Topic
ISYS1002 Cybersecurity: Assignment 2
Subject
Data Analysis and IT
Date
3rd Jul 2025
Pages
2
ISYS1002 Cybersecurity: Assignment 2
Task: Report
Unit Objectives: LO3, LO4
Due Date: Sunday of Week 6, 11:59 pm
Weight: 60%
Must be completed as individuals.
Task Description:
You are a cybersecurity consultant working for Southern Cross University's cybersecurity program to address the contemporary and emerging risks from the cyber threats the university is facing. As part of the work, you are required to complete the following tasks:
Task 1 (30 marks): The university is currently using a password-based authentication system to control user access to the university’s information system. However, the Bring Your Own Device (BYOD) policy recently implemented by the university has raised some security concerns. As a security consultant, assess the risk from the BYOD policy to the university's most critical/top five information assets you identified in Ass. (Approx. 1000-1200 words)
▢ Identify five (5) threats the BYOD policy may bring to the critical assets identified in Ass1.
▢ Assess the risk to the university's information system using a quantitative risk assessment approach and document the risk assessment process.
▢ Do the cost benefit analysis for two (2) years to recommend at least one (1) security measure against each asset to mitigate the risk identified.
Task 2 (15 marks): You have identified "Phishing" as among the top cybersecurity threats faced by the university. Use available online resources to develop a guideline for university students and staff to combat the threat. (Approx. 600-800 words)
▢ Define phishing attacks and discuss their distinctive characteristics with at least three (3) real-world examples.
▢ Design instructions for the SCU students on how to prevent and/or safely handle phishing attacks.
▢ Design instructions for the IT administrator on how to minimise the phishing threat to SCU.
Task 3 (20 marks): Document the legal and ethical requirements that SCU will need to comply with. (Approx.400-500 words)
▢ What would be the consequence(s) for non- compliance with information privacy requirements in the context of information security for SCU?
▢ Discuss how non-ethical behaviour of students and IT staff impacts security positions within the SCU organisation.
▢ Discuss methods or strategies SCU should take to deter students and employees from unethical and illegal behaviour.
You are free to make any assumption(s) you wish regarding the existing controls, business profile, etc., which will need to be documented in the appropriate sections of your report.
Your report should be well presented with clear headings, subheadings, section numbers etc.; Information should be presented in a logical, interesting way, which is easy to follow and well supported arguments; cite all reference sources (3 marks).
Submission Format:
There is no report template for this assignment. However, the report should be well presented in a standard format (refer to online resources), and you must use adequate in-text references throughout your entire report. The report should be between 2000- 2500 words.
Be creative in how you choose to communicate your findings. The report does not have to be a large collection of paraphrased text. Diagrams and tables are much more effective ways of communicating an idea or concept.
The first page of the report should have your name, student ID, ISYS1002 Assignment 2, and the date you submit your assignment. When you have completed the assignment, you are required to submit your assignment in PDF/DOC format. The file will be named using the following convention:
Filename = FirstInitialYourLastName_ISYS1002_A2.pdf (i.e. Gsorwar_ISYS1002_A2.pdf)
Marking Criteria:
The rubric for this assignment is available on the MySCU site and will give the criteria for marking.
The difference between a “Pass” and higher grades will be based on how much you look at the whole report and complete the tasks and how well you follow best practices while completing the tasks.
Original Work:
Note that you are not allowed to cut and paste from online resources. Use your own words and figures. Acknowledge all reference sources.
It is a university requirement that a student’s work complies with the Academic Integrity Policy.
It is a student's responsibility to be familiar with the policy. Failure to comply with the policy can have severe consequences in the form of university sanctions. For information on this policy, please refer to the Student Academic Integrity policy at the following website: http://policies.scu.edu.au/view.current.php?id=00141
As part of a university initiative to support the development of academic integrity, assessments will be checked for plagiarism through an electronic system, either internally or by a plagiarism checking service, and held for future checking and matching purposes.
A Turnitin link has been set up to provide you with an opportunity to check the originality of your work until your due date. Please make sure you review the report generated by the system and make changes (if necessary!) to minimise the issues of improper citation or potential plagiarism. If you fail to follow this step, your report may not be graded or may incur late feedback.
Getting Help:
This assignment, which is to be completed individually, is your chance to gain an understanding of the fundamental concepts of cybersecurity. It is important that you master these concepts yourself.
Since you are mastering fundamental skills, you are permitted to work from the examples in the MySCU site or textbook, but you must acknowledge assistance from other textbooks or classmates. In particular, you must not use online material or help from others, as this would prevent you from mastering these concepts.
This diagram will help you understand where you can get help:
Be aware that if you do get help from one of the red sources, you will be reported for academic misconduct, which may have serious penalties. Please visit the following link for the guidelines: https://bit.ly/scuAcadMisconduct
Extension:
Students wanting an extension must make an application via the designated portal and the request in line with University policy (https://www.scu.edu.au/current- students/student-administration/special- consideration/).