Assignment Information
Module Name: Security and Compliance in the Cloud
Module Code: 6035 CEM / 303CEM
Assignment Title: Coursework
Assignment Due: 05/12/24
Assignment Credit: 20
Word Count (or equivalent): 2500 Part 1 / 1500 Part 2
Assignment Type: Group and Individual coursework
Percentage Grade (Applied Core Assessment). You will be provided with an overall grade between 0% and 100%. You have one opportunity to pass the assignment at or above 40%.
Overview
ViewPoint Hotel (not an existing business) is a hotel chain with branches in Cardiff, Birmingham and London. The hotel remains busy throughout the year due to their unique business model. The hotel chain wishes to build a cloud network that hosts its online website and services, and securely link their two private networks. The management hopes that this secured network will enable clients to book accommodation, make changes (including cancellation), and pay using various means (cash and cards). They also hope to have rewards for their loyal customers.
The requirements for the system areas follows:
This assignment requires you to configure, deploy and test a working virtual cloud-based system. The assignment consists of two different elements:
1. Part 1: An individual practical section that requires you to develop a network- based system. The weighting of this work is 50% of the overall module grade. You must submit a section of 2500 words with the evidence of the designing, configuring and testing the developed system.
2. Part 2: An individual reflective section of 1500 words that considers business continuity and legal issues in relation to the network system provided in the practical element of the assignment. The section worth 50% of the overall module grade.
(You must pass both parts of this task, pass mark is 40%).
Part 1 - Practical Element Brief
1. Design the topology/layout of the system to be developed considering all the servers needed for the support of the core services of the business.
2. Develop the network system configuring and deploying the servers properly, and apply testing and security analysis to the developed system
Practical Element Information
During the practical/lab sessions you will be required to complete a set of workshops that will help you to acquire the skills needed for the completion of the practical coursework (CW1). This practical coursework covers the learning outcomes LO1, LO3, LO4 and LO5. The technical skills required to pass this element is covered in those sessions. Your work will be marked using the Practical Element Grading Rubric.
Details of the Practical Element Design (10%):
a. Produce an architecture of the cloud network to be implemented. Discuss the network topology of each site, the connectivity between sites, explain why this architecture is proposed and what are the IP address ranges which are used for each site.
b. Explain which servers have been considered and why. Explain how the proposed servers can support the business needs, and how the features of these servers are used to enhance the functioning and security of the system.
c. Describe how the proposed design supports the network scalability if the company plans to have more sites in the future, and how testing the security features is considered.
Development (30%):
d. Demonstrate how the servers at different sites are configured and tested to ensure the required functionality, and how are the settings of the cloud network are implemented.
e. Demonstrate the appropriate techniques to show the proper connectivity of the servers, how local nodes of the private networks have access to public networks, how public networks have access to the promoted services, and how the local private servers and data are protected from public access.
f. Demonstrate a proper level of manual/automated configurations of server, manual/automated deployment of tools, and how the workload has been balanced between the servers.
g. Demonstrate how the security testing is implemented and with which tools to investigate the key security, what are the proposed solutions that have implemented to encounter these security issues, and how different privileges and rights have been applied to the user accounts.
Structure and Presentation (10%):
h. The section should have a good structure, nice presentation style and coherence of its content that will help the organisation. Figures should be added to present the design, development and testing of the proposed system.
i. The section should have a clear narrative linking propositions, evidence and judgments. Facts will be clearly differentiated from opinions, all sources used must be evidenced by reference to other works following the APA Reference Style.
Part 2 - Individual Reflective Section Brief (Overall 50%)
You are asked to write a section that will consider business continuity issues in relation to the cloud network provided in the practical element of the assignment. Specifically, in the section, you need to consider the following:
Threat Analysis and Business Impact Analysis: Identify the potential threats that could emerge with respect to the considered system which could lead to disruptions of the network and discuss the respective operational and financial impacts.
Business Continuity Plan and Disaster Recovery Plan: Design and develop a detailed outline of a BCP for the produced system that will indicate the process steps that need to be followed. Create a plan that will demonstrate the appropriate actions for the recovery of the business after certain disaster scenarios.
Legislation and Regulations: Discuss the national and international current legislation that should be considered for the developed system.
Individual Reflective Section Information
The is an individual section based on the practical element that you have completed and covers the learning outcomes LO1 and LO2. Your section will be marked using the Reflective Section Grading Rubric.
Details of the Individual Reflective Section
Threat Analysis and Business Impact Analysis (10%):
a. Apply the threat analysis to the cloud network considering several different case scenarios, which should identify threats that could lead to the network disruptions including what are the servers and connectivity threats.
b. Apply the business impact analysis to the cloud network considering several different case scenarios, which should identify the respective operational and financial impacts of each case.
Business Continuity Plan and Disaster Recovery Plan (25%):
a. Develop a business continuity plan that considers the appropriate process stages required for the successful continuation of the operation of the cloud network and its critical services, provide a thorough description of the actions, resources and requirements identified in each of these stages.
b. Develop a detailed disaster recovery plan that enables the application of recovery strategies. These strategies should target the successful recovery of the cloud network and its critical services investigating the required resources, operation and services.
Legislation and Regulations (10%):
a. Indicate the current the national and international legislation that should be considered for the cloud network.
b. Provide thorough explanation of how each of these legislations satisfies the security requirements of the cloud network.
Structure and Presentation (5%):
a. The section should have a good structure and nice presentation style that will help the organisation and coherence of its content.
b. The section should have a clear narrative linking propositions, evidence and judgments. Facts will be clearly differentiated from opinions, all sources used must be evidenced by reference to other works following the APA Reference Style.
Submission Instructions
You are required to submit one report that includes two sections in a PDF format via Aula (TurnItIn). The first is a practical section which has a word limit of 2500 words while the second is a reflective section which has a word limit of 1500 words. The deadline for this coursework is on (12/12/24)
Marking and Feedback
How will my assignment be marked?
Your assignment will be marked by the module team
How willI receive my grades and feedback?
Provisional marks will be released once internally moderated
Feedback will be provided by the module team alongside grades release
[Course teams to add a statement detailing how students can access their feedback here].
Your provisional marks and feedback should be available within 2 weeks (10 working days)
What willI be marked against?
Details of the marking criteria for this task can be found at the bottom of this assignment brief.
Assessed Module Learning Outcomes
The Learning Outcomes for this module align to the marking criteriawhich can be found at the end of
this brief. Ensure you understand the marking criteria to ensure successful achievement of the assessment task. The following module learning outcomes are assessed in this task:
Module Learning Outcomes
LO1 |
Demonstrate a sound understanding of techniques for business continuity such as Business Impact Analysis. |
LO2 |
Apply continuity planning and disaster management on both local and cloud-based ICT resources to an organisational scenario. |
LO3 |
Design, build and test a range of secure, virtual networks to solve defined business requirements. |
LO4 |
Use a range of tools and techniques to carryout a security audit and develop strategies to reduce risk. |
LO5 |
Interpret and apply relevant legal considerations when storing data in the cloud. |
版权所有:编程辅导网 2021 All Rights Reserved 联系方式:QQ:99515681 微信:codinghelp 电子信箱:99515681@qq.com
免责声明:本站部分内容从网络整理而来,只供参考!如有版权问题可联系本站删除。