User Account

All Pages

CMP73001 Cybersecurity Management Assignment

Assignment Help Operating System
Reference no: EM132471601

CMP73001 - Cybersecurity Management - Southern Cross University

Assignment - Risk assessment exercise

Task Description

You are hired by Advanced Medicos Limited (AML), a healthcare product sell company, as a cybersecurity consultant to help in security management and to address the contemporary and emerging risks from the cyber threats the company is facing. AML is providing a platform for Australian customers to sell their product online. The vision of the company is to be among the top 5 nation-wide. The board from the advice by Chief Information Officer (CIO) and Chief Information Security Officer (CISO) has concluded that they should get to point that the key services such as web portal should be able to recover from major incidents in less than 20 minutes while other services can be up and running in less than 1 hour. In case of a disaster, they should be able to have the Web portal and payroll system fully functional in less than 2 days.

The company is a new company which is growing rapidly. While the company uses its database server to store the information of its customers' private data, credit card info, etc. it has a poor- designed network with a low level of security. As the company is responsible for the privacy and the security of customer personal info, credit card details, the security of payment transactions, etc. they have decided to improve their information security. Therefore, they have hired you to do the following task:

- Risk assessment exercise: perform a full cyber risk assessment exercise for this company and document the outcomes.

Existing IT infrastructure of AML:
- Office 365 Emails Hosting
- 2 Web server providing web services and payment options
- A physical database server storing customer information
- DHCP and DNS servers
- Servers located in a server room accessible by all staff
- There is no virtual/cloud storage
- The backup files are stored on a single computer connected to the internal network
- Two 24-port Cisco Catalyst switches (1Gbps ports)
- Switches are access layer switches
- ADSL router
- 40 PCs with outdated antivirus
- The operating systems used in the company are Windows 2012 server and Windows 10
- Windows Firewalls are on
- No security configuration on routers and switches
- Telnet connection is used by IT people to remotely check the configuration of the network devices. Therefore, there is no encryption in remote access.
- Two wireless access points
- Wireless security is WPA
- 10 Voice over IP phones
- Servers located in a server room accessible by all staff
- There is no virtual/cloud storage
- The backup files are stored on a single computer connected to the internal network
- There are 40 staff including three IT people (IT staff are responsible to look after internet connection, network devices, Wi-Fi, Voice over IP service, LAN, computers, servers, hardware and software, and video conference facilities).
- All staff and equipment are on a single floor.
- The roles and responsibilities of people who are responsible for information security management are not clear and they are not documented. All IT staff help in information security management.

For this assignment, you need to write a report to the CEO of the company and answer a number of questions. You should also identify assets, perform risk assessment, and propose solutions to mitigate risks. Your answer should be submitted in PDF/DOC files.

Assessment Task 1: Identify and manage asset

To perform a risk assessment for this company, you should first identify all information assets and their business values. This is necessary because unidentified assets are not considered in risk assessment. In this question, you need to identify information assets based on your judgment and then perform the asset classification. You should classify information assets as different categories of assets which might need different protection based on their sensitivity and their value. Make a table for your task 1 and add the following information in your table:
a. provide a list of assets (at least 10 assets should be identified) and provide a meaningful description for the assets e.g. what is it used for, and what is included etc.
b. determine the asset location and ownership, assign a unique ID for the asset. Each id should give some hint about the asset. For instance, HW.01 can be interpreted as Hardware Asset number 1.
c. classify the identified assets based on their sensitivity. The identified classes should be based on your understanding and experience of each asset. You need to do some research and find at least three common classes of information assets. Create a Weighting Factor Analysis (WFA) to rank the identified assets.

To complete this task you need to search for asset classification samples. The following links also give you the required information about assets classes.

Explain how information security governance can help AML to have efficient asset management.

To improve the level of cybersecurity in AML, you should develop some security policies. The policies should cover different assets like people, technology, access control, etc. The links below give you some examples of information security policies. For this question, at least 5 policies should be provided. It is expected that you first create your Enterprise security or enterprise information policy.

Assessment Task 2: Vulnerability management and risk management

Do some research about different steps of Enterprise Risk Management by ISO framework and briefly explain each step.

Identify vulnerabilities in the company assets and their threats. This information should be shown in a table called vulnerability assessment table (TVA worksheet). One extra column should be added for brief vulnerability analysis.

Now, you are responsible to develop a risk management strategy to mitigate the existing risks to an acceptable level. You should use this template to create your strategy.

Create a risk assessment table including the identified threats and vulnerabilities, the likelihood of their occurrence, the expected impact of the threats on the company's operations, and the risk rating.

You should answer this question based on your answer to question 2.2 and based on the experience that you gained in the basic Cybersecurity unite. The risk analysis matrix should be used in this task.

Attachment:- Cybersecurity Management.rar

Reference no: EM132471601

Questions Cloud

Determine marias adjusted gross income : Determine Maria's adjusted gross income for 2018. Maria, who is single, had the items for 2018: Loss on sale of § 1244 small business stock acquired 3 years ago
Write one paragraph on capital one breach : You need to write one paragraph on capital one breach - A hacker gained access to 100 million Capital One credit card applications and accounts By Rob McLean
Determine how expectations hypothesis is best explanation : Determine expectations hypothesis is the best explanation of this phenomenonb. Inflation dominates the yield curvec. The liquidity (term) premium hypothesis
Technological breakthrough in medical and cell phone : There was a recent growth in consumer's confidence index which decreased by 20%, while recent technological breakthrough in medical and cell phone
CMP73001 Cybersecurity Management Assignment : CMP73001 Cybersecurity Management Assignment Help and Solution, Southern Cross University - Assessment Writing Service.
Is just recorded as accounts payable : How do record this? Is it just recorded as Accounts Payable or do need to put it into the account titled "Accrued Payable"? This bill will be paid April 16.
What types of things would effect market rate interest bonds : What types of things would effect the market rate interest of bonds and why would the changes in the market rate interest effect your bond proceeds
Prepare a trial balance before end of month adjustments : Record the opening balances as at 1 July 2014 in the appropriate journals and accounts and the opening balances of accounts receivable, accounts payable
Analysis of financial statements and comment on performance : Analysis of its financial statements and comment on its performance as one of the stakeholder groups (eg: investors/prospect investors, employees and etc)

Reviews

Write a Review

Operating System Questions & Answers

  Implementation of algorithms for process management

The Shortest Job Next (SJN) algorithm queues processes in a way that the ones that use the shortest CPU cycle will be selected for running rst.

  Develop a user mode command interpreter

Develop a user mode command interpreter which support list-short.

  Memory allocation in operating system

Analysis and implementation of algorithms for memory allocation in operating system, Explain First- t and best- t methods are used in memory allocation in operating systems.

  Stand alone child process

Forking the child process

  Write a multi-threaded program

Write a multi-threaded program to solve producer and consumer problem

  Marginal and average cost curves

n a competitive market place (pure competition) is it possible to continually sell your product at a price above the average cost of production.

  Simulating operating systems scheduling

Simulate the long-term scheduler, the short-term scheduler and the I/O scheduler of the computer using the First-Come-First-Serve algorithm.

  Issues with trusted platform module

Research paper discussing the issues with Trusted Platform Module (TPM)

  Threads

Explain a complication that concurrent processing adds to an operating system.

  Design and programming

Use the semaphore methods to control the concurrency of the solution

  Virtual machines

Virtual machines supported by a host operating system

  Discuss an application that benefits barrier synchronization

Discuss an application that would benefit from the use of barrier synchronization

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd