Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

1 COMP9721 Assessment 2, S1-2018 COMP9721- Enterprise Information Security Assessment 2 – Contingency Planning Semester 1, 2018 Details: Title: Assessment 2 – Contingency Planning Due Date: 5.00 PM...

1 answer below »
1
COMP9721 Assessment 2, S1-2018


COMP9721- Enterprise Information Security
Assessment 2 – Contingency Planning
Semester 1, 2018

Details:
Title: Assessment 2 – Contingency Planning
Due Date: 5.00 PM (GMT+8) Friday, 4th May 2018
Value: 30% of the final mark for the topic
Length: Maximum of 2000 words (excluding cover page and references)

Purpose of this assignment:
The purpose of this assignment is to support the following Learning Outcomes (LO) for this
topic:
LO1: Understand the purpose and context of a range of typical business information
systems.
LO2: Understand the importance of securing the information of an organisation.
LO3: Recognise the security issues associated with the integration of various information
systems within an enterprise.
LO4: Understand the principles of computer security.
LO5: Analyse security risks and prepare information and computer security plans.
LO6: Prepare and present consultant's reports on aspects of computer security.
LO7: Critically analyse publications in the area of computer security.

The assessments in this topic follow on from one another (formative) across the three assessments.
This means that you will to use the preceding assessment to complete the following one. For
instance, you will need the outcome from Assessment 1 to be able to complete Assessment 2, and
the outcome from Assessment 2 to complete Assessment 3.

Case Study:
Megacorp, a subsidiary of Generico Inc., have hired you to undertake a full risk assessment of
their cu
ent security posture as they prepare to move to operating on a multinational scale.
Megacorp cu
ently processes and stores financial and client data in-house, with cloud
services for operational usage and productivity.
Staff work on Windows desktops, with an ad hoc patching cycle. There is also a backup system
for the legacy in-house Windows servers, although the details of how this is configured is
2
COMP9721 Assessment 2, S1-2018
unknown as the System Administrator responsible for this process has recently left the
company and did not leave any documentation on this. Megacorp use an old storage room as
their server room, as the legacy software sometimes requires easy physical access to the
servers running them for maintenance. The office is open-plan, and staff are encouraged to
get up and move around during the day. The cloud system is used mainly for document
collection, although there is not a mandated service specified by the company.
Task:
Based upon your risk assessment and risk register from Assessment 1, you must now develop
contingency plans to complement the risk assessment. This assessment is designed to
demonstrate your ability to assess the potential impact of security incidents on a business
and to develop suitable contingency plans for managing the risks to the business.
The contingency planning document, based upon your risk assessment and risk register
from Assessment 1 should include:
- Impact Analysis of major threats
- Continuity Planning Measures, with respect to operations at the three organisational
levels:
o Strategic
o Tactical
o Operational
Remember that this second assessment forms the basis for the Assessment 3 and therefore
should be as complete as possible.
Report Requirements:

Must Contain
Cove
Title Page
This must contain the topic code and title, assignment title, your name
and student identification, due date.
Table of Contents
This must accurately reflect the content of your report and must be
generated automatically in Microsoft Word with page numbers.
Introduction
A
ief outline of what the document includes, how it is structured, and
how you approached the contingency plan development.
Main content – Impact analysis and
oad contingency plan areas
You should structure this under appropriate headings.
References
A list of end-text references formatted according to the Flinders APA
Referencing XXXXXXXXXXPDF 95KB) requirements. It is recommended that
Endnote is used to manage references. Your references should comprise
of books, journal articles, and conference papers.
http:
www.flinders.edu.au/slc_files/Documents/Blue%20Guides/APA%20Referencing%20%282017%29.pdf
http:
www.flinders.edu.au/slc_files/Documents/Blue%20Guides/APA%20Referencing%20%282017%29.pdf
3
COMP9721 Assessment 2, S1-2018
Format
This report should be no more than 2,000 words (excluding cover page,
eferences and diagrams) and labelled as studentid_your studentlastname_studentfirstname>.docx and should
e in a single file. Your assignments must be word-processed and the
diagrams be developed using graphics software (most word-processors
provide this facility). The text must be no smaller than 12pt and font
Times New Roman
Marking Ru
ic:
30% Total = 30 marks
Assessment criteria Maximum marks for
this element
Student mark
Impact Analysis
Impacts follow risk assessment
and asset(s)
3
Impacts are realistic in scope 5
Impacts focus upon business
impact(s)
5
Continuity Planning
BIA follows the risk analysis 5
Plans are realistic in protection
vs. asset value
5
Justifications for protections
are realistic
2
RTO & RPO are realistic
achievable
3
Report
Layout & Readability 0.5
Language Usage 0.5
Content Covered 0.5
Referencing 0.5
Total mark 30 (Maximum)
Late submission:
As stated in the official Statement of Assessments Methods (S XXXXXXXXXXfor this topic, an
assessment submitted after the fixed or extended time for submission shall incur a penalty to
e calculated as 5% of the total mark for the assessment for each day, (or part thereof) up to
5 business days (Monday-Friday) it is late. After 5 days the assessment will be awarded a zero
(0) mark.
4
COMP9721 Assessment 2, S1-2018
Academic Misconduct (Including Plagiarism):
Flinders University regards academic misconduct of any form as unacceptable. Academic
misconduct, which includes but is not limited to, plagiarism; unauthorised collaboration;
cheating in examinations; theft of other students’ work; collusion; inadequate and inco
ect
eferencing; will be dealt with in accordance with the Flinders Policy on Academic Integrity
Policy.
http:
www.flinders.edu.au/academicintegrity/
http:
www.flinders.edu.au/academicintegrity/student.cfm
Turnitin:
Turnitin is expected to be used for all assignments across the University. More information and links
to Turnitin can be found on FLO. It is recommended that you submit a draft of your work via the
Turnitin draft mechanism, to check it for e
ors in advance. Leave sufficient time for this process,
which can be up to 24 hours.
Extensions:
If you require an extension for submission, you may request one, on an individual basis through the
automated extension request tool located on FLO. This is in the ‘General’ section on the FLO topic
page.
http:
www.flinders.edu.au/academicintegrity
http:
www.flinders.edu.au/academicintegrity/student.cfm

As an idea of what should be considered a baseline, you can consider the following table for vulnerabilities/assets/weightings.
Things that should not happen:
· You hand me back this exact table. If this happens, you are committing plagiarism, and will be subject to the university academic misconduct policy.
· You fail to expand the table below as basis, if you just do your planning based upon only this table, you will fail the assignment.
· This table is not perfect and has issues. Apply some critical analysis, and see how you would improve it.
As always, any questions, 1-2-1 on FLO or book an appointment with me to go over it.
    Asset
    Asset relative value
    Vulnerability
    Loss
frequency
    Loss
magnitude
    Physical Servers
    100
     Unauthorized access to the room, Intruders, Denial of service, Memory co
uption
    0.5
    50.00
    Software developed
    100
     Lack of patching cycle, test e
ors, compatibility e
ors, hacking
    0.1
    10.00
    Trade marks
    100
     Information Discloser, inco
ect classification
    0.1
    10.00
    Services information
    97
     Unintentionally malicious,
    0.2
    19.40
    Solution designs
    96.5
      Liable Flaws
    0.3
    28.95
    Project schedules
    93.5
     Financial Penalty Clauses
    0.4
    37.40
    Customer information
    93
     3rd Party access
    0.5
    46.50
    Product information
    90
      Inventory tag failure
    0.5
    45.00
    Procedures
    90
      Out of Date
    0.3
    27.00

Assessment 2 XXXXXXXXXXRohan Taneja
COMP9721- Enterprise Information Security
(Assessment 2 – Contingency Planning)    Comment by Scott Anderson: Why
ackets?
XXXXXXXXXXName: - Rohan Taneja
XXXXXXXXXXStudent Id: XXXXXXXXXX
XXXXXXXXXXFan Id: - tane0012
XXXXXXXXXXDue date: - 4th May, 2018
Executive Summary
    Comment by Scott Anderson: This present to me the ‘elevator pitch’ or ’60 second explanation’ of the entire report, and not read like an introduction.
IT frameworks are considered as vulnerable against an assortment of inte
uptions, that starts from mild like disk or power failure to serious like any
Answered Same Day Apr 28, 2020 COMP9721 Flinders University

Solution

Ahmedali answered on May 02 2020
147 Votes
Enterprise Information Security
Contents
Executive Summary    3
Introduction    3
Glossary of terms    4
Distribution List    4
Risk assessment    5
Business Impact Analysis    6
Resource List    6
Function / Services List and description    6
Functions / Services list and impact    7
Functions / Services list and RTO, WRT, MTD and RPO    7
Incident Response Plan    9
Plan overview:    9
Objectives    9
Scope    9
Incident Response Team    9
Collective responsibility of teams:    10
Threat classification, Incident Response and Escalation    11
Incident Response Phases    12
Identification    12
Assessment    12
Containment    12
Eradication    12
Recovery    13
Post Mortem and Documentation    13
Disaster Recovery Plan    13
Plan Overview    13
Objectives    13
Scope of Disaster Recovery Plan    14
PLANNING ASSUMPTIONS    15
Disaster Recovery Team    15
Contact Information    16
Phases in Disaster Recovery    17
Assessment Phase    17
Assessing Severity of Incident or Event    17
Escalating Severe Incidents    18
Assessing Impact    18
Declaring Disaster    18
Recovery Phase    18
Resume Phase    19
Review Phase    19
Facility Recovery Plan    19
Resource Recovery Plan (Servers, WAN, LAN, Firewall)    20
Service Recovery Plan (Such as Payroll, Invoice Management, Communication management)    21
Plan Maintenance    22
Conclusion    22
References    23
Executive Summary
The report specifies an incident response and disaster recovery plan for Megacorp that would allow them to recover from an unfortunate incident. The Incident response Plan responds would help Megacorp identify threat, mitigate it, contain and control it whereas the Disaster Recovery Plan would allow them to recover from disasters. In this report, business would be recovered to a pre-determined Recovery Point Objective within the Recovery Time Objective. Both of the RTO, RPO are identified by the senior management of the organization during planning phases and form an integral part of it. The overall recovery of the disaster would still be within the specified Maximum Tolerable Downtime.
Introduction
Security incidents are on the rise and each passing day more and more zero day exploits are being reported, Megacorp like any other enterprise would need to have an effective plan that allows them to deal with day-to-day security incidents.. A major security
each ends up being a disaster for Megacorp damaging goodwill,
and value and causing financial losses. This is not to say that traditional physical disasters such as fires, floods or thefts are any uncommon. While, Megacorp would need to have an essential and functioning security tha protects them from such incidents, this report deals with what happens when one of such incidents does end up affecting it. The report detailed below lays down an effective plan that would enable Megacorp to be ready to deal with such incidents and to recover from them, if at all, it causes a major disaster. The plan begins by specifying the risks and its co
esponding severity as well as the impact the business would have if various resources and services were bound to fail. The disaster recovery plan and incident response plan detailed below would help Megacorp in recovering from multiple unfortunate incidents that relates to disruption of business services.
Glossary of terms
· Backup - An alternative source of data in case primary resource is not working.
· Business continuity planning - It pertains to both incident response as well as disaster recovery planning
· Business Impact analysis - Process of analysis of all business operations and effects a disaster can have on them
· Disaster - Any event which can inte
upt in providing services to customers.
· Disaster recovery - Ability to respond to an inte
uption and
ing everything into running.
· Disaster Recovery Plan - The document containing a plan which defines tasks and actions which are required to manage the recovery process.
· Local Area Network - All the systems i.e. computing equipment are located in close proximity with each other.
· Wide Area Network - All the systems i.e. computing equipment are geographically dispersed.
· Recovery Time Objective – The time it takes to recover the systems or services to a last known good working state.
· Recovery Point Objective – The last known good backup state in which to recover the systems or services.
· Work Recovery Time – The additional time taken after the system or service is restored to get it working.
· Maximum Tolerable Downtime – A sum of both RTO and WRT.
Distribution List
    Employee ID
    Name
    Job Profile
    Email
    E0001
    Mr. Rahul Jain
    Directo
    [email protected]
    E0005
    Mr. William John
    CEO
    [email protected]
    E0010
    Mr. Michael S.
    Project Manage
    [email protected]
    E0012
    Mr. Rishav K.
    IT Manage
    [email protected]
    E0020
    Mr. Rajveer Singh
    Network Administrato
    [email protected]
Risk assessment
    Resource name
    Vulnerability
    Probability
    Impact
    Web Serve
    High
    Medium
    High
    Sharepoint Serve
    Medium
    Low
    Medium
    Database Serve
    Medium
    High
    High
    Exchange Serve
    Medium
    High
    High
    File Serve
    Medium
    High
    High
    General Purpose Serve
    Medium
    High
    High
    WAN and LAN Components
    Low
    Medium
    Low
    Firewall and IDS
    Medium
    Low
    High
    
    
    
    
    Email
    Low
    Medium
    Low
    Payroll
    Medium
    Low
    Medium
    Invoice Management
    Low
    High
    Medium
    Communication Management
    Medium
    Low
    Medium
    Document Management
    Low
    Medium
    Low
    Corporate Intranet Services
    Medium
    Low
    Low
Business Impact Analysis
Resource List
    Resource
    Description
    Web Serve
    Hosting of company’s website
    SharePoint Serve
    Intranet SharePoint website
    Database Serve
    Hosting of website’s database and internal database
    Exchange Serve
    Hosting of Microsoft Exchange server for emails
    File Serve
    File hosting serve
    General Purpose Serve
    General purpose server for IT admin to control other systems, manage deployments and for security
    WAN and LAN Components
    LAN and WAN Access for the company
    Firewall and IDS
    Software and hardware based security for protection
Function / Services List and description
    Service / Function
    Description
    Email
    Enterprise emailing service based on MS Exchange
    Payroll
    Payroll and employee attendance system
    Invoice Management
    Invoice management system for the business
    Communication Management
    Provides enterprise chat and VOIP services
    Document Management
    Helps manage company’s document
    Corporate Intranet Services
    Helps host corporate intranet website using Sharepoint serve
Functions / Services list and impact
    Service / Function
    Impact (Low, Medium and High)
    Email
    High
    Payroll
    Low
    Invoice Management
    High
    Communication Management
    Medium
    Document Management
    High
    Corporate Intranet Services
    Medium
Functions / Services list and RTO, WRT, MTD and RPO in Hours
    Service / Function/ Resource
    RPO
    RTO
    WRT
    MTD
    Web Serve
    06
    12
    12
    24
    SharePoint Serve
    12
    12
    06
    18
    Database Serve
    12
    24
    12
    36
    Exchange Serve
    01
    24
    12
    36
    File Serve
    24
    24
    24
    48
    General Purpose Serve
    24
    12
    24
    36
    WAN and LAN Components
    12
    12
    12
    24
    Firewall and IDS
    24
    06
    12
    18
    
    
    
    
    
    Email
    06
    03
    01
    04
    Payroll
    12
    01
    01
    02
    Invoice Management
    12
    01
    01
    02
    Communication Management
    06
    12
    01
    13
    Document Management
    06
    12
    06
    18
    Corporate Intranet Services
    12
    01
    01
    02
Incident Response Plan
Plan overview:
The incident response plan is intended to facilitate timely-effective solution of any damages that could be caused by an incident while also providing a follow-up action and investigation plan.
Objectives
· Being aware about the incident that may be happening or is about to happen by employing detection and monitoring techniques
· Assessing the scope and nature of an incident and examining what kind of customer and other information has been affected.
· Notifying the chief executives as soon as possible whenever an incident involving unauthorized access to customer database happens.
· Ensuring containment and control of incident by taking recommended steps.
· Notifying customers if their data is severely affected or if they are required to take...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here