CybersecurityRiskAssessmentPortfolio TECH5100
- Subject Code :
TECH5100
Assessment 3 Information
|
Subject Code: |
TECH5100 |
|
Subject Name: |
Penetration Testing |
|
Assessment Title: |
Cybersecurity Risk Assessment Portfolio |
|
Assessment Type: |
Individual Project Portfolio Strategy |
|
Word Count: |
2000 Words (+/-10%) |
|
Weighting: |
40 % |
|
Total Marks: |
40 |
|
Submission: |
MyKBS |
|
Due Date: |
Week 13 |
Your Task
This assessment is to be completed individually. In this assessment, you will demonstrate your comprehensive understanding as well as showcase your cybersecurity risk assessment skills.
Assessment Description
The objective of this assessment is to demonstrate your ability to conduct a comprehensive cybersecurity risk assessment based on concepts taught throughout the entire subject (Week 1 to Week 12).
In this assessment:
- Youwill perform a risk assessment based on concepts taught throughout the entire subject and submit a Project Portfolio.
- Tocomplete the Project Portfolio:
o You are to use a fictitious organisation network environment and perform a comprehensive cybersecurity risk assessment.
o The risk assessment should include risk identification, risk analysis, and risk mitigation strategies.
o Finally, you have to compile your findings into a comprehensive project portfolio report and submit it.
Assessment Practical Business Purpose
- Thisproject portfolio is designed to equip you with skills to perform in-depth cybersecurity risk assessments including penetration testing which is critical for organisations aiming to protect their digital assets.
- Thisassessment also prepares you for different roles in cybersecurity, that require you to perform in-depth cybersecurity risk assessments and penetration testing.
Assessment Targeted Audience
- This assessment is essential for risk managers, penetration testers, IT security professionals,and organisations looking to enhance their cybersecurity risk management
- Goingthrough this assessment will equip you with the necessary cybersecurity risk assessment and management experience needed for different roles in different
This assessment aims to achieve the following subject learning outcomes:
|
LO1 |
Evaluate appropriate countermeasures to mitigate the risk of unauthorised access, hacks and exploits to systems, networks, and applications. |
|
LO2 |
Investigate cyber-attack techniques on computer systems, networks, and web applications. |
|
LO3 |
Evaluate existing defensive security measures. |
|
LO4 |
Create simulated cyber-attacks to identify vulnerabilities. |
Assessment Instructions
Assessment instructions for this assessment:
- Youare supposed to work individually on this
- Youmust select an organisation or fictional organisation to conduct the risk
- Therisk assessment is based on concepts learnt in class during the
- Finally,you are to compile a project portfolio report focusing on risk identification, analysis, and mitigation strategies.
- Integratediagrams, charts, or visuals, if necessary, to supplement your text in the
Additional tips
- Youmust use clear and concise language to communicate your ideas
- Youshould follow a professional report format with a cover page, table of contents, headings for sections, page numbers, and reference section following any professional and consistent
- Youmay use the following suggested structure as a guide:
o Cover Page and Table of contents
o Executive Summary
o Introduction
o Risk Assessment Methodology
o Findings and Recommendations
o Conclusion
o References
- Youmust submit your report in Word or PDF format via
- Referto the assessment marking guide to assist you in completing all the assessment
Important Study Information
Academic Integrity and Conduct Policy
https://www.kbs.edu.au/admissions/forms-and-policies
KBS values academic integrity. All students must understand the meaning and consequences of cheating, plagiarism and other academic offences under the Academic Integrity and Conduct Policy.
Please read the policy to learn the answers to these questions:
- Whatis academic integrity and misconduct?
- Whatare the penalties for academic misconduct?
- Howcan I appeal my grade?
Late submission of assignments (within the Assessment Policy)
https://www.kbs.edu.au/admissions/forms-and-policies
Length Limits for Assessments
Penalties may be applied for assessment submissions that exceed prescribed limits.
Study Assistance
Students may seek study assistance from their local Academic Learning Advisor or refer to the resources on the MyKBS Academic Success Centre page. Further details can be accessed at https://elearning.kbs.edu.au/course/view.php?id=1481
Generative AI Traffic Lights
Please see the level of Generative AI that this assessment is Level 2 has been designed to accept:
|
Traffic Light |
Amount of Generative Artificial Intelligence (GenerativeAI) usage |
Evidence Required |
This assessment ( ? ) |
|
Level 1 |
Prohibited: No GenerativeAI allowed This assessment showcases your individual knowledge, skills and/or personal experiences in the absence of Generative AI support. |
The use of generative AI is prohibited for this assessment and may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. |
|
|
Level 2 |
Optional: You may use GenerativeAI for research and content generation that is appropriately referenced. See assessment instructions for details This assessment allows you to engage with Generative AI as a means of expanding your understanding, creativity, and idea generation in the research phase of your assessment and to produce content that enhances your assessment. I.e., images. You do not have to use it. |
The use of GenAI is optional for this assessment. Your collaboration with GenerativeAI must be clearly referenced just as you would reference any other resource type used. Click on the link below to learn how to reference GenerativeAI. https://library.kaplan.edu.au/referencing- other-sources/referencing-other-sources- generative-ai In addition, you must include an appendix that documents your GenerativeAI collaboration including all prompts and responses used for the assessment. Unapproved use of generative AI as per assessment details during the content generation parts of your assessment may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. Ensure you follow the specific assessment instructions in the section above. |
? |
|
Level 3 |
Compulsory: You must use GenerativeAI to complete your assessment See assessment instruction for details This assessment fully integrates Generative AI, allowing you to harness the technology's full potential in collaboration with your own expertise. Always check your assessment instructions carefully as there may still be limitations on what constitutes acceptable use, and these may be specific to each assessment. |
You will be taught how to use generative AI and assessed on its use. Your collaboration with GenerativeAI must be clearly referenced just as you would reference any other resource type used. Click on the link below to learn how to reference GenerativeAI. https://library.kaplan.edu.au/referencing- other-sources/referencing-other-sources- generative-ai In addition, you must include an appendix that documents your GenerativeAI collaboration including all prompts and responses used for the assessment. Unapproved use of generative AI as per assessment details during the content generation parts of your assessment may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. Ensure you follow the specific assessment instructions in the section above. |
Assessment Marking Guide
|
Marking Criteria | 40 marks |
F (Fail) 0 49% |
P (Pass) 50 64% |
C (Credit) 65 74% |
D (Distinction) 75 84% |
HD (High Distinction) 85 100% |
|
Executive Summary | 2.5 marks |
Lacks clear executive summary and Introduction to the risk assessment project to be undertaken. No conciseness in the summary. No Inclusion of high-level findings and recommendations. No Clear presentation of risk mitigation strategies. |
Demonstrates a basic executive summary and Introduction to the risk assessment project to be undertaken but misses or misinterprets some key concepts. Basic conciseness in the summary. Basic findings and recommendations. Basic presentation of risk mitigation strategies. |
Demonstrates a good executive summary and Introduction to the risk assessment project to be undertaken with minor inaccuracies. Good conciseness in the summary. Good Inclusion of high-level findings and recommendations. Good and clear presentation of risk mitigation strategies. |
Demonstrates a deep understanding and thorough coverage of the executive summary and Introduction to the risk assessment project to be undertaken. Deep conciseness in the summary. Deep Inclusion of high-level findings and recommendations. Deep presentation of risk mitigation strategies. |
Demonstrates an expert-level executive summary and Introduction to the risk assessment project to be undertaken and offers unique insights into the topic. Expert- level conciseness in the summary. Expert-level Inclusion of high-level findings and recommendations. Expert-level presentation of risk mitigation strategies. |
|
Introduction | 5 marks |
Lacks No Clear articulation of the project background and objectives, explicit delineation of the scope and boundaries and no engaging introduction. |
Demonstrates Basic articulation of the project background and objectives, with a basic delineation of the scope and boundaries and a basic engaging introduction. |
Demonstrates Good articulation of the project background and objectives, with a good delineation of the scope and boundaries and a good engaging introduction. |
Demonstrates Deep articulation of the project background and objectives, with a deep delineation of the scope and boundaries and a deep engaging introduction. |
Demonstrates expert- level articulation of the project background and objectives, with an excellent delineation of the scope and boundaries and an expert-level engaging introduction. |
|
Risk Assessment Methodology | 10 marks |
Lacks a comprehensive description and evidence of the Risk Assessment Methodology used with no clarity or the use of |
It has a basic description and evidence of the Risk Assessment Methodology used but lacks flow or clarity and |
Well-organised with a clear description and evidence of the Risk Assessment Methodology used with a good flow or clarity |
Strong description of evidence and the Risk Assessment Methodology used with great flow and clarity and the use of tools |
Exceptionally description of evidence and the Risk Assessment Methodology used, well-organised and |
|
tools and techniques, Diagrams, Charts, or Visuals. |
the use of tools and techniques, clear Diagrams, Charts, or Visuals. |
and the use of tools and techniques, Diagrams, Charts, or Visuals. |
and techniques, Diagrams, Charts, or Visuals. |
seamlessly with excellent flow or clarity and the use of tools and techniques, Diagrams, Charts, or Visuals. |
|
|
Risk identification, analysis, and mitigation strategies | 10 marks |
Does not provide or inaccurately provides risk identification, analysis, and mitigation strategies information. |
Provides minimal or generic risk identification, analysis, and mitigation strategies information. |
Offers relevant and clear risk identification, analysis, and mitigation strategies information. |
Provides detailed and highly relevant risk identification, analysis, and mitigation strategies information. |
Exceptionally detailed and excellent relevant risk identification, analysis, and mitigation strategies information. |
|
Findings and Recommendations | 5 marks |
Lacks evidence of findings and well- researched recommendations. No clear action plans for short-term and long- term improvements. |
Contains basic evidence of findings and well-researched recommendations. Basic action plans for short-term and long- term improvements. |
Contains good evidence of findings and well-researched recommendations. Good action plans for short-term and long- term improvements. |
Contains detailed evidence of findings and well-researched recommendations. Detailed action plans for short-term and long- term improvements. |
Seamlessly integrates top-quality, original, or uniquely insightful evidence of findings and well-researched recommendations. Top- quality and original action plans for short- term and long-term improvements. |
|
Conclusion, or key takeaways | 2.5 marks |
Lacks conclusion, or key takeaways related to risk assessment. No succinct summary of the assessment results. |
Has a basic conclusion, or key takeaways related to risk assessment with some errors. Basic succinct summary of the assessment results. |
Contains well- structured conclusions, or key takeaways related to risk assessment. Well- structured succinct summary of the assessment results. |
Almost perfect conclusion, or key takeaways related to risk assessment. A succinct summary of the assessment results. |
Impeccable conclusion, or key takeaways related to risk assessment. Excellent Succinct summary of the assessment results. |
|
Format Structure & Organisation (cover page, table of |
Lacks clear structure, professional organisation, and easy- to-follow headings for |
It has a basic structure and professional organisation but lacks in flow, headings for |
Well-organised with a clear structure and professional organisation, easy-to- |
Strong structure and professional organisation with great flow, headings for |
It has an exceptionally professional-organised structure, seamlessly leading the Learner |
|
contents, headings for sections, subsections , and page numbers) | 2.5 marks |
different sections. |
different sections as well as grammar, and spelling. |
follow headings for different sections, grammar, and spelling. |
different sections, and good grammar, and spelling. |
through the content with great headings for different sections, good grammar, and spelling. |
|
Citation & Referencing | 2.5 marks |
Lacks citations or has many errors in referencing. |
Has basic citations with some errors. |
Mostly accurate citations with a consistent style. |
Almost perfect citations and references with a consistent style. |
Impeccable citation and referencing, strictly adhering to a consistent style. |
|
Feedback and grades will be released via MyKBS |
|||||
