Upload
mohammad-fallah-tafti
View
9
Download
0
Embed Size (px)
DESCRIPTION
Assessment & Marking CriteriaISIT201/MTS9201/MCS9301 Information and CommunicationSecuritySpring Session 2013 (Wollongong Campus)
Citation preview
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 1 of 8
SISAT School of Information Systems & Technology
Assessment & Marking Criteria
ISIT201/MTS9201/MCS9301 Information and Communication Security
Spring Session 2013 (Wollongong Campus)
Notes on Assessment This assessment guide has been designed to assist you in the preparation of your assessment for the subject ISIT201/MTS9201/MCS9301. Please ensure that you understand the requirements of each assessment and that your submission matches what is required. It is expected that all assignments are completed independently. Plagiarism may result in a FAIL grade being recorded for that assignment.
Submission of Assessment Items All assessment work is to be submitted online and during your allocated
tutorial unless otherwise noted. Late submission of assessment items MUST be submitted online and to the
subject coordinator. All applications for academic consideration are via SOLS. All hard copy submissions must be accompanied by a SISAT Assignment
Cover Sheet, available from: http://eis.uow.edu.au/current-students/student-support/assignments/index.html
Students must attach a copy of the marking sheet with student details completed to all hard copy submissions.
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 2 of 8
Mini Presentation
Overview Type of assessment: individual Weighting: 5% Due: Week 4 completed during your allocated tutorial Time: 3 minutes each
Instructions During week 4 of class each student is required to give a three (3) minute talk to the class based on a current (within the last 12 months) online news article on an ICT security issue. A copy of the article and a 300 word critical summary is to be submitted at the completion of the presentation. This presentation is designed to be conducted without any visual aids. The Critical Summary should include eight elements that you must complete for the article.
1) Bibliographic details: Provide the bibliographic reference for the article using Harvard format (see http://www.library.uow.edu.au/referencing/)
2) Short article summary: Provide a 2-sentence summary of the article 3) Main points: List the six (6) main points in the article 4) Purpose: Why did the author write this article? What was their motivation?
How does this influence the way you understand the article? 5) Organisation of material: How is the content arranged? Why is it arranged this
way? How does this influence the way you understand the article? 6) Audience: Who was the intended audience for this article? How do you know?
Did the author make assumptions about the readers of the article? How does this influence the way you understand the article?
7) Language: What type of language is used in this article? Why? 8) Context: When was the article written? What else (historical events, technical
advances) was happening at this time? How did this influence the content and attitudes in the article?
Why have I set this assessment for you? The presentation is to get you to start speaking in front of the class. Outcomes You should be able to describe a current major business ICT security issue Critically analyse the article
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 3 of 8
Mini Presentation and Critical Summary Student Number
Good Pass Poor Comments (if any)
Sect
ion
1: P
rese
ntat
ion
Introduction - Overview of the ICT security issue Main Points - Discussion of the issue - End users this issue effects - Types of device(s) effected
Conclusion - How to avoid the issue Questions? - From students in the class No Aids - No visual aids should be used
Sect
ion
2: C
ritic
al S
umm
ary
Introduction - Clear Introduction to the article and how it
is an ICT information security issue
Summary - Short article summary - Main points - Purpose - Audience - Context/Developments
Conclusion - Links back to the topic - How to avoid the issue
- Bibliographic details (correct Harvard Style) Satisfactory / Unsatisfactory
Gen
eral
Article Attached - Amount of research conducted Satisfactory / Unsatisfactory Relevance to topic - Article within the last 12 months? - ICT security issue presented? Satisfactory / Unsatisfactory
Expression - Grammar, spelling etc Presentation - Of the presentation - Of the written document
Overall Comment
Final Mark /5
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 4 of 8
Security Policy Case Study
Overview Type of assessment: individual Weighting: 20% Week 8 (hard copy in tutorial, soft copy to be uploaded to UOW eLearning,
Monday 16th September @ 2359hrs) Word Limit: 2500 words
Instructions Security policies for organizations are vital. However, many businesses have ill-defined, incomplete or no security policies whatsoever. Your task is to evaluate three (3) policies and provide recommendations on the completeness and appropriateness of each. If the policies are incomplete, you may provide a revision; if the policies are lacking, you may add to these. (2500 words, excluding policies)
Why have I set this assessment for you? This task will allow you to gain an awareness of academic writing using critical
analysis of the allocated policies You will learn about security policies in organisations and their inadequate nature This task will allow you to develop your research skills in finding relevant material
on a particular topic and what is needed for these types of organisations and their polices
Outcomes You should be able to critically evaluate the impact of ICT security policies Access information and sources efficiently
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 5 of 8
Security Policy Case Study
Student Name Number
Criteria Element Good Pass Poor Comments (if any) - Abstract (purpose, method, results and main
findings)
Introduction - Specific policy and topic is introduced and
oriented within an overall policy framework - Problem (identification, how it will be
addressed and key issues to be investigated)
Main Body - Purpose of the policy type you are
investigating and how the policy is used - Ideas are developed and linked in a logical &
rational approach. A person with little subject knowledge could follow
- Information sources are clearly identified, a valid and trustworthy source for others (easy to distinguish authors work from that of others)
- Author suggests new insights and contradictions in the ideas of others
- Cohesive set of guidelines logically developed and presented
Methodology - Author states how the research was carried
out - Materials and processes used to develop the
guidelines
Policy Review, Key Recommendations & Discussion
- Policy 1 - Policy 2 - Policy 3 - Discussion of findings
Conclusion - Clear conclusion that relates back to your
topic (no new material introduced) - Summary of problem, objectives and main
findings
Referencing (Harvard Style) - References used correctly/bibliography - Quality of references (list of journal papers,
books and conference papers used in the paper)
Expression/Presentation - Template followed - Analytical ability/originality - Grammar, spelling etc - Word limit (page limit as per template)
Overall Comment
Final Mark /20
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 6 of 8
Security Audit (Group Report)
Overview Type of assessment: Group Number of Students per group: 3 - 4 Weighting: 25% Report Due: Week 11 (hardcopy to tutor, softcopy to be uploaded to UOW e-
Learning, Monday 14th October 2359hrs) Word limit: 4,000 words
Instructions You will complete an audit for a business information and communication systems. After the audit has been conducted your group will then need to make recommendations on appropriate security technologies for the business.
Why have I set this assignment for you? I am trying to stimulate your creativity. Whether you are a security specialist or
not you can genuinely contribute your ideas to your group in a way that is beneficial. You need to be able to think beyond just technology solutions for security.
Outcomes You should know what devices and applications are already out there in
operation today. A little research will help you to understand this better. You should be able to determine at a high level what the viability of your
solution is is it feasible and would it really be implemented in real life?
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 7 of 8
Report Marking Criteria Security Audit
1 2 3 4
Criteria Element Good Pass Poor Comments (if any)- Executive Summary - Title Page & Table of Contents - Introduction
Current ICT Situation- About the organisation - Description of the system and devices - Users (external & internal)
Risk Assessment - Potential security breaches & risk identification - Quantitative risk assessment - Qualitative risk assessment - Options and possible controls for addressing each
risk - Selection of risk control strategies - Key risk control recommendations
ICT Solution - Description of solution including figures - Advantages of solution - Cost benefit analysis - Key recommendations
Conclusion - Summary of the audit; the problem & objectives - Summary of key findings
References (Harvard Style) - Information sources identified throughout - Number, quality & format of references
Expression - Grammar, spelling etc - Paragraphing - Structure & cohesiveness of document
Presentation - Professional template, font, style - Figures, tables, font, style, pagination, numbered
headings
Overall Comment
Is the group checklist signed by all members? YES / NO (if no assessment needs to be referred to Glenn Bewsell)
Final Mark /25
ISIT201/MTS9201/MCS9301: Information and Communication Security Assessment Guide
Page 8 of 8
Exam
Overview Type of assessment: Individual Weighting: 50% During exam period
Instructions You will be required to complete a formal written exam during the exam period. It is envisaged that this exam will consist of multiple choice, short answer and extended response questions. The exam will draw knowledge from the lectures, textbook and tutorial activities. More details will be given in the exam at the end of session.