Digital Security Assignment Computer Science
EJ430003S – Infrastructure Management & Disaster Recovery
Question 1: Computer Security Principles (25 marks)
You have a new job as Security Manager at Angliabrookes Hospital. Your job involves the detection, prevention and reaction to potential and actual security violations.
The Technology Director has asked you produce a report, using the AAA and CIA models, to explain how the Hospital should protect both administration computers and medical computers from unauthorised access whilst still providing patient access to open area computers.
Your report should make use of examples and recommend best practice.
Question 2: Introduction to Cryptography (25 marks)
You have a new job as Information Security Manager at Ruskin City Council, where you are responsible for safeguarding and protecting sensitive and personal information.
The Head of IT has requested a briefing report that explain the benefits of hashing techniques. Using examples from within Council administration departments, explain the difference between the MD5 and AES protocols.
Include an MD5 hash of a text file as an appendix.
Note The text file should be: your tutor, your SID, your university and your degree course
Question 3: Secure Programming Techniques (25 marks)
You have a new job as Software Security Specialist at Ruskin City Council. Your job involves the prevention and mitigation of software security violations.
The Head of Development has asked for a briefing report for your fellow software developers, which outlines some programming techniques they should use to defend against software vulnerabilities, as well as your rationale for these suggestions.
From the OWASP top 10 vulnerabilities, identify three different attacks that Council software applications might be vulnerable to. Outline why these three vulnerabilities occurs and suggest mitigation techniques to prevent an attack occurring in the first place.
Marking Scheme
Marks will be awarded based on the following:
· Answer to first chosen question (25 Marks)
· Answer to second chosen question (25 Marks)
· Answer to third chosen question (25 Marks)
· Quality of Referencing (15 Marks)
· Report Presentation & Layout (10 Marks)
|
|
Insufficient: 0-5 marks |
Adequate: 6-10 marks |
Good: 11-15 marks |
Excellent: 16-20 marks |
Top Class: 21-25 marks |
|
Answers to Questions 3 x 25%
|
The author has made no effort to gain insight into the subject. |
The author has made some effort to gain insight into the subject, but key essentials have been overlooked. |
The author has provided good supporting evidence, with good definitions and explanations of key terminology and subject elements. |
The author has provided evidence of thorough understanding of the subject. Clear evidence of additional background reading |
The author has an outstanding grasp of the subject. Model definitions and explanations of key terminologies represent a professional view of the subject.
|
|
|
Insufficient: 0-2 marks |
Adequate: 3-5 marks |
Good: 6 -8 marks |
Excellent: 9-11 marks |
Top Class: 12-15 marks |
|
Referencing 15%
|
Report includes no references, or no attempt to use Harvard Referencing Style. |
Report includes a few references, with some attempt to use Harvard Referencing Style |
Report includes adequate references, with adequate attempt at Harvard Referencing Style |
Report is thoroughly referenced, with good attempt at Harvard Referencing Style |
Report is exceptionally referenced, all in Harvard Referencing Style |
|
|
Insufficient: 0-2 marks |
Adequate: 3-4 marks |
Good: 5-6 marks |
Excellent: 7-8 marks |
Top Class: 9-10 marks |
|
Presentation & Layout 10%
|
Report is poorly organised and difficult to follow. Chaotic writing style.
|
Report is poorly presented and lacks cohesion. Little attempt at correct spelling, grammar and punctuation. |
Report is easy to follow and adequately presented. Most spelling, grammar and punctuation is correct. |
Report is well presented in a structured and meaningful way. Excellent spelling, grammar and punctuation throughout.
|
This report is an example to other students. Report is clear, easy to read, with outstanding use of index, page numbers, footnotes. |
The student will be automatically awarded a fail:
· upon failure to submit a report on time
· if the content of the report is meaningless in terms of the assignment
· if the work is not the work of the author and is presented as such
Faculty of Science & Technology
Written Assessment
Digital Security
Module 003264
As outlined in the course Module Definition Form (MDF), 100% of the final mark for this module will be in the form of a written report which demonstrates knowledge and understanding of each of the digital security core concepts as outlined below.
Your write-up should clearly demonstrate progressive learning by addressing the three critical aspects of digital security – computer security principles, introduction to cryptography and secure programming techniques.
Requirements
Answer all THREE questions below. You should compile a well-constructed, formal written report of no more than 2,000 words that encompasses industry standard fundamental digital security best practices. The report should be written in the third person.
Formatting
Your work should be spiral or comb bound with the following minimum components:
Cover Page to include
Module title
Course code
Your Student ID number
Date of submission
Table of Contents
Body of your report (2,000 word guide)
Any supporting diagrams and tables
A minimum of 12 references (Harvard reference style)
An appendix if necessary
Deliverables
Standard assessment packaging with cover sheet from e-vision
Ensure your Student ID Number is listed on ALL pages
Final submissions must be made through the iCentre
Due Date: Monday 9th May 2016 by 2pm
Aim to hand in your assignment at least 48 hours before the due date, as the iCentre becomes extremely busy on the last few days.
AMW/IMDS/V1.0 Page 1 of 3 24/03/2016
PAGE
2 | Page MOD003264 Digital Security Assessment