Computer Systems Security Assignment Task

To make this assignment more relevant and interesting for you, you will select your own real- world organization (and thus case study) and then apply the concepts and techniques you have learned from this module to that case study. The case study you select must not have been used by you, or any other student, in any other module current or historic. Please ensure you check your selected organization and the scope of the case study with your tutor before starting.

Your selected organization for this case study intends to upgrade their current IT infrastructure to meet the organizational IT needs in the 21st century. You have an option of using a technology of your choice or technologies such as Internet of Things, Cloud Computing, Content Centric Networking, or Software Defined Networks for this upgrade. You as an IT Lead have been asked to write a report for the management justifying viability of the proposed future IT infrastructure in the context of its security.

Task 1

1a) Discuss briefly the profile of your selected organization, its existing IT infrastructure, and pertinent issues with the current infrastructure to justify the need for an infrastructure upgrade.

1b) Identify and justify the choice of technology (or technologies) you are proposing to use to upgrade the IT Infrastructure of your selected organization. You are expected to briefly compare technologies to justify your choice.

1c) In the context of proposed future IT infrastructure for your organization, discuss critical assets (including information assets) that will need protection, and list vulnerabilities related to each of the identified assets.

Note: The answer to the above task must demonstrate a conceptual understanding of common security risks and recognise the importance of risk analysis within different IT environments and critically evaluate relevant literature regarding notable security issues.

(800 words) (20 marks)

Task 2

2a) Risk analysis lies at the heart of any successful IT project. Through arguments backed by literature, justify the importance of risk analysis phase in any IT project. Also discuss what risk analysis process in relation to IT infrastructure projects entails.

2b) Critically evaluate a range of pertinent security risks posed to the selected organization in context of their proposed IT infrastructure upgraded through the technology of your choice. Also, briefly discuss the proposed protection against those risks.

2c) Conduct a detailed risk analysis of your organization based on the risks evaluated in Task 2b.

Note: The answer to the above task must demonstrate a conceptual understanding of common security risks and recognise the importance of risk analysis within different IT environments, critically evaluate relevant literature regarding notable security issues and create a risk analysis for a given scenario with reference to compliance with security policies

(1400 words) (35 marks)

Task 3

3a) Critically evaluate key aspects of the security policy of your selected organization (or an organization of a similar profile and size) also discussing how effective the policy is in protecting against security risks evaluated in Task 2b.

3b) Cryptography acts as a key measure in tackling a range of security threats. Discuss a cryptographic approach (or a combination of approaches) you are proposing for your organization to adopt and justify your choice by briefly comparing your approach against other available approaches. Explain in what areas of your organization’s future IT infrastructure you will use the proposed cryptographic approach.

Note: The answer to the above task must demonstrate a systematic understanding of the key approaches to cryptography & their application and create a risk analysis for a given scenario with reference to compliance with security

(1000 words) (25 marks)

Task 4

4a) Provide a brief assessment of the security of your proposed IT infrastructure using layered security approach.

4b) Critically evaluate legal, social and ethical issues in relation to the security of proposed IT infrastructure.

Note: The answer to the above task must critically evaluate legal, social and ethical issues of secure systems.

(800 words) (20 marks)

Total word count = 4000

Some referencing must come from the below text book:

Whitman, M. and Mattord, H. 2016. Management of Information Security. 5th ed. Delmar Thomson Learning 

Referencing Guidance

You MUST underpin your analysis and evaluation of the key issues with appropriate and wide ranging academic research and ensure this is referenced using the Harvard system(s).

The Harvard System (Author-Date Method)

All statements, opinions, conclusions etc. taken from another author’s work (print, online or multimedia) should be cited, whether the work is directly quoted, paraphrased, or summarised. Paraphrasing is integrating another person’s ideas into your work by rewriting an argument using your own words, phrasing, and interpretation. Guidance on appropriate use of paraphrasing, summarising and quotation in academic writing is available in your Student Handbook. Referencing is a two-part process:

• In-Text Citations
• Reference List

In the Harvard System, all cited publications are referred to in the main body of text by giving the author’s surname and the year of publication separated by a comma e.g. (Waring, 2014). Each cited publication must have a corresponding full reference in the Reference List at the end of your work. The references are listed in alphabetical order by surname.

Authors/Originators

When citing the author, use the name(s) of the person or organisation shown most prominently in the source as being responsible for the published content.

If no author is given and there is clearly no identifiable person or organisation, use ‘Anon.’, except for webpages, newspapers, film, dictionaries, or encyclopaedias. See section 2.1.1. point vii for guidance on how to cite these examples. For all examples use the same author notation in the reference list at the end.

Dates

If an exact year or date is not known, an approximate date preceded by ‘ca.’ may be supplied e.g. (ca. 1750). If no such approximation is possible, use N.D. (no date). For webpages, it may be preferable to cite the year in which the page was accessed, e.g., (ca. 2009), rather than use N.D..

Where a book, chapter or article has been re-published as part of a different work e.g., an anthology, cite and reference the original date of publication, if given.

Person-to-person communication (letters, emails, interviews, lectures, etc.)

We recommend that references to person-to-person communications such as letters and emails are given only within the main body of the text and are not detailed in the reference list.

In-Text Citations

This applies to print and online materials.

Where to place the citation

Place your citation where you feel it should naturally occur within a sentence. Depending on your writing style, it may follow a phrase/idea or appear at the end of a sentence or paragraph. It should always appear before the full stop.

• e.g., As Waring (2014, p. 33) said, “theory and practice should not be seen as separate entities” and so… This is an example of a ‘narrative citation’ where the author(s) name naturally occurs within the sentence. In this case, you only need to put the date in brackets, and the page number if necessary.

• e.g., In his highly acclaimed study, Waring (2014) argued that theory and practice should not be seen as separate entities…

• e.g., Theory arises out of practice and the two are therefore inextricably linked (Waring, 2014). This is an example of a ‘parenthetical citation’ where the author(s) name does not naturally occur in the sentence and is therefore placed within the parenthesis along with the date, and page number if necessary.

Quotations

If the quote is less than a line it may be included in the body of the text in double quotation marks. Longer quotations should be indented, single-spaced, and appear in double quotation marks.

Pagination

In citations to particular parts of a document, the location of that part (e.g., Waring, 2014, p. 6) should always be given after the year within the brackets.

If your ebook does not have the printed page numbers, when referencing books in your work you will need to refer to a chapter/section/paragraph number to correctly identify the passage of text you are using.

• e.g., Leatherbarrow and Fletcher (2018) state that “HRM as a concept was attractive to many organisations because of its unitary perspective” (chapter 3, para. 2).

For webpages and online newspapers, this detail is not required.

Figures (e.g., diagrams, graphs, tables, illustrations, photographs, etc.)

These should be referenced as though they were quotations taken from a published work. Page numbers come after the year, within the brackets. Diagrams etc. are usually accompanied by a brief description and are listed throughout a piece of work by figure number.

• e.g., Figure 1. Johannes Vermeer’s The Girl with the Pearl Earring (Chevalier & Hale, 2011, p. 55).

If the item has been copied and amended by you, e.g., you add another axis to a graph, then use ‘amended from’ in parentheses after the source.

• e.g., Figure 1. Johannes Vermeer’s The Girl with the Pearl Earring (amended from Chevalier and Hale, 2011, p. 55).

When referring to diagrams, graphs, tables, illustrations, photographs, etc. in the text, you should use Figure number (and source if relevant).

• e.g., In Figure 2. Mitchell (2015) demonstrates…

You should include a full reference to sources in the list at the end of your work. Your own original work should not appear in the reference list at the end, as it has not been published.

Text or script from videos, films, or broadcasts

These should be referenced as though it were a quotation taken from a published work, but without page numbering.

• e.g., As typified by James Dean portraying the moral decay of American youth (Rebel without a Cause, 1955).

Online sources

When citing a webpage on an organisation or company website, use the organisation or company as the author. Do not insert the URL (web address) in the body of your text.

• e.g., Price Waterhouse suggest “A quotation from the relevant webpage would be inserted here.” (Price Waterhouse, 2011).

2.1.1. Examples of In-Text Citation

1. If the author’s name occurs naturally in the sentence, the year is given in brackets:

• e.g., In his highly acclaimed study Waring (2014) argued that theory and practice should not be seen as separate entities…

• e.g., As Waring (2014, p. 33) said, “theory and practice should not be seen as separate entities” and so…

1. If the name does not occur naturally in the sentence:

Both name and year are given in brackets:

• e.g., A more recent study (Waring, 2014) has shown the way theory and practical work interact.

• Theory arises out of practice and the two are inextricably linked. (Waring, 2014).

1. When an author has published more than one cited document in the same year:

These are distinguished by adding lower case letters (a, b, c, etc.) after the year and within the brackets:

• e.g., Fordham (2011a) discussed the subject…

Note: If you are adding citations from the same author and year, the letters after the date will determine the order in your reference list e.g., ‘Fordham (2011a)’ would be listed before ‘Fordham (2011b)’.

1. When more than one source is cited:

The sequence of citations may be either chronological or in order of academic relevance.

• e.g. (Harris 2011; Hale 2012; Malcolm 2014)

• If there are two authors:

The surnames of both should be given.

• e.g., Doole and Lowe (2012) proposed that…

• If there are three to five authors:

The surnames of all authors should be given, and then you can use the main author’s surname followed by et al for the second and all subsequent citations.

• If there are more than six authors:

The surname of the first author only should be given, followed by et al.:

• e.g., As global economies grow and the cost of doing business increases (D’Arienzo et al., 2016).

A full list of all author’s names should appear in the reference list at the end of your work.

• If no author is given and there is clearly no identifiable person/body responsible:

For all examples use the same author notation in the reference list at the end. For webpages use the organisation or company author:

• e.g., In the IPCC (2016) report on Climate Change and Oceans and the Cryosphere…

For newspaper articles use the newspaper title:

• e.g., Social media is driving the rise of hate crime (The Telegraph, 2016).

For a film, use the title of the film:

• e.g., As typified by James Dean portraying the moral decay of American youth (Rebel without a Cause, 1955).

For a dictionary or encyclopaedia, if it is the co-operative work of many individuals, none of whom are the main editor, the title of the work may be used instead.

• e.g., According to the Oxford Encyclopaedia “A quotation from the text would be inserted here.” (Oxford, 2007, p. 375).

For other sources, use ‘Anon.’:

• e.g., In an earlier text (Anon., 1908) it was stated that…

1. If you refer to a source directly quoted in another source you cite both in the text:

• e.g., In a popular study Whear (2014 cited by Stamper, 2016) argued that education must be participative and collaborative…

• e.g., As Whear (2014, cited by Stamper 2016, p. 90) said, “education must be participative, collaborative and non-judgmental” and so we…

You should only list the work you have read, i.e., Springer, in the reference list at the end.

• If you refer to a contributor in a source just cite the contributor, not the editor:

• e.g., Crinklaw showed this to be key to her own social networking success (Crinklaw, 2011).

• If you refer to a person who has not produced or contributed to a work, but who is quoted in someone else’s work, it is recommended that you mention the person’s name and you must cite the source author:

• e.g., Michael Heseltine emphasized the part the media plays in influencing political opinion in an interview with Eaton (2016).

• e.g., “It rings well with some of our xenophobic newspapers”, Michael Heseltine said in a recent article (Eaton, 2016, p4).

You should list the work that has been published, i.e., Eaton (in the New Statesman) in your reference list.

• Scriptural Citations (e.g., Bible, Koran/Qur’an):

These should only be included in the text and not the reference list. Include book, chapter, and verse. If quoting you may add the translation or edition.

• e.g., “He gives strength to the weary and increases the power of the weak.” (Isiah 40:29, New International Version).

• Legislation – UK Statutes (Acts of Parliament) should be cited in full:

• e.g., The Equality Act 2010 legislates that it is unlawful to discriminate on the grounds of…

Person-to-person communications (letters, emails, interviews, lectures, etc.):

These do not provide recoverable data and so are not included in the reference list. Cite personal communications in the text only. Give initials as well as the surname and status and/or occupation of the person. Provide as exact a date as possible. When citing research data which you have collected, it is advisable to also include copies or summaries of source data in Appendices.

• e.g., According to Professor L. Brockliss, Beatty’s accounts of naval medicine led to significant advances (personal communication, 15 September 2008, see Appendix 1).

Lectures, whether downloaded from Arden University or not, are not regarded as ‘published’ materials and are intended as pointers toward such sources rather than as source materials in themselves.

Get expert help for Computer Systems Security Assignment Task and many more. 24X7 help, plag free solution. Order online now!