Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company, as a cybersecurity consultant to help in security management and to address the contemporary and...

1 answer below »
Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company, as a cybersecurity consultant to help in security management and to address the contemporary and emerging risks from the cyber threats the company is facing. AML is providing a platform for Australian customers to sell their product online. The vision of the company is to be among the top 5 nation-wide. The board from the advice by Chief Information Officer (CIO) and Chief Information Security Officer (CISO) has concluded that they should get to point that the key services such as web portal should be able to recover from major incidents in less than 20 minutes while other services can be up and running in less than 1 hour. In case of a disaster, they should be able to have the Web portal and payroll system fully functional in less than 2 days. The company is a new company which is growing rapidly. While the company uses its database server to store the information of its customers’ private data, credit card info, etc. it has a poordesigned network with a low level of security. As the company is responsible for the privacy and the security of customer personal info, credit card details, the security of payment transactions, etc. they have decided to improve their information security. Therefore, they have hired you to do the following task: Vulnerability assessment and Business Impact Analysis (BIA) exercise: 1. Perform vulnerability assessment and testing to assess a fictional business information system. 2. Perform BIA in the given scenario. 3. Communicate the results to the management. Existing IT infrastructure of AML: CMP73001-Ass3 - Office 365 Emails Hosting - 2 Web server providing web services and payment options - A physical database server storing customer information - DHCP and DNS servers - Servers located in a server room accessible by all staff - There is no virtual/cloud storage - The backup files are stored on a single computer connected to the internal network - Two 24-port Cisco Catalyst switches (1Gbps ports) - Switches are access layer switches - ADSL router - 40 PCs with outdated antivirus - The operating systems used in the company are Windows 2012 server and Windows 10 - Windows Firewalls are on - No security configuration on routers and switches - Telnet connection is used by IT people to remotely check the configuration of the network devices. Therefore, there is no encryption in remote access. - Two wireless access points - Wireless security is WPA - 10 Voice over IP phones - Servers located in a server room accessible by all staff - There is no virtual/cloud storage - The backup files are stored on a single computer connected to the internal network - There are 40 staff including three IT people (IT staff are responsible to look after internet connection, network devices, Wi-Fi, Voice over IP service, LAN, computers, servers, hardware and software, and video conference facilities). - All staff and equipment are on a single floor. - The roles and responsibilities of people who are responsible for information security management are not clear and they are not documented. All IT staff help in information security management. For this assignment, you need to write a report to the CEO of the company and answer a number of questions. You should also identify assets, perform risk assessment, and propose solutions to mitigate risks. Your answer should be submitted in two (2) PDF/DOC files. This assignment has several group questions (if you can form a group otherwise you can do it individually). Therefore, you should make groups of two members in each. In each question, there are three roles, and each team member should choose one role and answer its question. It is the group decision to decide about the roles. Students need to submit all answers from their team, and they should mention the name of the student who answered each question. CMP73001-Ass3 Assignment guideline Task 1: Penetration testing 1.1 Individual: i. Penetration testing involves different phases to test the level of security in a company. Do some research and explain when you are allowed to perform penetration testing against a company. What are the ethical hazards associated with penetration testing? You should discuss the possible ethical issues that should be taken into consideration in the test. ii. Critically discuss the purpose of cybersecurity penetration testing and how it can help to mitigate security risks against the company assets? iii. Compare and contrast the three types of pentesting (i.e., blackbox, greybox and whitebox) testing tools useful for vulnerability/port scanning. iv. Explain in details the Reconnaissance phase of penetration testing. Do some research and propose at least three resources which can be used to collect information in Reconnaissance. 1.2 Group: Penetration testing is associated with legal issues which should be taken into consideration before performing the test. You have been asked to perform penetration testing for the AML company and discuss critically the following: (This group task should be answered in a group of two students. Each student is responsible to choose and work on one role.) Role 1: i. Analyse the output information that you receive from a well-known scanner, Nmap. For this question, you are strongly encouraged to watch a recording that has been posted guiding you in this task. You should add a screenshot of the scan results in your submission. ii. Critically discuss how Wireshark software can be used in penetration testing to capture information about the company’s traffic. For this question, you can install Wireshark on your own laptop/pc (https://www.wireshark.org/download.html). Open a browser in your computer and capture TCP and HTTP traffic. Explain what types of information you have obtained from Wireshark. You should add a screenshot of the output. Role 2: CMP73001-Ass3 i. Do some research and critically discuss how fuzzing tools can help to test a newly developed application. Explain three types of software vulnerabilities detectable by Fuzzing tools. You also need to provide three examples of Fuzzing tools and compare their major functions ii. AML has a website providing online services to its customers. Explain at least two types of potential attacks against the website with proper justification. For this question, you should also provide solutions which can be used to mitigate the risks of these threats. 1.3 Individual: Explain how the following cyber-attacks might affect the business operations of AML. Provide a cost effective detective/preventative methods to be used in AML to mitigate the risks of these security threats? o DDoS o Social engineering o Phishing o Rootkit o Ransomware Task 2: Secure Systems / Networks / Applications 2.1 Individual: Discuss two different types of VPN implementation in AML business context. Compare and contrast between IPsec, SSL and SSH protocols. Which of the following remote access control protocols is more secure and why?  Telnet  SSH 2.2 Group: This group question should be answered in a group of two students. Each student is responsible to choose one role and answer its question. Role1: Explain which security measures (including hardware and software) you intend to implement in AML company to mitigate existing risks (a firewall and an IDS are examples of security measures). For this question, you should submit a logical topology of your proposed network design. The design should show how the security measures are connected to the company’s network. In your network design, the servers should be publicly available to external users. Therefore, the servers’ zone should be separate from the internal network and computers. CMP73001-Ass3 Role 2: The company has a low level of wireless security. Write about 300 words about wireless vulnerabilities in the company network and propose the methods which can address these vulnerabilities in AML Company. Task 3 (individual): Managing personnel security Social engineering is a security attack which is easy to perform. Due to the low level of employee awareness of IT and cybersecurity, it is important to find efficient methods to mitigate the risk of social engineering attacks. For this question, you should explain at least three common methods to perform social engineering attacks in penetration testing. Discuss critically how they can mitigate this risk? Task 4 (individual): Business Impact Analysis (BIA) 4.1 Perform BIA for AML: For this question, you should provide the following information:  Do some research and explain the definition of Business Impact Analysis (BIA).  You have proposed several controls in Assignment 2. For this question, you should initially perform BIA for AML before implementing the controls. Then, in the second step, perform BIA analysis after implementing the controls and explain whether the controls are enough and effective. 4.2 Based on Australian Cybercrime Legislation, what are different forms of online fraud that might happen to AML company? Discuss your answer. Assessment Criteria Criteria Max Mark Task 1: Penetration Testing 11 Task 1.1: Penetration testing and reconnaissance phase 3 Task 1.2: Group work 5 Task 1.3: Cyber-attacks, business impact and mitigation 3 Task 2: Secure Systems / Networks / Applications 8 Task 2.1: VPN and remote access protocols 3 Task 2.2: Group work 5 Task 3: Managing personnel security 3 Task 4- Business Impact Analysis 5 Documentation 3 Professional presentation 1.5 Referencing 1.5 Total 30 CMP73001-Ass3 Assignment-2 Marking Rubric A spreadsheet that will be used for the marking of your site is provided (attached with the final submission link) on MySCU to itemize exactly what tutors will be looking at in relation to marking your assignment. It contains a detailed breakdown of the marking criteria for this assignment. I strongly suggest you peruse this spreadsheet. Format, Presentation Submission Format and Length There is no report template to be used in this assignment, so you can design your own template or refer to online resources. However, the report should be well presented in a standard report format. The first page of the report should have a simple company logo, your name, and student ID, CMP73001 Assignment 3, and the date you submit your assignment. When you have completed the assignment, you are required to submit your assignment in the PDF/DOC format. The file will be named using the following convention: filename = FirstInitialYourLastName_CMP730021_A3.pdf (i.e. FJones_CMP73001_A3.pdf) Due to the system setting constraint, the report 3 length/duration was set with 30 hours in the unit UIG. You are advised that there is no formal word limit for the report. However, a good report is expected to be somewhere in the vicinity of 2,000 - 3,500 words from Introduction to Conclusion. Note that this is a very rough estimate and there will be no penalties imposed based on the number of words (no real ceiling if the content is precise and relevant!) Original Work Note that you are not allowed to cut and paste from online resources. Use your own words and figures. Acknowledge all reference sources. It is a University requirement that a student’s work complies with the Academic Integrity Policy. It is a student’s responsibility to be familiar with the Policy. Failure to comply with the Policy can have severe consequences in the form of University sanctions. For information on this Policy please refer to Student Academic Integrity policy at the following website: http://policies.scu.edu.au/view.current.php?id=00141 As part of a University initiative to support the development of academic integrity, assessments may be checked for plagiarism, including through an electronic system, either internally or by a plagiarism checking service, and be held for future checking and matching purposes. CMP73001-Ass3 A Turnitin link has been set up to provide you with an opportunity to check the originality of your work until your due date. Please make sure you review the report generated by the system and make changes (if necessary!) to minimise the issues of improper citation or potential plagiarism. If you fail to follow this step, your report may not be graded or may incur late feedback. Retain Duplicate Copy Before submitting the assignment, you are advised to retain electronic copies of original work. In the event of any uncertainty regarding the submission of assessment items, you may be requested to reproduce a final copy. School Extension Policy In general, I will NOT give extension unless where there are exceptional circumstances. Students wanting an extension must make a request at least 24 hours before the assessment item is due and the request must be received in writing by the unit assessor or designated academic through student service (please visit https://www.scu.edu.au/currentstudents/student-administration/special-consideration/ for details). Extensions within 24 hours of submission or following the submission deadline will not be granted (unless supported by a doctor’s certificate or where there are exceptional circumstances – this will be at unit assessor’s discretion and will be considered on a case by case basis). Extensions will be for a maximum of 48 hours (longer extensions supported by a doctor’s certificate or alike to be considered on a case by case basis). A penalty of 5% of the total available grade will accrue for each 24-hour period that an assessment item is submitted late. Therefore, an assessment item worth 20 marks will have 1 mark deducted for every 24-hour period and at the end of 20 days will receive 0 marks. Students who fail to submit following the guidelines in this Unit Information Guide will be deemed to have not submitted the assessment item and the above penalty will be applied until the specified submission guidelines are followed. Marks and Feedback All assessment materials submitted during the semester will normally be marked and returned within two weeks of the required date of submission (provided that the assessment materials have been submitted by the due date). Marks will be made available to each student via the MySCU Grade book.
Answered Same DayMay 05, 2021CMP73001Southern Cross University

Answer To: Task Description You are hired by Advanced Medicos Limited (AML), a healthcare product sell company,...

Amit answered on May 10 2021
159 Votes
Title of the assignment: Vulnerability assessment and Business Impact Analysis exercise
Student’s name:
Student ID:
Professor’s name:
Course title: Cyber security Management, CMP73001
Date: 5/10/2020
Table of Contents
1.    Task 1    3
1.1    3
I.    Penetration testing with ethical hazards and issues    3
II.    Purpose of penetration testing and mitigation of security risks    4
III.    Comparison of pen-testing    4
IV.    
Penetration testing and reconnaissance    5
1.2    6
I.    Fuzzing tools and identified software vulnerabilities    6
II.    Attacks on online services of AML and mitigation plan    7
1.3    Cyber attacks on AML    7
2.    Task 2    8
2.1    VPN implementation and protocol comparison for AML    8
2.2    Role 2: wireless security and vulnerability analysis for AML    9
3.    Task 3: Personal security management    10
4.    Task 4    10
4.1    BIA to AML    10
4.2    Online frauds to AML    11
5    References:    12
1. Task 1
1.1
I. Penetration testing with ethical hazards and issues
Performing the authorized attack on the network of any organization like AML for identification of system weakness and other associated vulnerabilities is commonly known as penetration testing. This testing shows the potential impact of possible attacks on the AML network. The followed ethical hazard for completing the penetration testing on the AML network is provided below:
1. The encountered illegality associated with the network engagement rules are identified by the legal ambiguity.
2. The identification of testing subject for the AML network is defined as the human targets.
3. The interaction among AML team and testers is defined.
4. The down play to find the problems in AML network is measured as the client indifference.
The possible occurred ethical issues for conducting penetration testing on AML network are pointed below:
1. Conducting penetration testing will break the security policy of AML network. So, tester must be careful.
2. The privacy of stored data on AML network will also be compromised. So, ethics must be maintained by tester for accessing such data.
3. The complete strategies of business processes used by AML are stored on their network. Thus, the tester must assure any leakage for the business process of AML.
II. Purpose of penetration testing and mitigation of security risks
The penetration testing plays important role in maintaining the cyber security for the AML organization. The main purposes of penetration testing for maintaining the cyber security of AML organization are provided here:
· The hardware weakness in infrastructure of AML network can be identified.
· The required controls and improvement against cyber security attacks to AML network can be identified.
· The application weakness for the used applications on the AML network can also be identified.
· The fixing of new possible bugs and vulnerabilities is also possible.
The scanning of AML infrastructure and defining the DMZ for the AML network are the main plan for the mitigation of security risks. The regular occurrence of penetration testing is an effective mitigation strategy for removing the security risks in AML network.
III. Comparison of pen-testing
The table showing comparison among white box, gray box and black box penetration testing for vulnerability scanning of AML network is provided below:
    Sr. No.
    White Box
    Gray Box
    Black Box
    1.
    The vulnerabilities from internal network are mainly identified with it.
    The vulnerabilities from outside attackers as well as internal network are mainly identified with it.
    The vulnerabilities from outside attackers are mainly identified with it.
    2.
    The source code and architectural design of AML network are mainly examined.
    The architectural design of AML network is mainly examined with this testing.
    It conducts dynamic analysis of AML network.
    3.
    The complete data of AML network will be analyzed with it. It is very time consuming testing.
    A focused analysis to network security of AML network is provided by this testing.
    It is fast and limited knowledge of tester is required to conduct this testing on AML network.
    4.
    It...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here