[Authentic] assess your technical skills

Assessment-3 Details (2500 words-50%)
Assessment Details:
This assessment is designed to assess your technical skills in investigation IS security, risk threats and management to an organization. The assessment is also assessing your skills to evaluate risk management techniques and IS auditing. You are required to select an organization that uses information systems to perform daily business operations. You have to identify the most valuable assets for the organisations and investigate the security threats and mitigation techniques. You have also to propose/evaluate the risk management techniques adopted by the selected organization to ensure the reliability, confidentiality, availability, and integrity. You have also to discuss audit plan and processes used by the organization and investigate the impact of human factors on security and risk management.
Task Specifications
This assessment includes two tasks as follows:
Task-1:
Each student should select an organisation. The organization must provide information systems services to the staff and customers. You have to write a report to answer the followings related to the selected organization:
1. Network devices are highly vulnerable and can be exposed. Discuss two types of threats against network routers/switches of the selected organization. Illustrate how these devices are vulnerable to destruction and abuse.
2. Propose with justification two types of network security devices can be used to control security and mitigate threats related to the web and email servers.
3. Assume the organization used Windows server 2016 to host the organization web site. Discuss how the organization can ensure the availability of the web service using windows server 2016.
4. Discuss the impact of employee on information security of the selected organization. Provide risk management recommendation to reduce the risk of employee.
5. Windows server 2016 supported with different tools for auditing. Illustrate windows server 2016 auditing tools and discuss how they can be used by the selected organization to monitor and analyzing the web server and email server problems.
You may need to make some assumptions with the required justifications.

Posted in Uncategorized