country
$20 Bonus + 25% OFF
Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

CMP71001 Cybersecurity Assignment

tag 1 Download9 Pages / 2,028 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT
  • Course Code: CMP71001
  • University: Southern Cross University
  • Country: Australia

Question:

You are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the university is facing. Your tasks are the following:

Task 1: the university is currently using a password based authentication system to control the user access to the university’s information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system.

Task 2: After the assessing the risk from the BYOD policy, you suggest the university to replace the current password-based authentication scheme with a Certificate-Based Authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.

Task 3: You have identify Spamming is among the top cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to develop a guideline for the university students and staff to combat with the threat. The guideline will include the following.

 

Answer:

Introduction

Information system is a combination of software, hardware and telecommunications that people build and use to collect, create and distribute useful data, mostly in organizational settings (Elliott 2018)

Many organizations use data classification schemes such as internal, public data. Classification of components must be specific to allow determination of private levels. Categories must be mutually exclusive that is to say an asset must belong to only one category (Bello, Murray & Armarego 2017).

Coming up with questions will help develop the criteria for valuation of asset. Like which information asset is:

  1. Generates the most revenue?
  2. Would be more expensive to replace or protect?
  3. Is most critical to the organizations success?
 

Information Asset Prioritization.

Information asset will be prioritized by creating weighting for each category based on the answers to questions. Calculate relative importance of each asset based on weighted factor analysis. List the assets in order of importance using a weighted factor analysis worksheet.

From the worksheet consumer order through SSL is the utmost valuable ability based on the weighted sums of the possessions.

A BYOD policy is a set of rules that govern an organization’s IT department level of support for employee owned smartphone and tablets. A BYOD policy consists of the preamble which includes the purpose of the policy which highlights the responsibility of the students and the staff. The policy consists of background information regarding BYOD. The policy highlights the objectives and also the scope that is the people it will involve. The BYOD policy consists of the second part which is the actions. This involves the actions of every individual from the students to the staff at the university and some of the actions come with conditions. The BYOD consists of a third part which is the acceptable equipment and communication use only which clarifies the devices that should be brought and some that are prohibited. Under this the policy also states that there will be no plagiarizing of intellectual property and copyright and clearly states the ethical behavior to be complied with by all those users of the devices including the students and the university staff.

A threat vulnerability assets (TVA) combines prioritized lists of assets and threats: List of assets is placed along the x-axis while list of threats is placed along the y-axis with the most dangerous threats at the top.

From the worksheet, there is vulnerability of asset 1 against the threat of threat 1. It is clear that the vulnerability of each asset to the threats posed is higher when more devices under BYOD are used to access the university information system which poses a big problem on the security of information in the system.

 

Certificate based authentication

Certificate-based endorsement is the practice of a digital credential to identify a user, appliance, or gadget before allowing access to a resource or a linkage (Kawan et al .2017).In the case of user verification, it is installed in coordination with old-fashioned method of authentication such as keyword authentication (Bratthall & Lindstrom 2018).

  1. It is user-friendly – Once the certificate is installed it’s easy to use and furthermost enterprise solutions back certificate-based authentication.
  2. It leverages existing admission control policies – This is done to regulate which users can admit different applications plus networks to ensure only lucky users can access crucial operations.
  3. Ease of placement and ongoing control – Certificate based solutions emanate through cloud-based management stand to make it tranquil for administrators to subject certificates to new staffs, reintroduce certificates when a worker leaves an organization. Certificates being stored locally not only saves on costs but lifts management pain in revoking or distributing tokens.
  4. Mutual authentication – This means both entities involved in messaging are recognizing themselves from a machine to machine or user to user.
  5. Extending to outdoor users – Certificates are relaxed to roll out to operators outside of the body plus the ease of use, you will not need to offer extra training.

Disadvantages of certificate based verification.

One of the disadvantages is that certificate based authentication requires public key infrastructure which can increase the cost of initial deployment in some deployment (Hafeez 2018)

Another disadvantage is that the system of certificate based authentication is not an infallible one. This is because hackers can target authorities issuing the digital certificate in order to influence certificate data. Consequently, hackers create website or send emails that appear genuine plus cleared certification tests nevertheless are falsified since the certificate authority is compromised (Cho & Ip 2018).

Certificate based verification can occur on double sides: proof of a host or confirmation of a client. This means that if you need to validate a consumer, the consumer needs to have a document dispensed by a certificate consultant which the host confidences or if you need to authenticate a server the host needs to gain a certificate entitled its hostname and allotted by a credential authority which the client beliefs (Dashti & Radomirovic 2017).

Differences between certificate based authentication and password based authentication.

Users are prone to forget their passwords since passwords depend on on a part of the operator which tends to forget when handling security that is the human brain. Password strength might be improved by mandatory rules but those instructions are seen as a drain by the users who tend to forget the correct format of the password that is at least eight characters, at least one uppercase and lowercase letter. Besides, user certificates suggest a storage system which is secure plus is handled well compared with choosing a password (Hammad & Faith 2017)

Certificates use asymmetric cryptography which means that the certificate is supplied by a certification authority who assures the link between a physical distinctiveness and a cryptographic public key. The verifier might be a different object that can authenticate a link then use it to confirm the user without receiving the ability to mimic the user in contrast to a password in which whoever authenticates the password recognizes at some point the password. In addition passwords are prone to phishing assaults whereas certificates are not for the reason that of unevenness (Herrera, Ron & Rabadao 2017)

Certificates are complex hence they are expensive in that issuing and managing certificates is full of problems and is evidenced by any PKI vendor. PKI is about 5% cryptography and 95% procedures which shows it can be done but not cheaply. Also for user certificates, average users can learn to use client certificates for a HTTPS connection to a website, but at the cost of finding a way to ignore occasional warning popup, which makes them more vulnerable to some attacks. On the other hand, password based authentication is easy to integrate everywhere and does not involve some incompressible extra costs (Kalisiki, Sheth & Shyamsunder 2018).

 

Useful features of certificate-based authentication for BYOD policy.

  1. Certificate based authentication policy via an administrator generates and assigns certificate to devices in the organization via a certificate management portal to an accomplished provision.
  2. The bureaucrat aligns his user handbook and network safety systems to trust precise users and devices for validation via bringing in digital credentials of the devices in query
  3. By cataloging in, an access application is directed from the gadget to the link. This warrants determined fulfillment that the memorandums sent have been correctly decrypted and the authorizations sound.
  4. There is mutual verification to enhance the gadget is attached to the server it anticipates and   the server can also confirm the exact gadget is connecting upon checking, it allows the device access improving security of the data and the network.

Spam is known as the sending of unsolicited commercial electronic messages by SMS, email, MMS or instant messaging (Spam Act 2003).

Characteristics of spam.

  1. Sender anonymity – The sender of the spam messages is always unknown and many senders use IP addresses to further protect their identity.
  2. Unsolicited – The recipients never request for spam messages and there is no way to avoid future spam messages and most spam messages are sent with the intention of asking sensitive information.
  3. Mass mailing – Spam emails are sent to many at once.

Types of electronic messages to be treated as spam:

  1. A message that offer, advertise or promote goods or services, land or industry or an investment prospect.
  2. Market a supplier of merchandises or services or land or a worker of a business or investment prospect.
  3. Help or enable a person to falsely obtain property belonging to an additional person.
  4. Help or enable a person to falsely obtain a financial benefit or other gain from an extra person.
  5. If the information is retrieved via hyperlinks, cell phone numbers or contact data if the communication has a commercial drive (Butcher 2018).
 

Examples of spam messages.

  1. SMS or electronic message promotion of courting websites and services. This is spam since you never solicited for it.
  2. Advance fee, get-rich-fast schemes and betting services. Advance pay is whereby a person asserts to have access to moneys currently held in a bank account besides offering a large amount for assistance comprising providing bank account information or disbursing for administration fee.
  3. Offer of stock market alternatives, loan and mortgage arrangements. This is spam since you never requested for it but showed up in your device.
  4. Offer of computer goods including software and hardware. This is spam since you did not solicit for it.

Instruction to users on how to handle spam.

  1. Do not reply to the spam message. This will cause all original addressees to receive the reply causing another flood.
  2. Do not respond to instructions to remove me from the mailing list. This will result in a bounced mail message to you.
  3. Report the spam.
  4. Ensure the junk email filtering is turned on especially if you’re unlucky to receive offensive spam.

Instruction to the IT administrator of how to minimize spam threat.

  1. Keep the software up to date to make sure you are up to date with the latest antispam software.
  2. Enable sender authentication.
  3. Implement recipient validation for all domains possible.
  4. Learn about email and spam so as to learn the protocols, technology and techniques involved.
  5. Enable connection classification (Bacalao et al. 2017).
 

References

Bacalao, E.J., Greene, G.J., Beaumont, J.L., Eisenstein, A., Muftic, A., Mandelin, A.M., Cella, D. and Ruderman, E.M., 2017. Standardizing and personalizing the treat to target (T2T) approach for rheumatoid arthritis using the Patient-Reported Outcomes Measurement Information System (PROMIS): baseline findings on patient-centered treatment priorities. Clinical rheumatology, 36(8), pp.1729-1736.

Bello, A.G., Murray, D. and Armarego, J., 2017. A systematic approach to investigating how information security and privacy can be achieved in BYOD environments. Information & Computer Security, 25(4), pp.475-492.

Bratthall Tideman, J. and Lindström, J., 2018. Key components when utilising BYOD within organisations-A framework for developing the BYOD policy.

Bucher, T., 2018. Cleavage-Control: Stories of Algorithmic Culture and Power in the Case of the YouTube “Reply Girls”. In A Networked Self and Platforms, Stories, Connections (pp. 141-159). Routledge.

Cho, V. and Ip, W.H., 2018. A Study of BYOD adoption from the lens of threat and coping appraisal of its security policy. Enterprise Information Systems, 12(6), pp.659-673.

Dashti, M.T. and Radomirovi?, S., 2017. An Anti-pattern for Misuse Cases. In Computer Security (pp. 250-261). Springer, Cham.

Elliott, J., 2018. Using Mobile Technology for Formative Assessment in the Classroom. In Handbook of Research on Mobile Devices and Smart Gadgets in K-12 Education (pp. 308-320). IGI Global.

Hafeez, Z.U.N., 2018. An enhanced digital investigation approach for verification of an offence under Pakistan cyber crime law-2016. MCS.

Hammad, A. and Faith, P., Visa USA Inc, 2017. Location based authentication. U.S. Patent 9,721,250.

Herrera, A.V., Ron, M. and Rabadão, C., 2017, June. National cyber-security policies oriented to BYOD (bring your own device): Systematic review. In Information Systems and Technologies (CISTI), 2017 12th Iberian Conference on (pp. 1-4). IEEE.

Kaliski Jr, B.S., Sheth, S. and Shyamsunder, K., VeriSign Inc, 2018. Integrated dns service provider services using certificate-based authentication. U.S. Patent Application 15/251,497.

Kawan, J.C., Chu, R.K.H., Golvin, C. and Tompkins, P., Citicorp Credit Services Inc (USA), 2017. Method and system for controlling certificate based open payment transactions. U.S. Patent 9,607,292.

Download Sample

Get 100% money back after download, simply upload your unique content* of similar no. of pages or more. We verify your content and once successfully verified 100% value credited to your wallet within 7 days.

Upload Unique Document

Document Under Evaluation

Get Credits into Your Wallet

*The content must not be available online or in our existing Database to qualify as unique.

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2019). Cybersecurity Assignment. Retrieved from https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.

"Cybersecurity Assignment." My Assignment Help, 2019, https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.

My Assignment Help (2019) Cybersecurity Assignment [Online]. Available from: https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment
[Accessed 05 July 2020].

My Assignment Help. 'Cybersecurity Assignment' (My Assignment Help, 2019) <https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment> accessed 05 July 2020.

My Assignment Help. Cybersecurity Assignment [Internet]. My Assignment Help. 2019 [cited 05 July 2020]. Available from: https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.


Want to buy assignments online?. Myassignmenthelp is the right choice for getting top quality assignments on time and ridding you of the fear of failed grades. You get affordable papers from our best paper writing service. All the works are according to instructions and properly edited and proofread several times to ensure freedom from any kind of conceptual or language error. The works are delivered by the agreed upon time , at any cost. So be it homework/coursework help, research papers help, help with term papers, dissertation help, thesis help, you get it all at one place and that too of a superior quality. Join us Now.

Latest Networking Samples

CO4509 Computer Security Assignment

Download : 0 | Pages : 14
  • Course Code: CO4509
  • University: University Of Central Lancashire
  • Country: United Kingdom

Answer: Introduction: Computer security is a major concern for every organisation and most importantly to safe guard the data stored on the system from any loss. It is important to secure the information from data loss or inception of viruses or malware in the system. Security completely deals with securing the data stored on the network from any unauthorized loss. Every organisation is dependent on computer for performing certain tasks thus ...

Read More arrow

HS1011 Data Communication And Networks Methodology

Download : 0 | Pages : 5
  • Course Code: HS1011
  • University: Victoria University
  • Country: Australia

Answer: Introduction The given three scenario are analyzed for the selection of the network management tool. With the increase in the complexity of the network it is crucial to select a robust network monitoring solution and thus the Manage Engine network monitoring tool is selected for analyzing the data flow in the network. It can be used for monitoring the network activities and get the status of each of the network devices connected with ...

Read More arrow

CS2S562 Secure Software Development

Download : 0 | Pages : 2

Answer: Introduction: Internet of things is simply network of  any physical computing devices. The IoT devices are used literary in day to day activities. So many devices are constructed emulating the internet of things.  Since there are so many devices of internet of things, i simulated a home automation system using C sharp programming language, visual studio 2015 IDE. From the requirement of the console system application of th...

Read More arrow

COIT20261 Network Routing And Switching 2

Download : 0 | Pages : 4

Answer: A 1: a)                           b)                   c)   Here /27 is the subnet mask, ie) 255.255.255.224   Binary Format of Given Address is,   154.78.177.3         --->10011010.01001110.10110001.000 00011   2...

Read More arrow

CI7130 Network And Information Security

Download : 0 | Pages : 13
  • Course Code: CI7130
  • University: Kingston University London
  • Country: United Kingdom

Answer: Introduction: The aim of this report is to address the issues and challenges being faced by the AO world plc organization considering the last IT installation and the operations involved within the activities of the organization. Since the organization is based on online services, it has become a considerable factor for addressing the vulnerabilities related to the challenges and issues in the security of the network. The organization...

Read More arrow
Next
watch

Save Time & improve Grade

Just share Requriment and get customize Solution.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,355,831

Orders

4.9/5

Overall Rating

5,080

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 5/5

647 Order Completed

98% Response Time

Adlina Han

Masters in Marketing with Specialization in Branding

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

234 Order Completed

100% Response Time

Samantha Ji

PhD in Chemistry with Specialization in Organic

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

798 Order Completed

97% Response Time

Benjamin Blakeman

MSc in Medical Technology

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

2109 Order Completed

99% Response Time

Emma Zhong

Ph.D in Project Management with Specialization in Project Communications Management

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

Very pleased with the work I get back from the assignment help. Thank you for the work provided.

flag

User Id: 455661 - 05 Jul 2020

Australia

student rating student rating student rating student rating student rating

Awesome fantastically ] perfect I loved his work right on time loved it thank you

flag

User Id: 452319 - 05 Jul 2020

Australia

student rating student rating student rating student rating student rating

I wasn’t impressed. I had to do a lot of editing and the writing is just not impressive

flag

User Id: 447023 - 05 Jul 2020

Australia

student rating student rating student rating student rating student rating

Quick turn-around. Easy to understand. All requirements covered. I will be using MAH again!

flag

User Id: 383727 - 04 Jul 2020

Australia

student rating student rating student rating student rating student rating
callback request mobile
Have any Query?