Unit MBIS4006 Information Systems Security

Assessment Type Group Report

Assessment 2
Assessment Weighting 30%
Alignment with Unit and Unit Learning Outcomes Graduate Attributes
ULO2: Demonstrate a thorough knowledge of Assessed
Course important security tools such as GA1: Communication
authentication, access control, and GA3: Research
GA4: Critical Thinking
cryptographic techniques used within
GA6: Flexibility
information systems.
ULO3: Analyse and explain various security
technologies, scanning and probing tools to
master the best practices in protecting
information.

Due Date/Time Week 4 / Session 8

Time 04:00 PM

Assessment Description Group of 2-3 students write 2000 words report

about -Business continuity Plan

The Report You are working in a financial company called Resimac (resimac.com.au).
“Resimac Group is a leading alternative lender for residential mortgages and
asset finance in Australia and New Zealand, with a broad suite of competitive,
award-winning products that cater to diverse customer types and needs”.
1. The company has a small data centre in its own premises.
2. The company uses the cloud services of AWS and Microsoft Azure. Moreover,
they use Google services.
3. The company is connected with Macquarie bank for borrowing money and
paying back the money loans. (site to site VPN)
4. The company has branches in New Zealand / Auckland, in Melbourne, in
Tasmania and in Perth.
5. The branches are connected with each other using WAN connection.
6. A diagram shows the network map at the end of this document.
7. The company setup a separate VLAN for IP telephony, so they can connect
their own branches over the WAN line.
8. There are some web app services running in-premises such as resimac-
v1.apexgroupportal.com.
9. Resimac implements Citrix Gateway as a Single Sign on to allow own customers
accessing home loans held through other partners such as ING, AMS, StarNet,
Adelaide Bank, LinkLoan and Volt.
10. Recently, you have been designated to work as a cybersecurity engineer. The
company has already been certified with PCI-DSS, and now it is the time to
certify itself with ISO27001.
11. You have been asked to participate in the Business Continuity Plan
documentations, and mainly in Risk Management.
12. The risk management and analysis will help the organization to get certified
with ISO27001.
13. There are around 35 PC’s and 20 Laptops for the company’s employees. The
PC’s are from (HP Z1 G9 Core i7 Workstation, 16GB 512GB 1TB Win10/11 Pro),
while the laptops are: XPS 15 Laptop
14. Resimac has the following services on the cloud:
 #. Software Description Software type Cloud
Service
1 Microsoft Active Directory AD - Backup Azure
2 Microsoft Dynamic 365 CRM Azure
CRM
3 CustomerZone web App RDS (Microsoft SQL), AWS
S3 storage, Windows Server + IIS
4 Dashboard web App RDS (Microsoft SQL), AWS
S3 storage, Windows Server + IIS
5 Broker web App RDS (Microsoft SQL), AWS
S3 storage, Windows Server + IIS
6 Partner Branded web App RDS (My SQL), AWS
S3 storage, Ubuntu + Apache
server
7 CustomersZone Mobile App CustomerZone – Mobile Google -
Firebase

15. Resimac had the following major security incidents since 2018.

#. Description Attack No. of times Loss

1 Sniffing Citrix Gateway MitM 5 times $22,300.00
as MItM
2 Unauthorized access Brute Force 13 times $6,300.00
to the customers attack
portal system by
resetting customers
password
3 Phishing emails with Invoice 16 times $1,600.00
scam invoices Fraud
4 Phishing emails with Replay 1 time $600.00
scam invoices attack
5 Sniffing company Sniffing Unknown Indirect loss
emails Attack
6 Blocking AWS DDoS attack 5 $3,480.00
services- No WAF
implemented
7 Changing DNS A DNS 1 $1,500.00
records (one DNS poisoning
only)
8 Unauthorized access Brute Force 20 $6,200.00
to the production Attack
system
9 SQL Injection – on SQL 3 $12,000.00
Cloud and In-premise Injection
10 APT clients attack Malware 25 $30,000.00
attacks as
APT’s
11 Malware attack Viruses, 35 $15,000.00
Trojan,
Worms
12 Encrypting files Ransomware 12 $11,000.00
13 Access in-premise Backdoor 2 33,300.00
database attack and
stole 10,000
records
14 Access Cloud database No White list 3 $15,000
in RDS
 According to the above information, you need to write around 2000 words report
about the risk management. You need to complete the followings:
1. Use the framework addressed in NIST SP 800-37 document to conduct the
risk management.
2. List all assets available in the organization.
3. Follow Prepare, Categorize, Select, Implement, Assess, Authorize and
Monitor.
4. Re-draw the network design with your recommendations. For example,
ePO McAfee, Anti-Spam, second firewall, SD-WAN, Zero-trust gateway,
SAML with SSO, Two exchange emails instead of one, encrypting data….
etc
5. After drawing the suggested network plan, explain the new things that
you added to the network.
6. Add extra security services to the cloud and give that in priorities. Fr
example the first year, the second year…etc
7. Conduct a quantitative analysis to decide whether to replace WAN with
SD-WAN or not. Currently WAN is connected to all branches and costs
Resimac around $3500 / Month. The failure time since 2018 was a total of
13 days and 15 hours, which cost around $35,000
8. Explain the backup and recovery services by explaining the Identification
of control and recovery strategies.
9. Fill-in the major ISO27001 documents and attach them with your word
document submission.

• Work must be submitted through the Assessment 2 Turnitin link on the Moodle
Detailed page for this unit.
Submission • The format of the file must be doc/pdf.
• The assessment will be submitted through Turnitin via your unit page on Moodle.
Requirements • Turnitin is plagiarism software, which will identify if you have copied information
from AI.
Misconduct • Turnitin is plagiarism software, which will identify if you have copied information
and included it in your assessment.
• Copying information from others (i.e. websites, partner company information, or
other students etc.) without the acknowledging the author is classified as
misconduct.
• Engaging someone else to write any part of your assessment for you outside of
the group work arrangement is classified as misconduct.
• To avoid being charged with Misconduct, students need to submit their own work
and apply
• IEEE Style Referencing (ask your lecturer or the learning support coordinator
(academicsuccess@aih.nsw.edu.au) if you do not know what this means, or you
need assistance applying it).
Misconduct • The AIH misconduct policy and procedure can be read on the AIH website
(https://aih.nsw.edu.au/about-us/policies-procedures/).
• Use the AIH referencing guide accessible via Library and Learning Support
Late Submission Page on Moodle
Any assessment submitted past the specific due date and time will be classified as
Late.
• Any Late submission will be subject to a reduction of the mark allocated for
the assessment item by 5% per day (or part thereof) of the total marks available for
the assessment item. A ‘day’ for this purpose is defined as any day of the week
including weekends. Assignments submitted later than one (1) week after the due
date will not be accepted, unless special consideration is approved as per the formal
process.
• Students whose ability to submit or attend an assessment item is affected by
Special consideration sickness, misadventure or other circumstances beyond their control, may be
eligible for special consideration. No consideration is given when the condition or
event is unrelated to the student's performance in a component of the
assessment, or when it is considered not to be serious.
• Students applying for special consideration must submit the form within 3 days of
the due date of the assessment item or exam.
• The form can be obtained from the AIH website
(https://aih.nsw.edu.au/currentstudents/student-forms/) or on-campus at Reception.
• The request form must be submitted to Student Services. Supporting evidence
should be attached. For further information please refer to the Student Assessment
Policy and associated Procedure available on
(https://aih.nsw.edu.au/about-us/policies-procedures/).