首页
网站开发
桌面应用
管理软件
微信开发
App开发
嵌入式软件
工具软件
数据采集与分析
其他
首页
>
> 详细
代写program、代做Java/python设计编程
项目预算:
开发周期:
发布时间:
要求地区:
Coursework Assignment (70%)
This assignment will show you some real world scenarios and ask you to elaborate and justify a solution. You will be given a budget and a few items/solutions to chose from. You will need to explain your decisions within 500 words per scenario.
You will need to explain your decisions in 2 scenarios. You have to consider that you are talking to an hypothetical CEO or CTO and, as a consequence, you should avoid jargon and academic references unless strictly necessary. Concepts, such as security principles, can be mentioned without the need of citing the related literature.
You will submit the two scenarios you completed on Moodle as the submission tool is divided in two different tabs, one for each scenario.
Scenario 1 – Video streaming platform
You are the Information Security Manager for a video streaming renowned platform. This platform has users all over the world and different services as some profiles can only be accessed by paying the user. They are planning the following years and, as the world is coming out of the pandemic, they are trying to prepare themselves to different scenarios due to flexible working, popularity of the platform and type of clients and services. You will need to use the budget available to choose the defenses you think are the most functional ones.
Flexible working: the offices will still be active but flexible working will be implemented. For this reason we will need to set the remote access in a functional manner to allow the employees to work from home.
Work laptop: the employees who lead teams and are in managerial positions will be given a laptop that is strictly controlled by the IT services: no software can be installed by the employee and the connection is automatically through VPN to avoid MitM and blacklist websites.
VPN settings: the VPN will be mandatory to all employees to access work documents and the company internal network to avoid MitM and blacklist websites.
Antivirus and Firewall software: the employees will be given a specific antivirus and firewall software that will protect their PC and/or smartphone used for remote work.
Data Storage: all the data from the company can only be accessed from the company network and will be stored in a cloud facility; data saving on personal devices is strictly forbidden.
Network compartmentalization: the network will be divided in subnetworks that can be accessed by employees according to a RBAC policy.
Platform popularity: the platform is used for different live straming services, from e-sports to art and music events as well as paid services. At the moment, the first two are still limited to small events that, although in large quantity, do not constitute a risk for overloading the systems, but the hope for the future is to manage bigger events that host thousands of people in their streaming events.
Bandwidth increase: predicting an increase of the audiences, especially for events that require high quality video (such as e-sports), we will increase the capability of the system to manage the demand.
Anti DDoS defenses: given the risks of attacks that aim at limiting our streaming capabilities, setting up defenses tailored against DDoS attacks may be necessary
Anti Ransomware defenses and backups: Ransomware may halt our systems if undetected and protecting from it as well as using backups should mitigate this issue
Quality of Service systems: these systems use adaptable quality of videos as well as specific tools to manage the connections and reduce the load on the bandwidth.
2FA for content creators: anyone who creates content on the platform has mandatory 2FA settings to limit the risk of their channels being hijacked and mitigate reputational risks.
Clients, content creators and services (CCS): the platform allows people to access using a classic login interface. It is necessary to evaluate the opportunity for implementing more security features.
Minors policy implementation: Users below 18 years of age will not be allowed to access any service that may target adult audiences
Allowing 2FA for everyone: Implementation of 2FA using their mobile phone to receive a one-time password
DDoS features for paid services: We may want to implement anti DDoS features that would prioritise paid services to ensure customers satisfaction when they pay for content
Secure payment: Mandatory 2FA for payments and metadata tracking to ensure traceability of the payments in case it is not the actual client paying for the services.
You have 25 as the total budget and these are the costs of the different measures:
Use the template to write the document that will be evaluated. Explain which measures you have adopted in the different intervention areas and justify your choices according to the information available in the scenario explanation as well as data and figures available on the Internet.
Scenario 2 – Grocery shop data management
You have been asked to consult a grocery shop on setting up their systems to be secure and manageable for their purposes. The shop has 20 employees, considering the front end as well as the two administrators managing supplies and finances and the owners, two brothers who manage all the interactions with stakeholders. You will need to consider a limited budget (as mentioned below) to carry out the essential works in three areas: clients’ payments, suppliers management, and data protection.
Clients’ payments: The shop is cashless overnight therefore you will need to consider two aspects: secure card payments and cash movement at the end of the working day. You can implement one or more out of these different protections:
PoS substitution: The current tools for card payments are good but are not the latest technology.
Secure protocol connection: The PoS communicate with routers in the supermarket wireless using quite old protocols. It is possible to manage an upgrade towards more secure encryption.
Secure cash collection: Using a tracked professional transit that will take the money from the shop to the bank every working day.
Community managed cash collection: the grocery shop and the shops close to it would work together towards collecting their money in one secure place (in another shop) every end of the working day, the secure transit is called twice a week.
Suppliers management: the shop is proud of their punctuality in paying providers, suppliers, and employees, however, for such a small shop it is vital to minimize the waste while avoiding shelves being empty. Here is what you can implement:
Data access: the data should not be accessed by everyone: an access control policy should limit what employees can see on the company website.
Secure communications: setting up certified emails for the finance and administration that are accessible only by the administrators
Contracts management: Implementation of online contract signing systems to speed up the process and maintain digitalized copies stored on the certified email inbox.
Data protection: although the shop is not big enough to have a website and tailored advertisements, data related to most popular products, frequency of when orders are needed and graphic user interfaces to manage the orders are available for the employees. There is a system for front end ones to upload which elements were sold when they are scanned and paid as well as for the administrators to evaluate when new orders to the suppliers are needed.
Dedicated Firewall: The servers containing the data should be in a specific network protected by a customized firewall that will drop unexpected connections.
Secure communications: Clients as well as lawyers and stakeholders may need to communicate with the two owners directly. Setting up a certified owners email and a cloud storage area may facilitate this.
Advanced Anti XSS and XSRF: To avoid disgruntled employees from finding ways to attack the customized parts of the data management system you can upgrade the protection against XSS and XSRF.
You have 15 as the total budget and these are the costs of the different measures:
Use the template to write the document that will be evaluated. Explain which measures you have adopted in the different intervention areas and justify your choices according to the information available in the scenario explanation as well as data and figures available on the Internet.
软件开发、广告设计客服
QQ:99515681
邮箱:99515681@qq.com
工作时间:8:00-23:00
微信:codinghelp
热点项目
更多
代做 program、代写 c++设计程...
2024-12-23
comp2012j 代写、代做 java 设...
2024-12-23
代做 data 编程、代写 python/...
2024-12-23
代做en.553.413-613 applied s...
2024-12-23
代做steady-state analvsis代做...
2024-12-23
代写photo essay of a deciduo...
2024-12-23
代写gpa analyzer调试c/c++语言
2024-12-23
代做comp 330 (fall 2024): as...
2024-12-23
代写pstat 160a fall 2024 - a...
2024-12-23
代做pstat 160a: stochastic p...
2024-12-23
代做7ssgn110 environmental d...
2024-12-23
代做compsci 4039 programming...
2024-12-23
代做lab exercise 8: dictiona...
2024-12-23
热点标签
mktg2509
csci 2600
38170
lng302
csse3010
phas3226
77938
arch1162
engn4536/engn6536
acx5903
comp151101
phl245
cse12
comp9312
stat3016/6016
phas0038
comp2140
6qqmb312
xjco3011
rest0005
ematm0051
5qqmn219
lubs5062m
eee8155
cege0100
eap033
artd1109
mat246
etc3430
ecmm462
mis102
inft6800
ddes9903
comp6521
comp9517
comp3331/9331
comp4337
comp6008
comp9414
bu.231.790.81
man00150m
csb352h
math1041
eengm4100
isys1002
08
6057cem
mktg3504
mthm036
mtrx1701
mth3241
eeee3086
cmp-7038b
cmp-7000a
ints4010
econ2151
infs5710
fins5516
fin3309
fins5510
gsoe9340
math2007
math2036
soee5010
mark3088
infs3605
elec9714
comp2271
ma214
comp2211
infs3604
600426
sit254
acct3091
bbt405
msin0116
com107/com113
mark5826
sit120
comp9021
eco2101
eeen40700
cs253
ece3114
ecmm447
chns3000
math377
itd102
comp9444
comp(2041|9044)
econ0060
econ7230
mgt001371
ecs-323
cs6250
mgdi60012
mdia2012
comm221001
comm5000
ma1008
engl642
econ241
com333
math367
mis201
nbs-7041x
meek16104
econ2003
comm1190
mbas902
comp-1027
dpst1091
comp7315
eppd1033
m06
ee3025
msci231
bb113/bbs1063
fc709
comp3425
comp9417
econ42915
cb9101
math1102e
chme0017
fc307
mkt60104
5522usst
litr1-uc6201.200
ee1102
cosc2803
math39512
omp9727
int2067/int5051
bsb151
mgt253
fc021
babs2202
mis2002s
phya21
18-213
cege0012
mdia1002
math38032
mech5125
07
cisc102
mgx3110
cs240
11175
fin3020s
eco3420
ictten622
comp9727
cpt111
de114102d
mgm320h5s
bafi1019
math21112
efim20036
mn-3503
fins5568
110.807
bcpm000028
info6030
bma0092
bcpm0054
math20212
ce335
cs365
cenv6141
ftec5580
math2010
ec3450
comm1170
ecmt1010
csci-ua.0480-003
econ12-200
ib3960
ectb60h3f
cs247—assignment
tk3163
ics3u
ib3j80
comp20008
comp9334
eppd1063
acct2343
cct109
isys1055/3412
math350-real
math2014
eec180
stat141b
econ2101
msinm014/msing014/msing014b
fit2004
comp643
bu1002
cm2030
联系我们
- QQ: 9951568
© 2021
www.rj363.com
软件定制开发网!