Question
You are hired by the organisation, such as Southern Cross University, selected in Ass1, as a cybersecurity consultant to work on a security program to
You are hired by the organisation, such as Southern Cross University, selected in Ass1, as a cybersecurity consultant to work on a security program to address the contemporary and emerging risks from the cyber threats the organisation is facing. Your tasks are the following:
Task 1: the organisation is currently using a password based authentication system to control the user access to the organisations information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the organisation has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the organisations information system.
Task 2: After the assessing the risk from the BYOD policy, you suggest the organisation to replace the current password-based authentication scheme with a Certificate-Based Authentication for both device and user authentication. To justify your suggestion, write a technical report to explain the working principle of the Certificate-Based Authentication mechanism and discuss why the organisation should use the mechanism in this case by comparing it with the password-based authentication mechanism. Use figure when necessary to support your answers.
Task 3: You have identified Phishing is among the top cybersecurity threats facing by the organisation. Use available online (e.g., Internet) resources to develop a guideline for the organisation staff to combat with the threat. The guideline will include the following:
o Definition of phishing and its distinctive characteristics.
o At least three (3) real examples showing the phishing characteristics.
o An instruction to the users of how to recognise and safely handle a phishing attack.
o An instruction to the IT administrator of how to minimise the phishing threat.
Task 1:
BOYD risk assessment
To complete this task, use the following guidelines:
Identify the most critical components of the organisation information system the critical information assets.
Identify what threats the BYOD policy may bring to the identified critical assets.
Identify potential vulnerabilities of each asset against the identified threats.
Assess the risk to the organisation information system using either quantitative or qualitative risk assessment approach and document the risk assessment process.
Task 2:
Certificate-based Authentication
To complete this task, use the following guidelines:
Perform necessary research to understand the working principle, pros and cons of the Certificate-based Authentication mechanism. Document all reference sources.
Write a technical report to explain the working principle of the Certificate-based Authentication mechanism. Compare the certificate-based authentication against the password-based authentication and highlight the features you think are useful for combating the threats from the BYOD policy for device and user authentication at the same time.
Note that you are not allowed to cut and paste from online resources. Use your own words and figures. Acknowledge all reference sources.
Task 3:
Anti-phishing guideline
To complete this task, use the following guidelines:
Read online resources, such as Black (2 005) Phish to Fry: Responding to the Phishing Problem. Journal of Law and Information Science, 16(1), pp. 73-91 (http://classic.austlii.edu.au/au/journals/JlLawInfoSci/2005/4.html), Anti- Phishing Working Group (https://www.antiphishing.org/resources/), etc. to define what type of electronic messages should be treated as phishing, what are the distinctive characteristics of a phishing and what act is considered as phishing?
Search for 3 representative examples of phishing or use your own phishing as examples.
Use samples from reputable online resources to help you with the development of phishing handling instructions. The instructions should be clear, concise and precise.
Step by Step Solution
3.40 Rating (144 Votes )
There are 3 Steps involved in it
Step: 1
Task 1 BYOD Risk Assessment To assess the risk associated with the Bring Your Own Device BYOD policy its crucial to understand the critical components of the organizations information system identify ...Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started