Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019 Assessment Details and Submission Guidelines Trimester T1, 2019 Unit Code BN223 Unit Title Cyber Security...

Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019


Assessment Details and Submission Guidelines
Trimester T1, 2019
Unit Code BN223
Unit Title Cyber Security Principles
Assessment
Author
Dr Ghassan Kbar
Assessment Type Individual (Assignment 1)
Assessment Title Assignment 1 – Cyber Security Threats, Vulnerabilities and Risk
Unit Learning
Outcomes
covered in this
assessment
Students should be able to demonstrate their achievements in the following unit
learning outcomes:
a. Understand the common types of threat and vulnerabilities to cyber systems
and data
Weight 15% of Total Assessment
Total Marks 100
Word limit See instructions
Due Date Wek 8 Friday 10/5/2019 11:55PM

Submission
Guidelines
 All work must be submitted on Moodle by the due date along with a completed
Assignment Cover Page.
 The assignment must be in MS Word format, 1.5 spacing, 11-pt Cali
i (Body) font
and 2 cm margins on all four sides of your page with appropriate section headings.
 Reference sources must be cited in the text of the report, and listed appropriately
at the end in a reference list using APA or IEEE referencing style for School of
Business and School of Information Technology and Engineering respectively.
Extension  If an extension of time to submit work is required, a Special Consideration
Application must be submitted directly to the School's Administration Officer, in
Melbourne on Level 6 or in Sydney on Level 7. You must submit this application
three working days prior to the due date of the assignment. Further information is
available at:
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-
guidelines/specialconsiderationdeferment
Academic
Misconduct

 Academic Misconduct is a serious offence. Depending on the seriousness of the case,
penalties can vary from a written warning or zero marks to exclusion from the course
or rescinding the degree. Students should make themselves familiar with the full
policy and procedure available at: http:
www.mit.edu.au/about-mit/institute-
publications/policies-procedures-and-guidelines/Plagiarism-Academic-
Misconduct-Policy-Procedure. For further information, please refer to the
Academic Integrity Section in your Unit Description.

http:
www.mit.edu.au/about
http:
www.mit.edu.au/about
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/special-considerationdeferment
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure
http:
www.mit.edu.au/about-mit/institute-publications/policies-procedures-and-guidelines/Plagiarism-Academic-Misconduct-Policy-Procedure
BN223 Cyber Security Principles Page 2 of total pages

Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019
Assignment Description

Tasks:
There are two parts to this assignment, i.e. part A and part B.
A. Write a review article for the topic described below. Note that final mark of part A would be affected
y the presentation result of part B. This is to assure that students understand the work presented in
part A. overall mark of part A could be deducted by 50% for poor presentation 90 marks
B. Presentation (to present in 5-8 slides only in 5-8 minutes during Laboratory time) 10 marks
Part A description:
1. Topic - Network security Vulnerability and its impact on threats and attacks
System security challenges have increased over the years especially with critical systems such as
anking, healthcare, and the use of advance utilities becoming more connected. On the other hand,
the malicious actors have evolved from early-day hackers whose intentions were mostly curiosity to
modern-day hackers who has the intentions of financial gain to espionage and beyond. To effectively
secure against these threats and attacks, it is important to understand what we are securing, how we
are securing it, and who we are securing against.
You need to cover the following topics to secure the company network:
1. Identify a target company: You need to select an existing company and describe its
cu
ent network setup, business mission/objectives, and historical attacks if existed.
This company should have multiple
anches nationally and/or internationally that are
connected over internet.
2. Know The Enemy. You need to conduct a research and identify the possible enemy
according to business of the selected company, and what would motivate them to
conduct possible attacks.
3. Know The Self. Threat is the presence of something valuable that makes a threat credible.
The value and nature of a valuable define the nature of the threat, the risk posed by a
threat, and the cost of defense. You need to define/list the assets that you have to protect,
the risks associated with those assets, and the costs of protecting or not protecting them,
so you can define the threat to your network. This analysis of an organization’s assets and
isks would lead to create a proper security policy. You need to prepare the following:
BN223 Cyber Security Principles Page 3 of total pages

Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019
a. Assess the vulnerability of the company system network. Discuss the possible
vulnerabilities might exist at the company and how to check for them.
. Discuss the different type of threats facing this company.
c. What could be the potential risks and how to mitigate them.
d. The cost of defence for addressing the important risks.
e. Describe the steps for security policy needed to secure the company’s network.
f. What is the role of security standards in improving the network security? You
can give example of NIST framework
g. Search for CISCO SAFE model (as shown in the reference below) and describe
their method for analyzing threats, risks, and policies across an organization and
implementing controls.
Reference: “SAFE Overview Guide: Threats, Capabilities, and the Security Reference
Architecture,” http:
www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-
zone-security/safe-overview-guide.pdf
Instructions:
Prepare your article as below
1. Go to the IEEE website and download the WORD template for the format.
https:
www.ieee.org/publications_standards/publications/authors/author_templates.html
2. Another link for the template:
https:
www.ieee.org/publications_standards/publications/journmag/ieee_tj_template_17.pdf
3. Read and familiarize yourself with the instructions carefully.
4. Prepare a paper using the IEEE format and the example attached. Follow the template if there are any
confusions. Also, refer to the link below to have ideas how to start (see section 6).
(https:
www.ieee.org/publications_standards/publications/authors/author_guide_interactive.pdf)
5. Complete the assignment (minimum 5 and maximum 8 pages) including all the sections below. The
number of words will be counted thoroughly and you must keep the minimum number of words to
avoid any penalties.
 Title XXXXXXXXXXmaximum 15 words)
 Abstract XXXXXXXXXX – 250 words)
 Introduction XXXXXXXXXX – 1000 words)
 Literature Review XXXXXXXXXX – 1000 words)
 Main body XXXXXXXXXX – 1500 words)
 Conclusion XXXXXXXXXX – 300 words)
 Future Works XXXXXXXXXX – 300 words)
https:
www.ieee.org/publications_standards/publications/authors/author_templates.html
BN223 Cyber Security Principles Page 4 of total pages

Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019
 References XXXXXXXXXXminimum 10 references)
6. The article must be a ‘Review’1 article including at least 10 references and not more than 25.
7. Strictly follow the IEEE reference format for in-body citations and the references section.
8. See the files listed in 4 for guidance on how to prepare a review paper. You can also find thorough
instructions from IEEE and the Internet.
9. Contents must include:
 History and background of the topic
 What are the challenges and drawbacks, what solutions and workouts they found?
 Possible options (solutions) and future research areas proposed
 Scopes of topic, progress of developments such as requirements, benchmarking, purposes &
objectives, stakeholders, owners, roles and responsibilities where applicable.
 Flowchart
 Include a minimum of two (2) figures to show the overall concept and summarized overview of
the topic from the review of minimum 10 – 15 (but not limited to) papers.
 Include a couple of tables to summarize the result of findings
 How each organization approaches, initiates, develops procedures and ownerships, and what
esults they got, and how it affected their businesses.
 What you conclude in terms of the topic/solutions to implement in an organization. Consider
other aspects to include for a good review paper.
10. Remember to strictly follow the template and the instructions above to avoid penalties.
Part B description:
Prepare slides (between 5– 8 slides) for presentation during the lab class. Read the instruction attached
carefully.

1 See http:
www.editage.com/insights/6-article-types-that-journals-publish-a-guide-for-early-career-researchers
BN223 Cyber Security Principles Page 5 of total pages

Prepared by: Dr. Ghassan Kbar XXXXXXXXXXModerated by: Dr Sihui (Sue) Zhou March, 2019
Marking criteria:
Example of marking criteria is shown in following table. Marks are allocated as follows:
Note: The marking criteria varies for each assignment
Section to be included in
the report
Detailed Description of the Criteria Marks
Conforming to the
template and format
No marks will be given and severe penalties will apply for
any
each of the format and template. Fonts, sizes,
spacing, captions, headings, page size limitation etc. will
also be checked thoroughly. Be thorough and follow fully
when using the template and format instruction to avoid
penalties.
5
Figures and tables
created
They should be created yourself and not copied from
elsewhere. For full marks you should create at least 2
figures and