Evaluate the information you have been provided, both about the CricTech technical environment and

Assessment 1: Case Study – Part 1

Value: 10%

Length: 1100-1600 words

Assessment 1 is the first of three assessments that focus on a single case study of a specific security incident. In this case study you will act as an IT Security Consultant for your customer – CricTech Pty Ltd. Using the information provided in the referent document “ITI581 Case Study Information.pdf”

provide answers to the tasks listed below for Assessment 1. Use the document entitled “Assessment 1 Template.docx” to submit your answers in the required format.

Assessment 1 Task

Given the information provided in the case study information PDF formulate an answer to the following task.

Assessment Task

1. Evaluate the information you have been provided, both about the CricTech technical environment and the Ransomware attack. Identify and describe the security related risks that exist that contributed to the attack being successful and discuss how you would assess and rank these risks. (20 marks)

Tip: Carefully consider all the issues that are outlined in the case study information. Some of them are obvious and others you will need to examine the information carefully to see clearly. In your critical evaluation think about procedure, process, administrative controls, incident/disaster responses/plans and security awareness.

Marking Criteria (Rubric)

Criteria HD DI CR PS FL Evaluate the information you have been provided, both about the CricTech technical environment and the Ransomware attack. Identify and describe the security related risks that exist that contributed to the attack being successful and discuss how you would assess and rank these risks.Students have provided a comprehensive and outstanding description and discussion on how they would identify, assess and rank identified security risks; Students have demonstrated an outstanding understanding with respect to risk assessment within the context of this assessment.Students have provided a thorough and very good description and discussion on how they would identify, assess and rank identified security risks; Students have demonstrated a very good understanding with respect to risk assessment within the context of this assessment.Students have provided a good description and discussion on how they would identify, assess and rank identified security risks; Students have demonstrated a good understanding with respect to risk assessment within the context of this assessment.Students have provided an adequate description and discussion on how they would identify, assess and rank identified security risks; Students have demonstrated an adequate understanding with respect to risk assessment within the context of this assessment.Students have provided an inadequate description and discussion on how they would identify, assess and rank identified security risks; Students have demonstrated an inadequate understanding with respect to risk assessment within the context of this assessment.