You can download the solution to the following question for free. For further assistance in Information Security assignments please check our offerings in Information Security assignment solutions. Our subject-matter experts provide online assignment help to Information Security students from across the world and deliver plagiarism free solution with free Grammarly report with every solution.
(ExpertAssignmentHelp does not recommend anyone to use this sample as their own work.)
Jack Doe is the Community Liaison Officer for 3D Media Comm. Ltd based in Perth, Western Australia. 3D Media Comm. Ltd is an inventive company developing and selling social media marketing to small businesses. The design and production of all products is handled electronically, directly with each business. 3D Media Comm. Ltd currently has 40% of the market in WA, with the remaining 50% held by much larger advertising agencies, and the final 10% by those developing mobile apps for social media marketing. Jack spends half of his day on the road in the Perth metro area visiting small businesses who may wish to purchase and social media marketing into their existing marketing activities. Consequently, Jack carries a laptop, smart phone and Surface Pro 4 with him everywhere he goes. The laptop encompasses an Intel i5 CPU, 8GB RAM, and is running Windows 10 Professional with the last Windows update applied towards the end of January, 2015. When in the office Jack connects his laptop and Surface Pro to the company network.
Jack predominantly uses Microsoft Office Professional 2013 for all his business needs.
Microsoft Access and Microsoft Excel contain the information for all clients within Western Australia, as well as client confidential business and financial information. Jack is not well informed about information security although he uses computing technology to support his job. As a result Jack does not use third party firewalls, anti-virus software, encryption, or authentication mechanisms.
While on the road, Jack occasionally leaves his laptop in the car. He also frequently visits Internet cafes for lunch where he utilises the Internet for up to an hour each day. The confidentiality of information is important as any disclosure could cause significant embarrassment to him and the company, as well as impact client privacy and confidence. Also, Jack must provide correct, factual information to all clients hence ensuring the integrity of information is vital. Lastly, should any information not be available when needed, this may result in clients taking their business to the new to market competitor.
Utilising the background information, draw a concept map or annotated attack tree which represents the context of Jack's 3D Media Comm. Ltd work environment and also demonstrates:
*** All content MUST align with the scenario given and not just be provide in general security terms ***
All of the attacks that you present must be feasible, capable of being undertaken by one person, and require limited financial support. An in-text reference supporting the attack and countermeasure should be included within each of the concepts.
Review your requirements with our FREE Assignment Understanding Brief and avoid last minute chaos.
We provide you services from PhD experts from well known universities across the globe.
No more plagiarism worries. We give you a FREE Grammarly report with every assignment.
Information security breaches occur due to vulnerabilities present in the information system (Siponen, Mahmood, & Pahnila, 2014). These vulnerabilities are weak points in the system requirements, design and implementation which assist attackers to illegally compromise the system. A survey among information technology managers has revealed that human agents are the fragile linkage for information security and the main challenge is creating organisational awareness to ensure success in the initiatives (Hu, Dinev, Hart, & Cooke, 2012). This report identified the various threats faced by 3D Media Comm. Ltd, through the day-to-day activities of Jack Doe, the Community Liasion Officer.
Based on the available details, it is assumed that Jack Doe uses the following hardware and software components are which are subject to vulnerabilities.
Access of Networks
Jack's Knowledge about Computing
Jack's Knowledge about Information Security
It is observed that there is a need for information security due to client privacy and competitive position. A breach of client information is against confidentiality policies and causes a setback for the company. The design and production of social media marketing products are carried out electronically, and any leaks would result in intellectual property issues. As 3D Media Comm holds 40% of market share in WA against its competitors, any information leak would offset its competitive position.
This report uses an attack tree to identify the vulnerabilities present in Jack Doe's activities. An attack tree is used to determine and analyse potential threats through a hierarchical structure which decomposes an abstract attack to more concrete attack steps (Karabey & Baykal, 2013). The report includes a concept map followed by a description of the information system links to CIA (Confidentiality, Integrity and Availability), associated attacks and its impact, risk arising from the expected attack, countermeasures and cost required to resolve it.