Securing Higher Grades Costing Your Pocket? Book Your Assignment at The Lowest Price Now!

CMP71001 Cybersecurity Assignment

tag 0 Download9 Pages 2,028 Words tag Add in library Click this icon and make it bookmark in your library to refer it later. GOT IT

Question:

You are hired by Southern Cross University as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the university is facing. Your tasks are the following:

Task 1: the university is currently using a password based authentication system to control the user access to the university’s information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's information system.

Task 2: After the assessing the risk from the BYOD policy, you suggest the university to replace the current password-based authentication scheme with a Certificate-Based Authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the university should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.

Task 3: You have identify Spamming is among the top cybersecurity threats facing by the university. Use the Spam Act 2003 and available online resources to develop a guideline for the university students and staff to combat with the threat. The guideline will include the following.

 

Answer:

Introduction

Information system is a combination of software, hardware and telecommunications that people build and use to collect, create and distribute useful data, mostly in organizational settings (Elliott 2018)

Many organizations use data classification schemes such as internal, public data. Classification of components must be specific to allow determination of private levels. Categories must be mutually exclusive that is to say an asset must belong to only one category (Bello, Murray & Armarego 2017).

Coming up with questions will help develop the criteria for valuation of asset. Like which information asset is:

  1. Generates the most revenue?
  2. Would be more expensive to replace or protect?
  3. Is most critical to the organizations success?
 

Information Asset Prioritization.

Information asset will be prioritized by creating weighting for each category based on the answers to questions. Calculate relative importance of each asset based on weighted factor analysis. List the assets in order of importance using a weighted factor analysis worksheet.

From the worksheet consumer order through SSL is the utmost valuable ability based on the weighted sums of the possessions.

A BYOD policy is a set of rules that govern an organization’s IT department level of support for employee owned smartphone and tablets. A BYOD policy consists of the preamble which includes the purpose of the policy which highlights the responsibility of the students and the staff. The policy consists of background information regarding BYOD. The policy highlights the objectives and also the scope that is the people it will involve. The BYOD policy consists of the second part which is the actions. This involves the actions of every individual from the students to the staff at the university and some of the actions come with conditions. The BYOD consists of a third part which is the acceptable equipment and communication use only which clarifies the devices that should be brought and some that are prohibited. Under this the policy also states that there will be no plagiarizing of intellectual property and copyright and clearly states the ethical behavior to be complied with by all those users of the devices including the students and the university staff.

A threat vulnerability assets (TVA) combines prioritized lists of assets and threats: List of assets is placed along the x-axis while list of threats is placed along the y-axis with the most dangerous threats at the top.

From the worksheet, there is vulnerability of asset 1 against the threat of threat 1. It is clear that the vulnerability of each asset to the threats posed is higher when more devices under BYOD are used to access the university information system which poses a big problem on the security of information in the system.

 

Certificate based authentication

Certificate-based endorsement is the practice of a digital credential to identify a user, appliance, or gadget before allowing access to a resource or a linkage (Kawan et al .2017).In the case of user verification, it is installed in coordination with old-fashioned method of authentication such as keyword authentication (Bratthall & Lindstrom 2018).

  1. It is user-friendly – Once the certificate is installed it’s easy to use and furthermost enterprise solutions back certificate-based authentication.
  2. It leverages existing admission control policies – This is done to regulate which users can admit different applications plus networks to ensure only lucky users can access crucial operations.
  3. Ease of placement and ongoing control – Certificate based solutions emanate through cloud-based management stand to make it tranquil for administrators to subject certificates to new staffs, reintroduce certificates when a worker leaves an organization. Certificates being stored locally not only saves on costs but lifts management pain in revoking or distributing tokens.
  4. Mutual authentication – This means both entities involved in messaging are recognizing themselves from a machine to machine or user to user.
  5. Extending to outdoor users – Certificates are relaxed to roll out to operators outside of the body plus the ease of use, you will not need to offer extra training.

Disadvantages of certificate based verification.

One of the disadvantages is that certificate based authentication requires public key infrastructure which can increase the cost of initial deployment in some deployment (Hafeez 2018)

Another disadvantage is that the system of certificate based authentication is not an infallible one. This is because hackers can target authorities issuing the digital certificate in order to influence certificate data. Consequently, hackers create website or send emails that appear genuine plus cleared certification tests nevertheless are falsified since the certificate authority is compromised (Cho & Ip 2018).

Certificate based verification can occur on double sides: proof of a host or confirmation of a client. This means that if you need to validate a consumer, the consumer needs to have a document dispensed by a certificate consultant which the host confidences or if you need to authenticate a server the host needs to gain a certificate entitled its hostname and allotted by a credential authority which the client beliefs (Dashti & Radomirovic 2017).

Differences between certificate based authentication and password based authentication.

Users are prone to forget their passwords since passwords depend on on a part of the operator which tends to forget when handling security that is the human brain. Password strength might be improved by mandatory rules but those instructions are seen as a drain by the users who tend to forget the correct format of the password that is at least eight characters, at least one uppercase and lowercase letter. Besides, user certificates suggest a storage system which is secure plus is handled well compared with choosing a password (Hammad & Faith 2017)

Certificates use asymmetric cryptography which means that the certificate is supplied by a certification authority who assures the link between a physical distinctiveness and a cryptographic public key. The verifier might be a different object that can authenticate a link then use it to confirm the user without receiving the ability to mimic the user in contrast to a password in which whoever authenticates the password recognizes at some point the password. In addition passwords are prone to phishing assaults whereas certificates are not for the reason that of unevenness (Herrera, Ron & Rabadao 2017)

Certificates are complex hence they are expensive in that issuing and managing certificates is full of problems and is evidenced by any PKI vendor. PKI is about 5% cryptography and 95% procedures which shows it can be done but not cheaply. Also for user certificates, average users can learn to use client certificates for a HTTPS connection to a website, but at the cost of finding a way to ignore occasional warning popup, which makes them more vulnerable to some attacks. On the other hand, password based authentication is easy to integrate everywhere and does not involve some incompressible extra costs (Kalisiki, Sheth & Shyamsunder 2018).

 

Useful features of certificate-based authentication for BYOD policy.

  1. Certificate based authentication policy via an administrator generates and assigns certificate to devices in the organization via a certificate management portal to an accomplished provision.
  2. The bureaucrat aligns his user handbook and network safety systems to trust precise users and devices for validation via bringing in digital credentials of the devices in query
  3. By cataloging in, an access application is directed from the gadget to the link. This warrants determined fulfillment that the memorandums sent have been correctly decrypted and the authorizations sound.
  4. There is mutual verification to enhance the gadget is attached to the server it anticipates and   the server can also confirm the exact gadget is connecting upon checking, it allows the device access improving security of the data and the network.

Spam is known as the sending of unsolicited commercial electronic messages by SMS, email, MMS or instant messaging (Spam Act 2003).

Characteristics of spam.

  1. Sender anonymity – The sender of the spam messages is always unknown and many senders use IP addresses to further protect their identity.
  2. Unsolicited – The recipients never request for spam messages and there is no way to avoid future spam messages and most spam messages are sent with the intention of asking sensitive information.
  3. Mass mailing – Spam emails are sent to many at once.

Types of electronic messages to be treated as spam:

  1. A message that offer, advertise or promote goods or services, land or industry or an investment prospect.
  2. Market a supplier of merchandises or services or land or a worker of a business or investment prospect.
  3. Help or enable a person to falsely obtain property belonging to an additional person.
  4. Help or enable a person to falsely obtain a financial benefit or other gain from an extra person.
  5. If the information is retrieved via hyperlinks, cell phone numbers or contact data if the communication has a commercial drive (Butcher 2018).
 

Examples of spam messages.

  1. SMS or electronic message promotion of courting websites and services. This is spam since you never solicited for it.
  2. Advance fee, get-rich-fast schemes and betting services. Advance pay is whereby a person asserts to have access to moneys currently held in a bank account besides offering a large amount for assistance comprising providing bank account information or disbursing for administration fee.
  3. Offer of stock market alternatives, loan and mortgage arrangements. This is spam since you never requested for it but showed up in your device.
  4. Offer of computer goods including software and hardware. This is spam since you did not solicit for it.

Instruction to users on how to handle spam.

  1. Do not reply to the spam message. This will cause all original addressees to receive the reply causing another flood.
  2. Do not respond to instructions to remove me from the mailing list. This will result in a bounced mail message to you.
  3. Report the spam.
  4. Ensure the junk email filtering is turned on especially if you’re unlucky to receive offensive spam.

Instruction to the IT administrator of how to minimize spam threat.

  1. Keep the software up to date to make sure you are up to date with the latest antispam software.
  2. Enable sender authentication.
  3. Implement recipient validation for all domains possible.
  4. Learn about email and spam so as to learn the protocols, technology and techniques involved.
  5. Enable connection classification (Bacalao et al. 2017).
 

References

Bacalao, E.J., Greene, G.J., Beaumont, J.L., Eisenstein, A., Muftic, A., Mandelin, A.M., Cella, D. and Ruderman, E.M., 2017. Standardizing and personalizing the treat to target (T2T) approach for rheumatoid arthritis using the Patient-Reported Outcomes Measurement Information System (PROMIS): baseline findings on patient-centered treatment priorities. Clinical rheumatology, 36(8), pp.1729-1736.

Bello, A.G., Murray, D. and Armarego, J., 2017. A systematic approach to investigating how information security and privacy can be achieved in BYOD environments. Information & Computer Security, 25(4), pp.475-492.

Bratthall Tideman, J. and Lindström, J., 2018. Key components when utilising BYOD within organisations-A framework for developing the BYOD policy.

Bucher, T., 2018. Cleavage-Control: Stories of Algorithmic Culture and Power in the Case of the YouTube “Reply Girls”. In A Networked Self and Platforms, Stories, Connections (pp. 141-159). Routledge.

Cho, V. and Ip, W.H., 2018. A Study of BYOD adoption from the lens of threat and coping appraisal of its security policy. Enterprise Information Systems, 12(6), pp.659-673.

Dashti, M.T. and Radomirovi?, S., 2017. An Anti-pattern for Misuse Cases. In Computer Security (pp. 250-261). Springer, Cham.

Elliott, J., 2018. Using Mobile Technology for Formative Assessment in the Classroom. In Handbook of Research on Mobile Devices and Smart Gadgets in K-12 Education (pp. 308-320). IGI Global.

Hafeez, Z.U.N., 2018. An enhanced digital investigation approach for verification of an offence under Pakistan cyber crime law-2016. MCS.

Hammad, A. and Faith, P., Visa USA Inc, 2017. Location based authentication. U.S. Patent 9,721,250.

Herrera, A.V., Ron, M. and Rabadão, C., 2017, June. National cyber-security policies oriented to BYOD (bring your own device): Systematic review. In Information Systems and Technologies (CISTI), 2017 12th Iberian Conference on (pp. 1-4). IEEE.

Kaliski Jr, B.S., Sheth, S. and Shyamsunder, K., VeriSign Inc, 2018. Integrated dns service provider services using certificate-based authentication. U.S. Patent Application 15/251,497.

Kawan, J.C., Chu, R.K.H., Golvin, C. and Tompkins, P., Citicorp Credit Services Inc (USA), 2017. Method and system for controlling certificate based open payment transactions. U.S. Patent 9,607,292.

OR

Cite This Work

To export a reference to this article please select a referencing stye below:

My Assignment Help. (2019). Cybersecurity Assignment. Retrieved from https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.

"Cybersecurity Assignment." My Assignment Help, 2019, https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.

My Assignment Help (2019) Cybersecurity Assignment [Online]. Available from: https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment
[Accessed 15 December 2019].

My Assignment Help. 'Cybersecurity Assignment' (My Assignment Help, 2019) <https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment> accessed 15 December 2019.

My Assignment Help. Cybersecurity Assignment [Internet]. My Assignment Help. 2019 [cited 15 December 2019]. Available from: https://myassignmenthelp.com/free-samples/cmp71001-cybersecurity-assignment.


Want to buy assignments online?. Myassignmenthelp is the right choice for getting top quality assignments on time and ridding you of the fear of failed grades. You get affordable papers from our best paper writing service. All the works are according to instructions and properly edited and proofread several times to ensure freedom from any kind of conceptual or language error. The works are delivered by the agreed upon time , at any cost. So be it homework/coursework help, research papers help, help with term papers, dissertation help, thesis help, you get it all at one place and that too of a superior quality. Join us Now.

Latest Networking Samples

ICT703 Network Technology And Management 1

Download : 0 | Pages : 11

Answer: Introduction One of the fundamental parts of any business or organization is the computer network. A computer network is an interconnection of different computing devices such as computers laptops, routers, access points, servers, switches, and other components for the purpose of communication and sharing of resources such as data, applications, and files (Zhuravlev, 2016). Since the network is a critical business requirement of the b...

Read More arrow

MN502 Overview Of Network Security 4

Download : 0 | Pages : 9

Answer: Introduction The specific data network or the computerized network can be defined as the digital telecommunications network, which enables various nodes to share several resources [3]. These computer devices are responsible for exchanging the sensitive information or data with each other by taking the major help of few data connections in the nodes. These data connections can be easily established with the cable media such as wires, o...

Read More arrow

MN502 Overview Of Network Security 3

Download : 0 | Pages : 9

Answer: Introduction The purpose of this report is to discuss about the network of healthcare organisations. A detailed literature review discussing the network of a healthcare organisation is provided. The architecture of a healthcare network is provided in this report. A detailed discussion of the networking devices such as routers, firewalls, switches, and servers is provided in this report. The recent developments in the network of a heal...

Read More arrow

BN305 Virtual Private Network 2

Download : 0 | Pages : 6

Answer: Introduction After a detailed investigation of the infrastructure of the organization and identification of the needs of the network the report is prepared. The current needs of the organization is to establish a VPN connection between remote sites of the same organization and securely transmission of the data packets in the network. The success of the development of the network depends on the successful implementation of the VPN. The V...

Read More arrow

CITS5502 Software Processes

Download : 0 | Pages : 4
  • Course Code: CITS5502
  • University: University Of Western Australia
  • Country: Australia

Answer: Introduction: In this task the main objective is to perform task 1 and task 2 to have an insight about the time needed to write problems in different languages when written repeatedly. In particular at first 7 random students’ required time to write problem 1 in language A and B and problem 2 in language A is selected from a total of 14 students’ data. Then the average time is calculated for each attempt for the three task...

Read More arrow
Next
watch

Save Time & improve Grades

Just share your requirements and get customized solutions on time.

question
We will use e-mail only for:

arrow Communication regarding your orders

arrow To send you invoices, and other billing info

arrow To provide you with information of offers and other benefits

1,164,507

Orders

4.9/5

Overall Rating

5,051

Experts

Our Amazing Features

delivery

On Time Delivery

Our writers make sure that all orders are submitted, prior to the deadline.

work

Plagiarism Free Work

Using reliable plagiarism detection software, Turnitin.com.We only provide customized 100 percent original papers.

time

24 X 7 Live Help

Feel free to contact our assignment writing services any time via phone, email or live chat.

subject

Services For All Subjects

Our writers can provide you professional writing assistance on any subject at any level.

price

Best Price Guarantee

Our best price guarantee ensures that the features we offer cannot be matched by any of the competitors.

Our Experts

Assignment writing guide
student rating student rating student rating student rating student rating 4/5

248 Order Completed

100% Response Time

Lloyd Bernabe

MSc in Accounting

London, United Kingdom

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

1692 Order Completed

98% Response Time

Alfred Dodd

PhD in Computer and Information Science with specialization in Database

Wellington, New Zealand

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 4/5

1309 Order Completed

100% Response Time

Gemmie Chen

MSc in Nursing

Singapore, Singapore

Hire Me
Assignment writing guide
student rating student rating student rating student rating student rating 5/5

2109 Order Completed

99% Response Time

Emma Zhong

Ph.D in Project Management with Specialization in Project Communications Management

Singapore, Singapore

Hire Me

FREE Tools

plagiarism

Plagiarism Checker

Get all your documents checked for plagiarism or duplicacy with us.

essay

Essay Typer

Get different kinds of essays typed in minutes with clicks.

edit

GPA Calculator

Calculate your semester grades and cumulative GPa with our GPA Calculator.

referencing

Chemical Equation Balancer

Balance any chemical equation in minutes just by entering the formula.

calculator

Word Counter & Page Calculator

Calculate the number of words and number of pages of all your academic documents.

Refer Just 5 Friends to Earn More than $2000

Check your estimated earning as per your ability

1

1

1

Your Approx Earning

Live Review

Our Mission Client Satisfaction

Excellent service done promptly and with maximum results! Couldn\'t of gone any smoother.

flag

User Id: 304915 - 15 Dec 2019

Australia

student rating student rating student rating student rating student rating

My assignment was completed on time and i got complete marks. IT WAS EXACTLY THE WAY I WANTED IT.

flag

User Id: 299002 - 15 Dec 2019

Australia

student rating student rating student rating student rating student rating

This was amazingly put together, I could not have asked for a better company to do my assignment. Delivered earlier than expected. Absolutely amazing.

flag

User Id: 260056 - 15 Dec 2019

Australia

student rating student rating student rating student rating student rating

thank you again, it is a good work, everything is perfect. I am very happy. It is not the first time and I know that I can count on you.

flag

User Id: 265909 - 14 Dec 2019

Australia

student rating student rating student rating student rating student rating
Have any Query?