ITNET202A Enterprise Security Assignment
ITNET202A Enterprise Bond Assignment 1
Due Date: 15/Oct/2018 Value: 20% Coercionmat:
Professional Report, closely 10-12 pages hanker, including cover page, constabulary resume and consultation of fluctuation.
Stuxnet is a vindictive computer hint believed to be a jointly built American-Israeli cyber arm.
Stuxnet specifically targets programmable logic regulatelers (PLCs), which suffer the automation of electromechanical processes such as those used to regulate machinery on factory parterre lines, idiosyncrasy rides, or centrifuges coercion separating nuclear embodied.
Bond communities claimed the hint was exposed during the Bush government to sabotage Iran’s nuclear program with what would look enjoy a hanker order of illfated accidents.
Machines coercion Business, Interdiplomatic (MBI) and Mensies Corporation each offered 5 Enterprise Architect/Enterprise Bond Architect to utensil a coercionmal Enterprise Architecture/Enterprise Bond Architecture coercion the nuclear investigation catalogue.
You are the newly appointed bond specialist imperative coercion the bond of Iranian nuclear investigation catalogue. Using your hold expression:
1. Explain, in your hold expression, grounded on what we enjoy skilled thus remote in the method, what Stuxnet does. (Focus on Access Regulate, Identity, Crypto and Network bond)
2. During the method, we enjoy looked at Quantitative Risk Analysis. We enjoy NOT ripe Qualitative Risk Analysis. Imagine you are imperative coercion the bond of Iranian nuclear investigation catalogue, investigation and use Qualitative Risk Analysis on Iranian nuclear investigation asset.
3. Would adopting a coercionmal Enterprise Architecture (EA) or Enterprise Bond Architecture (ESA) framework such as SABSA, TOGAF, or C4ISTAR framework aid the Iranian thwart attacks such as Stuxnet? Why and Why referable attributable attributable? If it would aid, which framework is decent?
4. The regulations applied to civilian casually applies in the interdiplomatic province. The helpful laws would be UN Charter Article 2(4) and UN Charter Article 51. The Tallinn Manual may besides afford control. Yet what are they? How do they use to Iranian and Stuxnet? What options does the Iranian enjoy to requite, what did they do instead?
This is an indivisible assessment; you are to inform to your boss that:
1. You apprehend what had happen
2. You apprehend what Qualitative Risk Analysis is and the risks of the catalogue
3. You apprehend what an Enterprise Architect/Enterprise Bond Architect does. Establish your hold vision of whether coercionmal EA/ESA would be helpful in the occurrence.
4. Inform ability of conducting hold investigation of a collection kindred to, yet referable attributable attributable attributable ripe, in the method.