CCS 3033 Cyber Security

Assignment
Sept22 Semester

Dates and Mechanisms for Assessment Submission and Feedback

Mechanism for handout to students OpenLearning LMS/ MS Teams

Mechanism for submission of work
by student
Date by which work, feedback and
marks will be returned to students
Mechanism for return of
assignment work, feedback and
marks to students
Softcopy online submission via OpenLearning/MS
Teams
11th November 2022 (Week 9)
Feedback will be provided by a marking template.
This will be available to students via
OpenLearning/MS Teams. The discussions at the
walkthroughs will also provide informal feedback

COURSEWORK SUBMISSION GENERAL INFORMATION

Academic Integrity Statement

You must adhere to the university college regulations on academic conduct. Formal inquiry
proceedings will be instigated if there is any suspicion of plagiarism or any other form of
misconduct in your work. Students must NOT collude with other groups of students or
plagiarize their work.

Nature of the submission required

A softcopy of your assignment in PDF version should be submitted to lecturer, no later than
the date and time stipulated on the cover sheet. In addition, an electronic copy of your work
must be submitted to Turnitin. The first page of your report, immediately after the cover page,
must be a page from Turnitin clearly showing your name and your Originality Score (Please
refer to submission arrangement).

Diagrams may be used where they are helpful to support your arguments or description. If
they are not your own work, the source must be referenced. Please help us to handle and
mark your work efficiently.

Please take note for group submission, only one submission per group. This will contain
both the group and individual elements. The individual element must be clearly labelled to
indicate which group member completed the task.

Documentation guidelines

Student is required to submit a SOFTCOPY of the report and ensure that it use the following
formatted styles: 1) Font type: ARIAL, 2) Font size: 11 pt., 3) Line spacing: Single spacing
and 4) Page layouts: Justify. Please make sure you have proper format alignment for all
paragraphs, following standard writing style and use HARVARD CITATION STYLE for
citation. Please include a HEADER with the following information: Student ID, Student name,
Course code and Assignment type. Please also include a proper cover page for your
submission which contains information about the students, assignment, course, and
department with UOWM KDU Penang University College and University of Lincoln (UoL) logos
on top. Also include page number at the footer page and list of references, which is shown in
the last page.

1
CCS 3033 Cyber Security
Assignment
Sept22 Semester

Penalties for Late Submission

For late submission of this Assignment, a penalty of a reduction by 10% of the maximum mark
may be applicable for each Calendar Day or part thereof that the submission is late. An
Assignment submitted more than TEN Calendar Days after the deadline will have a mark of
zero recorded for this Assignment.

Submission arrangement

1. Cover page
2. Turnitin similarity report
3. Table of Content
4. Main Report
5. Reference List or Bibliography List (whichever applicable)
6. Marking Rubric (in landscape orientation)

File naming convention

Please make sure you save your filename with the following format:
• <Student Name>_coursecode_A_Sept22.pdf

Assignment instructions/Background

Description

This assignment is an individual assignment.

Task

A security practitioner must be aware and sensitive to the latest security trends. Security
countermeasures must be implemented as law enforcement is susceptible to attacks due to
the high data used in communication. Students are assigned to research current security
breaches.

Each student must pick ONE (1) topic, perform an in-depth discussion about the selected topic
and is expected to quote external sources. Students are encouraged to study and propose
better solutions to problems found in the topics.

Part 1 – Determining the Scenario and Potential Threats – 40%

A data breach involves the unauthorised disclosure of confidential, sensitive, or protected

information. In a data breach, files are viewed and shared without permission, leading to
different possible threats. The threats related to data breaching are:

• Fraud
• Ransomware
• Intrusion
• Spam
• Phishing

2
CCS 3033 Cyber Security
Assignment
Sept22 Semester

Each student must select ONE (1) of the following threats. Carry out research and use a
scenario (or a situation) that explains the following:

1. What is the relationship between the threat and data breaches (relate to the CIA)?
2. What is the current situation (globally and locally)?
3. What is the extent of vulnerability at present?
4. What will the future be if this problem is not addressed?

The report should be at least three to five pages.

Part 2 – Recognizing the Threats and Countermeasures – 40%

You have been selected as a cyber security intern in EncryptSecure Corp. Your job scope
includes providing consultation to your client. Your client is expanding their business to an
online business that allows debit and credit card transactions. As a consultant, you are
responsible for developing a threat model to identify threats, attacks, vulnerabilities, and
countermeasures that might be relevant to your client’s business.

You are expected to explain your solution using examples or case studies that you can find
based on these requirements:

• Security objectives
• Relevant threats with threat analysis
• Relevant vulnerabilities and countermeasures

Please document your finding in the form of report and it should be at least three to five pages.

Deadline
The deadline for report submission of this assignment is on 28th October 2022 (Week 7)

3
 CCS 3033 Cyber Security

MARKING RUBRIC
ASSIGNMENT 1
Report on Vulnerabilities and countermeasures (40%)

Part 1: Report Writing (50%)

MARKING SCALE
LEARNING MARKING
OUTCOME
CRITERIA
Fail 3rd Class 2nd Lower Class 2nd Upper Class 1st Class YOUR
(0-49) (50-59) (60-69) (70-79) (80-100) MARKS/
COMMENTS
1. Introduction Weak or no introduction of Basic introduction that states Adequate introduction and Proficient introduction that is Exceptional introduction
and relationship the topic. Purpose of the topic but lacks interest. One or states the topic. All topics interesting and states topic. All that grabs interest of
CLO1: Explain the security foundational concepts in security
based on confidentiality, integrity and availability (CIA) triad.

on CIA and writing is unclear or more topics were not are addressed, and most topics/questions are reader and states topic.
chosen missing. Topics were not addressed. questions answered with 1 addressed, and most questions All topics/questions are
threats(10%) addressed properly. sentence about each. answered with at least 2 addressed, and all
sentences about each. questions answered with
at least 2 sentences about
each.
2. Justification Fails to identify and Justifications are partially Justifications only follow Justifications are logical based Comprehensive
on the current provide justification. relevant. slightly from arguments and on arguments and evidence justification which extends
situation and the evidence presented. presented. conclusions to address
severity of the implications and consider
threats (15%) ambiguities.
3. Fulfilment of The report writing does The report writing does not The report writing does not The report writing does not The report writing does
task requirement not meet the criteria for meet the criteria for the meet the criteria for the meet the criteria for the not meet the criteria for
(explanation on the assignment (too assignment (too short or assignment (too short or assignment (too short or the assignment (too
short or incomplete, too incomplete, too long, and/or incomplete, too long, incomplete, too long, and/or short or incomplete, too
current
long, and/or completely completely off-topic). and/or completely off- completely off-topic). long, and/or completely
situation, extent off-topic). Reference Reference section is topic). Reference section Reference section is off-topic). Reference
of vulnerability section is missing. missing. is missing. missing. section is missing.
and future is it is
not been
addressed)
(15%)

4. Sources Some sources are not Some sources are not Some sources are not Some sources are not Some sources are not
(Diagram and accurately documented. accurately documented. accurately documented. accurately documented. accurately documented.
Table) (10%) Diagrams and tables are Diagrams and tables are not Diagrams and tables are Diagrams and tables are not Diagrams and tables are

4
 not accurate OR do not
add to the reader’s
understanding of the
topic.
Total marks
(50%)
accurate OR do not add to not accurate OR do not accurate OR do not add to not accurate OR do not
the reader’s understanding add to the reader’s the reader’s understanding add to the reader’s
of the topic. understanding of the topic. of the topic. understanding of the
topic.

CCS 3033 Cyber Security

MARKING RUBRIC
ASSIGNMENT 1
Report on Vulnerabilities and countermeasures (40%)

Task 2: Report Writing (50%)

MARKING SCALE
LEARNING MARKING
OUTCOME
CRITERIA
Fail 3rd Class 2nd Lower Class 2nd Upper Class 1st Class YOUR
(0-49) (50-59) (60-69) (70-79) (80-100) MARKS/
COMMENTS
1. Introduction on Weak or no introduction of Basic introduction that states Adequate introduction and Proficient introduction that is Exceptional introduction
identification,
authentication, authorization and access

the security the topic. Purpose of the topic but lacks interest. One states the topic. All topics are interesting and states topic. that grabs interest of
concept and policy writing is unclear or or more topics were not addressed, and most questions All topics/questions are reader and states topic.
CLO3: Analyse current security policy, risk

for missing. Topics were not addressed. answered with 1 sentence addressed, and most All topics/questions are
control method in information security

countermeasures addressed properly. about each. questions answered with at addressed, and all
management and contingency planning

(10%) least 2 sentences about questions answered with

each. at least 2 sentences about
each.
the

2. Justification on Fails to identify and Justifications are partially Justifications only follow Justifications are logical Comprehensive
the security provide justification. relevant. slightly from arguments and based on arguments and justification which extends
concept and threat evidence presented. evidence presented. conclusions to address
Evaluate

model with implications and consider

countermeasures ambiguities.
(30%)

3. Sources Some sources are not All sources (information All sources (information All sources (information All sources
(Diagram and accurately and graphics) are and graphics) are and graphics) are (information and
CLO2:

Table) (10%) documented. accurately documented, but an accurately graphics) are

Diagrams and tables documented, but many adequate amount is not documented, but a few accurately
are not accurate OR are not in the desired in desired format. are not in the desired documented in the

5
 do not add to the format. Some diagrams Diagrams and table are format. Diagrams and desired format.
reader’s and table are not neat and accurate and table are accurate and Diagrams and table
understanding of the accurate OR do not sometimes add to the add to the reader's are neat, accurate
topic. add to the reader’s reader's understanding of understanding of the and add to the
understanding of the the topic. topic. reader’s
topic understanding of the
topic.
Total marks (50%)

Overall Marks
(100%)