Assignment:
Internal and external students should submittwo documents :
1. Power point presentation with voice embedded in it. No video links will be accepted.
2. One document explaining the steps you have done for the tasks selected including the references.
Make sure you test the PPT file audio before submission. You may be called for an interview if the lecturer has any questions.
You could industry resources such as Gartner and Ovum. Go to https://libguides.cdu.edu.au/IT to access these sites.
Please feel free to ask me if you have an issue related to the following tasks in the discussion forum.
Part A - Mandatory.
1. Describe the Australian Government's ISM and PSPF with emphasis on information classification. Develop an organisational structure to implement the requirements of the standards.
Source : https://www.protectivesecurity.gov.au/Pages/default.aspx
You can refer to the Video by guest lecture on Week 1. Assumptions : you can assume a company with a minimum of 30 employees with a business value of more than $50M and their business is mainly online(eg: Uber eats etc.,)
2. Run "netstat -an" on your own computer. You can investigate the services running on your machine and explain it in detail.Next, visit any five(5) websites and see the differences in list of services.You could look for any malicious or fictitious connections.
Part B - Select any two(2) and each question
3. Charlie and Iris are working in the same company but a different department who meets during lunch time to discuss about their work. Today Iris discussed about a new position being created and Human Resources department starting advertising the position. Charlie then tell Iris " I have a friend who runs a placement service and an find the right person. Once the position is filled, I will split the finder's fee with you" .
Iris knows that her company may pay as much as half a years' salary for the placement services. Charlies friend is likely to pay him a substantial amount if Iris awards the placement contract to them. If she can get a good employee and a little extra money on the side, everyone wins.
However, Iris is not comfortable with such an arrangement, and she's pretty sure it's against company policy.
If this comes to pass, is Charlie or Iris doing anything illegal?
What's ethically wrong with Charlie's proposal?
4. Recently Australian government had released regulation about General Data Protection Regulation and Mandatory data breach notification act. Describe your understanding of GDPR and its implications in Australian businesses.
5. Recently CDU has made it mandatory to use 2FA (Two factor authentication) for the CDU portal and other online services. What is your view and explain the limitations or hardships you have faced in using 2FA?
6. Describe what are the issues faced by an organisation allowing staff to use their private smart mobile phones to carry out its business. What management methods can be used to reduce the risks to an organisation using mobiles?
7. Email is a vector through which an organisation's security can be attacked. There are different threats that come through email. What steps would you take to reduce the risks to an organisation's information security?
8. Cyber insurance has become a critical point of discussion among C-suite. What is the different cyber insurance available in Australia for various data breaches? Prepare a comparison table by analysing the servicers offered by various providers and find the gaps in service(if any).