Qac020X352H Cyber Security | Assessment Answer
Question:
On successful completion of this module students will be able to:
- Identify and critically analyse information security threats to computer networks and management information systems. (management of information systems | Managing information systems)
- Critically evaluate the range of effective security controls used to protect system and user data.
- Synthesize solutions to security problems through effective information security governance.
- Create understanding of professional, social, ethical and legal issues associated with cyber security.
Attempt all the following tasks in the assignment. Marks will be awarded for producing a documented system that meets the requirements as specified below.
Please specify the task number in your assignment.
Task 1: Security vulnerabilities
You are an Information Security officer working for InfoIT Limited. You have been informed of some vulnerabilities in your company's web server. These can be seen in the following list:
- Missing authorisation
- Download of codes without integrity checks
- Broken Authentication and Session Management
- Missing data encryption
- Cross-site-scripting vulnerabilities
a.Give a detailed explanation of how each vulnerability from the above list can be exploited and give recommendations on what should be done against each of them.
b.You have been told that one of your application has a "SQL injection" vulnerability. What tool/techniques can be used to detect and exploit "SQL injection"? Perform a SQL injection using an appropriate tool and demonstrate the steps with a brief explanation.
Task 2: Security tools/Techniques
You are an Information Security officer working on TechnoIT Limited. The managing director calls you one day; he looks concerned and says "The festivities will soon be upon us and we have a new range of products ready to market. For operational reasons, all product files need to be kept on the local server for use by our managers. However, I fear our competitors will hire hackers to access our servers and steal or corrupt our files." The managing director outlines the need for three different methods of protections and requires expert opinion on a relevant technology for each.
a.For each of the following instances, choose a technology that would best serve the required need, describe its operation and justify your choice. Each instance should describe a different technology.
- Prevent hackers from finding a file. Evaluate and justify your answer using literature for the scenario above.
- Prevent hackers from reading a file. Evaluate and justify your answer using literature for the scenario above.
- Enable alteration of a file by a hacker to be detected. Evaluate and justify your answer using literature for the scenario above.
b.For each of the three choices of technology discussed in (a) above, critically analyse how a hacker might attempt to counteract your protection.
Task 3: Social engineering and BCM
The 2018 information security breaches surveys reveal that in 2017, 13% of large companies found hackers have penetrated their corporate defences, compared with 1% in 2016. The report, based on responses from more than 1,000 large companies, shows hackers are "using social engineering attacks to lure staff in insecure behaviour. Insiders have always been the biggest threat, so it is now essentials that boards improve security awareness and practice among staffs”. (Computer Weekly, 2018).
Could Business Continuity Management (BCM) be a solution to deal above breach scenario?
a.Describe the two main methods employed by social engineers to 'lure staff into insecure behaviour'.
b.Give a detailed explanation of BCM and its functions (purpose and benefits).
c.What are the three types of backup sites that an organisation can use? Evaluate them with examples.
Task 4: Ethical hacking
1.With the aid of a diagram, outline the phases of ethical hacking steps.
2.The first step of hacking is also called Footprinting and information gathering Phase. Name the types of Footprinting and explain this by giving examples.
3.Perform network scanning using any appropriate tools (such as Nmap/Zenmap) and analyse their result. Choose any 1 tool to do this task.
Task 5: Presentation, Report Layout and References
Buy Qac020X352H Cyber Security | Assessment Answers Online
Talk to our expert to get the help with Qac020X352H Cyber Security | Assessment Answers to complete your assessment on time and boost your grades now
The main aim/motive of the management assignment help services is to get connect with a greater number of students, and effectively help, and support them in getting completing their assignments the students also get find this a wonderful opportunity where they could effectively learn more about their topics, as the experts also have the best team members with them in which all the members effectively support each other to get complete their diploma assignments. They complete the assessments of the students in an appropriate manner and deliver them back to the students before the due date of the assignment so that the students could timely submit this, and can score higher marks. The experts of the assignment help services at urgenthomework.com are so much skilled, capable, talented, and experienced in their field of programming homework help writing assignments, so, for this, they can effectively write the best economics assignment help services.
Get Online Support for Qac020X352H Cyber Security | Assessment Answer Assignment Help Online
Resources
- 24 x 7 Availability.
- Trained and Certified Experts.
- Deadline Guaranteed.
- Plagiarism Free.
- Privacy Guaranteed.
- Free download.
- Online help for all project.
- Homework Help Services