MIS607 Cybersecurity | My Assignment Tutor

MIS607_Assessment_2_Brief_Threat Model Report_ Module 4.2 Page 1 of 4Task SummaryYou are required write a 1500 words Threat modelling report in response to a case scenario by identifying thethreat types and key factors involved. This assessment is intended to build your fundamental understanding ofthese key threats so that you will be able to respond/mitigate those factors in Assessment 3. In doing so, thisassessment will formatively develop the knowledge required for you to complete Assessment 3 successfully.ContextSecurity threat modelling, or threat modelling is a process of assessing and documenting a system’s securityrisks. Threat modelling is a repeatable process that helps you find and mitigate all of the threats to yourproducts/services. It contributes to the risk management process because threats to software and infrastructureare risks to the user and environment deploying the software. As a professional, your role will require you tounderstand the most at-risk components and create awareness among the staff of such high-risk componentsand how to manage them. Having a working understanding of these concepts will enable you to uncover threatsto the system before the system is committed to code.Task Instructions1. Carefully read the attached the case scenario to understand the concepts being discussed in the case.2. Review your subject notes to establish the relevant area of investigation that applies to the case. Reread any relevant readings that have been recommended in the case area in modules. Plan how youwill structure your ideas for the threat model report.3. Draw a use DFDs (Data Flow Diagrams):• Include processes, data stores, data flows• Include trust boundaries (Add trust boundaries that intersect data flows)• Iterate over processes, data stores, and see where they need to be broken down• Enumerate assumptions, dependencies• Number everything (if manual) ASSESSMENT 2 BRIEFSubject Code and TitleMIS607 CybersecurityAssessmentThreat Model ReportIndividual/GroupIndividualLength1500 words (+/- 10%)Learning OutcomesThe Subject Learning Outcomes demonstrated by successful completion ofthe task below include:b) Explore and articulate cyber trends, threats and staying safe incyberspace, plus protecting personal and company data.c) Analyse issues associated with organisational data networks andsecurity to recommend practical solutions towards their resolution.d) Evaluate and communicate relevant technical and ethicalconsiderations related to the design, deployment and/or the usesof secure technologies within various organisational contexts.SubmissionDue by 11.55 pm AEST Sunday end of Module 4.1Weighting35%Total Marks100 marks MIS607_Assessment_2_Brief_Threat Model Report_ Module 4.2 Page 2 of 4• Determine the threat types that might impact your system• STRIDE/Element: Identifying threats to the system.• Understanding the threats (threat, property, definition)4. The report should consist of the following structure:A title page with subject code and name, assignment title, student’s name, student number, and lecturer’sname.The introduction that will also serve as your statement of purpose for the report. This means that you willtell the reader what you are going to cover in your report. You will need to inform the reader of:a) Your area of research and its contextb) The key concepts of cybersecurity you will be addressing and why you are drawing the threatmodelc) What the reader can expect to find in the body of the reportThe body of the report) will need to respond to the specific requirements of the case study. It is advisedthat you use the case study to assist you in structuring the threat model report, drawing DFD andpresenting the diagram by means of subheadings in the body of the report.The conclusion will summarise any findings or recommendations that the report puts forward regardingthe concepts covered in the report.5. Format of the reportThe report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and havepage numbers on the bottom of each page. If diagrams or tables are used, due attention should be givento pagination to avoid loss of meaning and continuity by unnecessarily splitting information over twopages. Diagrams must carry the appropriate captioning.6. ReferencingThere are requirements for referencing this report using APA style for citing and referencing research. It isexpected that you used 10 external references in the relevant subject area based on readings and furtherresearch. Please see more information on referencing here:https://library.torrens.edu.au/academicskills/apa/tool7. You are strongly advised to read the rubric, which is an evaluation guide with criteria for grading theassignment. This will give you a clear picture of what a successful report looks like.Submission InstructionsSubmit Assessment 2 via the Assessment link in the main navigation menu in MIS607 Cybersecurity. TheLearning Facilitator will provide feedback via the Grade Centre in the LMS portal. Feedback can be viewed inMy Grades.Academic Integrity DeclarationI declare that, except where I have referenced, the work I am submitting for this assessment task is my ownwork. I have read and am aware of the Torrens University Australia Academic Integrity Policy and Procedureviewable online at http://www.torrens.edu.au/policies-and-forms.I am aware that I need to keep a copy of all submitted material and their drafts, and I will do so accordingly.MIS607_Assessment_2_Brief_Case Study_ Module 4.2 Page 3 of 4Assessment Rubric Assessment AttributesFail(Yet to achieve minimumstandard)0-49%Pass(Functional)50-64%Credit(Proficient)65-74%Distinction(Advanced)75-84%High Distinction(Exceptional)85-100%Visual appeal andpresentation ofcontentTitle page included.Adheres to the font,spacing, format, andword countrequirement.Appropriate use ofparagraphs, sentenceconstruction, spelling,and grammar.20%No title page. Incorrectfont and size with poorline spacing and largegaps in pagination, tables,or diagrams. Report iswritten as a block of textwith no breaks in betweenideas. Separate ideascannot be clearlydiscerned. Many errors inspelling or grammar. Doesnot adhere to the wordcount requirement.Title page is included. Missingmost information. Incorrectfont and size is used or poorline spacing and large gaps inpagination.Paragraphs are used but largeblocks of text with longsentences make it difficult tounderstand the ideas beingconveyed.Spelling or grammar haserrors but meaning remainsclear. Does not adhere to theword count requirement.Title page is included but ismissing key information.Some errors in font use andline spacing. Somepagination problems.One idea or concept perparagraph. Someparagraphs could be moresuccinctly written.Minor spelling or grammarerrors. Adheres to the wordcount requirement.Title page is included withmost required information.Minor errors in font,spacing and format.One idea or concept perparagraph with 3–4 wellconstructed sentences perparagraph.No errors in spelling orgrammar. Adheres to theword count requirement.Title page is included withall required information.Font, spacing, and formatare in accordance with therequirements of theassignment brief.Expert use of paragraphswith 3–4 well-constructedsentences per paragraphthat follow logically fromeach other.No errors in spelling orgrammar. Adheres to theword count requirement.Knowledge andunderstandingUnderstanding of thekey concepts.Core components ofData flow diagram(DFD) addressed.Analysis and evaluationof the threat modelling.50%Lack of understanding ofthe required concepts andknowledge. Corecomponents of the DFDnot addressed.Lack of analysis andevaluation threat typesand its applicability tothreat modelling.Limited understanding ofrequired concepts andknowledge.Some of the key componentsof the DFD are not addressed.Limited analysis andevaluation of threat typesand its applicability to threatmodelling.Adequate knowledge orunderstanding of therequired concepts.Key components of the DFDare addressed.Understand the context andimpact the threat modellingconcept represents fordata. Identifies logicalflows, threats, risks andquestions the viewpoints ofthe attacker.Thorough understanding ofthe key concepts.All core components of theDFD addressed.Well-demonstratedcapacity to analyse andevaluate the threatmodelling concept.Identifies logical flows andthreats and presentssuggestions the attackercan use to develop theirtechnique.Highly developedunderstanding of the keyconcepts. Addresses allcore components of theDFD. Comprehensiveinsight demonstrated in theanalysis of variouselements and processes ofthe DFD. Expertlyevaluates the threadmodel. Provides athoughtful critique in thecontext of the scenario. MIS607_Assessment_2_Brief_Case Study_ Module 4.2 Page 4 of 4 Use of academic anddiscipline conventionsFormal tone. No use offirst-party perspective.Meets the assignmentbrief regardingintroduction, body, andconclusion.Appropriate use ofcredible resources.Correct citation of keyresources using APAstyle of referencing.30%Does not adhere to theassignment briefrequirements. Poorlywritten with informal toneusing first personpronouns. No introductionattempted. Conclusionnot attempted.Inconsistent andinadequate use of goodquality, credible, andrelevant resources tosupport and developideas. No use of in-textreferences, or noreference list at the closeof the report. Manymistakes in using the APAstyle.Written according toacademic genre. Minor errorsin the use of first-personpronouns.Introduction attempted butvery generic, and does notclearly state the purpose ofthe report and what thereader should expect to findin the body of the report.Conclusion attempted butdoes not include summationof key concepts discussed inthe report and/or keyconclusions orrecommendations.Consistent use of credibleand relevant sources. Littleuse of in-text referencing.Some mistakes in using APAstyle.Written according toacademic genre.Sound use of theintroduction but does notclearly state either thepurpose of the report orwhat the reader shouldexpect to find in the bodyof the report. Sound use ofthe conclusion andsucceeds in either thesummation of key conceptsdiscussed, or keyconclusions.Consistent use of credibleand relevant. Good use ofin-text referencing. Minorerrors in using the APAstyle.Well-written and adheres tothe academic genre.Good use of theintroduction, which clearlystates the purpose of thereport and what the readershould expect to find in thebody of the report. Gooduse of the conclusion andsucceeds in summation ofkey concepts discussed andkey conclusions.Expert use of good quality,credible, and relevantsources. Very good use ofin-text referencing. Nomistakes in using the APAstyle.Expertly written andadheres to the academicgenre.Excellent use of theintroduction, which securesthe attention of the reader,clearly states the purposeof the report and what thereader should expect tofind in the body of thereport. Excellent use of theconclusion, which succeedsin confident summation ofkey concepts andconclusions.Expert use of high-qualitycredible and relevantsources. Excellent andmeticulous use of in-textreferencing. No mistakes inusing the APA style.


Leave a Reply

Your email address will not be published. Required fields are marked *