MCS 2946 Case Study 2

Ace your studies with our custom writing services! We've got your back for top grades and timely submissions, so you can say goodbye to the stress. Trust us to get you there!


Order a Similar Paper Order a Different Paper

 

 

 

Case Study Cover Sheet- MCS 2946 Case Study 2 [15%]

 

Course Name MCS 2946 Faculty Name  
Project Title Practical Examination 2 Due Date   October 30, 2021
Section   Date Submitted  
Student Name   Student ID  
This assessment will assess the following Learning outcomes:

1.   CLO4: Apply various risk evaluation and mitigation strategies.

2.   CLO5: Develop a security architecture to determine patterns and baselines of traffic, services and controls.

 

Declaration

No part of this assignment has been copied from another s o u r c e (not from another group, students, an internet source, or a book)

When another person’s words are used, this is shown in the text with “…” and referenced.

No part of this assignment has been written by anyone other than the members of the group named below.

I have a copy of this assignment that we can produce if the first copy is lost or damaged.

Name and Signature:

 

Name …………………………………………      Signature                                                         ……………………………

 

 

  • The marker may choose not to mark this assignment if the above declaration is not

 

If the declaration is found to be false, appropriate actions will be taken. Plagiarism is copying and handing of someone’s work as your own. Any student found guilty of this type of cheating will be dismissed from the college.

 

Received By……………………………………………… Date ……………………………

 

 

 

 

MCS 2946 Case Study Two

Data breach can be defined as an incident in which sensitive, protected, or confidential data has potentially been viewed, stolen, or used by an individual unauthorized. Data breaches may involve payment card information, personal health information, personally identifiable information, trade secrets, or intellectual property.

 

Data breaches have gained widespread attention as businesses of all sizes become increasingly reliant on digital data, cloud computing, and workforce mobility. With sensitive business data stored on local machines, on enterprise databases, and on cloud servers, breaching a company’s data has become as simple or as complex as gaining access to restricted networks. The following website keeps track of the World’s Biggest Data Breaches in the last 10 years.

 

http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

 

You are required to identify one organization in the last three years from the provided link (except Solar Winds), expand on it, and analyze the report provided for the chosen organization. Ensure that the chosen organization has sufficient information.

This case study requires you to demonstrate the ability to investigate the security risk management issues in the chosen organization based on a real-life case study and answer the questions that follow. Each team should read and understand the case study and provide detailed answers in their own words. In your report, you will be required to follow prescribed procedures to evaluate risk levels and the potential impact of threats and vulnerabilities for a real-life organization and recommend controls, risk decisions, and security architecture.

 

You will be assessed on your ability to analyze the security requirements and objectives of the organization as well as the efficacy of the risk management strategies and controls that have to be implemented.

 

 

 

 

1.     Case Study Summary.

 

  1. Identify and explain which of the following data breach types applies to your chosen organization:
    1. payment card information
    2. personal health information
    3. personally identifiable information:
    4. trade secrets
    5. intellectual property
    6. Others (specify)

 

 

  1. Assess the impact of the breach on the organization; legal, financial, and reputational (short-term and long-term).

 

  1. Identify and explain four security issues the organization was facing before the

 

  1. For each security issue identified in the previous question, recommend a suitable control from the 20 Critical Security Controls, two sub controls, and proper

 

  1. For the previous question, link each tool with proper risk control strategy (defense, transference, mitigation, acceptance, termination).

 

  1. If you have sufficient budget for security, which tools you will use? Explain pros and cons.

 

  1. Explain with an illustration a security architecture that should provide the blueprint and guide the Organization’s security

 

  1. Individual reflection (Minimum of 200 words): Summarize lessons learned from this

 

 

 

Report Requirements

  1. MS Word report with 2000
  2. Font: Times New Roman, size
  3. APA referencing with in-text references and a “references”
  4. Signed cover sheet

 

Rubric

 

 

    EMERGING

(1-59)% of Section Score

COMPETENT

(60-79)% of Section Score

MASTERING

(80-100)% of Section Score

Section Score
1 Summarize the case study. Copies and pastes from case study reports without using their own words. Case study general topic selected are flawed or inadequately carried out. Conclusions overreach evidence presented Summarizes the case in his own words with insufficient detail.

Unrelated issues are introduced and/or minor errors in content. Assertions made without adequate support from the case study

Introduces the case using the major topic sentence, researches on the topic and concludes about the case in his own words. /5
 
2 Identify and explain which of the following data breach type applies to your chosen organization: Data breach type is presented with information, findings, arguments  and supporting evidence in a way that is not always clear, concise, and logical; the line of reasoning is sometimes hard to follow attempts to select information. Data breach type is selected is flawed in regard to the Organization chosen Data breach type is presented with information, findings, arguments  and supporting with insufficient detail.

Unrelated issues are introduced and/or minor errors in content. Assertions made without adequate support from the case study.

Researches and exhaustively explains the data breach. Technical language is explained. The conclusion addresses the organization chosen and data breach requirements in a thoughtful and logical way. /10
 
3 Assess the impact of the breach on the organization Simply highlights or bullets a few of methods without explaining. Errors in choice, execution or interpretation of required impact from the Organization. Explains a handful of good things without exhaustion.

Occasionally picking up examples from case study

Exhaustively explores the case study picking up many good and explaining with examples from case study. /10
4 Identify at least four security issues the organization was facing before the breach. Simply highlights or bullets a few of methods without explaining. Errors in choice, execution or interpretation of required security issues from the Organization. Explains a handful of bad things without exhaustion.

Occasionally picking up examples from case study

Exhaustively explores the case study picking up  many issues and explaining with examples from case study. /10
5 For each security issue identified in the previous question, recommend a suitable control and proper tools. Errors in choice, execution or interpretation of required controls and tools from the Organization. Explains a handful of suitable controls without exhaustion. Controls provided are spotty and inconsistent with the case study chosen leaving holes. Exhaustively explores the case study picking up many suitable and correct controls, tools and explaining with examples from case study. /10
6 For the previous question, link each tool with proper risk decision (defense, transference, mitigation, acceptance, termination). Errors in choice, execution or interpretation of required strategy that applies to the Organization. Chooses a handful of suitable risk decision that apply to the organization chosen without exhaustion. Decision provided are spotty and inconsistent with the case study chosen leaving holes. Exhaustively explores the case study picking up many suitable risk decision and correct strategies and explaining with examples from case study. /12

 

 

7 If you have a very low budget for security, which tools you will use? Explain pros and cons. Errors in choice, execution or interpretation of required tool. Moderately explores approaches Extensively explores approaches. /7
 
8 Explain with an illustration a security architecture that should provide the blueprint and guide the Organization’s security program. Errors in choice, execution or interpretation of required architecture that applies to the Organization. Moderately explores the right architecture. Sometimes recommending an inappropriate architecture with an illustration. Exhaustively the different security architectures available with illustrations. /12
 
9 Individual reflection (Minimum of 200 words): Summarize lessons learned from this incident. Copy and paste from group report.

The conclusion addresses the case study specifications and requirements insufficiently.

Moderately expresses their own understanding of the case study report.

The conclusion addresses the case  study specifications and requirements moderately.

Freely expresses themselves like they own the report.

The conclusion addresses the case study specifications and requirements in a thoughtful and logical way.

/20
 
 

10

 

REFERENCES

Includes graphs or obvious information without providing a reference. Provides most references by link Provides a paper reference for all references. /4
 
Grand Total                                                                                                                                                                                                  100
 
 

 

Writerbay.net

Looking for top-notch essay writing services? We've got you covered! Connect with our writing experts today. Placing your order is easy, taking less than 5 minutes. Click below to get started.


Order a Similar Paper Order a Different Paper