CIS7028 Information Security
CIS7028 -Information Security- 20 Credits
Module Leader: Dr. Chaminda Hewage
Assessment Title: Information SecurityFinal Assessment
HAND-OUT DATE:17th February 2020
DATE:27th April 2020
Learning Outcomes. 3
Assessment Requirements / Tasks (include all guidance notes) 3
Assessment Criteria. 4
Submission Details. 4
Marking Criteria. 5
Additional Information. 5
Referencing Requirements (Harvard) 5
Mitigating Circumstances. 5
Unfair Practice. 6
This assessment is designed to demonstrate a student’s completion of the following Learning Outcomes:
- Critically discuss the threats to information storage within a system and appreciate the main types of computer crime
- Appraise approaches to information security and forensic investigation of prominent cyber offences;
- Analyse the technical issues relating to the transmission and storage of data and information relating to Cloud Computing and Big Data
- Discriminate between data management policies associated with Data Protection and the Regulation of Investigatory Powers.
The Cardiff Met EDGE supports students in graduating with the knowledge, skills, and attributes that allow them to contribute positively and effectively to the communities in which they live and work.
This module assessment provides opportunities for students to demonstrate development of the following EDGE Competencies:
|ETHICAL||Knowledge of ethical practices in cyber defences|
|DIGITAL||The usage of state of the art digital security controls|
|GLOBAL||Exposure to International standards such as ISO27001|
|ENTREPRENEURIAL||The opportunities and risks with data and information|
Assessment Requirements / Tasks (include all guidance notes)
Task 1 (2000 words): Choose one of the activities described below:-
Assume you have been hired as a security consultant by a large scale enterprise to provide them below information and recommendations. The enterprise’s Chief Information Officer (CIO) has recently come to know about ISO27001 and wants to know your opinion about alternative standards, its wider benefits to the organization, how to implement the critical elements of ISO27001 and auditing and certification process. Prepare a report covering below details.
Task 1.1 (750 words):
- Alternative standards (Cyber essentials) and wider benefits of ISO27001 to the organization
Task 1.2 (1000 words):
- Main clauses need to implement under ISO27001 (750 words)
- Security control objectives applicable for the chosen company (250 words)
Task 1.3 (250 words):
- Auditing and certification process of ISO27001
Activity 2 (2000 words)
Data protection by design/default: Compile a report explaining how you would implement Data protection by design and defaultfor a chosen company. The company can be any size which holds personal data of customers, clients, suppliers and employees.
Task 2.1 (1000 words):
- The implementation of Data Protection by Design and Default for the chosen company
Task 2.2 (1000 words):
- The use of below mechanisms for the chosen company to implement data protection by design and default: Data discovery, Data classification, Data Processing Impact Assessment (DPIA), Data Loss Prevention (DLP) mechanisms and Privacy Enhancing Technologies (PETs)
Task 2 (1500 words):Write a report about a recent information security attack/breach (which took place recently, January 2019 onwards). Thedescription should contain a brief description of the attack, loss to the organization, details of the vulnerability exposed by the attack (e.g.; CVE), how the attack was manifested (e.g. illustration), the tools used by the attackers and prevention mechanisms which could have stopped the threat or the vulnerability. Sample References:
Task 3 (Continuous assessment using 8 Cisco Cyber Essential labs and immersive labs): Security awareness (Cisco Cyber security essentials training). Students have to complete 8 Chapters of above training (both theoretical and practical aspects) during tutorials and average mark of chapter Quizzes will be taken into account. Students has to complete the final quiz as well. In addition, immersive labs has to be completed by the students.
|Task 1: (Activity 1 or 2)||40%|
|Task 2.1: Description of the attack and loss to the organization||10%|
|Task 2.2: Description of the Vulnerability||5%|
|Task 2.3: Illustration of the attack, tools used by the attackers||10%|
|Task 2.4: Prevention mechanisms||10%|
|Task 3: Cyber security essentials training||25%|
|Task 3.1 Cisco Cyber Essentials chapter quizzes and packet tracer activities||15%|
|Task 3.2 Cisco Cyber Essentials final quiz||5%|
|Task 3.3 Immersive labs||5%|
Please see Moodle for confirmation of the Assessment submission date.
Submission will be by 4:00pm on the deadline day.
Any assessments submitted after the deadline will not be marked and will be recorded as a Non-Attempt.
The assessment must be submittedas a zip file / pdf / word document through the Turnitin submission point in Moodle
Your assessment should be titled with your Student ID Number, module code and assessment id, e.g. st12345678 CIS4000 WRIT1
Feedback for the assessment will be provided electronically via Moodle, and will normally be available 4working weeks after initial submission. The feedback return date will be confirmed on Moodle.
Feedback will be provided in the form of a rubric and supported with comments on your strengths and the areas which you improve.
All marks are preliminary and are subject to quality assurance processes and confirmation at the Examination Board.
Further information on the Academic and
Feedback Policy in available in the Academic Handbook (Vol
1, Section 4.0)
|70 – 100% (1st)||A very comprehensive technically correct submission. All major aspects of the assignment covered. Clear expression of ideas. A very high standard of presentation. All problems identified and solutions are feasible and within the restrictions of the assignment. All sources acknowledged and referenced to a high standard.|
|60-69% (2:1)||Most major aspects of the assignment covered with supporting explanation and discussion of their roles. Some minor technical errors and misconceptions. Good identification of problems and good solutions. Good presentation and standard of referencing.|
|50-59% (2:2)||Fair identification of problems and reasonable solutions provided. Some technical errors and misunderstandings. Fair standard of presentation. Good referencing with minor omissions.|
|40-49% (Narrow Fail)||Limited identification of problems and solutions provided are of limited practicality. Technical errors and misunderstandings present. Poor or incomplete referencing of information. Basic standard of presentation.|
|35-39% (Marginal Fail)||Poor identification of problems and solutions provided are of very limited practicality. A number of technical errors and misunderstandings present. Poor or incomplete referencing of information. Basic standard of presentation.|
|<35% (Fail)||No identification of problems and solutions provided are of very limited practicality. Many technical errors and misunderstandings present. Very poor or incomplete referencing of information. Very basic standard of presentation.|
Referencing Requirements (Harvard)
The Harvard (or author-date) format should be used for all references (including images).
Further information on Referencing can be found at Cardiff Met’s Academic Skills website.
If you have experienced changes or events which have adversely affected your academic performance on the assessment, you may be eligible for Mitigating Circumstances (MCs). You should contact your Module Leader, Personal Tutor or Year Tutor in the first instance.
An application for MCs, along with appropriate supporting evidence, can be submitted via the following link to the MCs Dashboard
Applications for MCs should ideally be submitted as soon as possible after circumstances occur & at the time of the assessment. Applications must be submitted before the relevant Examination Board.
Further information on the Mitigating Circumstances procedure is available in the Academic Handbook (Volume 1, Section 5)
Cardiff Metropolitan University takes issues of unfair practice extremely seriously. The University has distinct procedures and penalties for dealing with unfair practice in examination or non-examination conditions. These are explained in full in the University’s Unfair Practice Procedure (Academic Handbook: Vol 1, Section 8)
Types of Unfair Practice, include:
Plagiarism, which can be defined as using without acknowledgement another person’s words or ideas and submitting them for assessment as though it were one’s own work, for instance by copying, translating from one language to another or unacknowledged paraphrasing. Further examples include:
- Use of any quotation(s) from the published or unpublished work of other persons, whether published in textbooks, articles, the Web, or in any other format, which quotations have not been clearly identified as such by being placed in quotation marks and acknowledged.
- Use of another person’s words or ideas that have been slightly changed or paraphrased to make it look different from the original.
- Summarising another person’s ideas, judgments, diagrams, figures, or computer programmes without reference to that person in the text and the source in a bibliography or reference list.
- Use of services of essay banks and/or any other agencies.
- Use of unacknowledged material downloaded from the Internet.
- Re-use of one’s own material except as authorised by the department.
Collusion, which can be defined as when work that that has been undertaken with others is submitted and passed off as solely the work of one person. An example of this would be where several students work together on an assessment and individually submit work which contains sections which are the same. Assessments briefs will clearly identify where joint preparation and joint submission is specifically permitted, in all other cases it is not.
Fabrication of data, making false claims to have carried out experiments, observations, interviews or other forms of data collection and analysis, or acting dishonestly in any other way.
Check our other posts
- PUBH6001 Health Policy and Advocacy
- MLC710 T1 2020 Sport and the Law
- Essay Typer for quality essay writer on any topic
- Planning to Study in Deakin in 2020? Get Assignment help
- BSBMGT605 PROVIDE LEADERSHIP ACROSS THE ORGANISATION
- Usage of Moodle or blackboard in UK for assignment help
- Foreign Direct Investment Report
- Coursework 2 Summative Individual Research report
- WS2121 Reflective Statement of Practice learnjcu
- WS2121 Aboriginal and Torres Strait Islander Skills and Frameworks for Practice learnJCU