Assignment 4 Weight: 20% of your final grade Due: after Unit 6 This assignment covers Unit 6. Like Assignment 3, it has ten questions or problems for you to answer or solve. Organization of Your Assignment You can submit your completed assignment as a Word document. The assignment must have a cover page in Word or HTML containing the assignment number, course number and title, your name and student ID, and the time you spent on the assignment. Be sure to provide links to your answers for each part so that your tutor can easily navigate through them to assess your work. Your assignment cover page must also include the following statement: I declare that this assignment is my own work and that all material previously written or published in any source by any other person has been duly acknowledged in the assignment. I have not submitted this work, or a significant part thereof, previously as part of any academic program. In submitting this assignment I give permission to copy it for assessment purposes only. Upload your completed assignment to the Assignment 4 link on the course homepage for marking and tutor feedback. 1. (10 marks—from problem 14.2) As part of a formal risk assessment of desktop systems in a small accounting firm with limited IT support, you have identified the asset “integrity of customer and financial data files on desktop systems” and the threat “corruption of these files due to import of a worm/virus onto system.” Suggest reasonable values for the items in the risk register for this asset and threat, and provide justifications for your choices. 2. (10 marks—from problem 15.1) Consider the risk to “integrity of customer and financial data files on system” from “corruption of these files due to import of a worm/virus onto system,” as discussed in the previous problem. From the list shown in Table 15.3 of the textbook, select some suitable specific controls that could reduce this risk. Indicate which you believe would be most cost effective. 3. (10 marks—from problem 14.6) As part of a formal risk assessment on the use of laptops by employees of a large government department, you have identified the asset “confidentiality Computer Science 400 Computer and Network Security Page 1 of 3 of personnel information in a copy of a database stored unencrypted on the laptop” and the threat “theft of personal information, and its subsequent use in identity theft caused by the theft of the laptop.” Suggest reasonable values for the items in the risk register for this asset and threat, and provide justifications for your choices. 4. (10 marks—from problem 17.7) Consider the development of an incident response policy for the small accounting firm mentioned in problems 1 and 2. Specifically consider the response to the detection of an e-mail worm infecting some of the company systems and producing large volumes of e-mails spreading the propagation. What default decision do you recommend the firm’s incident response policy dictate regarding disconnecting the firm’s systems from the Internet to limit further spread? Take into account the role of such communications on the firm’s operations. What default decision do you recommend regarding reporting this incident to the appropriate computer emergency response team? —To the relevant law enforcement authorities? 5. (10 marks—from problem 18.3) Argue in detail the advantages and disadvantages of the agent-based and agentless SIEM software approaches described in Section 18.5 of the textbook. 6. (10 marks—from problem 19.4) An early controversial use of the DMCA was in a case brought by the Motion Picture Association of America (MPAA) in 2000. The MPAA attempted to suppress distribution of the DeCSS program and derivatives, which could be used to circumvent the copy protection on commercial DVDs. Search for a brief description of this case and its outcome. Determine whether the MPAA was successful in suppressing details of the DeCSS descrambling algorithm. 7. (10 marks) The ISO/IEC 27000 Series of Standards on IT Security Techniques are very important technical documents for computer and network security. In this exercise, you are required to explore these standards in the series, and then write one page of summary about the 27000 Series of Standards, with a focus on at least five of these standards which you think are more important. 8. (10 marks) Similar to the ISO27000 series, NIST SP800-53 is another important standard for computer and network security. For this exercise, you are required to explore each of the security controls listed in the NIST SP800-53 standard, and then write one page of summary about the NIST SP800-53 standard, including your understanding of the meaning and importance of at least five (5) of these security controls, as well as the roles they play in computer and network security. 9 (10 marks) Recall the CIA triangle for objectives of computer and network security— sometimes a threat to the integrity and availability of computer and network systems may not be from hackers or any computing professionals. Instead, the threats may be from sources such as technical errors, environmental disasters, etc. In this exercise, you are required to explore and explain threats from non-computing sources, as well as prevention and mitigation measures. Computer Science 400 Computer and Network Security Page 2 of 3 10 (10 marks) Security auditing is a very important step in the assurance of computer and network security of an organization, and several standards or recommendations, such as ITU-T Recommendation X.816, have been developed to this end. In this last exercise, you are required to explore these standards or recommendations, and then write in your own words a summary of each standard or recommendation for security audit. End of Assignment 4 Computer Science 400 Computer and Network Security Page 3 of 3
Purchase answer to see full attachment