BSBXCS302 Assessment 1

docx

School

Canberra Institute of Technology *

*We aren’t endorsed by this school

Course

302

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

6

Uploaded by CoachWolverine3943

Report
Assessment Written Student Name: CIT Number: Competency Title, Code and Banner Code CRN BSBXCS302 Identify and report online security threats Assessment Type Written Case Study Project Assignment Other Assessment Name Assessment 1: Knowledge Test Assessment Date Student Statement: This assessment is my own work. Any ideas and comments made by other people have been acknowledged. I understand that by emailing or submitting this assessment electronically, I agree to this statement. Student Signature: Date: PRIVACY DISCLAIMER: CIT is collecting your personal information for assessment purposes. The information will only be used in accordance with the CIT Privacy Policy. Assessor Feedback Student provided with feedback Attempt 1 Satisfactory Not Yet Satisfactory Date: / / Attempt 2 Satisfactory Not Yet Satisfactory Date: / / Assessor Name: Adnan Syed Assessor Signature: Adnan Note from Assessor: Please record any reasonable adjustment that has occurred for this assessment. © Canberra Institute of Technology Page 1 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
Assessment Task Instructions for Students This assessment consists of several questions including a multiple-choice, a scenario-based and a couple of questions to test your knowledge. In order to be successful in this assessment, you are required to have clear understanding on the concepts below: Internal policies, procedures and plans relating potential online security breaches Features of common types of potentially fraudulent communications Techniques to verify suspicious requests for information Notifiable data breach Spam email and SMS text messages Social engineering Information security Data protection principles Time allowed : see subject guide Assessment range and conditions : Student needs to have access to any and all resources. If resources are used, then appropriate referencing must be adhered to. Student is to submit this assessment in a timely manner and if an extension is required, to contact the teacher within an appropriate timeframe. Materials provided and Materials you will need: Assessment paper and instructions Access to eLearn Access to CIT computers, internet access to research material Access to MS Office applications including MS Publisher Information for students: You may have two (2) attempts for this assessment. If your first attempt is not successful, your teacher will discuss your results with you and will arrange a second attempt. If your second attempt is not successful, you will be required to re-enrol in this unit. Only one re-assessment attempt will be granted for each assessment item. © Canberra Institute of Technology Page 2 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
1. Julia is a TAFE student who often shops online. One day when scrolling social media, she found an online store that was selling headphones for a very cheap price. Since there was limited stock, she purchased them immediately using her credit card. I. Julia did not realize that the online store was fake and operated by cybercriminals. What are some warning signs she should look for when shopping online? (Select Multiple) Select all that apply a) Stores advertising on social media. b) Products advertised at very low prices, sometimes with limited stock. c) Stores with limited information about their policies and contact details. B & C II. Later, Julia checked her account to find a $450 transaction had been made to a business she didn't know using her credit card. What is the first thing she should do? a) Contact her bank to secure her financial accounts b) Change her password on her online banking c) Call the shop she bought the item from and tell them d) Ring her TAFE friends to ask if this has happened to any of them A & B III. After speaking with her bank and securing her accounts, who else should Julia report the scam to? Select all that apply. a) The shop she last bought an item from b) ACSC by putting in a report via ReportCyber c) ACCC by putting in a report via ScamWatch B& C 2. Identify and explain three (3) common features of any potentially fraudulent communication. What would you do if you receive this email: © Canberra Institute of Technology Page 3 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
a) Is it a fake or real one? A b) How did you figure it out? What techniques have you implemented to Identify all the reasons behind your decision. It is a common sense that no company would give away gift cards and the email is quite attractive to drag your attention to enter in a draw and letting you to hurriedly complete that action as it says the time frame and the limited number of cards it is offering for free of cost. There is no contact details of the sender. I am certain that it as a phishing email. 3. What are the data protections principles? Application control Patch appilications Configure MS office Macros User application hardening Restrict admin priviliges Patch OS Systems Multi Factor Authentication Daily Backups © Canberra Institute of Technology Page 4 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
4. What is a Notifiable Data Breach? When should someone notify/report a data breach in an organisation under the legislation of Notifiable Data Breach and Australian privacy laws? As per NDB scheme, if there is disclosure of personal information held by an entity , it is likely to result in serious harm to any of the individuals to whom the information relates and under the privacy act 1988, it should report data breach to Office of Australian Information Commissioners using an online Notifiable Data Breach Form https://forms.business.gov.au/smartforms/servlet/SmartForm.html?formCode=OAIC-NDB&tmFormVersion The victims should also be notified within 24-48 hrs. 5. What is spam email and SMS text? If you receive a spam email or SMS text with a link in it, what do you think you should do? Emails and SMS text with suspicious links are spam. Block the spam and delete it. If you frequently receive spam, track the latest phihing atatcks, don’t give your personal information, monitor your online activity, updated your browser, don’t click on the links, keep check on popup blocker and don’t fall for social emotions in the messages or emails. 6. Define social engineering? How does social engineering relate to social media? Social engineering exploits human interaction to gain unauthorised access to systems, networks, or physical locations or for financial benefit. Threat actors disguise themselves as trusted individuals or information sources via social engineering. Influence, manipulate, or fool users into releasing sensitive information or access within an organisation. Many social engineering scams exploit people's kindness or fear of punishment. 7. a) Define information security? Information security is the system that protects sensitive or personal information leakage to unauthorized users or attackers where the information can be modified, destroyed or used for identity purposes. b) What are the three components of information security? Three main components of information security are confidentiality, integrity and availability, the CIA triad. © Canberra Institute of Technology Page 5 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
c) How are these three components of information security related to basic principle of cyber security? There is a security framework called AAA (Authentication, Authorisation and accounting) Which actually safe guards and protects the access to the resources or assets. © Canberra Institute of Technology Page 6 of 6 Date created: 23/08/2021 CRICOS No. 00001K | RTO Code 0101 Date updated: 4/12/2023
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Quiz_ Exploration Materials_ HIWD370_ Comparative Civilization (D02).pdf
BSBXCS303 Assessment 2.docx
Discussion case 5.docx
BSBXCS302 Assessment 2.docx
Define technological competency.docx
environmental-sustainability-plan-template (1).docx
EVPC 100 MOD 5 FINAL PROJECT ANTHONY.docx
CH 07-01.pdf
M02 - Part 2 Hands-On Project 4-4 Configuring Microsoft Windows Security - Part 2.docx
Ch.05-02 Fulfillment Process - S4HANA 2020 MCC V1.6.docx
BSBXCS301 Assessment 1.docx
SRS-Team-1.docx