OFFERS!
Get Expert-crafted assignments
Get Expert-crafted assignments
Save 51%
Get Expert-crafted assignments
| Category | Assignment | Subject | Computer Science |
|---|---|---|---|
| University | Unitec Institute of Technology (Unitec) | Module Title | HTCS6701: Information System Security |
| Course No: HTCS6701 | Information System Security | Level: 6 Credits: 15 |
| Student Name: | Student ID: |
| Assessment Type: Assignment 2 | Weighting: 70% |
| Due Date: Refer to Moodle | Total Marks: 100 |
After completing this assessment, the student will have met the following learning outcomes related to the graduate profile outcome.
| Graduate Profile Outcome | Learning Outcome | Part A | Part B | Part C |
| Analyse organisational contexts from a security perspective using information management principles and terminology, data inputs, organisational strategy and processes, outputs, systems, and stakeholders’ roles and responsibilities. | 1. Analyse the security requirements of an organisation’s information system using information management principles. | ü
|
ü
|
ü
|
| Apply knowledge of risk management frameworks to perform cybersecurity risks assessments and communicate the results to support the organisational risk management process | 2. Analyse the impact of different types of security risks on the operations of an organisation’s information system. | ü
|
ü
|
ü
|
| Apply communication, information design, teamwork, personal, and interpersonal skills, to enhance working effectiveness, efficiency, and quality outcomes in a variety of situations in an organisational environment. | 4. Apply personal and communication skills to present information system security essentials. | ü
|
ü
|
| Parts | Description | Submission date and time |
| Part A (Task A & B) | Team Investigation and Report (2 members) | Refer Moodle |
| Part B | Team Presentation (2 members) | Live presentation, no submissions required. |
| Part C | Peer Evaluation | Refer Moodle |
Correctly reference your used sources in-text and include a full reference list at the end of the part, using APA 7thedition or IEEE guidelines.
Read the scenario give below carefully:
After completing Unitec’s Diploma in Cybersecurity, you land a role with an IT Systems admin team at a medium-sized health provider in Auckland.
One day, a colleague from HR informs you that they clicked on a suspicious DocuSign hyperlink in an email, and are now suspecting it might have been a phishing attempt. This occurred in April 2023, but they didn’t think anything of it until having been present at a recent Cyber TTX where these exact vectors were being discussed.
They admit to being distracted and not thinking twice about it as they were expecting a similar DocuSign email at that time, and it really didn’t cross their mind until now.
Since this occurred, they’ve noticed a performance lag in their endpoint (Laptop) and are concerned.
Actions:
You take immediate action by isolating the device and handing it over to your managed DFIR team for analysis.
The DFIR team completes a triage and shares three key artifacts for your investigation:
Once completed, you and your team need to brief the executive on the Cybersecurity principles affected by the malware (CIA-AAA), suggest mitigation principles (like POLP, DID, Zero Trust), and explain the frameworks you would adopt, following this investigation. Top of Form Bottom of Form
Seeking with your HTCS6701 Assignment 2? Deadlines Are Near?
Request to Buy Answer[Total = 50 marks]
Instructions:
Commence an investigation with the three artefacts provided, looking for evidence of
malware existence and indicators of compromise:
Task 1 marks are awarded via the report in Task 2. There are 50 marks in total to be awarded
You will work in a team of 2 students to complete this task. If there is an odd number, the lecturer will approach those student(s) to ensure fairness.
In this task your team will analyse the three artefacts provided in order to locate evidence and/or Indicators of compromise (IOC’s) to prove or disprove the existence of malware on the end point.
These artefacts are:
1. The network Packet Capture (PCAP) file.
Instructions:
Again, in your team, you must present your evidential findings from the three artefacts, in the form of investigative document/ report. The suggested structure for the document is as follows:
[20 marks]
Instructions:
Once completed, you and your team need to brief the executive on three aspects:
Topic 1 – Discuss how the malware impacted the Confidentiality, Availability and/or Integrity of the infosec System. Then consider the Authentication, Availability and Accounting of the network facing system.
Topic 2 – Discuss three potential mitigation principals, such as (but not limited to), Principal of least privilege, Zero Trust, Defence in Depth.
Topic 3 – Discuss the Security framework you consider should be adopted and explain why.
Use this form to evaluate your peer. Write your name and the name of the person you are evaluating.
Peer Evaluation Form
| Evaluation Criteria | Team member | Comments |
| Regularly attends meetings | ||
| Demonstrates a cooperative and supportive attitude. | ||
| Contributes meaningfully to discussions. | ||
| Completes assigned tasks on time. | ||
| Prepares work in a quality manner. | ||
| Acceptable Y/N |
| Marking Scheme | ||||
| Maximum Marks | Your mark | Comment | ||
| Part A | Task 2 | 50 | ||
| Part B | Task 1 | 20 | ||
| Part C | Peer evaluation | Nil | ||
| Total | 70 | |||
| Part A: Task 2 | Excellent | Good | Pass | Need to improve |
| Report formatting
[10 marks]
|
A robust, complete and professional report with the correct headings and format as outlined [7.5-10 Marks]
|
As per excellent, but one or two of the requirements is missing and/or relevant formatting aspects are not appropriately considered. |
As per excellent, but two or three of the requirements are missing and relevant formatting aspects are not appropriately considered.
[3-5 Marks] |
Fails to provide an appropriate formatted and professional report. [1-3 Marks]
|
| Item 1: PCAP file examination and analysis (10 marks)
|
Correctly deciphering the PCAP information and detecting at least three (3) IOC’s to support the argument
[7.5-10 Marks] |
Correctly deciphering the PCAP information and detecting at least two (2) IOC’s to support the argument
[5-7.5 Marks] |
Correctly deciphering the PCAP information and detecting at least one (1) IOC’s to support the argument
[3-5 Marks] |
Incorrectly deciphering the PCAP information and failing to detect evidence to support the argument
[1-3 Marks] |
| Item 2: Suspicious email examination and analysis
(10 marks)
|
Analysing email header and body information manually and checking the results via MXToolbox. Locating three (3) artifacts.
[7.5-10 Marks] |
Analysing email header and body information manually and checking the results via MXToolbox. Locating two (2) artifacts.
[5-7.5 Marks]
|
Analysing email header and body information manually and checking the results via MXToolbox. Locating one (1) artifact.
[3-5 Marks] |
Failing to analyse email header and body information manually and checking the results via MXToolbox and/or Locating no artifacts.
[1-3 Marks] |
| Item 3: Suspicious binary examination and analysis
(20 marks) |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system.
15-20 marks |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system. Being slightly deficient in one of the areas listed above
[10-15 marks] |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system. Being very deficient in the areas listed above.
[5-10 marks] |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system.
No identification of processes and IOCs relevant to this investigation [0-5 marks] |
| Part B: | Excellent | Good | Pass | Need to improve |
| CIA, AAA principals discussed in regard to malwares impact.
[3 marks] |
A robust, logical and correct analysis of the malwares impact across both the CIA triad and AAA networking.
[3 Marks] |
As per excellent, but analysis is missing some relevant considerations
[2 Marks]
|
As per excellent, but analysis of two or three of the relevant principals are not understood or explained correctly.
[1 Mark] |
Fails to provide an appropriate analysis and/or understanding of the security principals. [0 Marks] |
| Mitigations:
Defence in Depth Principal of least privilege Zero Trust model and ‘Least privilege’ access controls Access control lists and Security policy and procedures [3 marks] |
A robust, logical and correct analysis and understanding of three [3] of the mitigations impact with reducing harm from malware.
[3 Marks] |
A robust, logical and correct analysis and understanding of two [2] of the mitigations impact with reducing harm from malware..
[2 Marks]
|
A robust, logical and correct analysis and understanding of one [1] of the mitigations impact with reducing harm from malware..
[1 Marks] |
A lack of robust, logical and correct analysis and understanding of any of the mitigations impact with reducing harm from malware..
[0 Marks] |
| Cyber Security Frameworks (ISO, NIST etc)
[3 marks]
|
Good understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[3 marks] |
Some understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[2 marks] |
Sub-par understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[1 mark] |
No understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[0 marks] |
| Presentation
[11 marks] You will be marked as a team, not individually so make sure you practise this! |
[8-11 marks] |
Order Custom Answers for HTCS6701 Assignment 2
Order Non Plagiarized AssignmentAre many students pursuing a New Zealand Diploma in Cybersecurity finding the HTCS6701 Information Systems Security assignment difficult? Then no need to worry! Our expert team provides thesis writing services designed for students. We are here to help you. NZ Assignment Help will provide you with expert writers who will write your assignment without any plagiarism and with 100% original content. Check out our free assignment samples and check the quality of our work. Contact us today and improve your academic grades!
Let's Book Your Work with Our Expert and Get High-Quality Content
