Scenario: Student Grading System Security Remarkable University is implementing a new student grading system. The system needs to be developed and implemented to ensure that it is both fit for purpose...

1 answer below »
Scenario: Student Grading System Security Remarkable University is implementing a new student grading system. The system needs to be developed and implemented to ensure that it is both fit for purpose and secure from identified threats. The student grading system’s core components include: ? a front-end web/application server which is used by students, academics and administrative staff ? a database which holds students’ grades The system will need to be built and managed to ensure that the servers are deployed securely and remain secured against common automated and simple manual attacks. Dedicated, targeted attacks are difficult to protect against, however simple measure can be taken to protect against most automated attacks. Identified threats against the system include: ? Grade hacking/modification, e.g. students w


Document Preview:

Scenario: Student Grading System Security Remarkable University is implementing a new student grading system. The system needs to be developed and implemented to ensure that it is both fit for purpose and secure from identified threats. The student grading system’s core components include: ? a front-end web/application server which is used by students, academics and administrative staff ? a database which holds students’ grades The system will need to be built and managed to ensure that the servers are deployed securely and remain secured against common automated and simple manual attacks. Dedicated, targeted attacks are difficult to protect against, however simple measure can be taken to protect against most automated attacks. Identified threats against the system include: ? Grade hacking/modification, e.g. students who may wish to modify their own results or view or modify the results of others ? Privacy concerns, e.g.: ? internal users such as staff or students who may wish to view or modify results; and ? external users who may wish to gain access to or modify results or other personal information ? Malicious code such as worms ? Automated scanning and exploit tools ? Targeted exploit attempts ? Phishing attempts The grading system application needs to remain secured, use appropriate access controls, enforce least privilege, and ensure that information flowing to and from the system is protected. The application needs to be developed in a secure manner and be protected against common attacks, and the database needs to be protected against common automated attacks and use appropriate access controls. All components of the systems, and in particular the application and database, need to have appropriate access controls in place to ensure that only authorized users can access and update the system, and that access is tied to the role of each user. All access to the system should be logged, regardless of whether the...



Answered Same DayDec 26, 2021

Answer To: Scenario: Student Grading System Security Remarkable University is implementing a new student...

David answered on Dec 26 2021
130 Votes
1 | P a g e

Assignment
On

IT Security plan for Student grading system
Submitted by:-
Date:-
Registration No:-
2 | P a g e

Contents
Introduction:- .......................................................................................................................................... 2
Scope:- ...........................
......................................................................................................................... 2
Risk assessment:- .................................................................................................................................... 3
Security strategies and action:- .............................................................................................................. 3
Residual risks:- ........................................................................................................................................ 6
Maintenance and training:- .................................................................................................................... 6
Revision history-:- ................................................................................................................................... 7
Conclusion:- ............................................................................................................................................ 7
References .............................................................................................................................................. 7
Introduction:-
The aim of this assignment is to develop an IT security plan for student grading system which
is about to be implemented by Remarkable university. Goal of the project is to make the
system secure from identified threats. Some autonomous attacks in the server are phishing
attacks, targeted exploit attempts, etc.
Scope:-
There are two major situations where hacking activities can be performed, and that are,
(1) When student want to access or modify their results or others.
(2) When internal users or staffs want to view or modify their results.
(3) When external users want to access their information as well as want to modify their
results.
The important way to protect the system is to protect the two components of the grading
system. One is front end web application/server used by students, academic and
administrative staffs, and other is the database which holds the students grades. Most of the
identified threats first targets to attack on the database server because there they can get every
information and can use it for their benefits.
3 | P a g e

Risk assessment:-
The major risk and its remedies are addressed below. The major idea to create a secure IT
network is to develop a secured network from all aspects.
(1) User authentication and access control
(2) Server security
(3) Software security
(4) Software security
(5) Network security
(6) Other risks
Security strategies and action:-
When we are capable of understanding the internal process of the system, then we can easily
understand the risk factors and its solutions. In grade system, the major users are student and
instructor and printing administrator. So, the chances of hacking activities can be taken
through the user interface of the web system. For this the suggested action is to protect the
web server, as well as software because through software also malicious activity can take
place.
Action 1:- Software security:
Threat in software can be performed with the help of malicious code, which can be fed into
the...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here