This assignment is for Principles of Information Security.
CIS8001: Assignment 3 Marking Sheet CIS2005: Assignment 2 Marking Criteria Student name: Student No: Mar k Comme nts Task 1.1 Identify and describe two ways people could intentionally or unintentionally compromise the security of information technology and communications assets in an organisation (about 200 words) 16 Excellent coverage of two ways people could compromise ICT Asset security 0 12 Very good coverage of two ways people could compromise ICT Asset security 10 Good coverage of two ways people could compromise ICT Asset security 8 Average coverage of two ways people could compromise ICT Asset security 6 Poor coverage of two ways people could compromise ICT Asset security 4 Very poor coverage of two ways people could compromise ICT Asset security 0 Not Attempted or irrelevant Task 1.2 Describe how security awareness and training could facilitate people playing a proactive role in improving the security of an organisation’s information communications and technology assets (about 500 words) 24 Excellent description how security awareness & training improve ICT security 20 Very good description how security awareness & training improve ICT security 16 Good description how security awareness & training improve ICT security 12 Average description how security awareness & training improve ICT security 8 Poor description how security awareness & training improve ICT security 4 Very poor description how security awareness & training improve ICT security 0 No Attempt made or irrelevant. 0 Task 2.1 Identify and describe two key risks to information stored in a data centre elevated by poor physical security (about 300 words) 16 Excellent description of two risks to information elevated by poor physical security 0 12 Very good description of two risks to information elevated by poor physical security 10 Good description of two risks to information elevated by poor physical security 8 Average description of two risks to information elevated by poor physical security 6 Poor description of two risks to information elevated by poor physical security 4 Very poor description of two risks to information elevated by poor physical security 0 No Attempt made or irrelevant. Task 2.2 Explain what physical security controls would be put in place in a data centre to reduce these potential risks to security of information to an acceptable level (about 500 words)) 24 Excellent explanation of physical security controls reduce risks in data centre 0 20 Very good explanation of physical security controls reduce risks in data centre 16 Good explanation of physical security controls reduce risks in data centre 12 Average explanation of physical security controls reduce risks in data centre 8 Poor explanation of physical security controls reduce risks in data centre 4 Very poor explanation of physical security controls reduce risks in data centre 0 Not Attempt made or irrelevant. Report is professionally structured and presented: cover page, table of contents, heading and sub headings, page numbering with appropriate use of tables and figures, writing style is clear and succinct grammatically correct and free from spelling mistakes 10 Excellent report structure, presentation and writing style 0 8 Very good report structure, presentation and writing style 6 Good report structure, presentation and writing style 5 Average report structure, presentation and writing style 4 Poor report structure, presentation and writing style 0-3 Very poor report structure, presentation and writing style Quality of Research and Referencing for each question evident in use of in text referencing acknowledging original sources of ideas presented in report and complete reference list using Harvard referencing style provided for all references cited in text in body of report 10 Excellent research of questions evident in text referencing and reference list 0 8 Very good research of questions evident in text referencing, reference list 7 Good research of questions evident in text referencing and reference list 5 Average research of questions evident in text referencing and reference list 3 Poor research of questions evident in text referencing and reference list 1 Very poor research of questions evident in text referencing, reference list. 0 No research of each task evident, no in text referencing, no reference list Total Marks 0 Evidence of plagiarism or collusion (Yes/No) Marker Comments: CIS2005 Assignment 2 Description Marks out of Wtg(%) Word limit Due date Assignment 2 100 15 1500 31 AUGUST 2018 SPECIFICATION This assignment 2 assesses the following course objectives: 1. analyse information security vulnerabilities and threats and determine appropriate controls that can be applied to mitigate the potential risks 2. communicate effectively both written and orally about the management of information security in organisations. This assignment 2 written report requires you to provide written answers to Tasks 1 and 2 that are supported by in text referencing and a reference list Task 1 Role of people in operational security (40 marks) Review the current literature on the role of people in operational security as a potential risk to information assets versus a potential aide to improving security in organisations Task 1.1 Identify and describe two ways people could intentionally or unintentionally compromise the information technology and communications assets in an organisation (about 200 words) Task 1.2 Describe how security awareness and training could facilitate people playing a proactive role in improving the security of an organisation’s information technology and communications assets (about 500 words) Task 2 Physical security in a data centre (40 marks) Review the current literature on the role of physical security in a data centre in order to address the tasks Task 2.1 Identify and describe two key risks to information stored in a data centre elevated by poor physical security (about 300 words) Task 2.2 Explain what physical security controls would be put in place in a data centre to reduce these potential risks to security of information to an acceptable level (about 500 words) Report structure and presentation, writing style (10 Marks) Report is professionally structured and presented: cover page, table of contents, heading and sub headings, page numbering with appropriate use of tables and figures, writing style is clear and succinct, grammatically correct and free from spelling mistakes. Quality of Research for each question evident in Referencing (10 Marks) appropriate level of in text referencing acknowledging original sources of ideas presented in report, reference list provides complete details for all references cited in body of report using Harvard referencing style. Harvard referencing resources Install a bibliography referencing tool – Endnote which integrates with your word processor. http://www.usq.edu.au/library/referencing/endnote-bibliographic-software USQ Library how to reference correctly using the Harvard referencing system https://www.usq.edu.au/library/referencing/harvard-agps-referencing-guide http://www.usq.edu.au/library/referencing/endnote-bibliographic-software https://www.usq.edu.au/library/referencing/harvard-agps-referencing-guide ASSIGNMENT SUBMISSION 1) The file naming guidelines are as follows: a. It is important that you use this convention to ensure that assignments can be tracked: Familyname_studentnumber_CIS2005_ASS2 i. Replace ‘familyname’ with YOUR family or surname ii. Replace ‘studentnumber’ with YOUR student number (which starts with ‘00’) 2) Submit your assignment 2 using the Online Assignment 2 Submission link on the Study Desk 3) Late submission of assignment work a. Late assignments will be penalised unless permission has been granted by the course leader BEFORE the assignment due date. Late assignments may be penalised by reducing the allocated mark by 5% per day late. GENERAL REQUIREMENTS Using appropriate headings and sub-headings in your report to clearly identify each of the required questions and answers. The report must be written in your own words. 1. Ideas obtained from sources must be included in your discussion by expressing the idea in your words and citing the source using the Harvard Referencing style. 2. Direct quotes of more than five (5) words will not be considered a demonstration of your knowledge and will be assessed accordingly 3. The assignment must be the expression of your own work. It is acceptable to discuss course content with others to improve your understanding and clarify requirements, but solutions to assignment questions must be done on your own. This also means that it is not sufficient to merely paraphrase the entire assignment content from a textbook or other source. Your assignment answers need be a reflection and synthesis of your research of the associated topics. This should be evident in your in text referencing and reference list. 4. You need to demonstrate your understanding of associated topics for each assignment. You must not copy from anyone, including tutors and fellow students, nor provide copies of your work to others. 5. Note carefully University policy on Academic Misconduct such as plagiarism, collusion and cheating. If any of these occur they will be found and dealt with by the USQ Academic Integrity Procedures. If proven, Academic Misconduct may result in failure of an individual assessment, the entire course or exclusion from a University program or programs. http://www.usq.edu.au/library/help/referencing/harvard.htm http://www.usq.edu.au/library/help/referencing/harvard.htm http://policy.usq.edu.au/documents/14132PL http://policy.usq.edu.au/documents/14727PL http://policy.usq.edu.au/documents/14727PL