a student’s responsibility to be familiar with the Policy. Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Chapter 4.20 on Student Academic
  • 16.
    Integrity at thefollowing website: http://www.scu.edu.au/governance/academicboard/policy/ As part of a University initiative to support the development of academic integrity, assessments may be checked for plagiarism, including through an electronic system, either internally or by a plagiarism checking service, and be held for future checking and matching purposes. Retain duplicate copy Before submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy. School Extension Policy In general, I will NOT give extension unless where there are exceptional circumstances. Students wanting an extension must make a request at least 24 hours before the assessment item is due and the request must be received in writing by the unit assessor or designated
  • 17.
    academic. Extensions within24 hours of submission or following the submission deadline will not be granted (unless supported by a doctor’s certificate or where there are exceptional circumstances – this will be at unit assessor’s discretion and will be considered on a case by case basis). Extensions will be for a maximum of 48 hours (longer extensions supported by a doctor’s certificate or alike to be considered on a case by case basis). A penalty of 5% of the total available grade will accrue for each 24-hour period that an assessment item is submitted late. Therefore, an assessment item worth 20 marks will have 1 marks deducted for every 24-hour period and at the end of 20 days will receive 0 marks. Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied http://www.scu.edu.au/governance/academicboard/policy/ 4
  • 18.
    until the specifiedsubmission guidelines are followed. Marks and Feedback All assessment materials submitted during the semester will normally be marked and returned within two weeks of the required date of submission (provided that the assessment materials have been submitted by the due date). Marks will be made available to each student via the MySCU Grade book.