User Account

All Pages

Cyber security vulnerabilities and threats

Assignment Help Other Subject
Reference no: EM133900194 , Length: word count:500

Introduction to Cyber Security

Assessment - Cyber Risk Assessment

Type - Artefact Development

Task

Demonstrate your understanding of key cyber security concepts aligned with learning outcomes LO1, LO2, and LO3. Identify threats, conduct a risk assessment, and produce a document tailored to non-technical business stakeholders.
Additionally, this task requires you to leverage open-source cyber security and generative AI tools, simulating real-world practices in cyber risk assessment.

Learning Outcoem 1: Contextualise the terminology associated with cyber security for diverse stakeholders in business.

Learning Outcoem 2: Identify vulnerabilities and threats pertaining to the IT infrastructure of organisations.

Learning Outcoem 3: Recommend risk mitigation strategies to address cyber security vulnerabilities and threats.

Assessment Description

This assessment simulates industry practices for conducting risk assessments within a business context. You will demonstrate your ability to investigate network traffic using tools such as nmap and Wireshark, and conduct a risk assessment based on the ISO 27001 framework. Additionally, you are expected to utilise generative AI tools, such as ChatGPT or Gemini, to support and enhance your workflow.

Your final deliverable is a comprehensive Risk Assessment Report designed to assist the company's executives in strengthening their cyber security posture. Get online assignment help from Ph.D. experts!

Case Study
Kaplan Care is a small medical practice comprised of several doctors and administrative staff operating in a hybrid work arrangement. The organisation's IT infrastructure includes:

Patient Records Server: Runs an electronic medical record (EMR) system accessible via HTTP/HTTPS.

File Sharing Server: Hosts patient scans and lab reports, shared via server message block (SMB) protocol.

Remote Access Server: Provides virtual private network (VPN) access for remote staff. Recently, employees of the practice have noticed several anomalies including:

Delayed server responses
Unauthorised login attempts on the VPN server
Suspicious outbound connections to unrecognised IP addresses You are provided with two files:
xml file for nmap: Pre-generated results simulating a network scan of Kaplan Care's current
infrastructure. Includes details on open ports, running services, and detected vulnerabilities.
pcap file for Wireshark: Captured network traffic simulating suspicious traffic patterns like plaintext credentials, connections to unusual external IPs, and SMB traffic anomalies.
You have been brought in to assess the network's cyber security posture, identify risks, and present recommendations.

Assessment Instructions

Identify relevant threats

Use a generative AI tool to help you identify potential cyber risks relevant to Kaplan Care. Include screenshots of your interaction, demonstrating how you have used the tool as a brainstorming assistant, and not as the sole source of information.
Review the outputs and select five (5) key risks to include in your report.
List your chosen threats and provide a brief rationale for why each one is significant to the organisation.
Analyse network traffic

Open your xml file on nmap and your pcap file on Wireshark.

Examine the data from both tools to identify any evidence that relates to the risks you previously identified. (e.g., look for anomalies such as unusual ports, IP addresses, or traffic patterns that align with your selected risks).

Document your findings for each of the risks using screenshots of nmap or Wireshark, and provide a brief explanation of the data the supports your findings.

Conduct a risk assessment

Use a generative AI tool to help you evaluate the likelihood and impact of each of the five (5) selected threats. Include screenshots of your interaction.

Validate your AI-generated results manually. Identify at least two (2) results that you disagree with, provide alternative assessments, and briefly justify your perspective.

Use the risk matrix below to determine the risk score of each threat.

Considering Kaplan Care's Medium risk appetite, recommend appropriate controls when necessary. Align your recommended controls with industry standards, such as the NIST Cybersecurity Framework (CSF), ISO27001, and the ACSC Essential Eight.

Reference no: EM133900194

Questions Cloud

Which best describes ethical challenge new manager is facing : A new manager is tasked with leading a team that has been experience. Given the scenario, which best describes the ethical challenge the new manager is facing?
Discuss the steps in managerial decision-making : Discuss the steps in managerial decision-making. Elaborate the factors to consider when deciding whether to keep or drop a product or service.
What do you think is a critical factor supported : What do you think is a critical factor in determining whether this communication accomplishes its goal of making Jenna feel welcomed and supported?
How can a supplier increase their power over their customers : How can a supplier increase their power over their customers when they have the same knowledge and experience as firms in their customers' industry?
Cyber security vulnerabilities and threats : Identify threats, conduct a risk assessment, and produce a document tailored to non-technical business stakeholders - address cyber security vulnerabilities
Describes individual behavior change as a five-stage process : Which describes individual behavior change as a five-stage process from precontemplation to contemplation, preparation for action, action, and maintenance?
What types of items would you consider : What types of items would you consider? Be specific regarding language, religion, cultural norms, business practices and other key considerations you identify.
What decision making trap is peter making here : As he says: We have already invested a lot of money in this, we cannot abandon it now!. What decision making trap is Peter making here?
How would you communicate with parties involved to seek : How would you communicate with parties involved to seek and provide feedback on conflict and its resolution?

Reviews

Write a Review

Other Subject Questions & Answers

  Cross-cultural opportunities and conflicts in canada

Short Paper on Cross-cultural Opportunities and Conflicts in Canada.

  Sociology theory questions

Sociology are very fundamental in nature. Role strain and role constraint speak about the duties and responsibilities of the roles of people in society or in a group. A short theory about Darwin and Moths is also answered.

  A book review on unfaithful angels

This review will help the reader understand the social work profession through different concepts giving the glimpse of why the social work profession might have drifted away from its original purpose of serving the poor.

  Disorder paper: schizophrenia

Schizophrenia does not really have just one single cause. It is a possibility that this disorder could be inherited but not all doctors are sure.

  Individual assignment: two models handout and rubric

Individual Assignment : Two Models Handout and Rubric,    This paper will allow you to understand and evaluate two vastly different organizational models and to effectively communicate their differences.

  Developing strategic intent for toyota

The following report includes the description about the organization, its strategies, industry analysis in which it operates and its position in the industry.

  Gasoline powered passenger vehicles

In this study, we examine how gasoline price volatility and income of the consumers impacts consumer's demand for gasoline.

  An aspect of poverty in canada

Economics thesis undergrad 4th year paper to write. it should be about 22 pages in length, literature review, economic analysis and then data or cost benefit analysis.

  Ngn customer satisfaction qos indicator for 3g services

The paper aims to highlight the global trends in countries and regions where 3G has already been introduced and propose an implementation plan to the telecom operators of developing countries.

  Prepare a power point presentation

Prepare the power point presentation for the case: Santa Fe Independent School District

  Information literacy is important in this environment

Information literacy is critically important in this contemporary environment

  Associative property of multiplication

Write a definition for associative property of multiplication.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd