Recent Question/Assignment
CSI5207 Assignment 1 – If you fail to plan then you plan to ...
Background
In preparation for Assignment 2, you should know what you need to do and how you plan to approach the scenario. Securing a server and database is not as simple as clicking an -Auto-Secure- button and patting yourself on the back. There are some threats that affect specific host platforms and databases while others are universal. Different measures in security can come with significant consequences, some tolerable and some not.
This is not a new problem and as a professional, you should avail yourself of any and all tools at your disposal. Including the experience of others!
Task Details
In assignment 2 you will be installing Windows 2012 Standard Server and the MS SQL Standard database.
In order to do this, you should have a set approach that outlines what you need to do, how to do it, in what order and why you are doing it. To answer these questions you should start by looking at those bodies that exist to oversee server and database security. (Some such bodies should immediately spring to mind).
Find at least 3 different standards / best practices from entities that you consider authoritative in this field for both Server and Database securing and hardening (that is 6 standards in total). Start by stating why these bodies should be considered authoritative. Compare and contrast the standards/best practices, highlighting areas that you approve of and those you disagree with and, in both cases, why.
Finally, using your chosen standards are a base, outline your own details plan for installing and securing your server and database.
Marks Worth 20% of the total marks of the unit
Report Length 3000+ Words
Due Date Week 5 (exact date listed on Blackboard)
Submission Instructions
The report should be set out in the following manner:
• 11 point Times New Roman
• 1.5 line spaced
• Margins set to 2.5 cm??Justification - block justified
• Footer – Should contain your StudentID and Full Name (8 point type) and a Page number
The report should contain an index and have appropriate headings and sub headings. The style of the report is a business report and as such it is expected that you present a professional report in both format and style.
You are required to submit a softcopy to your Lecturer with the Subject Line CSI5207 Server Plan and submit it via blackboard (include your MD5 hash in the comments). The marking allocation for this assignment is at the end of this document. If any point is unclear send an e-mail, phone or make an appointment well before the assignment is due with your lecturer.
Referencing
All sources of references must be cited (in text citation) and listed (end reference list). For details about referencing and the required format, please refer to the ECU Referencing Guide, which can be found from the following URL: http://www.ecu.edu.au/LDS/pdf/refguide.pdf
Plagiarism
Please ensure that you have read and understood the information on plagiarism provided on the site for this unit and read the Academic Misconduct Rules. Should you not reference correctly or be caught copy or plagiarising others work the penalties for this are mandatory and serious. Repeat offences in other units may result in course termination. If you are unsure consult with your lecturer or the Faculty Academic Skills Adviser before submitting your work for assessment.
CSI5207 Assignment 1
Marks Allocation
Choice of governing bodies and justification as to their authoritative nature. (3 marks)
• What makes this body/person worth listening to? Are they just another random person on the Internet?
Choice of Standards / Best Practices (3 marks)
• Why these standards? Are there others that could be better suited to the task you are planning? Why not?
Analysis and comparison of Standards / Best Practices (6 Marks)
• What is good about these standards? What is bad? Which one would you keep?
Development of Server / Database installation plan (6 marks)
• What do you plan to do? Why?
Presentation (2 marks)
• Grammar, Spelling
• Report Format
• Overall Presentation
• Appropriate for intended audience