Portfolio 1: Security Solution Proposal (CLO2). and Portfolio 2:

Learning Outcomes of the Assignment

CLO2:             Assess relevant facts related to security and forensic to solve specific problems and produce appropriate solutions (A2, PLO2)

CLO3:             Discuss on professional, ethical and legal issues related to security and forensics areas (A3, PLO4)

 

Instructions

No marks will be awarded for the entire assignment if any part of it is found to be copied directly from printed materials or from another student.  All submissions should be made on or before the due date. Any late submissions after the deadline will not be entertained. Zero (0) mark will be awarded for late submission, unless extenuating circumstances are upheld.

 

Portfolio 1: Security Solution Proposal (CLO2).

 

The impact of a cyber-attack to power generation operations has the potential to be catastrophic to the renewables industry as well as employee and public well-being. Utilities are a growing target for cyber criminals who are keen on making political statements or simply as criminal misdeeds. Government organizations continue to advise power executives to take proactive steps to protect physical assets, software systems and network components of their operating environment.

 

As the renewable energy industry has become a more challenging operating environment, leaders are forced to be creative in business planning, and the associated risk management to that business plan. The nature of security attacks is ever evolving and require continuous vigilance to combat. Due to the specific nature of attacks on operating technologies, such as Supervisory Control and Data Acquisition (SCADA), unique programs are required above the standard IT security protocols to truly protect the power operating environment.

 

 

 

 

 

Activities:

1. Design a security solution applicable in this scenario.
2. Relate to security concepts and apply the use of access control, cryptography, public key infrastructure, biometrics etc.
3. Propose appropriate tools / applications / systems to be used.

 

Deliverables:

Security solution proposal to renewable energy providers (documentation and presentation)

 

Portfolio 2: Investigation of Data Leak (LO3)

 

Case Study:

Draft Complete, Inc. is a small business specializing in the artistic development of high-end jewellery. Due to the expensive inventory at Draft Complete’s headquarters, every employee is thoroughly searched when leaving the building. Bruce Armiter, an employee at Draft Complete, was recently leaving work, and a security guard discovered a Compact Flash memory card in his belongings. Specifically, Armiter hid the CF card under an athletic insert in his shoe.

The security guard turned over the card to you. The guard believed Armiter was smuggling data such as pictures of new products and the HQ building schematics. The guard also believed Armiter was selling them to the highest bidder. Plans of the building layout would be very valuable to thieves. A burglar would have an easy time planning the best attack to obtain some of Draft Complete’s precious inventory. Your job is to prove or disprove the claims of the security guard.

 

Activities:

1. Prepare case investigation report to document your investigation steps and findings. Your report should include all necessary information and follow proper structure.
2. Evaluate the case and give recommendations of the case and for future as part of your conclusion.

 

Deliverable:

Case investigation findings to Draft Complete, Inc. management (documentation and presentation)

Portfolio 3: Discussion on Professional, Ethical and Legal Issues Related to Security and Forensics Areas (CLO3)

 

Background Information:

Articles and Links:

Cyberthreat Trends: 15 Cybersecurity Threats for 2020

https://us.norton.com/internetsecurity-emerging-threats-cyberthreat-trends-cybersecurity-threat-review.html

 

The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About

https://www.forbes.com/sites/bernardmarr/2020/01/10/the-5-biggest-cybersecurity-trends-in-2020-everyone-should-know-about/#6233db7d7ecc

 

RSA Conference 2020 – Emerging Threats

https://www.rsaconference.com/usa/agenda/emerging-threats

 

Activities:

1. The articles and links above are provided as a starting point for you to gather background information and discuss the key points related to this portfolio.
2. Conduct detailed study on this topic by referring to news articles, white papers, journals etc. All references need to be cited and included in the references list.
3. Your content should discuss on the related issues and give recommendations to move forward / future directions in handling the cyberthreats.

 

Deliverable:

Group discussion on professional, ethical and legal issues related to cyberthreats (documentation and presentation)

 

 

 

 

Documentation Guidelines:

Document the results of your work in a professional and systematic manner, in the form of a computerized report. ONE (1) softcopy and hardcopy of your documentation is to be submitted.

 

Your completed documentation should at least contain the following requirements:

1. Cover
2. Table of content
3. Write up for Portfolio 1, 2 and 3 with proper numbered sections and subsections. Each portfolio should have the following structure at minimum:
   1. Introduction
   2. Structured write up content (with appropriate referencing and in-text citations)
   3. Conclusion
   4. References
   5. Appendix

 

Submission Requirements

1. Online submission via Moodle.
2. Your report must be typed using Microsoft Word with Times New Roman font size 12. Report should be in 1.5 spaces. Expected length is approximately 6,000 words (excluding diagrams, appendixes and references). You need use to include a word count at the end of the report.
3. The report needs to be well presented. Submission of reports that are unprofessional in its outlook (disorganised, inconsistent look) will not fare well when marks are allocated.
4. The report should have a one (1”) margin all around the page as illustrated below:

 

1. Every report must have a front cover. A transparent plastic sheet can be placed in front of the report to protect the front cover. The front cover should have the following details:
   1. Name
   2. Intake code.
   3. Subject.
   4. Project Title.
   5. Date Assigned (the date the report was handed out).
   6. Date Completed (the date the report is due to be handed in).
2. All information, figures and diagrams obtained from external sources must be referenced using the Harvard referencing system accordingly.

 

Performance Criteria:

 

Performance Criteria	Breakdown	Weightage (%)	Marks Awarded
Portfolio 1 (Individual): PLO2 – Cognitive Skills	Security Solution Proposal Application of cryptography, PKI and/or data hiding Proposed tools / applications / systems to be used Presentation	40
Portfolio 2 (Individual): PLO2 – Cognitive Skills	Case Investigation Report Use of tools and techniques Executive summary Authorization and preparation Evidence handling Analysis and examination Reconstruction and reporting Conclusion and recommendations Appendix (if any) Presentation	40
Portfolio 3 (Group): PLO4 – Interpersonal Skills	Discussion on Challenges Documentation Presentation	20
TOTAL		100