Tuesday 4 May 2021 Available from 09:30 BST Expected Duration: 2 hours Time Allowed: 4 hours
Timed exam within 24 hours
DEGREES OF MSc
Enterprise Cyber Security (M) COMPSCI 5077
Copyright By PowCoder代写 加微信 powcoder
(Answer ALL 3 questions)
This examination paper is an open book, online assessment and is worth a total of 60 marks
Throughout this paper word count guidance is provided for each question. The guidance is only indicative, and candidates can write more or less than the stated word count guidance.
1. is a department store founded in 1876 that has a number of physical stores throughout the United Kingdom. The department store has decided to transition sales away from its physical stores to its online store. The organisation has made significant investments in infrastructure over several decades but has decided to make the transition to cloud computing infrastructure.
The transition to cloud computing for the organisation is motivated by many factors, including changes in staff. The organisation has lost many of its in-house software engineers and technical staff over the years. The organisation still has a small team of technical and expert staff that can manage endpoints, access management and data governance. However, the organisation does not have sufficient expert staff in managing and configuring applications, network controls, operating systems or general infrastructure. The management team has also accepted it may have to transition away from existing software solutions to more modern software offerings from external providers as part of the transition.
a. The management team for the organisation are aware there are different service models for cloud computing but are unsure which service model is optimal for the organisation.
Argue for the optimal service model for the organisation in the given context. (approximately 200 words)
b. The management team appreciate that many of the benefits of utilising cloud computing from an external provider are realised from the same infrastructure being used by multiple tenants. However, the management team have concerns about how any external providers will ensure strict access controls to data, how any external provider prevents data leakage while data is in transit and at rest as well as external providers storing data alongside data from other tenants.
Argue for THREE solutions that would address the problems. (approximately 200 words)
c. The company has an ageing mainframe system that is resistant to change. The compliance team states the organisation needs to encrypt data to a specific standard. The technical team have advised that the specific standard is too demanding for the existing mainframe system. The team advise that evolving the system would require considerable investment and take 36 to 48 months. The compliance team states the specific standard must be applied within 18 months.
Argue for an optimal solution to encrypt data in the given context. (approximately 200 words)
Summer Diet
1 Continued Overleaf/
2. Inmos International is a technology conglomerate that provides teleconferencing services to enterprises throughout the world. The company has been the victim of an attack that has resulted in unplanned downtime and in 654 virtual machines that the company relies upon having been destroyed. The loss of the virtual machines has resulted in over 16,000 clients being unable to access their accounts and data.
The manage me nt team suspect the attack has originated interna lly from an employee or employees. The management team have requested Holberton, Antonelli and Meltzer to investigate to determine the anatomy of the suspected cyber-attack as well as to suggest appropriate defences.
Holberton, Antonelli and Meltzer have audited systems and reviewed logs to determine pertinent security incidents over the past 48 weeks. The following incidents have been deemed relevant:
– Bespoke source code has been recovered that was central to the destruction of the virtual machines. The bespoke source code demonstrates intimate knowledge of the infrastr uct ure and systems as well as advanc e organisational information.
– 789 files on virtual machines with unusually high access rates and unusual access times from some employees where there is no clear justification.
– 37 files with misleading filenames that are disguised as media files when they are actually sensitive PDF documents found in employees workspace accounts.
– 1098 emails between various employees have been identified that discuss circumventing technical controls on corporate systems to install third-party commercia l software, such as media players, photo viewers and vid e o games.
– Technical controls that log application usage and monitor employee use of systems have been disabled on 678 employee systems across the organisat io n.
– Unauthorised third-party software has been identified on 546 employee systems across the organisation that affords individuals to use their smartphone as an external hard disk to transfer files.
Holberton, Antonelli and Meltzer have agreed these incidents alone are not sufficient to determine the anatomy of the attack and determine appropriate defences. The trio need use an approach to determine the anatomy of the cyber-attack and plan defences.
a. Holberton, Antonelli and Meltzer propose using an approach to better understand the cyber-attack, but cannot agree on an optimal approach. Holberton argues STRIDE would be the optimal approach, Antonelli suggests
Summer Diet 2 Continued Overleaf/
CAPEC would be the best approach to model and determine the attack, while Meltzer believes the Cyber Kill Chain approach would be optimal.
Appraise each of the proposed approaches from Holberton, Antonelli and Meltzer in the given context. Argue for the optimal approach in the given context.
(approximately 400 words)
b. Holberton, Antonelli and Meltzer need to determine the anatomy of the cyber- attack. The trio are confident that the cyber-attack has stemmed from an insider, a trusted individual within the company.
Formulate the anatomy of attack in the given context using the optimal approach identified in (a). Argue for any adaptions or adjustments to the approach.
(approximately 450 words)
c. The management team want to ensure that the company is not susceptible to such an attack in the future.
Argue for THREE distinct defensive steps that could be taken to optimally defend against the attack formulated or identified in (b), at what stage they should be taken and why at that stage.
(approximately 450 words)
3. Granville & Clay Services provide specialised back-up services for medical records to health organisations throughout Europe. The medical records primarily comprise of standard forms and letters generated for patients where only specific variables changes, such as name, date of birth and patient notes for each patient.
The management team want to improve utilisation of infrastructure so as to maximise profit and minimise waste. The management team want to store more data on existing infrastructure and they want to ensure a seamless transition for clients with no requirement to download special software.
Devise and justify an appropriate solution that reduces redundant data in the given context.
(approximately 300 words)
The management team are concerned about the security of any proposed solution and want all medical records encrypted. The management team are also
Summer Diet 3 Continued Overleaf/
Summer Diet
4 Continued Overleaf/
concerned about the threat of malicious employees and how they may compromise the approach.
Refine the solution proposed in (a) to incorporate encryption in the given context. Argue for any design decisions taken and discuss the difference between probabilistic and deterministic encryption schemes as well as significance in the given context.
(approximately 450 words)
The management team are concerned that any proposed solution that utilises encryption may impact on its ability to comply with the individual rights of some patients, specifically the right to be forgotten. The management team are particularly concerned about the right of an individual to have their data deleted.
Argue whether or not the proposed solution in (b) would conflict with the right to be forgotten. Outline any further refinements to the solution in (b), if necessary.
(approximately 300 words)
Summer Diet 5 /END
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com