CMP73001 | Cybersecurity Management Assignment Help
You are hired by MyHealth Company as a cybersecurity consultant to help in security management and to address the contemporary and emerging risks from the cyber threats the company is facing. The mission of MyHealth Company is providing quality health care services to its patients.
In addition, MyHealth Company is involved in clinical practice, education, and cancer-related research. The company is a new company which is growing quickly. While the company uses its database server to store the information of its patients’ medical history and the data collected from the research team, it has a poor-designed network with a low level of security. As the company is responsible for the privacy and the security of clinical information, and the security of payment transactions, they have decided to improve their information security. Therefore, they have hired you to do the following task:
- Vulnerability assessment and Business Impact Analysis exercise: 1. Perform vulnerability assessment and testing to assess a fictional business information system. 2. Perform BIA in the given scenario. 3. Communicate the results to the management.
Existing IT infrastructure of MyHealth Company:
- E-mail server
- Web server providing web services and payment options
- A physical database server storing patients’ information and research data
- DHCP and DNS servers
- Servers located in a server room accessible by all staff
- There is no virtual/cloud storage
- The backup files are stored in a single computer connected to the internal network
- Two 24-port Cisco Catalyst switches (1Gbps ports)
- Switches are layer-two switches
- ADSL router
- 40 PCs with outdated antivirus
- The operating systems used in the company are Windows 2008 server and Windows 7
- Windows Firewalls are on.
- No security configuration on routers and switches
- Telnet connection is used by IT people to remotely check the configuration of the network devices. Therefore, there is no encryption in remote access.
- Two wireless access points
- Wireless security is WPA.
- 10 Voice over IP phones
- There are 45 employees including three IT people (IT staff are responsible to look after internet connection, network devices, Wi-Fi, Voice over IP service, LAN, computers, servers, hardware and software, and video conference facilities).
- All staff and equipment are on a single floor.
- The roles and responsibilities of people who are responsible for information security management are not clear and they are not documented. All IT staff help in information security management.
For this assignment, you need to write a report to the CEO of the company, and answer a number of questions and perform business impact analysis. In addition, you should propose the required testing methods. Your answer should be submitted in a PDF/DOC file.
This assignment has a number of group questions. Therefore, you should make groups with maximum three members in each. In each question, there are three roles, and each team member should choose one role and answer its question. It is the group decision to decide about the roles. Students need to submit all answers from their team, and they should mention the name of the student who answered each question.
Empower your journey in business management with Assignmentstudio. From concept comprehension to assignment completion, our support for Business Management Assignment Help ensures students develop strong foundations and achieve academic excellence.
Assignment-3 guideline
A3: Vulnerability assessment and Business Impact Analysis exercise: perform vulnerability assessment and testing to assess a fictional business information system. Perform BIA in the given scenario. Communicate the result to the management.