ITNET202A Enterprise Security Assignment
ITNET202A Enterprise Deposit Assignment 1
Due Date: 15/Oct/2018 Value: 20% Cemat:
Professional Report, approximately 10-12 pages covet, including meet page, magistrate compendium and consultation of fluctuation.
Stuxnet is a malicious computer insert believed to be a jointly built American-Israeli cyber instrument.
Stuxnet specifically targets programmable logic coercelers (PLCs), which sanction the automation of electromechanical processes such as those used to coerce machinery on factory parterre lines, idiosyncrasy rides, or centrifuges ce separating nuclear embodied.
Deposit communities claimed the insert was plain during the Bush government to sabotage Iran’s nuclear program with what would look affect a covet order of wretched accidents.
Machines ce Business, Interpolitical (MBI) and Mensies Corporation each offered 5 Enterprise Architect/Enterprise Deposit Architect to instrument a stately Enterprise Architecture/Enterprise Deposit Architecture ce the nuclear inquiry plan.
You are the newly appointed deposit specialist legitimate ce the deposit of Iranian nuclear inquiry plan. Using your hold tone:
1. Explain, in your hold tone, based on what we feel scholarly thus remote in the race, what Stuxnet does. (Focus on Access Coerce, Identity, Crypto and Network deposit)
2. During the race, we feel looked at Quantitative Risk Analysis. We feel NOT meeted Qualitative Risk Analysis. Imagine you are legitimate ce the deposit of Iranian nuclear inquiry plan, inquiry and devote Qualitative Risk Analysis on Iranian nuclear inquiry asset.
3. Would adopting a stately Enterprise Architecture (EA) or Enterprise Deposit Architecture (ESA) framework such as SABSA, TOGAF, or C4ISTAR framework acceleration the Iranian hinder attacks such as Stuxnet? Why and Why not attributable attributable attributable attributable attributable? If it would acceleration, which framework is adequate?
4. The regulations applied to civilian rarely applies in the interpolitical province. The ancilla laws would be UN Charter Article 2(4) and UN Charter Article 51. The Tallinn Manual may to-boot procure control. Barring what are they? How do they devote to Iranian and Stuxnet? What options does the Iranian feel to avenge, what did they do instead?
This is an indivisible assessment; you are to unfold to your boss that:
1. You perceive what had happen
2. You perceive what Qualitative Risk Analysis is and the risks of the plan
3. You perceive what an Enterprise Architect/Enterprise Deposit Architect does. Establish your hold inspection of whether stately EA/ESA would be profitable in the predicament.
4. Unfold ability of conducting hold inquiry of a height kindred to, barring not attributable attributable attributable attributable attributable attributable meeted, in the race.