Report.
MIS301_Assessment_2 Part A_ Brief_Case Study Report_Identification of Issue_Module 3.2 Page 1 of 7 Context As a cybersecurity specialist, a significant part of your time is spent on identifying vulnerabilities to informational assets in an organisation and making recommendations to mitigate those identified vulnerabilities and threats. In real-world contexts, you may also encounter ethical dilemmas in cybersecurity practices. This assessment, through three parts and submissions, develops your skills in identifying and communicating threats and vulnerabilities to informational assets, making recommendations to the identified threats and vulnerabilities to cybersecurity and understanding the ethical ‘best practices’ to address ethically difficult issues in cybersecurity practice. Instructions: Assessment 2 consists of three parts. All three parts are based on the attached case study and is a group assessment For Part A: ASSESSMENT 2 PART A BRIEF Subject Code and Title MIS301 Cybersecurity Assessment Case Study Report and Presentation: Identification of the issues Individual/Group Group Length Part A: 1500 words (+/- 10%). Learning Outcomes The Subject Learning Outcomes demonstrated by successful completion of the task below include: a) Investigate and analyse the tenets of cybersecurity. b) Identify and communicate a range of threats and vulnerabilities to informational assets. c) Recommend and justify robust solutions to identified threats and vulnerabilities to cybersecurity. d) Develop own professional practice and ethical standards around security issues and implementation of solutions. Submission Due by 11:55pm AEST Sunday of Module 3.2 Weighting 25% Total Marks 100 marks MIS301_Assessment_2 Part A_ Brief_Case Study Report_Identification of Issue_Module 3.2 Page 2 of 7 1. Form groups of 2 to 3 members. Please read the attached MIS301_Assessment 2_Group Work Guide document for information on group formation, registration and administration. 2. Read the attached case study. 3. Based on the case study, you, as a group, are required to submit a 1500-word report to the managers, who do not have a technical background. The report must address the following tasks: a. identifying the informational assets that need to be protected and build a business case for management to justify investment in cybersecurity b. identifying and discussing at least five (5) vulnerabilities that exist in the company’s IT infrastructure and operation c. for each vulnerability, discuss potential threats, possible attacks and the consequence for the business. 4. Your report must be related to the case study and not a general report on cybersecurity. 5. Report structure: a. Title page: Subject code and name, assessment number, report title, assessment due date, word count (actual), student names, student IDs, Torrens email addresses, learning facilitator, and subject coordinator. b. Table of Contents (ToC): It should list the report topics using decimal notation. It needs to include the main headings and subheadings with corresponding page numbers, using a format that makes the hierarchy of topics clear. Because you are including a ToC, the report pages should be numbered in the footer as follows: title page has no page number; and the main text should have Arabic numerals commencing at 1. Create the ToC using Microsoft Word’s ToC auto-generator rather than manually typing out the ToC. Instructions can be found here https://support.office.com/en-gb/article/Create- a-table-of-contents-or-update-a- table-of-contents-eb275189-b93e-4559-8dd9-c279457bfd72#__create_a_table. c. Introduction (90-110 words): It needs to provide a concise overview of the problem you have been asked to research, the main aims/purpose of the report, the objectives to be achieved by writing the report and how you investigated the problem. Provide an outline of the sections of the report. d. Body of the report (use appropriate headings in the body of the report) (1170-1430 words): Ensure that you address the tasks listed above. Do NOT use generic words such as ‘Body, Body of the Report, Tasks’ as section headings. Create meaningful headings and subheadings that reflect the topic and content of your report. e. Conclusion (90-110 words): Restate the purpose of the report and key issues investigated and the related findings based on your research and analysis. f. Reference list g. Appendices if necessary. 6. Before submitting your assessment, check it against the assessment criteria and the marking rubric included in this brief to ensure that you have satisfactorily addressed all the criteria that will be used to mark your submission. 7. Download the Group Participation Matrix from Assessment 2 Part A section. Use this document to review your group members’ performance in this assessment and to specify their specific contribution made to group work. This Group Participation Matrix document needs to be submitted individually through the Assessment 2 Part A submission link. MIS301_Assessment_2 Part A_ Brief_Case Study Report_Identification of Issue_Module 3.2 Page 3 of 7 Referencing It is essential that you use appropriate APA style for citing and referencing research. Please see more information on referencing here https://library.torrens.edu.au/academicskills/apa/tool Submission Instructions Group submission 1. Each team will submit ONE Microsoft Word document (.doc or .docx) via the Assessment link in the main navigation menu in Blackboard. The Learning Facilitator will provide feedback via the Grade Centre in the LMS portal. Feedback can be viewed in My Grades. Peer evaluation – Individual Submission 2. Each individual student is to submit a completed Group Participation Matrix document in the Peer Evaluation submission link. Please submit a peer review correctly, as no submission may result in zero grading for this assessment criteria. Academic Integrity Declaration We declare that except where we have referenced, the work we are submitting for this assessment task is our own work. We have read and are aware of Torrens University Australia Academic Integrity Policy and Procedure viewable online at http://www.torrens.edu.au/policies-and-forms We are aware that we need to keep a copy of all submitted material and their drafts, and we will do so accordingly. https://library.torrens.edu.au/academicskills/apa/tool http://www.torrens.edu.au/policies-and-forms MIS301_Assessment_2 Part A_ Case Study Report_Identification of Issue_Module 3.2 Page 4 of 7 Assessment Rubric Assessment attributes Fail (Unacceptable) 0-49% Pass (Functional) 50-64% Credit (Proficient) 65-74% Distinction (Advanced) 75 -84% High Distinction (Exceptional) 85-100% Knowledge and understanding of vulnerability and potential threats 30% Limited understanding of required concepts and knowledge in vulnerability and potential threats in cybersecurity. Key components of the assignment are not addressed. Adequate knowledge or understanding of vulnerability and potential threats in cybersecurity. Some of the key components of the assessment are not addressed. Thorough knowledge or understanding of vulnerability and potential threats in cybersecurity. Supports personal opinion and information substantiated by evidence from the research/course materials. All key components of the assessment are addressed with an adequate capacity to explain and apply relevant key concepts. Highly developed understanding of vulnerability and potential threats in cybersecurity. All of the key components are addressed. Well demonstrated capacity to explain and apply relevant key concepts. A sophisticated understanding of vulnerability and potential threats in cybersecurity. All of the key components are addressed. Demonstrates mastery and application of key concepts. Content, audience and purpose 10% Demonstrates no awareness of context and/or purpose of the assignment. Demonstrates limited awareness of context and/or purpose of the assignment. Demonstrates consistent awareness of context and/or purpose of the assignment. Demonstrates an advanced and integrated understanding of context and/or purpose of the assignment. Consistently demonstrates a systematic and critical understanding of context and purpose of the assignment. MIS301_Assessment_2 Part A_ Case Study Report_Identification of Issue_Module 3.2 Page 5 of 7 Assessment attributes Fail (Unacceptable) 0-49% Pass (Functional) 50-64% Credit (Proficient) 65-74% Distinction (Advanced) 75 -84% High Distinction (Exceptional) 85-100% Evaluation of information selected to support the case study 30% Limited understanding of key concepts required to support the case study. Confuses logic and emotion. Information taken from reliable sources but without a coherent analysis or synthesis. Viewpoints of experts are taken as fact with little questioning. Resembles a recall or summary of key ideas. Often conflates/confuses assertion of personal opinion with information substantiated by evidence from the research/course materials. Analysis and evaluation do not reflect expert judgement, intellectual independence, rigour and adaptability. Supports personal opinion and information substantiated by evidence from the research/course materials. Demonstrates a capacity to explain and apply relevant concepts. Identifies logical flaws. Questions viewpoints of experts. Discriminates between assertion of personal opinion and