A3: Case Study: Incident Investigation and Mitigation
A3: Case Study: Incident Investigation and Mitigation
Value:50%
Due Date:20-May-2024
Return Date:12-Jun-2024
Length:2500-3500 words
Group Assessment:No
Submission method options:EASTS (online)
7-Day Automatic Extension availability:Yes
TASK
Osprey Cyber Corporation (OCC) is a cyber security company that provide both offensive and defensive capabilities to customers including but not limited to private organisations, educational institutions, and government.
Recently OCC has been engaged by RavenCorp; an organisation who develop drones and has seen some suspicious outbound traffic on their firewall.
RavenCorp is headquartered in Sydney, Australia and also has a presence in Munich, Germany. Their environment comprises of both on-premise and cloud infrastructure.
Upon conducting the incident response engagement, the following high-level findings were identified:
On January 16, 2022, a phishing e-mail arrived where a user was tricked into disclosing their credentials to a website at Microsoft-account-validation.fakedomain.comThe next day, the users credentials were used to access a remote desktop serverThe threat actor was able to run some software that allowed them to elevate their privileges to administrator and created several additional accounts in their corporate Active Directory with administrator rightsOver the next 6 months, the threat actor exfiltrated several terabytes of data. This included:
Customer information including names, addresses, e-mail addresses, phone numbers, and credit card numbersPersonal information about employees of the organisation
Technical drawings for a prototype drone that has potential military applicationsThe threat actor remained in the environment for around 330 daysUsing the information above answer the questions below. Ensure you justify your response and include any supporting information:
What type of an attack has likely occurred?
What type of threat actor has likely conducted the attack?
Are there any legal or regulatory considerations that need to be considered?
What policies, controls, or procedures could be implemented to prevent such an attack from occurring?
RATIONALE
This assessment task will assess the following learning outcome/s:
be able to analyse the main types of cyber attacks and the various tactics and strategies used during attacks.
be able to propose security policy, procedural and technical controls to mitigate the threats of different types of cyber attacks and the risks they present.
MARKING CRITERIA AND STANDARDS
Criteria HD DI CR PS FL Marks
Analysis of the case. An in-depth critical assessment of the case has been conducted. The type of attack and a likely threat actor has been identified and is well-supported using contemporary literature. A mostly thorough assessment of the case has been conducted. The type of attack and a likely threat actor has been identified and contemporary literature has been identified and used. A somewhat thorough assessment of the case has been conducted. The type of attack and a likely threat actor has been identified and literature has been identified and used, but it may not support the findings. An assessment of the case has been conducted. The type of attack and a likely threat actor has been identified, but the literature does not support the findings or is not sufficient. An adequate assessment has not been provided. No attack type or likely threat actor has been identified. 30
Identification of legal or regulatory considerations Relevant legislation and regulation has been identified. Key elements that tie the relevance to the case have been identified and justify why it is applicable. Some relevant legislation and regulation has been identified. Justification for inclusion is clear and well-supported. Some relevant legislation and regulation has been identified. Justification for inclusion may not be adequate or has gaps. Legislation and regulation has been identified and justification has been included, but it may not be appropriate. No legislation or regulation has been identified or it is irrelevant. 20
Recommendations In-depth recommendations have been identified and are linked to the analysis of the case and how they could help mitigate further similar events. Recommendations align with industry best practices and where applicable support relevant legislation and regulation. Recommendations have been identified and have been adequately linked to the analysis of the case. It is clear how the recommendations could help mitigate further similar events but there may be gaps related to alignment with best practices or how they support relevant legislation and regulation. Recommendations have been identified but may not address all the identified areas or may have issues around effectiveness. Some identification of best practices and relevant legislation and regulation is included but there may be issues around accuracy or completeness. Recommendations have been identified but they may not address all the identified areas or may have issues around effectiveness. There is limited alignment with best practices and/or relevant legislation and regulation. No recommendations have been identified or they are not appropriate. 30
Presentation & Referencing Grammar and spelling contains no errors.Sentence and paragraph structure are accurate and cohesive, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are closely followed.Overall presentation is professional and fastidiously edited, and commensurate with a master's level submission.Referencing and citation are properly and judiciously implemented, and a large amount of high-quality literature has been researched. Grammar and spelling contain no errors.Sentence and paragraph structure are accurate and cohesive, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are followed.Overall presentation is professional and commensurate with a master's level submission.Referencing and citation are properly implemented, and sufficient high-quality literature has been researched. Grammar and spelling contain few errors.Sentence and paragraph structure are good, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are followed.Overall presentation is professional and commensurate with a master's level submission.Referencing and citation are properly implemented, and sufficient literature has been researched. Grammar and spelling contain obvious errors.Sentence and paragraph structure are mostly good.CSU/IT Masters formatting standards are mostly followed.Overall presentation is neat and clear.Referencing and citation are mostly implemented well, and some relevantliterature has been researched. Grammar and spelling contain errors and are generally poor.Sentence and paragraph structure is mostly poor.Overall presentation is unclear, illegible or unprofessional.Referencing and citation are poorly implemented, or sufficient literature has not been researched. 20
PRESENTATION
Use a report format, with correct grammatical protocols and accurate spelling, punctuation and word count.
Feel free to use headings and bullet-lists where you think this is appropriate.
APA referencing should be used unless students have made prior arrangements with the subject mentor.
REQUIREMENTS
Word count for this assignment is taken seriously.The word count reflects the level of detail you are required to put into your assignment. Students who exceed the word count by more than 10% will be penalised, and students who exceed wordcounts by an excessive amount may not have their assignment marked beyond a certain point to ensure fairness to other students who have completed the assignment within the guidelines given.
Administrative sections of your assignment such as the cover page, table of contents, and reference list are not included in the word count. In-text citations are included as part of your word count.
Students must provide a Word-Processed Document and include a word count on their cover page. Please make sure to add in your full name, student id number and page number in the footer of the document.
For this assessment you are required to use APA referencing to acknowledge the sources that you have used in preparing your assessment. Please refer to the CSU referencing guidehttps://www.csu.edu.au/current-students/learning-resources/build-your-skills/academic-skills-help/referencing. In addition a very useful tool for you to use that demonstrates how to correctly use in text referencing and the correct way to cite the reference in your reference list can be found athttps://apps.csu.edu.au/reftool/apa-7This assignment must be submitted via EASTSStudents are not required to submit a Turnitin report with their assignment. However, Turnitin is a useful tool for identifying potentially incorrect referencing and highlighting areas for improvement in academic writing. We encourage students to generate a Turnitin report for their own reference prior to submission. More information on using Turnitin at CSU can be found athttps://www.csu.edu.au/current-students/learning-resources/information-planning/assignments/plagiarism-checking
A2: Defining Cyber Warfare and Terrorism Essay
Value:25%
Due Date:22-Apr-2024
Return Date:15-May-2024
Length:2000 words
Group Assessment:No
Submission method options:EASTS (online)
7-Day Automatic Extension availability:Yes
TASK
This assessment is designed to assess your understanding of cyber warfare and cyber-terrorism. There may be varying definitions and opinions on what cyber warfare and cyber terrorism are, for example between the public, governments, and academics.
For this assessment, write an essay that defines what Cyber Warfare and Cyber Terrorism are.
The essay should:
Compare and contrast by discussing the differences and similarities.
Discuss how definitions may vary across different groups (e.g. the public vs government vs academics)
Include examples of both cyber warfare and cyber terrorism events
RATIONALE
This assessment task will assess the following learning outcome/s:
be able to discuss and analyse trends in cyber warfare and terrorism and the increasing impact of such events on the security landscape.
be able to compare and contrast the different types of cyber security threats, including cyber terrorism, cyber crime, and cyber warfare.
be able to distinguish between private, corporate, and national cyber attack events and their motivations.
be able to analyse the main types of cyber attacks and the various tactics and strategies used during attacks.
MARKING CRITERIA AND STANDARDS
Criteria HD DI CR PS FL Marks
Introduction The topic is artfully and insightfully introduced, and well-informed within the contemporary literature on cyberwar and terrorism.A summary of what will be discussed in the body of the essay is well-written and clear.The length of the summary is appropriate, being approximately 10-15% of the overall word count. The topic is very well introduced within the context of contemporary literature on cyberwar or terrorism.A summary of what will be discussed in the body is well-written and clear.The length of the summary is appropriate, being approximately 10-15% of the overall word count. The topic is well introduced, and relevant context is given.A summary that accurately identifies what will be discussed in the body is included.The length of the summary is appropriate being approximately 10-15% of the overall word count. The topic is introduced, but the introduction may lack depth or accuracy.It is slightly unclear what the essay is going to cover.The message is stated but the author's core thesis may not be clear.The summary may be too long or too short, weakening the impact of the content. The topic is not effectively introduced or contains frequent inaccuracies.The definitions are spurious, and not from the literature.The intent of the report is not clearly stated.The summary is significantly too long or too short. 15
Body
Compare and contrast by discussing the differences and similarities.
Discuss how definitions may vary across different groups (e.g. the public vs government vs academics)
Include examples of both cyber warfare and cyber terrorism events. The topic is discussed at depth and provides a clear definition of cyber warfare and cyber terrorism including appropriate use of examples.Arguments and statements are expertly supported using excellent use of the available, contemporary literature, citations, and direct quotes.The body flows well and is easy to read. There is a clear definition of cyber warfare and terrorism which is supported through appropriate use of existing literature.Arguments and statements are well supported through citations and direct quotes.The body flows well and is easy to read. Arguments are presented and supported with citations.Lack of direct quotes from the literature.Flow is logical and can be understood. Arguments are presented but could be strengthened.Citations from literature support the arguments but could be strengthened.The flow from paragraph to paragraph is choppy. Citations are lacking or irrelevant.Writing demonstrates a lack of understanding of the topic. 50
Conclusion The essay is summarised expertly.Evaluation of the outcome of the exploration of the topic, its ongoing significance is included.Insight towards additional study or research that may be needed to enhance understanding of the topic is included. The essay is clearly summarised.Key findings from the discussion are well explained.The ongoing significance of the topic is explained, and valid suggestions are made concerning further work required. The main thesis is summarised, and most key findings from the discussion are well explained.Most supporting arguments are included in the summary, and the topic evaluated based on the arguments presented.The ongoing significance of the topic is explained, and suggestions may be made concerning further work required. The main thesis is summarised, but key findings may not be comprehensively explained.Supporting arguments are included in the summary, but the evaluation of the topic based on these arguments could have more depth or accuracy.The ongoing significance of the topic is mentioned, but suggestions regarding further work may be missing or inaccurate.New material may have been introduced in this section. The summary of the main thesis is poor, and findings are not accurately or comprehensively explained.Supporting arguments may be poorly summarised, or their relevance may not be explained.Poor or missing discussion regarding the ongoing significance of the topic.New material may have been introduced in this section. 15
Presentation & Referencing Grammar and spelling contains no errors.Sentence and paragraph structure are accurate and cohesive, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are closely followed.Overall presentation is professional and fastidiously edited, and commensurate with a master's level submission.Referencing and citation are properly and judiciously implemented, and a large amount of high-quality literature has been researched. Grammar and spelling contain no errorsSentence and paragraph structure are accurate and cohesive, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are followed.Overall presentation is professional and commensurate with a master's level submission.Referencing and citation are properly implemented, and sufficient high-quality literature has been researched. Grammar and spelling contain few errors.Sentence and paragraph structure are good, and the ideas flow throughout the essay.CSU/IT Masters formatting standards are followed.Overall presentation is professional and commensurate with a master's level submission.Referencing and citation are properly implemented, and sufficient literature has been researched. Grammar and spelling contain obvious errors.Sentence and paragraph structure are mostly good.CSU/IT Masters formatting standards are mostly followed.Overall presentation is neat and clear.Referencing and citation are mostly implemented well, and some relevant literature has been researched. Grammar and spelling contain errors and are generally poor.Sentence and paragraph structure are mostly poor.Overall presentation is unclear, illegible or unprofessional.Referencing and citation are poorly implemented, or sufficient literature has not been researched. 20
PRESENTATION
Use a report format, with correct grammatical protocols and accurate spelling, punctuation and word count.
Feel free to use headings and bullet-lists where you think this is appropriate.
APA referencing should be used unless students have made prior arrangements with the subject mentor.
REQUIREMENTS
Word count for this assignment is taken seriously.The word count reflects the level of detail you are required to put into your assignment. Students who exceed the word count by more than 10% will be penalised, and students who exceed wordcounts by an excessive amount may not have their assignment marked beyond a certain point to ensure fairness to other students who have completed the assignment within the guidelines given.
Administrative sections of your assignment such as the cover page, table of contents, and reference list are not included in the word count. In-text citations are included as part of your word count.
Students must provide a Word-Processed Document and include a word count on their cover page. Please make sure to add in your full name, student id number and page number in the footer of the document.
For this assessment you are required to use APA referencing to acknowledge the sources that you have used in preparing your assessment. Please refer to the CSU referencing guidehttps://www.csu.edu.au/current-students/learning-resources/build-your-skills/academic-skills-help/referencing. In addition a very useful tool for you to use that demonstrates how to correctly use in text referencing and the correct way to cite the reference in your reference list can be found athttps://apps.csu.edu.au/reftool/apa-7This assignment must be submitted via EASTSStudents are not required to submit a Turnitin report with their assignment. However, Turnitin is a useful tool for identifying potentially incorrect referencing and highlighting areas for improvement in academic writing. We encourage students to generate a Turnitin report for their own reference prior to submission. More information on using Turnitin at CSU can be found athttps://www.csu.edu.au/current-students/learning-resources/information-planning/assignments/plagiarism-checking