Integrity of HSC students' marks compromised by 'extremely weak' security 5/10/20, 11(41 pmIntegrity of HSC students' marks compromised by 'extremely weak' security Page 1 of...

1 answer below »
PLEASE ASSIGN THE SAME WRITER WHO DID 63564 AND 62922 asthey do this task weekly withefficiently, also please answer the questions and will send the 2 student responses you need to comment on during the week when one of my peers upload , feel free to send the first partearlier anytime before thedue date - view the screenshotfor question and other files are weeks contenthave sent one of the posts from a student and next one will come soon





Integrity of HSC students' marks compromised by 'extremely weak' security 5/10/20, 11(41 pmIntegrity of HSC students' marks compromised by 'extremely weak' security Page 1 of 3https://www.smh.com.au/education/integrity-of-hsc-students-marks-compromised-by-extremely-weak-security-20150911-gjk3o8.html This was published 5 years ago Integrity of HSC students' marks compromised by 'extremely weak' security The NSW Department of Education has been slammed for failing to implement basic security features to protect the integrity of up to 50 per cent of HSC marks across every school in the state. On Friday students at Penrith selective high school in Sydney's west were disciplined after hacking into a computer system in an attempt to change their HSC assessment marks. NATIONAL EDUCATION By Eryk Bagshaw Updated September 11, 2015 — 3.59pm, first published at 9.00am Share A A A 1:02 https://www.smh.com.au/ https://www.smh.com.au/national https://www.smh.com.au/education https://www.smh.com.au/by/eryk-bagshaw-hvf7y javascript:void(0); 5/10/20, 11(41 pmIntegrity of HSC students' marks compromised by 'extremely weak' security Page 2 of 3https://www.smh.com.au/education/integrity-of-hsc-students-marks-compromised-by-extremely-weak-security-20150911-gjk3o8.html A spokesman for the NSW Department of Education said the hack occurred when students obtained a teacher's log-in credentials for the online database. It is operated by Sentral, a private company that stores the state's HSC marks. The breach has revealed "extremely weak" security protocols at the state's schools, according to computer security expert. Simply guessing a teacher's password granted sufficient access to alter the HSC marks of an entire class. The HSC marks obtained before the final HSC exams make up half of a student's ATAR - the Australian Tertiary Admission Rank - which determines what course they can go to at university. Sydney IT security expert Troy Hunt said that a password-only authentication was "just not good enough for something as attractive as the HSC". "It shows a failure on multiple levels," Mr Hunt said. "The teacher has probably done the wrong thing through poor password protection, the students have done the wrong thing through accessing the system, and the department has done the wrong thing through not enabling basic security protocols." Mr Hunt said that by not enabling a two-step password system, such as requiring an SMS to further authenticate users, the marks of the students had been left vulnerable. Vocational education students have been let down by poor providers. 1:02 Students' HSC hack reveals wider security problem As students from Penrith High are investigated for allegedly hacking into their HSC results, Eryk Bagshaw investigates the big problem with the Department's security arrangements. javascript:void(0); 5/10/20, 11(41 pmIntegrity of HSC students' marks compromised by 'extremely weak' security Page 3 of 3https://www.smh.com.au/education/integrity-of-hsc-students-marks-compromised-by-extremely-weak-security-20150911-gjk3o8.html Known as multi-factor authentication, this security measure is commonly used for social media, email and internet banking accounts. It typically comprises something a users knows, such as a password, and something they have, such as an SMS message on their phone. A spokesman for the Department of Education would not comment on what the department knows about the security systems it has contracted out, what security measures were in place, if the department still had faith in Sentral, or if there were any plans to introduce multi-factor logins to its systems. Sentral declined to comment on its school security operations. On Monday, it was revealed the University of NSW's failure to use multi-factor authentication had allowed hackers to post pornography on UNSW's Facebook page during the university's open day. "I have to login with a second factor to tweet what I had for breakfast," Mr Hunt said. "This just demonstrates extremely weak security practices." The director of Lyonswood Forensic IT investigations, Lachlan Jarvis, said school systems had been hacked for up to two decades. "I think that the overarching point to be made here is that there is a fair amount of emphasis on external hackers, but what is concerning is that there is such a lack of internal protocols." Mr Jarvis said that recent high-profile hacks, including those on affair website Ashley Madison, were likely to be inside jobs. He said that the Department of Education needed to consider what it was doing to educate staff and students on the risks of internal security. "It's actually criminal behaviour," said Mr Jarvis. "That is something that the parents and teachers should be aware of and an area [where] education could go a long way." NSW Police are involved in the investigations. Eryk Bagshaw Eryk Bagshaw is the China correspondent for The Sydney Morning Herald and The Age. Due to travel restrictions, he is currently based in Canberra. https://twitter.com/erykbagshaw?lang=en mailto:[email protected] https://www.smh.com.au/by/eryk-bagshaw-hvf7y
Answered Same DayOct 05, 2021PICT3011Macquaire University

Answer To: Integrity of HSC students' marks compromised by 'extremely weak' security 5/10/20, 11(41 pmIntegrity...

Dilpreet answered on Oct 05 2021
144 Votes
RESPONSE TO QUESTIONS
Table of Contents
Recommendations for Implementing Multi-Factor Authenticati
on    3
Replying to Nathaniel Thomas’s Post    3
References    4
Recommendations for Implementing Multi-Factor Authentication
Since, there are limited resources available with this organisation; I would suggest that it is better to go for one-time password Multi-Factor Authentication. This will act as a cheaper yet effective and easy method to be implemented with the help of software tools, which are readily available (Ometov et al., 2018). The software based certificated will require an (One Time Password) OTP before relying on the machines hosting the...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here