MN502 Assignment Help
Information Security Assignment help
Assignment 1 is divided into two parts. Part A focuses on the recent attacks and security principles. Part B is about IT Security Frameworks and Reference Architectures.
Part A: Recent Attacks and Security Principles
One area that has been especially frequent target of attacks is the Information Technology
(IT). A seemingly endless array of attacks is directed at individuals, schools, businesses, and
governments through desktop computers, laptops, smartphones, and IoT devices . According to one of the leading cyber security solution provider Check Point, Supply Chain Attacks, Vishing, Ransomware, Thread Hijacking, Remote Access Vulnerabilities, Mobile Threats, and Cloud Privilege Escalation are some of the top information security issues and trends .
For this part of the assignment, conduct research on one recent attack (which happened in the years 2021-2022) related to one of the above-mentioned IT security issues. Your discussion must address the following points with proper in-text citations.
1. Identify and discuss the main reasons for this attack being successful.
2. Report the importance of key terms in the information security: asset, threat, threat actor, vulnerability, attack vector, attack surface in the context of the attack.
3. Analyse how could this attack have been prevented if the five fundamental security principles- layering, limiting, diversity, obscurity, and simplicity- had been applied?
Part B: IT Security Frameworks and Reference Architectures
The field of information security contains various supporting structures for implementing security. These structures are called industry-standard frameworks and reference architectures. There are several supporting structures available as templates for creating a secure IT environment. These include ISO, NIST, COBIT, ETSI, RFC, and ISA/IEC .
For this part of the assignment, write a literature review regarding any two security frameworks/architectures. The discussion in the report must explain following points with proper in-text citations.
1. How are these frameworks/architectures predominately used? Discuss their strengths and weaknesses.
2. Discuss the nature of these architectures categorically a) general b) application specific?
3. Recommend the framework/architecture for a small business and a school based on an appropriate selection
Must consider at least five current references from journal/conference papers and books. Must follow IEEE referencing style.