Assessment Task

Resit October 2021 (for students)

Module Title INTRODUCTION TO COMPUTER Module GTU420COM
SECURITY Code
Assessment Title ASSIGNMENT FINAL Assessment No 001
Module Leader Dr. QUIST-APHETSI KESTER Tutor

LO’s Module learning outcomes covered by this task(from the Module descriptor)
1 Describe the digital security landscape in the form of risks, threats, attacks, adversaries and security
needs
2 Discuss the different technologies that constitute the security mechanisms at various levels in a digitally
networked environment
3 Design and develop differing strategies used for security management and critically review their legal,
ethical and social implications
4 Present technical solutions to a non-technical audience in an industry standard format concepts
5 Explore the fundamental concept behind computer and network security particularly in relation to the
confidentiality, integrity and availability (CIA triangle)

Guidelines and background to the assessment

Hand in date 15th October, 2021 Assessment type ESSAY

Question1 (85 marks) 200-400 words per discussion.

Most businesses today face a lot of challenges when it comes to cyber attacks. Employees of
organizations using personal and official computing devices for work faces a lot of cyber security
challenges regularly. Businesses uses e-mail services, pay phones to interact with their costumers
constantly. These prospects comes with a lot of challenges and social engineering and phishing
approaches have become a critical weapon in the hands of cyber criminals against vulnerable
customers and employees. Malware are also regularly deployed by hackers to infiltrate systems or
collect critical data on targets.

Imagine you are a cyber security consultant within your organization producing services for small and
medium enterprise business as well as big corporations with peculiar problems as discussed earlier,
answer the following questions below.

i. Critically discus some effects of social engineering attacks to organisations and discuss
some current evolving trends of social engineering within the domain cyber security. 10
marks
ii. Social engineering has proven to be one of the commonest attacks in cyberspace. Discuss
why hackers normally engage Social Engineering in most of their activities. 10 marks
iii. Discuss the following types of malware and provide measures that can be taken to detect
and avoid them. 25 marks
a. Adware
b. Spyware

Assessment_task_V1.0/09_04_14
 c. Trojan horse
d. Bots
e. Ransomware
iv. Discuss the role white hat, black hat and grey hat hackers play within the cyberspace and
their impact on organizations. Provide case example of activities that they are involved in.
15 marks
v. Discuss the following Operations security measures within an organisation. 25 marks
a. Protection from malware
b. Backup
c. Logging and monitoring
d. Information systems audit considerations
e. Technical vulnerability management

Guide

I. (i) Appropriate justification of points with clear and detailed example 6 marks

(ii) Appropriate reference to support work 2 Marks

(iii) Originality of Presentation and avoidance of plagiarism 2Mark

ii. (i) Appropriate justification of points with clear and detailed example 6 marks

(ii) Appropriate reference to support work 2 Marks

(iii) Originality of Presentation and avoidance of plagiarism 2 Mark

iii. (i) Appropriate justification of points with clear and detailed example 3 marks each

(ii) Appropriate reference to support work 1 Marks each

(iii) Originality of Presentation and avoidance of plagiarism 1 Mark each

iv. (i) Appropriate justification of points with clear and detailed example 3 marks each

(ii) Appropriate reference to support work 1 Marks each

(iii) Originality of Presentation and avoidance of plagiarism 1 Mark each

v. (i) Appropriate justification of points with clear and detailed example 3 marks each

(ii) Appropriate reference to support work 1 Marks each

(iii) Originality of Presentation and avoidance of plagiarism 1 Mark each

Assessment_task_V1.0/09_04_14
Question 2 (15 marks) 200-400 words per discussion.

Assuming you have been employed to lead a cyber security consultant for a company that performs
penetration testing and advice businesses from the report on how to avoid cyber attacks, use the
knowledge you have acquired in performing the following task on two different websites.

Using vega software, perform vulnerability assessment of site 1 and site 2 listed below. It is the same
site that can be accessed via http and https.

Site 1 : http://team.critacghana.com

Site 2: https://team.critacghana.com

i. Discuss the High, Medium and Low Risks results obtained from the reports generated by
Vega. Present technical solutions to a non-technical audience in an industry standard
format concepts based on your findings. Provide five recommendations for five critical
risks identified out of the scanning. 25 marks
ii. The connection with the HTTPS is encrypted using TLS_AES_256_GCM-SHA384, 256
bit keys, TLS 1.3. Discuss four advantages of using TLS 1.3. 20 marks
iii. Discuss three importance of performing Ethical hacking. 15 marks
iv. Discuss three implications of hacking websites without authorization. 15 marks

Note: Read more from the TLS 1.3 RFC8446 https://tools.ietf.org/html/rfc8446.

Guide

i. Discuss the High, Medium and Low Risks results obtained from the reports generated by Vega. 10
marks

(i) Appropriate justification of points with clear and detailed example 6 marks
(ii) Appropriate reference to support work 2 Marks
(iii) Originality of Presentation and avoidance of plagiarism 2 Marks

Present technical solutions to a non-technical audience in an industry standard format concepts

based on your findings. 5 marks

(i) Appropriate justification of points with clear and detailed example. 3 marks
(ii) Appropriate reference to support work. 1 Marks
(iii) Originality of Presentation and avoidance of plagiarism. 1Mark

Assessment_task_V1.0/09_04_14
ii.

i) Appropriate justification of points with clear and detailed example. 3 marks

(ii) Appropriate reference to support work. 1 Marks
(iii) Originality of Presentation and avoidance of plagiarism. 1Mark

iii.

i) Appropriate justification of points with clear and detailed example. 3 marks

(ii) Appropriate reference to support work. 1 Marks
(iii) Originality of Presentation and avoidance of plagiarism. 1Mark

iv. Discuss three implications of hacking websites without authorization. 15 marks

i) Appropriate justification of points with clear and detailed example. 3 marks

(ii) Appropriate reference to support work. 1 Marks
(iii) Originality of Presentation and avoidance of plagiarism. 1Mark

Criteria for Assessment

Reflection, critical Knowledge and Evidence of Referencing & Presentation, grammar and
analysis and understanding reading bibliography spelling
discussion (30% (10% (5% (5% weighting)
(50% weighting) weighting) weighting) weighting)

How to pass this Module

In order to pass this assessment task, you need to achieve a minimum grade of 40%:
 ensure that you have fully met all the learning outcomes and tasks as detailed in this “Assessment
Task” brief
 submit all the work required by the given deadline
 submit a copy of your work through Turnitin.
Before you submit your work, we strongly recommended that you check to ensure you have answered all of
the questions and that you have met all of the learning outcomes.
How to submit your assessment
Please submit you assessment via the GTUC e-learning platform and to the academic support office.
For penalties on plagiarism please refer to GTUC Regulations.
Important University assessment rules for you to note
You need to submit your assessment task on the submission date noted above. If you do not submit your
assessment task by the submission date and have not requested and received an approved extension or
deferral, you will fail the Module. Any extension or deferral request must have been approved prior to the
deadline for submission.

Assessment_task_V1.0/09_04_14