MSc Cyber Security and Forensics.

Added on - 18 Sep 2019

  • 2

    Pages

  • 431

    Words

  • 203

    Views

  • 0

    Downloads

Trusted by +2 million users,
1000+ happy students everyday
Showing pages 1 to 1 of 2 pages
MSc Cyber Security and ForensicsRisk ManagementAssessment SpecificationCoursework ScenarioYou are required to complete a risk assessment and produce a report to management usingthe scenario below (in italics) or a similar scenario developed by yourself based on yourpast/present work experience. If you decide to choose your own scenario, you must providedetails of the context in which the scenario is set.Imagine that you are working as an IT security professional for an organisation calledCobWeb. It has 300 employees and one large corporate office with three floors located incentral London. Your organisation is a website development company with gross revenue of5 million pounds per year. Recently, security problems have become a hot topic withmanagement, and you have been asked by the CISO (chief information security officer) towrite a security recommendation report for your organisation. The reported securityproblems include:Data loss due to employee negligencePhysical break insEmployees complain that they do not understand what is expected of themfrom a security standpointNetwork administrator complains that the company allows free access toanything on the network for anyone who asks for itThe CobWeb home web page was recently hacked.Points to consider:1.Research and document using appropriate forms, all the data and information assetsassociated with the organisation. e.g. customer data, employee information etc.Using appropriate mechanisms, identify the most important assets.[15 marks]2.Research and document using appropriate forms, all the threats that are likely tohave an impact on the identified data assets.[15 marks]3.Examine each asset– threat pairing and produce a vulnerability matrix based onlikelihood / probability values etc.[10 marks]4.Assume there are no specific controls in place to protect the data assets in question.You may assume general controls such as anti-virus software, logical access controlsetc. are already in place., however for completeness, you may want to list these aswell and then ‘cross them off’ as already existing controls.[0 marks]
desklib-logo
You’re reading a preview
Preview Documents

To View Complete Document

Click the button to download
Subscribe to our plans

Download This Document