Create awareness among the staff

Assignment Help Other Subject
Reference no: EM132775046

MIS607 Cybersecurity - Laureate International Universities

Assessment - Threat Model Report

Learning Outcome 1: Explore and articulate cyber trends, threats and staying safe in cyberspace, plus protecting personal and company data.
Learning Outcome 2: Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution.
Learning Outcome 3: Evaluate and communicate relevant technical and ethical considerations related to the design, deployment and/or the uses of secure technologies within various organisational contexts.

Task Summary
You are required write a 1500 words Threat modelling report in response to a case scenario by identifying the threat types and key factors involved. This assessment is intended to build your fundamental understanding of these key threats so that you will be able to respond/mitigate those factors in Assessment 3. In doing so, this assessment will formatively develop the knowledge required for you to complete Assessment 3 successfully.

Context
Security threat modelling, or threat modelling is a process of assessing and documenting a system's security risks. Threat modelling is a repeatable process that helps you find and mitigate all of the threats to your products/services. It contributes to the risk management process because threats to software and infrastructure are risks to the user and environment deploying the software. As a professional, your role will require you to understand the most at-risk components and create awareness among the staff of such high-risk components and how to manage them. Having a working understanding of these concepts will enable you to uncover threats to the system before the system is committed to code.

Task Instructions
1. Carefully read the attached the case scenario to understand the concepts being discussed in the case.

2. Review your subject notes to establish the relevant area of investigation that applies to the case. Re- read any relevant readings that have been recommended in the case area in modules. Plan how you will structure your ideas for the threat model report.

3. Draw a use DFDs (Data Flow Diagrams):
• Include processes, data stores, data flows
• Include trust boundaries (Add trust boundaries that intersect data flows)
• Iterate over processes, data stores, and see where they need to be broken down
• Enumerate assumptions, dependencies
• Number everything (if manual)

• Determine the threat types that might impact your system
• STRIDE/Element: Identifying threats to the system.
• Understanding the threats (threat, property, definition)

4. The report should consist of the following structure:

A title page with subject code and name, assignment title, student's name, student number, and lecturer's name.

The introduction that will also serve as your statement of purpose for the report. This means that you will tell the reader what you are going to cover in your report. You will need to inform the reader of:
a) Your area of research and its context
b) The key concepts of cybersecurity you will be addressing and why you are drawing the threat model
c) What the reader can expect to find in the body of the report

The body of the report) will need to respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the threat model report, drawing DFD and presenting the diagram by means of subheadings in the body of the report.

The conclusion will summarise any findings or recommendations that the report puts forward regarding the concepts covered in the report.

5. Format of the report
The report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and have page numbers on the bottom of each page. If diagrams or tables are used, due attention should be given to pagination to avoid loss of meaning and continuity by unnecessarily splitting information over two pages. Diagrams must carry the appropriate captioning.

6. Referencing
There are requirements for referencing this report using APA style for citing and referencing research. It is expected that you used 10 external references in the relevant subject area based on readings and further research.

Assessment - Mitigation Plan for Threat Report

Learning Outcome 1: Explore and articulate cyber trends, threats and staying safe in cyberspace, plus protecting personal and company data.
Learning Outcome 2: Analyse issues associated with organisational data networks and security to recommend practical solutions towards their resolution.
Learning Outcome 3: Evaluate and communicate relevant technical and ethical considerations related to the design, deployment and/or the uses of secure technologies within various organisational contexts.

Task Summary
For this assessment, you are required to write a 2500 words mitigation plan for threat report based on knowledge you gained about threat types and key factors in Assessment 2. You are required to use the Assessment 2 case as context to write a report to address or alleviate problems faced by the business and to protect the customers. In doing so, you are required to demonstrate your ability to mitigate threat/risks identified in Assessment 2 through the strategy you recommend (STRIDE).

Context
Cybersecurity help organizations to mitigate threats/risks, reduce financial loss and safety violations, decrease unethical behaviour, improve customer satisfaction, and increase efficiency, as well as to maintain these improved results. Threats can be resolved by Risk Acceptance (doing nothing), Risk Transference (pass risk to an externality), Risk Avoidance (removing the feature/component that causes the risk) and Risk Mitigation (decrease the risk). This assessment gives you an opportunity to demonstrate your understanding of cybersecurity and your capability to explain Risk Mitigation strategies for such threats. Mitigations should be chosen according to the appropriate technology and resolution should be decided according to the risk level and cost of mitigation.

Task Instructions
1. Read the Assessment 2 Case Scenario again to understand the concepts discussed in the case.

2. Review your subject notes to establish the relevant area of investigation that applies to the case. Re- read any relevant readings that have been recommended in the case area in modules. Plan how you will structure your ideas for the mitigation plan for threat report.

3. The mitigation plan for threat report should address the following:
• Setting priorities for risks/threats

• Analyse the case in terms of identified risk categories and scenarios
• Apply standard mitigations
• Discuss specific resolutions for improvement, and justify their significance
• Provide recommendations for mitigating risk based on an assessment of risk appetite, risk tolerance and current risk levels (Choose techniques to mitigate the threats)
• Make recommendations to the CEO on how to conduct risk management, key issues involving your process improvement model, including a road map, the identification of appropriate technologies for the identified techniques, communicating the strategy, and a suggested timeline.

4. The report should consist of the following structure:
A title page with subject code and name, assignment title, student's name, student number, and lecturer's name.

The introduction that will also serve as your statement of purpose for the report. This means that you will tell the reader what you are going to cover in mitigation plan report. You will need to inform the reader of:
a) Your area of research and its context (how to mitigate or manage threats)
b) The key concepts you will be addressing
c) What the reader can expect to find in the body of the report

The body of the report will need to respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the report. Set priorities for identified threats from assessment 2, analyse the case in terms of identified risk categories and discuss specific resolutions and recommendations for improvements in the body of the report.

The conclusion (will summarise any findings or recommendations that the report puts forward regarding the concepts covered in the report.

5. Format of the report
The report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and have page numbers on the bottom of each page. If diagrams or tables are used, due attention should be given to pagination to avoid loss of meaning and continuity by unnecessarily splitting information over two pages. Diagrams must carry the appropriate captioning.

6. Referencing
There are requirements for referencing this report using APA referencing style for citing.

Attachment:- Assessment - Brief Case Study.rar

Verified Expert

A threat modeling report of 1500 words is produced on a case-by-case basis by defining the categories of threats and main factors involved. This analysis will build the expertise needed to effectively complete the assessment 3. Study business data networks and security issues to recommend practical alternatives. The aim of this review is to draw on the specific understanding of these major risks so that the organization can react to/reduce these factors in the evaluation 3. Cyberspace, like organizational security, identifies and communicates cyber patterns, risks, and defense. Evaluation and alignment of relevant technical and ethical factors in the creation, usage, and/or use of controlled technology in different working environments.

Reference no: EM132775046

Questions Cloud

Determine the machine second-year depreciation : The machine's useful life is estimated at 10 years, or 399,000 units of product, Determine the machine second-year depreciation
How did being exposed to the behaviors make you feel : How did being exposed to those behaviors make you feel? How effective do you think the expression of those behaviors would be in working with clients?
Prepare journal entries to record the three notes receivable : The note calls for four equal payments of $21,000, including the principal and interest due, Prepare journal entries to record the three notes receivable
Explain your exploration of a skill item learned in module : In your journal entry, you are to explain your exploration of a skill item learned in this module and write about how it relates to human services.
Create awareness among the staff : Understand the most at-risk components and create awareness among the staff of such high-risk components and how to manage them
Summarize the company primary products and or services : According to the textbook, the current world economy is increasingly becoming integrated and interdependent; as a result, the relationship between business.
Give an example of a transaction where is an increase : Give an example of a transaction where there is an increase and a decrease. Note that you will still need to have at least one debit and one credit.
Complete the Medical and Dental Expenses : Elaine is not eligible for employer-sponsored health insurance. Complete the Medical and Dental Expenses section of Elaine's Schedule A (Form 1040)
Why do centers for medicare and medicaid services believe : Why do the Centers for Medicare & Medicaid Services (CMS) believe that prevention of inpatient admissions will improve the quality of care

Reviews

len2775046

1/26/2021 9:30:35 PM

Based on the assignment 2 case study and scenario we need to do the assignment 3. The assignment which we have done is inappropriate so you can do of your own. Thank you

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd