Demonstrate your Learning by giving Examples from each of the Weekly Learning Sub-modules: Cyber Security Application Assessment SSU, UK

Assessment Task:
A Portfolio is a way of demonstrating your learning by giving examples from each of the weekly learning sub-modules. These can include written descriptions of practice, screenshots, terminal output the evidence of knowledge or skills. In other words, your portfolio should contain about 7 to 10 headings corresponding to the concepts in the weekly schedule.

As a motive to writing your portfolio imagine a context, like a company or organization you work for. For example, consider the following scenario (you can pick another if you like as a framework for your system security portfolio):

Pandemic Watch is a crowdsourced medical early-warning organization supplying analysis of reported disease outbreaks, and giving press reports of fact-checked health emergencies for government or NGO use. Data sources may come from GPs, epidemiologists, and sensitive (leaked) information from other sources whose anonymity may need protection. The organization has many potential threat vectors, enemies, foreign and domestic, online  and offline, thus the organization is a high exposure target for disinformation and manipulation

As a member of the software security and privacy task force you are to audit and make recommendations for the transformation of their systems, policies, and processes.

Alternatively, you may choose your own fictional organization with complex digital security needs – but you will need to explain why these risks are real in your analysis.

Scope
You are to consider the areas of:

• Data storage, integrity, privacy, compliance.
• Secure communication for both organizational staff and clients
• System hardening, including servers, offices, and mobile devices
• Personnel and operational security

Your portfolio should include an understanding and appreciation of the range of techniques related to the principles and technologies of cybersecurity in practical application. In particular, you should demonstrate awareness of:

• Threat and vulnerability modeling, risk prioritization
• Anticipation of emerging threats
• Access control, authorization
• Defensive system design principles, in-depth and breadth
• Scope, lifecycle, maintenance, and sustainability
• Technologies, options for technical implementation
• Encryption for communications and storage
• Policies, monitoring, response plans
• Cost, roles, skills, and human resources
• Trade-offs, compromises, and push-backs

Presentation
A 3000-word concise technical report will form the basis of your portfolio, and it may include screenshots, terminal logs, tables, lists, flow diagrams, or any other appropriate graphics or formulae summarising key techniques and considerations. Emphasize the practical execution of auditing and hardening tasks and comment on difficulties or lessons learned.

COVID-19 mitigations:
WE ARE ASSUMING THESE PERSIST IN 2021 SEMESTER:
Due to the inaccessibility of the labs and the fact that not everyone has access to virtual machine technology you may either choose to create portfolio material on your own using a terminal emulator or to submit referenced excerpts of quality HOTO guides (for example StackExchange) to illustrate what you would do. Citations must be given.

Learning Outcomes
This assessment will enable students to demonstrate in full or in part the learning outcomes identified in the unit descriptors.