Faculty of Science & Technology

Written Assessment
Digital Security
Module 003264

As outlined in the course Module Definition Form (MDF), 100% of the final mark for this
module will be in the form of a written report which demonstrates knowledge and
understanding of each of the digital security core concepts as outlined below.
Your write-up should clearly demonstrate progressive learning by addressing the three critical
aspects of digital security computer security principles, introduction to cryptography and
secure programming techniques.
Requirements
Answer all THREE questions below. You should compile a well-constructed, formal written
report of no more than 2,000 words that encompasses industry standard fundamental digital
security best practices. The report should be written in the third person.
Formatting
Your work should be spiral or comb bound with the following minimum components:
Cover Page to include
o Module title
o Course code
o Your Student ID number
o Date of submission
Table of Contents
Body of your report (2,000 word guide)
Any supporting diagrams and tables
A minimum of 12 references (Harvard reference style)
An appendix if necessary
Deliverables

Standard assessment packaging with cover sheet from e-vision

Ensure your Student ID Number is listed on ALL pages
Final submissions must be made through the iCentre

Due Date: Monday 9th May 2016 by 2pm

Aim to hand in your assignment at least 48 hours before the due date, as the iCentre
becomes extremely busy on the last few days.

1|Page

MOD003264 Digital Security Assessment

Question 1: Computer Security Principles

(25 marks)

You have a new job as Security Manager at Angliabrookes Hospital. Your job involves
the detection, prevention and reaction to potential and actual security violations.
The Technology Director has asked you produce a report, using the AAA and CIA
models, to explain how the Hospital should protect both administration computers
and medical computers from unauthorised access whilst still providing patient access
to open area computers.
Your report should make use of examples and recommend best practice.

Question 2:

Introduction to Cryptography

(25 marks)

You have a new job as Information Security Manager at Ruskin City Council, where
you are responsible for safeguarding and protecting sensitive and personal
information.
The Head of IT has requested a briefing report that explain the benefits of hashing
techniques. Using examples from within Council administration departments, explain
the difference between the MD5 and AES protocols.
Include an MD5 hash of a text file as an appendix.
Note The text file should be: your tutor, your SID, your university and your degree
course

Question 3:

Secure Programming Techniques

(25 marks)

You have a new job as Software Security Specialist at Ruskin City Council. Your job
involves the prevention and mitigation of software security violations.
The Head of Development has asked for a briefing report for your fellow software
developers, which outlines some programming techniques they should use to defend
against software vulnerabilities, as well as your rationale for these suggestions.
From the OWASP top 10 vulnerabilities, identify three different attacks that Council
software applications might be vulnerable to. Outline why these three vulnerabilities
occurs and suggest mitigation techniques to prevent an attack occurring in the first
place.

2|Page

MOD003264 Digital Security Assessment

Marking Scheme
Marks will be awarded based on the following:

Answer to first chosen question (25

Answer to second chosen question
Answer to third chosen question (25
Quality of Referencing
(15
Report Presentation & Layout
(10

Answers to
Questions
3 x 25%

Referencin
g
15%

Presentati
on &
Layout
10%

Marks)
(25 Marks)
Marks)
Marks)
Marks)

Insufficient:
0-5 marks
The author has
made no effort
to gain insight
into the subject.

Adequate:
6-10 marks
The author has
made some
effort to gain
insight into the
subject, but key
essentials have
been
overlooked.

Good:
11-15 marks
The author has
provided good
supporting
evidence, with
good definitions
and explanations
of key
terminology and
subject elements.

Excellent:
16-20 marks
The author has
provided evidence
of thorough
understanding of
the subject. Clear
evidence of
additional
background
reading

Top Class:
21-25 marks
The author has an
outstanding grasp
of the subject.
Model definitions
and explanations
of key
terminologies
represent a
professional view
of the subject.

Insufficient:
0-2 marks
Report includes
no references,
or no attempt to
use Harvard
Referencing
Style.

Adequate:
3-5 marks
Report includes
a few
references, with
some attempt to
use Harvard
Referencing
Style

Good:
6 -8 marks
Report includes
adequate
references, with
adequate
attempt at
Harvard
Referencing Style

Excellent:
9-11 marks
Report is
thoroughly
referenced, with
good attempt at
Harvard
Referencing Style

Top Class:
12-15 marks
Report is
exceptionally
referenced, all in
Harvard
Referencing Style

Insufficient:
0-2 marks

Adequate:
3-4 marks

Good:
5-6 marks

Excellent:
7-8 marks

Top Class:
9-10 marks

Report is poorly
organised and
difficult to
follow.
Chaotic writing
style.

Report is poorly
presented and
lacks cohesion.
Little attempt at
correct spelling,
grammar and
punctuation.

Report is easy to
follow and
adequately
presented. Most
spelling, grammar
and punctuation
is correct.

Report is well
presented in a
structured and
meaningful way.
Excellent spelling,
grammar and
punctuation
throughout.

This report is an
example to other
students. Report
is clear, easy to
read, with
outstanding use of
index, page
numbers,
footnotes.

The student will be automatically awarded a fail:

upon failure to submit a report on time
if the content of the report is meaningless in terms of the
assignment
if the work is not the work of the author and is presented as such

3|Page

MOD003264 Digital Security Assessment