ICT5350 Securing IT Systems Assignment Help
Assessment Brief: ICT5350 Securing IT Systems
Trimester 2, 2024
Assessment Overview
Assessment Task | Type | Weighting | Due | Length | ULOs |
Assessment 1: Laboratory Practicum | Individual Invigilated | 20% | Week 2, 3, 5, 7, 8 | (equiv. 2000 words) | ULO1 ULO2 ULO3 |
Assessment 2: In-class Quizzes Quiz of key content areas to identify further support needs. | Individual Invigilated | 20% | Week 6, 9 | each 15 minutes (equiv. 2000 words) | ULO1 ULO2 ULO3 |
Assessment 3: Case Study: Part 1 Cause Analysis & Stakeholder Impact Analysis | Individual | 20% | Week 5 | 1000 words | ULO1 ULO3 ULO4 |
Assessment 4: Case Study: Part 2 Final security incident response plan with firewall Log Analysis, Incident report and remediation plan including constraint analysis of projected actions. | Individual | 40% | Week 12 | 4500 words | ULO2 ULO4 ULO5 |
equiv. – equivalent word count based on the Assessment Load Equivalence Guide. It means this assessment is equivalent to the normally expected time requirement for a written submission containing the specified number of words.
Note for all assessments tasks:
Students can generate/modify/create text generated by AI. They are then asked to modify the text according to the brief of the assignment.
During the preparation and writing of an assignment, students use AI tools, but may not include any AI-generated material in their final report.
AI tools are used by students in researching topics and preparing assignments, but all AI-generated content must be acknowledged in the final report as follows:
Format |
I acknowledge the use of [insert the name of AI system and link] to [describe how it was used]. The prompts used were entered on [enter the date in ddmmyyy:] [list the prompts that were used] |
Example |
Tools I acknowledge the use of ChatGPT to create content to plan and brainstorm ideas for my assessment. The prompts used were entered on 18 March, 2023:
|
Assessment 1: Weekly Workshop Activity
Due date: | Weeks 2, 3, 5, 7, 8 |
Group/individual: | Individual |
Word count/Time provided: | equiv. 1200 words |
Weighting: | 10% |
Unit Learning Outcomes: | ULO1, ULO2, ULO3, ULO4 |
Assessment Details:
Practical exercises assess students’ ability to apply theoretical learning to practical, real-world situations on a weekly basis. The practical exercises will improve student’s ability to practice information security using Linux/Kali Linux platform such as phishing attack, encryption and steganography and other functions.
Students will be required to complete the practical exercises during the workshop and therefore, attendance is required as part of this assessment. Students will not be assessed on work that not produced in workshop so that attendance is required as part of this assessment. Students are required to submit the work that they have completed during the workshop session only. The details of the lab work and requirements are provided on the online learning system.
Assessment 1 Marking Criteria and Rubric
The assessment will be marked out of 100 and will be weighted 20% of the total unit mark. The marking criteria and rubric are shown on the following page.
Assessment 1 Marking Criteria and Rubric
Marking Criteria | Not Satisfactory (0-49% of the criterion mark) | Satisfactory (50-64% of the criterion mark) | Good (65-74% of the criterion mark) | Very Good (75-84% of the criterion mark) | Excellent (85-100% of the criterion mark) |
Implementation of tasks (50%) | Tasks were not completed or were completed with significant errors | Tasks were completed but with some errors or omissions | Tasks were completed satisfactorily with minor errors | Tasks were completed well with few errors | Tasks were completed perfectly with no errors |
Efficiency and effectiveness (50%) | Little to no efficiency or effectiveness in completing tasks | Inconsistent efficiency or effectiveness in completing tasks, with significant room for improvement | Adequate efficiency and effectiveness in completing tasks | Good efficiency and effectiveness in completing tasks | Excellent efficiency and effectiveness in completing tasks, with attention to detail |
Assessment 2: Quiz
Due date: | Weeks 6, and 9 |
Group/individual: | individual |
Word count/Time provided: | 15 mins |
Weighting: | 20% |
Unit Learning Outcomes: | ULO1, ULO3 |
Assessment Details:
This assessment also includes an invigilated quiz that will assess your ability to understand theoretical materials and your knowledge of key content areas. The quiz will be either multiple choice questions or short questions that are relevant to the lectures of lecture materials. For successful completion of the quiz, you are required to study the material provided (lecture slides, tutorials, and reading materials) and engage in the unit’s activities. The prescribed textbook and lecture slides are the main reference along with the recommended reading materials.
Assessments 2 Marking Criteria and Rubric
The assessment will be marked out of 100 and will be weighted 20% of the total unit mark.
Assessment 3: Case Study: Part I
Due date: | Weeks 5 |
Group/individual: | individual |
Word count/Time provided: | 1000 words |
Weighting: | 20% |
Unit Learning Outcomes: | ULO1, ULO3, ULO4 |
Assessment Details:
Assessment Title: Comprehensive Analysis of a Notable Cybersecurity Breach
Objective: This assessment requires students to perform a thorough investigation into a significant cybersecurity breach. The aim is to understand the breach’s root causes, the strategies employed by the attackers, vulnerabilities exploited, and the broader impact of the incident.
Word Count: 1000 words, excluding references
Format: Individual assignment
Detailed Instructions
Case Overview:
Describe the cyber-attack, providing a detailed narrative and timeline of events.
Identify the stakeholders affected by the attack (e.g., employees, customers, business partners).
Use real-world data and examples to support your description.
Initial Point of Compromise:
Investigate how the attackers first breached the system.
Explain the methods used (e.g., phishing, malware, social engineering).
Propagation Mechanisms:
Analyze how the attack moved laterally within the network.
Discuss techniques such as credential theft, exploiting software vulnerabilities, or using malicious tools.
Exploited Vulnerabilities:
Identify the specific vulnerabilities that were exploited by the attackers.
Provide a detailed explanation of how these vulnerabilities were leveraged.
Human Errors:
Examine any mistakes made by individuals that facilitated the attack.
Consider errors such as weak passwords, lack of security training, or failure to apply patches.
Tools and Techniques:
Describe the tools (e.g., malware, hacking software) and techniques (e.g., phishing, brute force attacks) used by the attackers.
Explain how these tools and techniques were employed to carry out the attack.
Potential Cybersecurity Incidents for Analysis:
2013 Target Corporation Data Breach
2017 Equifax Data Breach
2018 Facebook–Cambridge Analytica Data Scandal
2020 SolarWinds Cyber Espionage
2020 Twitter Bitcoin Scam
Australian National University Data Breach, 2018
JBS Foods Ransomware Attack, 2021
Irish Health Service Executive Ransomware Attack, 2021
Alternatively, students can suggest their own case incident for analysis after obtaining approval from the lecturer.
Note: Students are expected to use credible sources, including academic journals, industry reports, and official statements, to support their analysis. Proper citation and adherence to academic integrity are mandatory.
Note: Students need to find a detailed timeline for the selected attack as this will be extended in Assessment 4.
Criteria | HD (High Distinction) (85-100% of the criterion mark)
| D (Distinction) (75-84% of the criterion mark) | Good (65-74% of the criterion mark) | Satisfactory (50-64% of the criterion mark) | Not Satisfactory (0-49% of the criterion mark) |
Case Overview (20) | 17-20: Comprehensive, well-structured description and timeline. Stakeholders meticulously identified. | 15-16.8: Detailed description and timeline. Most stakeholders identified. | 13-14.8: Adequate description and timeline. Some stakeholders were identified. | 10-12.8: Basic description or timeline. Few stakeholders were identified. | 0-9.9: Incomplete or missing description or timeline. No stakeholders were identified. |
Initial Point of Compromise (10) | 8.5-10: Exceptionally thorough and insightful analysis of the initial point of compromise. | 7.5-8.4: Detailed analysis of the initial point of compromise. | 6.5-7.4: General analysis of the initial point of compromise. | 5-6.4: Limited analysis of the initial point of compromise. | 0-4.9: Missing or incorrect analysis. |
Propagation Mechanisms (10) | 8.5-10: Comprehensive analysis with clear understanding of lateral movement. | 7.5-8.4: Detailed analysis of propagation mechanisms. | 6.5-7.4: Adequate analysis but missing some details. | 5-6.4: Limited or basic analysis of propagation. | 0-4.9: Incomplete or missing analysis. |
Exploited Vulnerabilities (10) | 8.5-10: Exhaustive list and in-depth discussion of exploited vulnerabilities. | 7.5-8.4: Detailed list and explanation of exploited vulnerabilities. | 6.5-7.4: Adequate list but limited explanation. | 5-6.4: Few exploited vulnerabilities listed. | 0-4.9: No vulnerabilities listed. |
Human Errors (10) | 8.5-10: Detailed and insightful analysis of human errors contributing to the incident. | 7.5-8.4: Good analysis with some depth. | 6.5-7.4: General mention of human errors. | 5-6.4: Limited mention of human errors. | 0-4.9: No mention or incorrect analysis. |
Tools and Techniques (10) | 8.5-10: Exceptional analysis of attacker’s tools and techniques. | 7.5-8.4: Detailed understanding of tools and techniques used. | 6.5-7.4: Some understanding but missing details. | 5-6.4: Basic understanding of tools and techniques. | 0-4.9: Incomplete or incorrect understanding. |
Assessment 4: Case Study: Part II Final security incident response plan.
Due date: | Weeks 12 |
Group/individual: | individual |
Word count/Time provided: | 4500 words |
Weighting: | 40% |
Unit Learning Outcomes: | ULO2, ULO4, ULO5 |
Assessment Details:
Assessment Title: Advanced Cybersecurity Incident Analysis and Response Plan
Overview
Building on the foundational analysis conducted in Assessment 3, this assessment requires you to develop a comprehensive Incident Response Plan. Your plan should be approximately 4500 words, excluding references, and include detailed strategies for incident response, remediation measures, and lessons learned to improve future cybersecurity resilience.
Objective:
Develop a comprehensive Incident Response Plan.
Analyze firewall logs and integrate findings into the response plan.
Provide an incident report and remediation plan.
Conduct a constraint analysis of projected actions.
Word Count: 4500 words, excluding references.
Format: Individual assignment
Guidelines:
Utilize the incident response template provided by as a reference.
The response plan should be tailored to the specific incident analysed in the first assignment, incorporating specific details and nuances of that incident.
Detailed Instructions
Roles and Responsibilities:
Define and rationalize roles and responsibilities, including Points of Contact (POC), Cyber Incident Response Team (CIRT), and Senior Executive Management Team (SEMT).
Ensure clarity on who will be involved in the response process and their specific duties.
Communications:
Create an internal and external communications plan.
Outline how information will be disseminated during the incident, including stakeholders and the public.
Supporting Procedures and Playbooks:
Develop Standard Operating Procedures (SOPs) and playbooks relevant to the case study.
Include detailed steps for responding to similar incidents in the future.
Sector, Jurisdictional, and National Arrangements:
Demonstrate understanding and application of sector-specific, jurisdictional, and national arrangements.
Address compliance with relevant regulations and coordination with external bodies.
Firewall Log Analysis:
Provide a detailed analysis of firewall logs related to the case study.
Highlight key insights and interpret the data to inform the incident response.
Incident Notification and Reporting:
Cover legal and regulatory requirements for incident notification and reporting.
Discuss insurance matters and ensure thorough coverage.
Containment, Evidence & Remediation:
Detail the steps for containing the incident and collecting evidence.
Develop a comprehensive remediation action plan.
Recovery:
Outline a clear and practical recovery plan, including ‘stand down’ procedures.
Ensure the plan is actionable and considers potential constraints.
References:
Provide clear evidence of a wide range of relevant, current, and credible sources.
Ensure adherence to formatting requirements and proper citation.
Note: This assessment builds upon assessment 3, in which students analysed a selected cyber or cyber-enabled incident. This assessment aims to test your ability to synthesize incident analysis with practical response strategies, emphasizing real-world applicability and adherence to existing cybersecurity frameworks and best practices. The response plan should be actionable, well-researched, and reflective of the complexities involved in managing cybersecurity incidents.
Assessment Criteria
Assessment Criteria | HD (High Distinction) (85-100% of the criterion mark)
| D (Distinction) (75-84% of the criterion mark) | Good (65-74% of the criterion mark) | Satisfactory (50-64% of the criterion mark) | Not Satisfactory (0-49% of the criterion mark) |
Roles and Responsibilities (10) | 8.5-10: Clearly defines and rationalizes roles and responsibilities including Points of Contact, CIRT, and SEMT. | 7.5-8.4: Strong but slightly less clear definition and rationalization. | 6.5-7.4: Adequate but could be clearer on roles and responsibilities. | 5-6.4: Limited clarity on roles and responsibilities. | 0-4.9: No clarity on roles and responsibilities. |
Communications(10) | 8.5-10: Exceptionally clear internal and external communications plan. | 7.5-8.4: Strong but less exhaustive communications plan. | 6.5-7.4: Good but incomplete communications plan. | 5-6.4: Limited detail on communications plan. | 0-4.9: Fails to address a communications plan. |
Supporting Procedures and Playbooks (10) | 8.5-10: Outstanding SOPs and playbooks that are highly relevant to the case study. | 7.5-8.4: Strong but less exhaustive SOPs and playbooks. | 6.5-7.4: Good but could be more exhaustive SOPs and playbooks. | 5-6.4: Basic SOPs and playbooks but limited in scope. | 0-4.9: Fails to produce SOPs and playbooks. |
Sector, Jurisdictional and National Arrangements (10) | 8.5-10: Exceptional understanding and application of sector, jurisdictional and national arrangements. | 7.5-8.4: Strong but less exhaustive understanding. | 6.5-7.4: Good but incomplete understanding. | 5-6.4: Limited understanding of these arrangements. | 0-4.9: Fails to understand or apply these arrangements. |
Firewall Log Analysis (10) | 8.5-10: Exceptional insights and comprehensive interpretation of firewall logs related to the case study. | 7.5-8.4: Strong but less exhaustive interpretation. | 6.5-7.4: Good but incomplete interpretation. | 5-6.4: Limited interpretation of logs. | 0-4.9: Poor or missing interpretation. |
Incident Notification and Reporting (10) | 8.5-10: Comprehensive coverage of legal, regulatory requirements, and insurance matters. | 7.5-8.4: Strong but slightly less exhaustive coverage. | 6.5-7.4: Adequate but could be clearer on notification and reporting. | 5-6.4: Limited clarity on notification and reporting. | 0-4.9: No clarity on notification and reporting. |
Containment, Evidence & Remediation (15) | 12.75-15: Outstanding detailing in containment, evidence collection and a remediation action plan. | 11.25-12.74: Strong but slightly less detailed. | 9.75-11.24: Good but could be more detailed. | 7.5-9.74: Adequate but could be more exhaustive. | 0-7.49: Fails to detail these elements. |
Recovery (10) | 8.5-10: Exceptionally clear and practical recovery plan including ‘stand down’ procedures. | 7.5-8.4: Strong but less exhaustive recovery plan. | 6.5-7.4: Good but incomplete recovery plan. | 5-6.4: Limited detail on the recovery plan. | 0-4.9: Fails to address a recovery plan. |
References (15%) | 12.75-15: Clear evidence of a wide range of relevant, current and credible sources used to answer/explore the question/task. | 11.25-12.74: Generally, adheres to the specified formatting requirements. | 9.75-11.24: Numbering is sequential. Titles are underneath figures. Constructs and displays data in an appropriate manner. | 7.5 -9.74: Constructs and displays data in an appropriate and relevant manner. Closely adheres to all formatting requirements. | 0-7.4: Clear evidence of a wide range of relevant, current and credible sources used to answer/explore the question/ta |
Leave A Comment