Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company, as a cybersecurity consultant to help in security management and to address the contemporary and...

1 answer below »
Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company, as a cybersecurity consultant to help in security management and to address the contemporary and emerging risks from the cyber threats the company is facing. AML is providing a platform for Australian customers to sell their product online. The vision of the company is to be among the top 5 nation-wide. The board from the advice by Chief Information Officer (CIO) and Chief Information Security Officer (CISO) has concluded that they should get to point that the key services such as web portal should be able to recover from major incidents in less than 20 minutes while other services can be up and running in less than 1 hour. In case of a disaster, they should be able to have the Web portal and payroll system fully functional in less than 2 days.

The company is a new company which is growing rapidly. While the company uses its database server to store the information of its customers’ private data, credit card info, etc. it has a poordesigned network with a low level of security. As the company is responsible for the privacy and the security of customer personal info, credit card details, the security of payment transactions, etc. they have decided to improve their information security. Therefore, they have hired you to do the following task:

Your task is to perform a risk analysis and develop a security plan for the Company and document the outcomes.

CMP73001-Ass2

Existing IT infrastructure of AML: - Office 365 Emails Hosting - 2 Web server providing web services and payment options - A physical database server storing customer information - DHCP and DNS servers - Servers located in a server room accessible by all staff - There is no virtual/cloud storage - The backup files are stored on a single computer connected to the internal network - Two 24-port Cisco Catalyst switches (1Gbps ports) - Switches are access layer switches - ADSL router - 40 PCs with outdated antivirus - The operating systems used in the company are Windows 2012 server and Windows 10 - Windows Firewalls are on - No security configuration on routers and switches - Telnet connection is used by IT people to remotely check the configuration of the network devices. Therefore, there is no encryption in remote access. - Two wireless access points - Wireless security is WPA - 10 Voice over IP phones - Servers located in a server room accessible by all staff - There is no virtual/cloud storage - The backup files are stored on a single computer connected to the internal network - There are 40 staff including three IT people (IT staff are responsible to look after internet connection, network devices, Wi-Fi, Voice over IP service, LAN, computers, servers, hardware and software, and video conference facilities). - All staff and equipment are on a single floor. - The roles and responsibilities of people who are responsible for information security management are not clear and they are not documented. All IT staff help in information security management.

For this assignment, you need to write a report to the CEO of the company and answer a number of questions. You should also identify assets, perform risk assessment, and propose solutions to mitigate risks. Your answer should be submitted in PDF/DOC files.

CMP73001-Ass2

Assignment guideline

Plans/programs/policy development exercise: develop program direction and policy and propose controls and changes to secure the organization information system based on the risk assessment results.

Task 1: Security policy development and risk management 1.1 Based on the information given for AML and based on the risk assessment results in Assignment 1, develop an appropriate access control policy for this company. 1.2 What types of access controls do you recommend protecting the assets of the company? Justify your choices. You should have physical and logical access controls which do not let unauthorized access to the assets (assets include information, software, and hardware). At least three access controls should be provided. Justify your choices with cost benefit analysis and effectiveness. 1.3 Propose at least five controls, which can be used to control threats identified in Assignment 1. Justify your choices with cost benefit analysis and effectiveness. 1.4 Determine and recommend data security solutions for three different data states in the company: data in use, data in motion, and data at rest. 1.5 What authentication method do you recommend for AML Company for effective and efficient management of user identify verification, especially for remote users. 1.6 Explain how a single sign-on service (SSO) can help AML company to manage authentication. Which protocol will be used to implement this SSO service and why? Explain the protocol. 1.7 Explain the difference between incident response and disaster recovery. What are the responsibilities of the incident response team and the disaster recovery team? 1.8 Describe six phases of developing an incident response plan. For this question, you should explain each phase and propose at least two activities for each phase in AML Company. You may need to do some research to answer this question. 1.9 Provide five examples of natural or human-made disasters in relevant to AML. Explain three phases of disaster recovery. You can use the link below to find some information about disaster recovery phases. https://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-453495.pdf 1.10 Explain the definition of MTD, RTO, and RPO in disaster recovery. What is the difference between disaster recovery and business continuity?

CMP73001-Ass2

Task 2: Review and improve security policies (optional - students who answer this question will receive a 10% extra mark)

For this task, you should read the following version of policies created by an IT staff. You as the cybersecurity consultant are asked to review and revise the policies and propose a more comprehensive version of the policies for the company. For each group, you should write at least six new policy requirements. Security policies Backup policies:  A weekly full backup should be performed in the company.  Backup files should be stored in a server in the company.

Computer use policies:  The programs from untrusted and external sources should not be run on the company computers.  Computer logs should be only stored on the computer.

Assessment Criteria

Criteria Max Mark

Task 1: Security policy development and risk management 27 Task 1.1: access control policies 3 Task 1.2: Access controls for the asset identified in Assignment 1 4 Task 1.3: Controls for the threats identified in Assignment 1 5 Task 1.4: Data security controls for three data states 1.5 Task 1.5 & 1.6: Recommendation of a multi-factor authentication method, and a single sign-on definition 4.5 Task 1.7: the difference between incident response and disaster recovery 1.5 Task 1.8: Six phases of incident response and their activities 3 Task 1.9: Disasters and recovery phases 3 Task 1.10: Disaster recovery and business continuity definition 1.5 Task 2: Review and improve security policies (optional question) (10% extra mark)

Documentation 3 Professional presentation. 1.5 Referencing 1.5 Total 30

CMP73001-Ass2

Assignment-2 Marking Rubric A spreadsheet that will be used for the marking of your site is provided (attached with the final submission link) on MySCU to itemize exactly what tutors will be looking at in relation to marking your assignment. It contains a detailed breakdown of the marking criteria for this assignment. I strongly suggest you peruse this spreadsheet.

Format, Presentation Submission Format and Length There is no report template to be used in this assignment, so you can design your own template or refer to online resources. However, the report should be well presented in a standard report format. The first page of the report should have a simple company logo, your name, and student ID, CMP73001 Assignment 2, and the date you submit your assignment.

When you have completed the assignment, you are required to submit your assignment in the PDF/DOC format. The file will be named using the following convention:

filename = FirstInitialYourLastName_CMP730021_A2.pdf (i.e. FJones_CMP73001_A2.pdf)

Due to the system setting constraint, the report 2 length/duration was set with 15hours in the unit UIG. You are advised that there is no formal word limit for the report. However, a good report is expected to be somewhere in the vicinity of 2,000 - 3,500 words from Introduction to Conclusion. Note that this is a very rough estimate and there will be no penalties imposed based on the number of words (no real ceiling if the content is precise and relevant!)

Original Work

Note that you are not allowed to cut and paste from online resources. Use your own words and figures. Acknowledge all reference sources.

It is a University requirement that a student’s work complies with the Academic Integrity Policy. It is a student’s responsibility to be familiar with the Policy. Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Student Academic Integrity policy at the following website
Answered Same DayApr 23, 2021CMP73001Southern Cross University

Answer To: Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company,...

Shikha answered on Apr 29 2021
148 Votes
Student Name
Student ID        2
Assignment 2: Cyber Security Policy
Submitted By
Course
Professor
Date
Introduction
Advanced Medicos Limited (AML) is the healthcare product sell company that provides a platform to the Australian customers for selling their products online. The company’s SIO found some security risks in the usage of web portal. The CIO of the organization is mainly focused on the system shutdown time in case of any incident. The
main objective of the report is to provide the security plan for the current infrastructure.
TASK 1: Security Policy Development and Risk Management
Access Control Policy
As the company is storing the customer’s bank details like credit, therefore, it is necessary to develop access control policy so that only authorized users can have access to the system and data center where this information is stored.
Controlling Physical Access – Only authorized users must have the access to enter the physical location of the data center. The access keys must be kept under the supervision of IT manager. The data center area will be secured by implementing biocentric security access as it’s difficult to steal the biometric details.
Controlling Authorization – The server access must be provided to the authorized personally only. No trust policy should be applied. The administrative access should be given to IT personnel only. The users must adapt the policy of changing regular passwords. It will help in additional security to the system (Hu, 2016).
Type of Access Control for the Company
Physical access control as the name suggests will be related to physical access to the server room. On the other hand, logical access control includes authentical, authorization protocol. The various physical and logical access controls that will be applied to the server room will include:
Biometric Access Control – Biometric access control is the system that can protect the data center from the intruders and will prevent the servers from the unauthorized access. It is based on physical uniqueness of the human. The working of biometric includes it scans the person who has to enter in the room. All the biometrics of the human will be checked by the biometrics entered into the system. If it matches, the, it allows the person to enter into the room. This access control comes under the physical access control and its cost will be approximately $100 (Bioenable, 2020).
Hardware Firewall – Firewalls are configured between a router and application servers in order to provide access controls. The network can be protected with the use of firewalls from the hackers. Firewalls are used to control the access from extruders or any external activity. The firewalls will block any malicious activity like NFS, NIS and so on. The cost of firewall will be approximately $50 (Oracle Corporation, 2010). It will provide physical access control.
Data Encryption – Data encryption will provide the logical access control as it allows data to be saved in encrypted form in the database, so that it becomes difficult for the hackers to understand. Some algorithms will be applied on the data so that it can be encrypted. Only the skilled person will be required to save the data in encrypted format (London School of Economics, 2019).
Threat Control
1. Using IDS/ IPS - For detecting threats in advance, antimalware software, host-based firewalls, as well as host-based IPS must be an important part of the network to help accumulate data about any malware activity on the endpoint devices. But configuration should be applied as none of these by themselves gives adequate prevention, recognition, and response (PDR) capacities, and PDR is just a single aspect of detecting threats. The cost of IDS system will be approximately $8000 but it will be best method for detection of any malware activity. Hence, it is justified to use IDS in the network system.
2. Using Antivirus – The server-based antivirus must be installed in the servers. A warning message will be generated when a malicious activity will be found on the system. It should be licensed version. The cost of server -based antivirus could be $1,000 and will effectively fit in the budget.
3. Network Segmentation - The third control to prevent the network will be network division using VLANs that can help in preventing access, limiting unwanted access, and also consist of various continuity events. It will cost approximately $2000 and will be effective way to secure network infrastructure.
4....
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here