You can download the solution Decision Types – Assignment Collaboration With Google Drive for free. For further assistance in Information Technology Assignments please check our offerings in Information Technology assignment solutions. Our subject-matter experts provide online assignment help to Information Technology students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.
(ExpertAssignmentHelp does not recommend anyone to use this sample as their own work.)
Question
You are hired by the organisation, such as Southern Cross University, selected in Ass1, as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the organisation is facing. Your tasks are the following:
ξ Task 1: the organisation is currently using a password based authentication system to control the user access to the organisation's information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the organisation has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the organisation’s information system.
ξ Task 2: After the assessing the risk from the BYOD policy, you suggest the organisation to replace the current password-based authentication scheme with a Certificate-Based Authentication for both device and user authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the organisation should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.
ξ Task 3: You have identified “Phishing” is among the top cybersecurity threats facing by the organisation. Use available online (e.g., Internet) resources to develop a guideline for the organisation staff to combat with the threat. The guideline will include the following:
- Definition of phishing and its distinctive characteristics.
- At least three (3) real examples showing the phishing characteristics.
- An instruction to the users of how to recognise and safely handle a phishing attack.
- An instruction to the IT administrator of how to minimise the phishing threat.
Solution
Executive summary
The report has given an account of the threats which the BYOD policy has posed to the cyber security of the University. The identified critical assets of the university are research and development documents, administrative systems and policies, course evaluation documents, information related to introduction of new courses, patents and copyrights related documents, customer sales information, and personal information about the students, corporate financial data and information related to human resources. The major risks which have been identified to the cyber security due to the installation of BYOD policy are data loss, public exposure, data usage, insecure data and no password protection. All these risks belong to higher risk levels. The certificate based authentication process is assessed to be better than password protection, as it needs the users to carry a physical device to access the networks. The phishing attacks have been very common these days and the data of the university can be lost or hacked due to these attacks. The examples of phishing attacks have been provided. The university also needs to take measures to handle these attacks and create awareness regarding the same in the staff.
Introduction
The given assignment is aimed at checking the cyber security measures taken by the selected organization, i.e., Southern Cross University. As a cyber security consultant, the contemporary as well as the emerging risks pertaining to cyber security of the University will be assessed. The security of the university systems which are currently being protected using the password based authentication system will be analyzed and the vulnerabilities to this system will be clearly analyzed. It will also analyze the security threats posed by the Bring Your Own Device (BYOD) policy recently launched by the university. It will also discuss the advantages of using the Certificate-Based Authentication for both user as well as device authentication over the password based system. The report will also give an account of the phishing attacks and how they can be prevented in the university campus. The report will allow the university to identify the loopholes in its cyber security system and find out the measures which it can implement to improve the same. The suggested measures can also serve as the guidelines for rest of the universities in the area as well if, found to be successful in the Southern Cross University.
For complete solution please download from the link below
(Some parts of the solution has been blurred due to privacy protection policy)