2808ICT/7623ICT - IT Security Plan for Student Grading System
VerifiedAdded on 2023/06/09
|12
|2145
|385
Report
AI Summary
This report details a security plan for a student grading system at Remarkable University, addressing potential threats and vulnerabilities. It identifies key IT assets, including a front-end web server and a database, and assesses risks related to user authentication, server security, software security, and network security. The plan outlines security strategies and actions, such as implementing access controls, firewalls, and malware protection, along with an implementation plan, resource allocation, and maintenance considerations. Residual risks and training requirements are also discussed, providing a comprehensive approach to securing the student grading system. The document is available on Desklib, where students can access a wide range of solved assignments and study resources.
Running head: STUDENT GRADING SYSTEM SECURITY
Student grading system security
Name of the Student
Name of the University
Author note
Student grading system security
Name of the Student
Name of the University
Author note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
STUDENT GRADING SYSTEM SECURITY
Table of Contents
Introduction................................................................................................................................2
Scope..........................................................................................................................................2
Risk assessment..........................................................................................................................3
User Authentication and Access Controls..............................................................................3
Server security........................................................................................................................4
Software security....................................................................................................................4
Network security....................................................................................................................4
Risk register...........................................................................................................................5
Security strategies and actions...................................................................................................6
User Authentication and Access Control...............................................................................6
Server security........................................................................................................................7
Software security....................................................................................................................7
Network security....................................................................................................................7
Other risks..............................................................................................................................7
Implementation plan...............................................................................................................8
Residual risks.............................................................................................................................8
Resources...................................................................................................................................9
Maintenance and training...........................................................................................................9
References................................................................................................................................10
STUDENT GRADING SYSTEM SECURITY
Table of Contents
Introduction................................................................................................................................2
Scope..........................................................................................................................................2
Risk assessment..........................................................................................................................3
User Authentication and Access Controls..............................................................................3
Server security........................................................................................................................4
Software security....................................................................................................................4
Network security....................................................................................................................4
Risk register...........................................................................................................................5
Security strategies and actions...................................................................................................6
User Authentication and Access Control...............................................................................6
Server security........................................................................................................................7
Software security....................................................................................................................7
Network security....................................................................................................................7
Other risks..............................................................................................................................7
Implementation plan...............................................................................................................8
Residual risks.............................................................................................................................8
Resources...................................................................................................................................9
Maintenance and training...........................................................................................................9
References................................................................................................................................10
2
STUDENT GRADING SYSTEM SECURITY
Introduction:
The report emphasizes on the grading system of the students that is planned to be
implemented by the Remarkable University. The grading system that is planned by the
university ensures that it fit for the purpose of the system and will be capable of providing
security from the various threats that may take place. The core components of the student
grading system are a front-end web or application server that students, administrative staff
and academics staff use and a database for holding the grades of the students. The report
identifies the several types of threats that may arise due to the implementation of the grading
system. The measures and strategies that can be adopted in order to prevent these threats have
been discussed in the report. The following paragraphs describe the IT assets and identifie the
risks to the key assets by considering the various security domains. The report outlines the
security strategies and actions and provides recommendations by developing a security
implementation plan. The resources that would be required for the implementations of the
recommendations provided in the report are also described in the following paragraphs.
Scope:
The Remarkable University is planning to implement a new grading system for the
students. The University is required to ensure that this new system will remain prevented
from the simple manual and common automated attacks. The system needs to remain
protected from several risks that may arise by implementing some appropriate access control.
The main components of the new grading system are a front-end web or application server
and database for holding the grades of the students. The university needs to develop the
grading system application in a secure manner by ensuring the information transferred
through the system is protected and the database is secure from common automated attacks.
There are several types of risk issues that may arise due to the implementation of the grading
STUDENT GRADING SYSTEM SECURITY
Introduction:
The report emphasizes on the grading system of the students that is planned to be
implemented by the Remarkable University. The grading system that is planned by the
university ensures that it fit for the purpose of the system and will be capable of providing
security from the various threats that may take place. The core components of the student
grading system are a front-end web or application server that students, administrative staff
and academics staff use and a database for holding the grades of the students. The report
identifies the several types of threats that may arise due to the implementation of the grading
system. The measures and strategies that can be adopted in order to prevent these threats have
been discussed in the report. The following paragraphs describe the IT assets and identifie the
risks to the key assets by considering the various security domains. The report outlines the
security strategies and actions and provides recommendations by developing a security
implementation plan. The resources that would be required for the implementations of the
recommendations provided in the report are also described in the following paragraphs.
Scope:
The Remarkable University is planning to implement a new grading system for the
students. The University is required to ensure that this new system will remain prevented
from the simple manual and common automated attacks. The system needs to remain
protected from several risks that may arise by implementing some appropriate access control.
The main components of the new grading system are a front-end web or application server
and database for holding the grades of the students. The university needs to develop the
grading system application in a secure manner by ensuring the information transferred
through the system is protected and the database is secure from common automated attacks.
There are several types of risk issues that may arise due to the implementation of the grading
3
STUDENT GRADING SYSTEM SECURITY
system including unauthorized access, attempts by the students to modify the data,
modifications by the external users, attempts to exploit the file or the system and many other
risks. The IT assets that can be identified in the system implemented by the university
discussed in the following paragraphs.
A proper software that restricts students from modifying the grades as the students
may attempt to modify their grades.
Authorised login system for the prevention from modification of data and personal
information by any external user.
Proper applications or software in order to protect the system from malicious codes.
The password protected file or system for storing the information as students or
external users may attempt to exploit the file.
Firewall to prevent unauthorized users from accessing the data or information that are
stored in the system.
Risk assessment:
User Authentication and Access Controls:
The unauthorised access is a major risk that may take place with the application of
student grading system by Remarkable University. It can be prevented by implementing
several IT software or hardware assets.
Authorised login system:
There is a risk of unauthorized access to data and information stored in the system,
therefore the university may implement a system or software that would be prevented the
system from being accessed by any unauthorized user. The students may try to steal the login
password in order to access the system.
STUDENT GRADING SYSTEM SECURITY
system including unauthorized access, attempts by the students to modify the data,
modifications by the external users, attempts to exploit the file or the system and many other
risks. The IT assets that can be identified in the system implemented by the university
discussed in the following paragraphs.
A proper software that restricts students from modifying the grades as the students
may attempt to modify their grades.
Authorised login system for the prevention from modification of data and personal
information by any external user.
Proper applications or software in order to protect the system from malicious codes.
The password protected file or system for storing the information as students or
external users may attempt to exploit the file.
Firewall to prevent unauthorized users from accessing the data or information that are
stored in the system.
Risk assessment:
User Authentication and Access Controls:
The unauthorised access is a major risk that may take place with the application of
student grading system by Remarkable University. It can be prevented by implementing
several IT software or hardware assets.
Authorised login system:
There is a risk of unauthorized access to data and information stored in the system,
therefore the university may implement a system or software that would be prevented the
system from being accessed by any unauthorized user. The students may try to steal the login
password in order to access the system.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
STUDENT GRADING SYSTEM SECURITY
Firewalls:
The university may install firewall software in order to prevent access from the
unauthorised systems. The external users may attempt to access the system to modify the
grades or to access the personal information stored in the system.
Server security:
There is a risk on the server of the system due to the instalment of the grading system
for the students in the Remarkable University. The unauthorized users or students may hack
the server in order to steal or manipulate the file
Files containing the data:
The major target of the hackers may be the files that contain the personal information
and grades of the students. It may be attempted by the students or external users to hack the
server in order to access the contents or files of the system to access the data stored in it.
Software security:
The software security is the significant area that needs to be considered by the
university while implementation of the system. The external users or students can exploit the
software of the system by attacking the system with malicious code in order to erase the data
stored in the system.
Data files:
The files or systems containing the data or information may be targeted by exploiting
the system through malicious codes.
Network security:
STUDENT GRADING SYSTEM SECURITY
Firewalls:
The university may install firewall software in order to prevent access from the
unauthorised systems. The external users may attempt to access the system to modify the
grades or to access the personal information stored in the system.
Server security:
There is a risk on the server of the system due to the instalment of the grading system
for the students in the Remarkable University. The unauthorized users or students may hack
the server in order to steal or manipulate the file
Files containing the data:
The major target of the hackers may be the files that contain the personal information
and grades of the students. It may be attempted by the students or external users to hack the
server in order to access the contents or files of the system to access the data stored in it.
Software security:
The software security is the significant area that needs to be considered by the
university while implementation of the system. The external users or students can exploit the
software of the system by attacking the system with malicious code in order to erase the data
stored in the system.
Data files:
The files or systems containing the data or information may be targeted by exploiting
the system through malicious codes.
Network security:
5
STUDENT GRADING SYSTEM SECURITY
Network security includes the policies or practices that are adopted by the
organisation in order to prevent any misuse, unauthorised use, maintain data privacy or
prevent modification of the data. The unauthorised users may steal the login passwords that
are provided to the staffs of the university to modify the grades or access the data of the
system.
Login information:
The login id and password that would be assigned to the staffs to access the data
stored in the system or to modify the grades of the students may be stolen by the students
with a motive to modify their or others grade.
Password protected files:
The external users may try to password of the files of the system that are protected by
private passwords and contains the information of the students or grades.
Risk register:
Risks Probability Reason Impact Recommendation
Login
information theft
Medium The student may
try to steal the
login
information of
the system to
modify their
grades.
The recorded
grades of the
students by the
authority may
get altered.
The university
needs to remain
ensured that the
login information
are not shared with
any external user.
Malicious attack High The external
users or students
The grades and
other
The university is
required to install
STUDENT GRADING SYSTEM SECURITY
Network security includes the policies or practices that are adopted by the
organisation in order to prevent any misuse, unauthorised use, maintain data privacy or
prevent modification of the data. The unauthorised users may steal the login passwords that
are provided to the staffs of the university to modify the grades or access the data of the
system.
Login information:
The login id and password that would be assigned to the staffs to access the data
stored in the system or to modify the grades of the students may be stolen by the students
with a motive to modify their or others grade.
Password protected files:
The external users may try to password of the files of the system that are protected by
private passwords and contains the information of the students or grades.
Risk register:
Risks Probability Reason Impact Recommendation
Login
information theft
Medium The student may
try to steal the
login
information of
the system to
modify their
grades.
The recorded
grades of the
students by the
authority may
get altered.
The university
needs to remain
ensured that the
login information
are not shared with
any external user.
Malicious attack High The external
users or students
The grades and
other
The university is
required to install
6
STUDENT GRADING SYSTEM SECURITY
can attack the
system through
malicious codes
with an intention
to erase the data.
information of
the students
stored in the
system would
be erased.
proper software to
prevent the virus or
malicious attacks.
Hacking of the
system
High The students
may try to hack
the system to
access the data
and change their
grades.
The university
would publish
incorrect result
or grades of the
student
unknowingly.
The remarkable
university is
required to install
strong applications
or software that
would prevent the
system from being
hacked.
Phishing attacks High The external or
unauthorised
users may
attempt to access
the personal
information or
data stored in the
system.
The
unauthorised
users can try to
steal or access
the data of the
system to
modify or view
the data stored
in it.
The data and
information should
be stored in a
password protected
file by the
university in order
to prevent the data
from being
accessed by any
external user.
Security strategies and actions:
STUDENT GRADING SYSTEM SECURITY
can attack the
system through
malicious codes
with an intention
to erase the data.
information of
the students
stored in the
system would
be erased.
proper software to
prevent the virus or
malicious attacks.
Hacking of the
system
High The students
may try to hack
the system to
access the data
and change their
grades.
The university
would publish
incorrect result
or grades of the
student
unknowingly.
The remarkable
university is
required to install
strong applications
or software that
would prevent the
system from being
hacked.
Phishing attacks High The external or
unauthorised
users may
attempt to access
the personal
information or
data stored in the
system.
The
unauthorised
users can try to
steal or access
the data of the
system to
modify or view
the data stored
in it.
The data and
information should
be stored in a
password protected
file by the
university in order
to prevent the data
from being
accessed by any
external user.
Security strategies and actions:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
STUDENT GRADING SYSTEM SECURITY
User Authentication and Access Control:
The university needs to implement proper access control for the system that would
ensure that only authorised users could view and modify the data. It is required by the
university to provide the staffs of the organisation with private login id and password to allow
them to access the data.
Server security:
The server security is the technique to protect the data that is stored on the web server
and can be misused by any external user. The remarkable university needs to install firewall
application or software in their system to prevent the grades and personal information of the
students that are stored in the server from being accessed by any unauthorised user.
Software security:
The security of the software that is used by the organisation for the implementation of
the grading system is a significant issue that needs to be considered (Piessens and
Verbauwhede 2016). The university should implement the system by using a proper software
that could handle the data in a secure manner.
Network security:
The Remarkable University is required to adopt appropriate policies and practices in
order to prevent the data from being accessed by any external users. It should ensure that the
data is sent to and from the authorised users and is protected from being misused.
Other risks:
STUDENT GRADING SYSTEM SECURITY
User Authentication and Access Control:
The university needs to implement proper access control for the system that would
ensure that only authorised users could view and modify the data. It is required by the
university to provide the staffs of the organisation with private login id and password to allow
them to access the data.
Server security:
The server security is the technique to protect the data that is stored on the web server
and can be misused by any external user. The remarkable university needs to install firewall
application or software in their system to prevent the grades and personal information of the
students that are stored in the server from being accessed by any unauthorised user.
Software security:
The security of the software that is used by the organisation for the implementation of
the grading system is a significant issue that needs to be considered (Piessens and
Verbauwhede 2016). The university should implement the system by using a proper software
that could handle the data in a secure manner.
Network security:
The Remarkable University is required to adopt appropriate policies and practices in
order to prevent the data from being accessed by any external users. It should ensure that the
data is sent to and from the authorised users and is protected from being misused.
Other risks:
8
STUDENT GRADING SYSTEM SECURITY
There are several other risks that can arise due to the implementation of the new
grading system by the university that includes malware attack, data theft, attempts to modify
the grades by the students, data misuse by any external user and many other risks that needs
to be controlled by the university by implementation of proper policies and practices.
Implementation plan:
Planning Time required Result
Providing private login
details to the authorised
users.
2 weeks The system will remain
prevented from being
accessed by unauthorised
users.
Instalment of software in
each system of the
university to prevent from
malicious attacks.
1 week The external users would be
not able to attack the system
through malicious codes.
Instalment of firewall
software or application in
each system containing the
data (Ogbu and Oksiuk
2016).
1 week The files containing the
personal data and grades of
the students will remain
protected from being stolen
or modified by external
users.
Residual risks:
STUDENT GRADING SYSTEM SECURITY
There are several other risks that can arise due to the implementation of the new
grading system by the university that includes malware attack, data theft, attempts to modify
the grades by the students, data misuse by any external user and many other risks that needs
to be controlled by the university by implementation of proper policies and practices.
Implementation plan:
Planning Time required Result
Providing private login
details to the authorised
users.
2 weeks The system will remain
prevented from being
accessed by unauthorised
users.
Instalment of software in
each system of the
university to prevent from
malicious attacks.
1 week The external users would be
not able to attack the system
through malicious codes.
Instalment of firewall
software or application in
each system containing the
data (Ogbu and Oksiuk
2016).
1 week The files containing the
personal data and grades of
the students will remain
protected from being stolen
or modified by external
users.
Residual risks:
9
STUDENT GRADING SYSTEM SECURITY
There are several practices that may be adopted by the university in order to avoid the
risks that may occur due to the implementation of the grading system. However, there are still
some residual risks that may or may not take place.
The file containing the personal data or grades of the students may get deleted.
The staffs of the university having the login details may misuse the data.
The authorised user may share the data with any external users.
Resources:
Software for prevention of malware attack:
An appropriate software is required to be installed in each system containing the
details of the students grades to prevent it from attack of the malicious code by any external
user.
Manager for maintaining the data:
The university needs to assign a manager to manage the data and ensure that it is send
to the right and authorised person.
Security plan:
The Remarkable University required to make proper policies and planning and
implement it in an efficient way in order to the risks that may arise after implementation of
the system.
Maintenance and training:
The university needs to maintain the system in a proper way in order to get the
efficient result. The file containing the personal details and grades of the students should be
password protected in order to prevent it from any external user. The university should use
STUDENT GRADING SYSTEM SECURITY
There are several practices that may be adopted by the university in order to avoid the
risks that may occur due to the implementation of the grading system. However, there are still
some residual risks that may or may not take place.
The file containing the personal data or grades of the students may get deleted.
The staffs of the university having the login details may misuse the data.
The authorised user may share the data with any external users.
Resources:
Software for prevention of malware attack:
An appropriate software is required to be installed in each system containing the
details of the students grades to prevent it from attack of the malicious code by any external
user.
Manager for maintaining the data:
The university needs to assign a manager to manage the data and ensure that it is send
to the right and authorised person.
Security plan:
The Remarkable University required to make proper policies and planning and
implement it in an efficient way in order to the risks that may arise after implementation of
the system.
Maintenance and training:
The university needs to maintain the system in a proper way in order to get the
efficient result. The file containing the personal details and grades of the students should be
password protected in order to prevent it from any external user. The university should use
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
STUDENT GRADING SYSTEM SECURITY
updated software for the implementation of the system. The staffs of the university
maintaining the system should be given proper and regular training for maintaining the
security of the data.
STUDENT GRADING SYSTEM SECURITY
updated software for the implementation of the system. The staffs of the university
maintaining the system should be given proper and regular training for maintaining the
security of the data.
11
STUDENT GRADING SYSTEM SECURITY
References:
Ogbu, J.O. and Oksiuk, A., 2016, October. Information protection of data processing center
against cyber attacks. In Problems of Infocommunications Science and Technology (PIC
S&T), 2016 Third International Scientific-Practical Conference (pp. 132-134). IEEE.
Piessens, F. and Verbauwhede, I., 2016, March. Software security: Vulnerabilities and
countermeasures for two attacker models. In Proceedings of the 2016 Conference on Design,
Automation & Test in Europe (pp. 990-999). EDA Consortium.
STUDENT GRADING SYSTEM SECURITY
References:
Ogbu, J.O. and Oksiuk, A., 2016, October. Information protection of data processing center
against cyber attacks. In Problems of Infocommunications Science and Technology (PIC
S&T), 2016 Third International Scientific-Practical Conference (pp. 132-134). IEEE.
Piessens, F. and Verbauwhede, I., 2016, March. Software security: Vulnerabilities and
countermeasures for two attacker models. In Proceedings of the 2016 Conference on Design,
Automation & Test in Europe (pp. 990-999). EDA Consortium.
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.