Scribd Logo
Upload

Welcome to Scribd!

  • MAUNDA Assignment2.1 IT41S2

    Uploaded by

    PAULINE JOY ABIERTAS
    22 views6 pages
    The document is an assignment from a Cyber Threat Modeling course for a group of IT students. It involves developing a threat model for an online bakery and coffee store called Cake Studio. The group discusses the company description and participants involved. Each student then provides an individual synthesis of what they learned about threat modeling and applying it to secure the proposed online store system from potential cyber threats. The goal is to identify and address threats to safeguard customer and business data.

    Original Description:

    Original Title

    MAUNDA_Assignment2.1_IT41S2

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document is an assignment from a Cyber Threat Modeling course for a group of IT students. It involves developing a threat model for an online bakery and coffee store called Cake Studio. The group discusses the company description and participants involved. Each student then provides an individual synthesis of what they learned about threat modeling and applying it to secure the proposed online store system from potential cyber threats. The goal is to identify and address threats to safeguard customer and business data.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    22 views6 pages

    MAUNDA Assignment2.1 IT41S2

    Uploaded by

    PAULINE JOY ABIERTAS
    The document is an assignment from a Cyber Threat Modeling course for a group of IT students. It involves developing a threat model for an online bakery and coffee store called Cake Studio. The group discusses the company description and participants involved. Each student then provides an individual synthesis of what they learned about threat modeling and applying it to secure the proposed online store system from potential cyber threats. The goal is to identify and address threats to safeguard customer and business data.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 6

    Technological Institute of the Philippines

    College of Information Technology Education

    Assignment 2.1 Cyber Threat Modeling (Part 1)

    Score

    Group No.: 5

    Name:
    ALBERTO, AARIC BRYAN
    ATENDIDO, REJ RYAN
    CHAN, JOHN CARLO
    ESPINA, JOHN CARLOS
    GOMEZ, FRANCIS EDISON
    MATA, EDWARDINE
    MAUNDA, BENJAMIN
    SURBAN JR., DANTE
    TIRONA, JOHN MATTHEW

    IT41S2
    Engr. Junnel E Avestro
    Professor
    IT024 – Cyber Threat Modeling

    Assignment 2.1 Cyber Threat Modeling (Part 1)


    1. Intended Learning Outcome (ILO)
    At the end of this practice set, the students are expected to:
    Students can discuss some of the unique challenges in the field of cybersecurity that differentiate it from
    other design and engineering efforts.
    Students can identify the goals and summarize the overall process of threat modeling.
    Given a description of a system, students can predict and prioritize some potential threats and the human
    impacts of those threats.
    2. Discussion:
    Threat Modeling

    Vulnerability: a software defect with security consequences


    Threat: a potential danger to the software
    Attack: an attempt to damage or gain access to the system
    Exploit: a successful attack
    Trust Boundary: where the level of trust changes for data or code

    3.1 Briefly discuss the following:


    3.1.1 Company Name/System: CK Inc.
    3.1.2. Version: 1.0
    3.1.3. Document Owner: CakeStudio Tech Inc.

    3.1.4. Description of the company


    Online shopping is a rapidly expanding field of technology, Cake Studio is an online store that provides a
    range of bakery and coffee products as well as services. The development of this mobile app will be
    focused on the user interface of the bakery and coffee online store and the user experience. With this
    software, the company will be able to advertise and do business online, where it will be able to reach a
    larger number of potential customers.
    3.1.5. Participants:
    ATENDIDO, REJ RYAN – Programmer
    MATA, EDWARDINE – Programmer

    MAUNDA, BENJAMIN – Programmer / Pen Tester

    SURBAN JR., DANTE - Penetration tester

    CHAN, JOHN CARLO – Penetration tester

    GOMEZ, FRANCIS EDISON – Penetration tester

    TIRONA, JOHN MATTHEW – Maintenance checker

    ALBERTO, AARIC BRYAN – Maintenance checker

    ESPINA, JOHN CARLOS – Maintenance checker

    3.1.6. Reviewers:

    CISCO

    3.1.7. External Dependencies <sample only>

    · Server Type

    · Xampp package for database

    · Website is accessible outside campus

    · Web server is private

    Apache
    4. Group Observation
    Our goal in the cybersecurity industry, as IT students who will shortly continue on to become IT
    professionals, is to safeguard against hackers and security breaches in the customers' and businesses' we
    work for. Additionally, we provide security education to the rest of the staff. help disseminate information
    and raise awareness of several current cybersecurity incidents. In the area of cybersecurity, we have talked
    extensively about a variety of special issues.

    5. Individual Synthesis
    ALBERTO, AARIC BRYAN

    _____________________________________________________________________________________
    _____________________________________________________________________________________
    _____________________________________________________________________________________
    _____________________________________________________________________________________

    ATENDIDO, REJ RYAN

    We were starting to develop a threat model for our business during this exercise, and all the
    participants, reviewers, and external dependencies were noted down and discussed. We have explored
    many methods for doing the threat modelling process while developing this activity, and for the time being,
    we have opted to use CISCO as our reviewers.

    CHAN, JOHN CARLO


    I learned that threat modeling is a vital process. It assists you in determining and evaluating
    security threats and potential vulnerabilities for a certain application or computer system. It also helps you
    apply the measures to be taken, known as the mitigation methods or the threat modeling approaches so as
    to address those threats. I also learned that the process is not done once; it should always be repeated
    because new threats may emerge.
    ESPINA, JOHN CARLOS
    _____________________________________________________________________________________
    _____________________________________________________________________________________
    _____________________________________________________________________________________
    _____________________________________________________________________________________
    GOMEZ, FRANCIS EDISON
    In this activity, we learned that it is important to know the threat modeling to understand the attacks
    being made and how to use these techniques as a source of information to provide an accurate security in
    the program. By learning this, we think that it would be a great opportunity to apply this knowledge on
    developing our project and also give us insight on how to prevent attacks by knowing how the threats are
    made.

    MATA, EDWARDINE
    In this exercise, we provided the name of our company and a brief description that would be
    utilized in the final project for our Cyber Threat Modeling course. We suggested developing an e-commerce
    website application that would provide our customers with affordable technology. To secure the data of the
    organization, we needed to build up a system with security precautions.

    MAUNDA, BENJAMIN
    In this activity, we discussed and gave details and model about the project,each of participant has
    significant role in this project, the programmer who will be write the program, the pen tester that will test the
    program and the maintenance checker, ,Cybersecurity is the process of defending systems and networks
    against harmful intrusions. Cybersecurity is crucial since it guards against theft and destruction of many
    types of data.

    SURBAN JR., DANTE


    We noted and discussed each participant, reviewer, and external dependency as we started to
    develop a danger model for our organization during this exercise. We investigated several threat modeling
    approaches when developing this activity. We have chosen to utilize Cisco as our reviewers for the time
    being.

    TIRONA, JOHN MATTHEW


    As IT students pursuing careers as IT professionals, our objective in the cybersecurity sector is to
    protect the customers' and companies' we work for against hackers and security breaches. Additionally, we
    train the remaining employees in security. aid in the information dissemination and awareness-building for a
    number of recent cybersecurity occurrences. We have covered a wide range of unique concerns in
    cybersecurity in great detail.

    Honor pledge with signature


    Honor pledge:

    “We affirm that we have not given or received any unauthorized help on this discussion and that
    this work is our own.
    ALBERTO, AARIC BRYAN ATENDIDO, REJ RYAN CHAN, JOHN CARLO

    GOMEZ, FRANCIS EDISON MATA, EDWARDINE


    ESPINA, JOHN CARLOS

    MAUNDA, BENJAMIN SURBAN JR., DANTE TIRONA, JOHN MATTHEW

    6. Reference:

    You might also like