Assessment Details and Submission Guidelines
Trimester T1 2020
Unit Code BN200
Unit Title Network Security Fundamentals
Assessment Type Assignment 1-Individual Assessment
Assessment Title Network Security and Malware
Purpose of the assessment (with ULO Mapping) Students should be able to demonstrate their achievements in the following unit learning outcome:
b. Analyse and discuss common emerging threats, attacks, mitigation and countermeasures in networked information systems
Weight Total Weight of the Assignment 1 is 15%.
• Assignment 1-Part A: 5%
• Assignment 1-Part B: 10%
Total Marks • Assignment 1-Part A: 15 Marks
• Assignment 1-Part B: 30 Marks
Word limit • Assignment 1-Part A: 500 Words
• Assignment 1-Part B: 1000 Words
Due Date • Assignment 1-Part A: Tuesday 07/04/2020 (Week 3)
• Assignment 1-Part B: Tuesday 05/05/2020 (Week 7)
Submission Guidelines • All work must be submitted on Moodle by the due date along with a completed Assignment Cover Page.
• The assignment must be in MS Word format, 1.5 spacing, 11-pt Calibri (Body) font and 2.54 cm margins on all four sides of your page with appropriate section headings.
• Reference sources must be cited in the text of the report, and listed appropriately at the end in a reference list using IEEE referencing style.
Extension • If an extension of time to submit work is required, a Special Consideration Application must be submitted directly on AMS. You must submit this application three working days prior to the due date of the assignment.
Further information is available at:
• Academic Misconduct is a serious offence. Depending on the seriousness of the case, penalties can vary from a written warning or zero marks to exclusion from the course or rescinding the degree. Students should make themselves familiar with the full policy and procedure available at: http://www.mit.edu.au/about-mit/institute-publications/policiesprocedures-and-guidelines/Plagiarism-Academic-Misconduct-PolicyProcedure. For further information, please refer to the Academic Integrity Section in your Unit Description.
Wanod Kumar y: Dr Sajjad March, 2020
Assignment 1 is divided into two parts. Part A focuses on Preventing Attacks and Part B is about potential threats and mitigation tools for Ransomware.
Assignment 1-Part A: Preventing attacks
One area that has been especially frequent target of attacks is the information technology (IT). A seemingly endless array of attacks is directed at individuals, schools, businesses, and governments through desktop computers, laptops, and smartphones. The Privacy Right Clearinghouse (PRC) is a non-profit organisation which maintains a searchable database of security breaches that impact consumer’s privacy .
In this part of the assignment, select any two of the recent attacks by referring to PRC database (https://privacyrights.org/data-breaches). Carry out an in-depth literature review about these two attacks. Your discussion must explain following points with proper in-text citations.
• Identify and discuss main reasons for these attacks being successful.
• Report the importance of key terms in the information security: asset, threat, threat actor, vulnerability, attack vector, attack surface in the context of these two attacks.
• How could these attacks have been prevented if the five fundamental security principles- layering, limiting, diversity, obscurity, and simplicity- had been applied?
Assignment 1-Part B: Potential threats and mitigation tools for ransomware
The security remains a challenge in networked information systems. One of the fastest evolving malware is ransomware and it continues to be a serious threat to the network users.
For this part of the assignment, write a report on ransomware including the following sections:
• Addressing the feedback provided in Part A of the assignment
• Introduction about ransomware
• Discussion of any four variants of ransomware (Consider some recently developed ransomware)
• The working mechanism of ransomware
• Potential threats posed by ransomware
• Case study of one recent attack carried out by the ransomware
• Recommendations on any one mitigation tool to tackle the ransomware attack
 M. Ciampa, Security+ Guide to Network Security Fundamentals, 6th ed. Cengage, 2018.
• Assignment-1 should be submitted as MS Word documents.
• Do not use Wikipedia as a source or a reference
• Must consider at least six current references (two for part A and 4 for part B) from journal/conference papers and books. Must follow IEEE referencing style.
• Make sure you properly reference any diagrams/ graphics used in the assignment.
Marking Criteria for the Assignment 1
Assignment 1 -
Parts Description of the section Marks
Assignment 1- Part A:
• Identify and discuss main reasons for these attacks being successful [4 Marks]
Report the importance of key terms in the information security: asset, threat, threat actor, vulnerability, attack vector, attack surface in the context of these two attacks [4 Marks]
How could these attacks have been prevented if the five fundamental security principles- layering, limiting, diversity, obscurity, and simplicity- had been applied? [5 Marks]
References in IEEE style [2 Marks] 15
Part B •
• Addressing the feedback provided in Part A of the assignment [3 Marks]
Introduction about ransomware [4 Marks]
Discussion of any four variants of ransomware
(Consider some recently developed ransomware)
The working mechanism of ransomware [4 Marks]
Potential threats posed by ransomware [4 Marks] Case study of one recent attack carried out by the ransomware [4 Marks]
Recommendations on any one mitigation tool to tackle the ransomware attack [4 Marks]
References in IEEE style [3 Marks] 30
Total Marks 45
Marking Rubric for Assignment
Grade Mark HD 80% + D 70%-79% CR 60%-69% P
Excellent Very Good Good Satisfactory Unsatisfactory
Part A A very detailed and very clear discussion Very clear discussion Generally good discussion Brief discussion Poor discussion with irrelevant information
Part B All sections discussed are pertinent and covered in depth.
the ability to think critically
and make good use of the source material. Sections presented are relevant and soundly analysed. Sections presented are generally relevant and analysed. Sections presented are somewhat relevance and briefly discussed. Sections presented are not relevant to the assignment topic.