Tasks: 1. You plan to ethically hack the newly acquired start-up and assess its security posture. You need to produce an analysis plan of the pentest and provide some preliminary information. An...

1 answer below »
Tasks: 1. You plan to ethically hack the newly acquired start-up and assess its security posture. You need to produce an analysis plan of the pentest and provide some preliminary information. An analysis plan summarises your intentions for the investigation. You will be rewarded if your plan shows evidence of creative problem-solving and critical thinking. (15%). a. Broad idea/ Sections/ Headings for this portfolio assessment (Note that these tips are provided to get your mind thinking. There are many more aspects that may be considered within each heading. Do not simply rely on this.) • Title Page • Introduction: An overview of the activity and the objectives covering the broad contours of the given scenarioPage 2 ISYS1003 Assignment 1 • Proposed Analytical Process – How would you analyse the given case? What process would you adopt? There are many pentesting methodologies, which one (or more) will you choose? Why? o Discuss phases, scope and extent of the examination o Type of test based on the provided information – white box, grey box, or black box • Ethical considerations to undertake the pen testing – discuss disclosure/non-disclosure agreement, preservation of the company’s confidentiality, prevention of sensitive data from being redistributed, deleted, modified, etc. • Resources Required – Hardware and software resources required • Timeframe – Your plan of action in defined pentest stages. Discuss the activities envisaged. • References: You are required to use at least 10 references that include books, scholarly journal articles, and conference papers. 2. Business Impact Analysis (15%) a. You should be familiar with the process of a BIA by now. You are to construct an industry standard BIA for the organisation. b. Following on from some previous work (assignment 1 and 2) you have done for the company, you should have identified and proposed several controls. You should initially perform the BIA for the company before implementation of the controls. Then, in the second step, perform BIA analysis after implementation of any controls and explain whether the controls are enough and effective.
Answered 2 days AfterMay 27, 2021ISYS1003

Answer To: Tasks: 1. You plan to ethically hack the newly acquired start-up and assess its security posture....

Riddhi answered on May 29 2021
160 Votes
Business Impact Analysis
Business Impact analysis is the process of understanding the possible threats to organization and understand the level of interruption it can cause to the business o
perations because of an event of an emergency or a threat or accident or disaster. Business impact analysis is a process of developing the strategy that can help in mitigating the potential risk to the business by creating in depth analyses and create a contingency plan for the disaster that may occur in future.
Industry standard Business Impact analysis
The industry standard business impact analysis shall be as follows –
1. A proper governance program should be conducted that properly establishes the responsibilities and authorities for the governance strategy and creates a plan for business continuity.
2. Identification of the impact analysis of the business and to ensure that all the critical services of the business are given priority and information should be exchanged in the similar pattern.
3. Measures and plan should be created which will help in ensuring that critical services are continued, and a proper risk assessment is conducted for threat and the risk assessed.
4. Activities related to the preparedness of the entity should be properly monitored.
5. Review and audit of the testing process should be rigorously evaluated.
Identify and propose several controls
Several controls in the business impact analysis involve control related to following activities –
1. Control designed by top management to make the premises non-smoking
2. Internal control
3. Data and backup control
4. Information technology control that shall protect all the applications
5. Security control
6. Control in the form of delegation of the authorities and responsibilities
Perform BIA before implementing controls
Business impact analysis before implementing control are as follows –
1. Gather...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here