Get Instant Help From 5000+ Experts For
question

Writing: Get your essay and assignment written from scratch by PhD expert

Rewriting: Paraphrase or rewrite your friend's essay with similar meaning at reduced cost

Editing:Proofread your work by experts and improve grade at Lowest cost

And Improve Your Grades
myassignmenthelp.com
loader
Phone no. Missing!

Enter phone no. to receive critical updates and urgent messages !

Attach file

Error goes here

Files Missing!

Please upload all relevant files for quick & complete assistance.

Guaranteed Higher Grade!
Free Quote
wave
Overview of Tasks on Information Security Policy, Business Continuity, and Incident Response

Task 1 – In-class Test

Task 1 is weighted at 30% of the overall portfolio mark, but it is assessed and marked separately.

This is a Canvas based test that contains different types of questions (multiple choice, true/ false, etc) and is worth a total of 30 points. There are different question types, but these have been designed in order to bear the same weight for your assessment.

The questions on the test will only reflect and test the learning that has happened up to the point the test will take place. You are advised to have revised all the module material that has been made available to you on Canvas before the in-class test.

The task will take place during your normal group tutorial session and you MUST attend the class to take the test. The test will have a duration of 45 minutes in order to allow you time to log in and start the test. Exam conditions will apply. The mark that will be awarded will be shown out of 30, so you will need to obtain at least 15 points from this test for a pass mark of 50%.

Immediate individual feedback will be provided at the end of the test in the form of correct answers to the test questions. Your individual score will be also made available.

Scenario

You work for a high-tech company with approximately 550 employees. Your firm recently won a large UK Government contract, which will add 30% to the revenue of your organization. It is a high-priority, highvisibility project. You will be allowed to make your own budget, project timeline, and tollgate decisions. You have been assigned as the group leader to develop the proper security policies required to meet UK Government standards for delivery of technology services as part of the National Cyber Security Centre (NCSC). In order to achieve this, you must develop a framework of UK Government-approved policies and standards for your IT infrastructure (see below)

Your firm's computing environment includes the following: - 12 servers running Microsoft Server 2016, providing the following:

• Active Directory (AD)

• Domain Name System (DNS)

• Dynamic Host Configuration Protocol (DHCP)

• Enterprise Resource Planning (ERP) application (Oracle)

• A Research and Development (R&D) Engineering network segment for testing, separate from the production environment

• Microsoft Exchange Server for e-mail

• Symantec e-mail filter

• Websense for Internet use - Two Linux servers running Apache Server to host your Web site - 420 PCs/laptops running Microsoft Windows 10, Microsoft Office 2016, Microsoft Visio, Microsoft Project, and Adobe Reader

Task 2 – Information Security Policy

As part of your role you should create a framework of policies in the format of one (1) page table that are UK Government compliant for the organisation’s IT infrastructure. The framework of policies you create must pass UK Government -based requirements. Currently, your organisation does not have any UK Government contracts and thus has no UK Government-compliant security policies or controls in place. You should identify 3 high-priority security controls for your organisation. You should write an executive report of no more than two (2) pages that discusses the elements of the framework, what elements are essential, and which elements could be optional. It is imperative that the executive report should have a professional look and should be precise. After all it will be submitted to thecompany’s executive team as the result of your work. Also, it should include your rationale behind your decisions.

In order to complete the task, you should work on and consider the following:

- Any compliance laws required for UK Government contracts.

- Any controls placed on domains in the IT infrastructure.

- Any required standards for all your devices, based on IT domain.

- A deployment plan for implementation of these polices, standards, and controls.

- All applicable UK Government frameworks

Any notes of your work must be submitted as an appendix to your portfolio

You were recently employed as the CISO for the University of New and you have been contacted by a government agency to inform you they have strong indications a data breach that involves critical data has occurred. 

Later that day, you met with a National Crime Agency agent along with the University’s legal department to discuss the activity. The National Crime Agency has been investigating activity involving online purchases made with several stolen credit card numbers. More than 30 of the transactions during the past week had been traced to one of the University’s IP addresses. The National Crime Agency agent asked for the University’s assistance, and in turn, you asked for the incident response team’s assistance in acquiring evidences, only to realise your team is not well prepared. You know this will cause delays in the process and important information might get lost in the meantime. It is vitally important that this matter be kept confidential.

Your next team meeting is approaching, and you decide to prepare and give a presentation to your team. Your slides should address the following items: 1. The severity level of the above-mentioned incident. 2. Who or what groups will be involved in the situation? 3. Suggest measures to contain and recover from the incident. 4. Suggest measures to prevent similar incidents from occurring in the future. 5. Suggest actions to improve the detection of similar events.

You will need approximately 12 slides for your presentation. It needs to be professional, brief and informative. Any additional material can be communicated as slide notes. You must include a title slide in the beginning and a summary slide in the end. You are expected to use appropriate peer reviewed sources for developing your arguments and the Harvard referencing style as per the University regulations. A scheduled formative feedback in-class session with your tutor the week commencing 18.11.2019 will give you the opportunity to reflect on your activities and improve your work where necessary. You are strongly advised to have worked on a draft of this task by then. 

support
close