Assignment 1FY [YEAR]
[Total Mark for this Assignment is 8]
Student Details:
Name:
ID:
CRN:
Instructions:
• You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on
Blackboard via the allocated folder. These files must not be in compressed format.
• It is your responsibility to check and make sure that you have uploaded both the correct files.
• Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between
words, hide characters, use different character sets, convert text into image or languages other than English
or any kind of manipulation).
• Email submission will not be accepted.
• You are advised to make your work clear and well-presented. This includes filling your information on the cover
page.
• You must use this template, failing which will result in zero mark.
• You MUST show all your work, and text must not be converted into an image, unless specified otherwise by
the question.
• Late submission will result in ZERO mark.
• The work should be your own, copying from students or other resources will result in ZERO mark.
• Use Times New Roman font for all your answers.
Question One
Pg. 01
Learning
Outcome(s):
CLO4
Explain the
balancing cost
and impact of
security with the
reduction in risk.
Question One
2 Marks
What is the purpose of controls in the sense of information assurance.
Provide the list of activities to manage identified risks.
Question Two
Pg. 02
Learning
Outcome(s):
CLO5
Understand the
role of the policy,
standards,
guidelines and
procedures
documentation.
Question Two
2 Marks
How can an information security audit be used to improve the security
posture of an organization?
Question Three
Pg. 03
Learning
Outcome(s):
CLO1
Define and
explain the
Information
security policy
concepts.
Question Three
2 Marks
Discuss the relationship between information security threats,
vulnerabilities, and impact? Justify your answer with an explanation.
Question Four
Pg. 04
Learning
Outcome(s):
CLO6
Define corporate
governance and
related areas of
risk management.
Question Four
2 Marks
What are the key steps in the information security risk management
process?
Assignment 1
[Total Mark for this Assignment is 8]
Student Details:
Name: ###
ID: ###
CRN: ###
Instructions:
• You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on
Blackboard via the allocated folder. These files must not be in compressed format.
• It is your responsibility to check and make sure that you have uploaded both the correct files.
• Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between
words, hide characters, use different character sets, convert text into image or languages other than English
or any kind of manipulation).
• Email submission will not be accepted.
• You are advised to make your work clear and well-presented. This includes filling your information on the cover
page.
• You must use this template, failing which will result in zero mark.
• You MUST show all your work, and text must not be converted into an image, unless specified otherwise by
the question.
• Late submission will result in ZERO mark.
• The work should be your own, copying from students or other resources will result in ZERO mark.
• Use Times New Roman font for all your answers.
Question One
Pg. 01
Learning
Outcome(s):
CLO1
Question One
1 Marks
The design phase of the Simon (1977) Process involves formulating a model. Explain what a model
is and why we need to perform the analysis on a model of reality rather than on the real system?
Demonstrate an
understanding of
the concepts of
decision analysis
and decision
support systems
(DSS) including
probability,
modelling,
decisions under
uncertainty, and
real-world
problems.
Ans:
Question Two
Pg. 02
Learning
Outcome(s):
CLO2
Describe
advanced
Business
Intelligence,
Business
Analytics, Data
Visualization, and
Dashboards.
Question Two
4.5 Marks
AI systems are divided into three levels: assisted, autonomous, and augmented. Write their main
differences in the table below:
Ans:
Aspect
Definition
Level of
Decision
Support
Examples
Assisted Intelligence
Autonomous AI
Augmented Intelligence
Question Three
Pg. 03
Learning
Outcome(s):
CLO3
Recognize DSS
evolution to the
current state of
analytics and
artificial
intelligent.
Question Three
1 Marks
Discuss two of the limitations of artificial intelligence (AI) machines and give an example for each
one.
Ans:
Question Four
Pg. 04
Learning
Outcome(s):
CLO1
Demonstrate an
understanding of
the concepts of
decision analysis
and decision
support systems
(DSS) including
probability,
modelling,
decisions under
uncertainty, and
real-world
problems.
Question Four
1.5 Marks
The following table shows a list of fields. Add possible values and write the type of data for each
field. One example has been shown.
Ans:
Field
Example: Performance
Educational level
Place of residence
Height
Possible values
Excellent, good, poor
Data type
Ordinal
Assignment 1
FY [YEAR]
[Total Mark for this Assignment is 8]
Student Details:
Name: ###
ID: ###
CRN: ###
Instructions:
• You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on
Blackboard via the allocated folder. These files must not be in compressed format.
• It is your responsibility to check and make sure that you have uploaded both the correct files.
• Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between
words, hide characters, use different character sets, convert text into image or languages other than English
or any kind of manipulation).
• Email submission will not be accepted.
• You are advised to make your work clear and well-presented. This includes filling your information on the cover
page.
• You must use this template, failing which will result in zero mark.
• You MUST show all your work, and text must not be converted into an image, unless specified otherwise by
the question.
• Late submission will result in ZERO mark.
• The work should be your own, copying from students or other resources will result in ZERO mark.
• Use Times New Roman font for all your answers.
Question One
Pg. 01
Learning
Outcome(s):
Explain
networking and
security, security
issues, trends, and
security resource.
Apply effective,
proper, and stateof-the-art security
tools and
technologies.
Question One
1.5 Marks
Define the security term “availability.” Provide an example of a business
situation in which availability is more important than confidentiality.
Question Two
Pg. 02
Learning
Outcome(s):
Explain
networking and
security, security
issues, trends, and
security resource.
Question Two
1.5 Marks
ISO 27002 Supplier Relationships (Section 15) was added in the 2013 version. Discuss
your opinion with real example of why this section was added?
Question Three
Pg. 03
Learning
Outcome(s):
Apply the most
appropriate
solutions to
Question Three
2.5 Marks
Information Security Policies provide a framework that guides the organization and
protects the assets of that organization. Consider the SEU privacy policy discussed in
Question One, the policy goal is to ensure the privacy of sensitive information. This
sensitive information may be vulnerable to some information security threats.
problems related
to the field of
1. Choose at least one SEU information asset and identify the information
Security and
sensitivity level based on SEU privacy policy (i.e., Low, or Middle, or Highly
sensitive information).
Information
Assurance
2. List at least two security threats to the chosen sensitive information asset, two
vulnerabilities that might allow a threat to occur, and two risks resulting from the
threats and vulnerabilities.
Note: Write your answer in the table below.
Information
Assets
Information
Sensitivity
Level
Threats
Vulnerabilities
Risks
Pg. 04
Question Three
Question Four
Pg. 05
Learning
Outcome(s):
Question Four
1.5 Marks
Discuss the importance of asset inventory in terms of security perspective.
Analyze problems
related to the field
of Security and
Information
Assurance
Question Five
Pg. 06
Learning
Outcome(s):
Analyze problems
related to the field
Question Five
1 Mark
A smartphone is an information system. As with any information system, data
ownership and custodianship must be assigned. If a company allows an employee to
use a personally owned device for work-related communications:
of Security and
Information
Assurance
a. Who would you consider the information system owner? Why?
b. Who would you consider the information system custodian? Why?
c. In regard to protecting data, should there be a distinction between company data and
personal data?
Assignment 1
Deadline: Tuesday 03/10/2023 @ 23:59
[Total Mark for this Assignment is 8]
Student Details:
Name: ###
ID: ###
CRN: ###
Instructions:
• You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on
Blackboard via the allocated folder. These files must not be in compressed format.
• It is your responsibility to check and make sure that you have uploaded both the correct files.
• Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between
words, hide characters, use different character sets, convert text into image or languages other than English
or any kind of manipulation).
• Email submission will not be accepted.
• You are advised to make your work clear and well-presented. This includes filling your information on the cover
page.
• You must use this template, failing which will result in zero mark.
• You MUST show all your work, and text must not be converted into an image, unless specified otherwise by
the question.
• Late submission will result in ZERO mark.
• The work should be your own, copying from students or other resources will result in ZERO mark.
• Use Times New Roman font for all your answers.
Question One
Pg. 01
Learning
Outcome(s):
Question One
Demonstrate the
List and briefly define four categories of security services.
use of the security
tools and services
at TCP/IP layer
model.
2 Marks
Question Two
Pg. 02
Learning
Outcome(s):
Explain the
concepts of
cryptography,
encryption, hash
functions,
message
authentication,
digital signatures
and Network
Security.
Question Two
2 Marks
List out the differences between Symmetric Key encryption and Asymmetric
key encryption techniques.
Question Three
Pg. 03
Learning
Outcome(s):
Question Three
Write about the Cryptanalysis Attack and explain each one of it.
Recognize
network security
issues, including
threat,
countermeasures,
malicious
software and
intruders.
2 Marks
Question Four
Pg. 04
Learning
Outcome(s):
Explain the
Question Four
2 Marks
Kerberos is used to authenticate entities requesting access to network
resources. Write the answer to the following questions,
concepts of
cryptography,
encryption, hash
functions,
message
authentication,
digital signatures
and Network
Security.
a) What are the Three names of servers involved in the Kerberos protocol?
b) Briefly write the six steps of Kerbero’s Operation in your own words.
