ITC595 – Information Security
Assessment item 2
Security fundamentals
Value: 15%
Submission method options
Alternative submission method
Task
This assessment aims to develop and gauge student understanding of the key topics covered so far
by answering the following questions. Answering these questions will help you build some
understanding for the next assessment item as well as for the entire subject. It is expected that
answers to the assignment questions be succinct (i.e. precise and concise) with all sources of
information fully referenced as per APA referencing style. You have to reference the text book and
any additional material you have used in your answers.
Note that the guide for APA referencing is provided in the resources section of Interact site of this
subject.
Answers MUST be written in your own words. If an answer contains more than 10% direct quote
(referenced or unreferenced), 0 marks will be awarded for this question. One or two sentence
answers will be too short and only receive low marks. Answers longer than 1.5 pages (12 point font,
single line spacing) may incur a penalty if too much non-relevant information is stated. For
mathematical questions it is expected that you show intermediate steps of your working. Just stating
the correct solution will result in low marks, on the other hand if the working is correct and you only
made minor mistakes, you will still be awarded marks, even though the final answer is wrong.
Question 1 [5 Marks]
Automated Teller Machines (ATM) are designed so that users will provide a personal identification
number (PIN) and a card to access their bank accounts. Give examples of confidentiality, integrity
and availability requirements associated in such a system and describe the degree of importance for
each requirement.
Question 2 [5 Marks]
A thief broke into an Automated Teller Machine (ATM) using a screwdriver and was able to jam the
card reader as well as breaking five keys from the keypad. The thief had to halt the process of break-
in and hide, as a customer approached to use the ATM. The customer was able to successfully enter
their ATM card, punch in the 4 digit PIN and was able to draw out some cash. Since the card reader
was jammed, the customer was however not able to withdraw the ATM card, and drove off to seek
some help. In the meantime, the thief came back and decided to try to discover the customer’s PIN
so that he can steal money from the customer. You are required to calculate the maximum number
of PINs that the thief may have to enter before correctly discovering the customer’s PIN?
Question 3 [5 Marks]
Thinking about bio-metric authentication, list three reasons why people may be reluctant to use bio-
metrics. Describe various ways of how to counter those objections.
Question 4 [5 Marks]
In bio-metric authentication, false positive and false negative rates can be tuned according to the
requirement, and they are often complementary i.e. raising one lowers the other. Describe two
circumstances where false negatives are significantly more serious than false positives.
Question 5 [10 Marks]
Transposition is one known method of encrypting the text. What can be one way that a piece of
cipher text can be determined quickly if it was likely a result of a transposition? Utilising some of the
decryption techniques (substitution and others) covered in the subject so far, you are required to
decipher (find the plain text) the cipher text that will be proviced to you closer to the assessment
due date via the subject site. In order to present your solution, you need to demonstrate and explain
the steps taken to decipher this text.
Rationale
The assessment task is aligned with the following learning outcomes of the subject:
• be able to justify security goals and the importance of maintaining the secure computing
environment against digital threats;
• be able to explain the fundamental concepts of cryptographic algorithms;
• be able to examine malicious activities that may affect the security of a computer program and
justify the choice of various controls to mitigate threats.
• be able to compare and contrast the security mechanisms of a trusted operating system with those
used in a general purpose operating system;
Marking criteria
Question HD
100% – 85%
DI
84% – 75%
CR
74% – 65%
PS
64% – 50%
FL
49% – 0
Question1
In depth use
of a good
range of
relevant
literature to
address the
points.
Provides an
extensive
range of
examples of
the CIA triad
with sound
evidence of
synthesis of
Evidence of
using relevant
literatureI to
address the
points.
Provides a
detailed range
of examples of
the CIA triad
with evidence
of synthesis of
external
readings and
prescribed
readings in
Use of some
relevant
literature to
address the
points.
Provides some
examples of
the CIA triad.
Mostly cited
the prescribed
text. Evidence
of synthesised
concepts
learned from
topic readings
Limited
evidence of
using relevant
literature to
address the
points.
Provides
limited
examples of
the CIA triad
with little
evidence of
linkages or
connections to
topic readings.
No evidence
of using
relevant
literature to
address the
points. No
examples
provided with
extremely
limited or no
linkages or
connections to
topic readings.
own research
and prescribed
readings in
topics.
topics.
Question 2
The answer is
correct with a
complete,
clear, and
detailed step-
by-step
working
provided of
how the
answer was
calculated.
The answer is
correct with a
complete,
clear, and step-
by-step
working
provided of
how the
answer was
calculated.
The answer is
correct
showing most
steps of how
the answer
was
calculated.
The answer is
correct
however the
steps taken to
reach the
answer are
not shown
clearly.
The answer is
incorrect and
the steps
taken to reach
the answer are
not shown
clearly.
Question 3
Clear,
comprehensiv
e description
of biometric
authentication
and why
general
population
may object to
using this
technique.
Critical points
identified &
discussed.
Detailed
description of
biometric
authentication
and why
general
population
may object to
using this
technique.
Many critical
points
identified &
discussed.
Good
description of
biometric
authentication
and why
general
population
may object to
using this
technique.
Some critical
points
identified &
discussed.
Some
description of
biometric
authentication
and why
general
population
may object to
using this
technique.
Some critical
points
identified &
discussed with
minor
inaccuracies or
omissions.
Incomplete or
inadequate
description of
biometric
authentication
and why
general
population
may object to
using this
technique. No
critical points
identified &
discussed.
Question 4 Clear,
comprehensiv
e description
discussion of
two
circumstances
where false
negatives are
significantly
more serious
than false
positives in
Detailed
description
discussion of
two
circumstances
where false
negatives are
significantly
more serious
than false
positives in
biometric
Good
description
discussion of
two
circumstances
where false
negatives are
significantly
more serious
than false
positives in
biometric
Some
description
discussion of
two
circumstances
where false
negatives are
significantly
more serious
than false
positives in
biometric
Incomplete
description
discussion of
two
circumstances
where false
negatives are
significantly
more serious
than false
positives in
biometric
biometric
buthentication
listing all
critical points.
buthentication.
Many critical
points
identified &
discussed.
buthentication
. Some critical
points
identified &
discussed.
authentication
. Some critical
points
identified &
discussed with
minor
inaccuracies or
omissions.
authentication
. No critical
points
identified &
discussed.
Question 5
Correct
identification
of how to
quickly
identify if
transposition
techniques
have been
used. Correct
decryption of
the message
has been
provided along
with a clear,
concise and
step by step
explanation of
the decryption
technique
used.
Correct
identification
of how to
quickly identify
if transposition
techniques
have been
used. Correct
decryption of
the message
has been
provided along
with a clear,
and step by
step
explanation of
the decryption
technique
used.
Correct
identification
of how to
quickly
identify if
transposition
techniques
have been
used. Correct
decryption of
the message
has been
provided along
with a step by
step
explanation of
the decryption
technique
used.
Correct
identification
of how to
quickly
identify if
transposition
techniques
have been
used. Correct
decryption of
the message
has been
provided with
limited
explanation of
the decryption
technique
used.
incorrect
identification
of how to
quickly
identify if
transposition
techniques
have been
used. Inorrect
decryption of
the message
provided along
with little or
no explanation
of the steps
detailing the
decryption
technique
used.
Presentation
The assessment must be submitted electronically with a Cover Page that includes the
following information:
o Assessment No
o Assessment Title
o Student Name & ID
o Subject Name and Code
o Student Email Address
Students must ensure that all tasks/questions are identified clearly with headings.
Answers to the questions must be in your own words and should be precise but complete
and informative. No marks will be awarded for any answer containing more than 10% direct
quotes (referenced or un referenced).
APA reference style must be used throughout the document with the bibliography at the
end of the document. In-text citations should also follow APA style. APA referencing guide
can be accessed via the following link. This also forms a part of the marking
rubric.http://ift.tt/2Iao1zM csu
Please note: Assessment MUST be submitted as ONE MS Wword file via Turnitin. Please do not
submit *.zip or *.rar or multiple files. Assessments are marked and feedback is attached using a MS
Word based tool. Reports that are submitted in PDF format will be re-formatted to Word format in
order to be marked. Allowances will not be made for any loss of information, diagrams or images as
a result of the re-formatting.
Assessment item 3
Research project (Abstract)
Value: 5%
Return date: –
Length: 200-250 words
Submission method options
Alternative submission method
Task
In this assessment task you are required to select a topic for your research project from the list of
research areas/topics provided below:
• Biometrics for authentication: security and privacy implications
• Security and privacy issues in Internet of Things (IoT) /Smart Architectures
• Security threats in cloud computing and preventive methods
• Security issues in Software Defined Networks (SDN)
• Denial of service and distributed denial of service attacks
• Investigating security of Blockchain enabled applications
• Malware: past, present and future
• Employee privacy and email, WWW, and instant messaging
• Wireless Network security and preventive techniques
• Security threats related to BYOD devices and countermeasures
• Cryptographic techniques
• Data Exfiltration techniques
In this assessment, you are required to submit the title and an abstract for your selected research
project. The abstract will provide an overview of your selected topic, alongwith key securtiy
challenges in that area and why you have selected this to be your area of research. At the end of the
submission, you should have “Reference” section that will have a maximum of two articles (at least
one journal article) used to build your discussion for this abstract.
Rationale
This assessment has been designed to assist students with the completion of assessment 5
(Research Project Report).The aim of this task is to help students :
to build an understanding and perspective of current and emerging topics in Information
Security;
to help the students to formulate their research project in a step by step manner; and
to build generic skills including, critical thinking, analysis, problem solving in the context of
Information Security
Additionally, this assessment aligns with the following learning outcomes:
be able to justify security goals and the importance of maintaining the secure computing
environment against digital threats;
be able to explain the fundamental concepts of cryptographic algorithms;
be able to examine malicious activities that may affect the security of a computer program
and justify the choice of various controls to mitigate threats;
be able to compare and contrast the security mechanisms of a trusted operating system
with those used in a general purpose operating system;
be able to investigate and justify the use of the access control mechanisms and user
authentication processes;
be able to compare and contrast foundational security policies and models that deal with
integrity and confidentiality.
Marking criteria
The feedback for this assessment will be returned at the same time as assessment 5.
Presentation
The final submission must be in MS Word format.Care must be taken to avoid direct quotes from
sources. No marks will be awarded for any answer containing more than 10% direct quotes
(referenced or un referenced).
APA reference style must be used throughout the document with the bibliography at the end of the
document. In-text citations should also follow APA style. APA referencing guide can be accessed via
the following link. This also forms a part of the marking rubric.
http://ift.tt/2Iao1zM csu
Requirements
In order to successfully write the abstract, it is highly recommended that the students search latest
research articles preferably from well known and reputed research portals such as IEEE, ACM,
Springer and Wiley etc. This will help you to develop an understanding of latest issues and any
current research being undertaken in your selected research topic.
Please note: Assessment MUST be submitted as ONE MS Wword file via Turnitin. Please do not
submit *.zip or *.rar or multiple files. Assessments are marked and feedback is attached using a MS
Word based tool. Reports that are submitted in PDF format will be re-formatted to Word format in
order to be marked. Allowances will not be made for any loss of information, diagrams or images as
a
result of the re-formatting.
Assessment item 4
Quiz not usable
Assessment item 5
Research project (Report)
Value: 20%
Submission method options
Alternative submission method
Task
In this assessment, you are required to provide a complete report of your research project, that you
chose in Assessment 3 (Research Project Abstract) by discussing the following aspects:
Overview of the technology involved
Relevant technologies and applications of those technologies
Highlighting the challenges/problems in your chosen research area
Identification of any gaps in the literature by:
o discussing areas/issues that you believe have been addressed in the current
literature;
o highlighting areas/issues that have not been addressed or adequately addressed;
and
o discussing your view(s) on the issue(s) that you see as being critical.
Summarize the future research directions based on the identified gaps
To accomplish the above, you are expected to read and critically evaluate recent research in your
selected research area by citing a minimum of 5 research articles. Students are encouraged to access
such research articles from well known and reputed research portals such as IEEE, ACM, Springer,
Wiley etc. Please note Wikipedia and general blogs will not be considered as reputable citations.
Rationale
This assessment continues links back to assessment 3 where students initiated their research project
by selecting a research topic in an emerging area of information security.The aim of this task is to
help students :
to demonstrate ability to integrate and apply information from various topics;
to build an understanding and perspective of current and emerging topics in Information
Security;
to help the students to formulate their research project in a step by step manner; and
to build generic skills including, critical thinking, analysis, problem solving in the context of
Information Security
Additionally, this assessment aligns with the following learning outcomes:
be able to justify security goals and the importance of maintaining the secure computing
environment against digital threats;
be able to explain the fundamental concepts of cryptographic algorithms;
be able to examine malicious activities that may affect the security of a computer program
and justify the choice of various controls to mitigate threats;
be able to compare and contrast the security mechanisms of a trusted operating system
with those used in a general purpose operating system;
be able to investigate and justify the use of the access control mechanisms and user
authentication processes;
be able to compare and contrast foundational security policies and models that deal with
integrity and confidentiality.
Marking criteria
Assessment criteria
Assessable
Components
HD
100% – 85%
DI
84% – 75%
CR
74% – 65%
PS
64% – 50%
FL
49% – 0
Abstract
section
(5 Marks)
A very concise
abstract where
the aim of
study is
perfectly
articulated, the
central
question is
A concise
abstract
where the aim
of study is
appropriately
articulated, the
research
question is
A concise abstract
where the aim of
study is relatively
articulated, the
research question
is adequately
formulated.
A concise
abstract
where the aim
of study is
articulated,
the research
question is
vaguely
Incomplete abstract with no research question identified.
precisely
formulated,
formulated. formulated.
Introduction
section
(5 Marks)
A
comprehensive
discussion in
relation to the
research
background as
well as the
aim/objectives
of research is
included.
A highly
detailed
discussion in
relation to the
significance as
well as the
aim/objectives
of research is
included.
A thorough
discussion in
relation to the
significance as well
as the
aim/objectives of
research is
included.
An adequate
discussion in
relation to the
significance as
well as the
aim/objectives
of research is
included
An incomplete or irrelevant discussion is included.
Select
literature that
reflects
recent
developments
in the area
and
emphasizes
primary
literature (i.e.
journal
articles
containing
original
research)
(2 Marks)
Literature
selected
magnificently
reflects recent
developments
in the area and
completely
emphasizes
primary
literature (i.e.
journal articles
containing
original
research).
Literature
selected clearly
reflects recent
developments
in the area and
largely
emphasizes
primary
literature (i.e.
journal articles
containing
original
research).
Literature
selected relatively
reflects recent
developments in
the area and
generally
emphasizes
primary literature
(i.e. journal
articles containing
original research)..
Literature
selected
relatively
reflects recent
developments
in the area but
hardly
emphasizes
primary
literature (i.e.
journal articles
containing
original
research).
Literature selected does not reflect recent developments in the area and does not
emphasize primary literature (i.e. journal articles containing original research).
Identify gaps
in the
literature.
(4 Marks)
Comprehensive
knowledge of
the topic and in
depth
explanation of
the issues that
are not
addressed;
Reasonable
knowledge of
the topic and a
comprehensive
explanation of
the issues that
are not
addressed.
Provided
factual/conceptual
knowledge of the
topic and an
overall
explanation of the
issues that are not
addressed.
Limited
knowledge of
the of the
topic and a
basic
explanation of
the issues that
are not
addressed.
Fails to satisfy minimum requirements of explaining the issues.
Comment on
future
research
directions
based on the
identified
gaps i.e what
other
The proposed
future research
direction is well
formulated and
ably answers
all the
identified gaps.
The proposed
future
direction is
adequately
formulated
and sufficiently
answers most
of the
The proposed
future research
direction is
adequately
formulated and
answers some of
the identified
gaps.
The proposed
future
research
direction is
either not
adequately
formulated or
does not
The proposed future research direction is not adequately formulated and does not
sufficiently answer the identified gaps
research
questions
arise from the
literature.
(4 Marks)
identified gaps. sufficiently
answer the
identified
gaps.
Be written
clearly (with
content well
organized)
(3 Marks)
Highly
developed
skills in
expression &
presentation of
ideas.
Fluent writing
style
appropriate to
assessment
task/document
type.
Grammar &
spelling
accurate.
Formal English
is used
throughout.
Well
developed
skills in
expression &
presentation of
ideas.
Fluent writing
style
appropriate to
assessment
task/document
type.
Grammar &
spelling
accurate.
Mostly uses
formal English.
Good skills in
expression & clear
presentation of
ideas.
Mostly fluent
writing style
appropriate to
assessment
task/document
type.
Grammar &
spelling contains a
few minor errors.
More or less uses
formal English.
Some skills in
expression &
presentation
of ideas.
Meaning
apparent, but
writing style
not always
fluent or well
organised.
Grammar &
spelling
contains
several
careless
errors. Hardly
uses formal
English
Rudimentary skills in expression & presentation of ideas.
Not all material is relevant &/or is presented in a disorganised manner.
Meaning apparent, but writing style not fluent or well organised.
Grammar & spelling contains many errors. Does not use formal English.
Provide
references (at
least three)
using APA
referencing
system
including in
text citations.
(2 Marks)
Faultless
referencing,
including
reference list
and in text
citations.
High quality
references.
Very good
referencing,
including
reference list
and
in text
citations.
High quality
references.
Good referencing,
including
reference list and
in text citations.
Good quality
references.
Evidence of
rudimentary
referencing
skills.
Mix of good
and
poor quality
references.
Sub-standard
referencing.
Poor quality
references.
Presentation
The final submission must be in MS Word format using the given template that is available from the
subject site under Assessment 5 folder in the Resources section.
Care must be taken to avoid direct quotes from sources. No marks will be awarded for any answer
containing more than 10% direct quotes (referenced or un referenced).
APA reference style must be used throughout the document with the bibliography at the end of the
document. In-text citations should also follow APA style. APA referencing guide can be accessed via
the following link. This also forms a part of the marking
rubric.http://ift.tt/2Iao1zM csu
Requirements
Please note: Assessment MUST be submitted as ONE MS Wword file via Turnitin. Please do not
submit *.zip or *.rar or multiple files. Assessments are marked and feedback is attached using a MS
Word based tool. Reports that are submitted in PDF format will be re-formatted
-
- Assignment status: Resolved by our Writing Team
- Source@PrimeWritersBay.com
Comments
Post a Comment