Reference no: EM133901823 , Length: word count:500

Introduction to Cyber Security

Assessment - Cyber Risk Assessment

Artefact Development

Task

Demonstrate your understanding of key cyber security concepts aligned with learning outcomes LO1, LO2, and LO3. Identify threats, conduct a risk assessment, and produce a document tailored to non-technical business stakeholders.

Additionally, this task requires you to leverage open-source cyber security and generative AI tools, simulating real-world practices in cyber risk assessment.

LO1: Contextualise the terminology associated with cyber security for diverse stakeholders in business.
LO2: Identify vulnerabilities and threats pertaining to the IT infrastructure of organisations.
LO3: Recommend risk mitigation strategies to address cyber security vulnerabilities and threats.

Assessment Description
This assessment simulates industry practices for conducting risk assessments within a business context. You will demonstrate your ability to investigate network traffic using tools such as nmap and Wireshark, and conduct a risk assessment based on the ISO 27001 framework. Additionally, you are expected to utilise generative AI tools, such as ChatGPT or Gemini, to support and enhance your workflow.
Your final deliverable is a comprehensive Risk Assessment Report designed to assist the company's executives in strengthening their cyber security posture.

Case Study
Kaplan Care is a small medical practice comprised of several doctors and administrative staff operating in a hybrid work arrangement. The organisation's IT infrastructure includes:
Patient Records Server: Runs an electronic medical record (EMR) system accessible via HTTP/HTTPS.
File Sharing Server: Hosts patient scans and lab reports, shared via server message block (SMB) protocol.
Remote Access Server: Provides virtual private network (VPN) access for remote staff. Recently, employees of the practice have noticed several anomalies including:
Delayed server responses
Unauthorised login attempts on the VPN server
Suspicious outbound connections to unrecognised IP addresses You are provided with two files:
xml file for nmap: Pre-generated results simulating a network scan of Kaplan Care's current
infrastructure. Includes details on open ports, running services, and detected vulnerabilities.
pcap file for Wireshark: Captured network traffic simulating suspicious traffic patterns like plaintext credentials, connections to unusual external IPs, and SMB traffic anomalies.
You have been brought in to assess the network's cyber security posture, identify risks, and present recommendations.

Assessment Instructions
Identify relevant threats
Use a generative AI tool to help you identify potential cyber risks relevant to Kaplan Care. Include screenshots of your interaction, demonstrating how you have used the tool as a brainstorming assistant, and not as the sole source of information.
Review the outputs and select five (5) key risks to include in your report. Get online assignment help from subject experts!
List your chosen threats and provide a brief rationale for why each one is significant to the organisation.
Analyse network traffic
Open your xml file on nmap and your pcap file on Wireshark.
Examine the data from both tools to identify any evidence that relates to the risks you previously identified. (e.g., look for anomalies such as unusual ports, IP addresses, or traffic patterns that align with your selected risks).
Document your findings for each of the risks using screenshots of nmap or Wireshark, and provide a brief explanation of the data the supports your findings.
Conduct a risk assessment
Use a generative AI tool to help you evaluate the likelihood and impact of each of the five (5) selected threats. Include screenshots of your interaction.
Validate your AI-generated results manually. Identify at least two (2) results that you disagree with, provide alternative assessments, and briefly justify your perspective.
Use the risk matrix below to determine the risk score of each threat.
Considering Kaplan Care's Medium risk appetite, recommend appropriate controls when necessary. Align your recommended controls with industry standards, such as the NIST Cybersecurity Framework (CSF), ISO27001, and the ACSC Essential Eight.