User Account

All Pages

Issues involved in the information systems security

Assignment Help Computer Network Security
Reference no: EM131216169

Concepts and Strategies for managing security

Assignment Brief

As part of the formal assessment for the MSc Information Systems you are required to submit a Information Systems Security assignment. Please refer to your Student Handbook for full details of the programme assessment scheme and general information on preparing and submitting assignments.

Learning Outcomes:

After completing the module you should be able to:

1. Critically evaluate concepts, principals and practice in the area of information systems security.

2. Demonstrate an in-depth understanding of a comprehensive risk management practice for ensuring secure information systems

3. Demonstrate the ability to consider relevant ethical and legal issues involved in the information systems security

4. Demonstrate the ability to perform information systems security audit based on industry specific standard and summarize the audit results

5. Critically evaluate and develop security policy and assess for the effectiveness and improvement of information systems security

6. Demonstrate the ability to document and explain in a professional manner their work

Your assignment should include a title page containing your personal details, the module name, the submission deadline and a word count; the appendices if relevant; and a full bibliography in Bournemouth University (BU) Harvard format.

You should address all the elements of the assignment task listed below. Additional marks are awarded for the good use of theory and the supply of additional information from academic research and journalistic sources.

Word Limit: 3000 words (maximum)Assignment Task

You have been placed in charge of Security for a new integrated IT system called UNITC (UN IT Cloud) system for handling United Nations communications between various regional offices across the world. The new strategy is to migrate to cloud to reduce operation and capital costs related to IT and communications by moving to a full paperless environment. The mandate has been published to all UN regional offices.

The regional offices have different level of activities in various divisions (departments) and agencies including human rights, financial affairs (banking), drug and criminal, culture, health, etc. as well as organizational charts for C-level management, human resource, finance, legal, IT, research departments, security, etc.

The new IT strategy requires a systematic paperless communication systems with different privileges upon the confidentiality and roles of users in the network.

The regional sites now should migrate to the paperless system with secure data stores for official documents, also emails and recordings related to the telephones calls.

The web presence is aiming to become more centralised with options to navigate to the regional sites. The cross domain communications are still required as most of the regional offices have autonomy to maintain and update their own presence in the Internet. However, they must follow the security guidelines and adapt a proper IT and security governance set by the UN IT department. The aim is to shift the responsibilities to regional offices to maintain their systems according to the IT Security Guidelines set as part of the UNITC system.

Question 1

Discuss the potential vulnerabilities and risks the UNITC system may be exposed to from the cloud and sub-systems. Rank the vulnerabilities in order of severity (from UN central office viewpoint) and justify the ranking with suitable academic argument and referencing.

Question 2

During the initial migration phase of tier-1 UN regional offices to UNITC, you discovered from the security logs that a virus was detected in the research reports related to UN Human Right division and dealt with automatically with no harm being done.

The UN Technology Director has mandated that all security flaws and virus attacks within the first year of operation must be reported with a statement as to how the system would be modified and governed to deal with a future attempt.

Consider the issues involved and determine whether or not you would report it. You need to explain the rational for each issue. Justify your decision with reference to standard practices. Reference the standard practices.

Question 3

The UN Technology Director has difficulty determining whether or not the system should go live without a paper system being used to shadow all functions during the first year of operation. They ask for a report from you on the issues from a security point of view. With suitable referencing and argument discuss your choice of approach.

Guidelines:

You MUST underpin your analysis and evaluation of the key issues with appropriate and wide ranging academic research and ensure this is referenced using the Harvard system. The My Study Skills Area contains the following useful resources; Study Skills Guide (containing a Harvard Referencing section) and a Harvard Referencing Interactive Tutorial. You must use the Harvard Referencing method in your assignment.

Reference no: EM131216169

Questions Cloud

How many cells should the company plan to acquire : How many cells should the company plan to acquire to satisfy predicted demand under these conditions? Assume that no cells currently exist. Assume 242 workdays per year.
Find a transformation matrix : A three-dimensional vector random variable, X, has a covariance matrix.- Find a transformation matrix.
What do transients tell us about the features of a system : Under what conditions does the "burst response" b(t) describe the transient?
Discuss this character neurotic needs and trends : In addition to general life events, how has gender and culture influenced the character's neurotic needs and behaviors? How do these interpersonal orientations impact the way this character interacts with others and develops relationships?
Issues involved in the information systems security : Information Systems Security - ARUMSC2IIS Critically evaluate concepts, principals and practice in the area of information systems security - Demonstrate an in-depth understanding of a comprehensive risk management practice for ensuring secure inform..
Show how to use timestamps to prevent this attack : Then, using knowledge of the old key K and the above message, M can contact B (in the Needham Schroeder protocol) and pretend to be A. Show how this can be done, through the sequence of steps of the attack. Show how to use timestamps to prevent thi..
Find the pdf of the median of the sequence : Find the PDF of the median of the sequence. - Find the expected value of the median of the sequence. - Find the variance of the median of the sequence.
What physically interesting properties do they have : Where can GAUSSian pulses or GAUSSian oscillation pulses be used meaningfully in measurement technology? What physically interesting properties do they have?
Did leader act out of social interest or for personal gain : What was his/her goal and unique style of life that could be used to achieve this goal? What steps did this person take to overcome their perceived inferiority? Did this leader act out of social interest or for personal gain? What was the long-term..

Reviews

len1216169

9/22/2016 3:40:18 AM

Additional notes: Students are required to indicate the exact word count on the title page of the assessment. The word count excludes the title page, executive summary, reference list and appendices. Where assessment questions have been reprinted from the assessment brief these will also be excluded from the word count. ALL other printed words ARE included in the word count. Printed words include those contained within charts and tables. See „Word Count Policy? on the homepage of this module for more information. Assignments submitted late will not be accepted and will be marked as a 0% fail.Your assessment should be submitted as a single Word (MS Word) or PDF file. For more information please see the “Guide to Submitting an Assignment” document available on the module page on iLearn. You must ensure that the submitted assignment is all your own work and that all sources used are correctly attributed. Penalties apply to assignments which show evidence of academic unfair practice. (See the Student Handbook which is on the homepage of your module and also in the Induction Area).

Write a Review

Computer Network Security Questions & Answers

  Compile a full draft of the final enterprise security plan

Compile a full draft of the final Enterprise Security Plan document. This will not be complete, but will have at least a short paragraph about each major section of the paper, including the suggested controls.

  What is the definition of privacy as it relates to

1introduction to the management of information security?2.which trend in it has eliminated the we have technology

  Construct the routing tables at each of the nodes

Construct the routing tables at each of the five nodes - Write a function computeDijkstra(sourceID,C)' which takes as inputs the source node ID and the link cost matrix and returns the final best cost vector and the final predecessor vector.

  Overview on computer forensic

Computer Forensic Overview.Suppose you were recently hired for a new position as the computer forensics specialist at a medium- sized communications company.

  Ideas for energizing a project team

Assume you are introduced to a assignment manager, who does not have authority to give a pay raise or promote a project team member.

  Encryption in investigations

Encryption in Investigations-Discuss in your own words the effects that encryption can have on incident response activities, and explain how the use of encryption technologies could prove to be detrimental to an investigation

  How rtsp vary from http in keeping client state information

How does RTSP differ from HTTP (a) in maintaining client state information; (b) in terms of in-band, out-of-band traffic?

  Why is security primarily a management issue not a

why is security primarily a management issue not a technological issue? also provide some specific bulleted points on

  Security infrastructure and protocols

Compare and contrast the trust models for public keys used in PKI and PGP, and assess the statement that a PKI is a "top-down" approach to trust and PGP is a "bottom-up" approach to trust.

  Information security vulnerabilities with related threats

Create a list of 50 information security vulnerabilities with related threats relevant to the organization

  Identify risks inherent in the use of wireless

1. Identify risks inherent in the use of wireless and mobile technologies. 2. Analyze the identified risks and develop factors to mitigate the risks.

  The 2 main types of communications media used for network

the 2 main types of communications media used for network connections are wired connections and wireless connections.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd