Cash-back offer from May 27th to 30th, 2024: Get a flat 10% cash-back credited to your account for a minimum transaction of $50.Post Your Questions Today!

Question DetailsNormal
$ 11.90

MIS607 Assessment 2 (Assessment 2 Brief Threat Model Report)

Question posted by
Online Tutor Profile

mis607_Assessment_2_Threat Model Report


Task Summary


You are required write a 1500 words Threat modelling report in response to a case scenario by identifying the threat types and key factors involved. This assessment is intended to build your fundamental understanding of these key threats so that you will be able to respond/mitigate those factors in Assessment 3. In doing so, this assessment will formatively develop the knowledge required for you to complete Assessment 3 successfully.



Security threat modelling, or threat modelling is a process of assessing and documenting a system's security risks. Threat modelling is a repeatable process that helps you find and mitigate all of the threats to your products/services. It contributes to the risk management process because threats to software and infrastructure are risks to the user and environment deploying the software. As a professional, your role will require you to understand the most at-risk components and create awareness among the staff of such high-risk components and how to manage them. Having a working understanding of these concepts will enable you to uncover threats to the system before the system is committed to code.


Task Instructions

1. Carefully read the attached the case scenario to understand the concepts being discussed in the case.

2. Review your subject notes to establish the relevant area of investigation that applies to the case. Reread any relevant readings that have been recommended in the case area in modules. Plan how you will structure your ideas for the threat model report.

3. Draw a use DFDs (Data Flow Diagrams):

·         Include processes, data stores, data flows

·         Include trust boundaries (Add trust boundaries that intersect data flows)

·         Iterate over processes, data stores, and see where they need to be broken down

·         Enumerate assumptions, dependencies

·         N umber everything (if manual)

·         Determine the threat types that might impact your system

·         STRIDE/Element: Identifying threats to the system.

·         Understanding the threats (threat, property, definition)

4. The report should consist of the following structure:

A title page with subject code and n ame, assignment title, student’s n ame, student, and lecturer’s n ame.

The introduction that will also serve as your statement of purpose for the report. This means that you will tell the reader what you are going to cover in your report. You will need to inform the reader of:

a) Your area of research and its context

b) The key concepts of cybersecurity you will be addressing and why you are drawing the threat model

c) What the reader can expect to find in the body of the report

The body of the report) will need to respond to the specific requirements of the case study. It is advised that you use the case study to assist you in structuring the threat model report, drawing DFD and presenting the diagram by means of subheadings in the body of the report.

The conclusion will summarise any findings or recommendations that the report puts forward regarding the concepts covered in the report.

5. Format of the report

The report should use font Arial or Calibri 11 point, be line spaced at 1.5 for ease of reading, and have page n umbers on the bottom of each page. If diagrams or tables are used, due attention should be given to pagination to avoid loss of meaning and continuity by unnecessarily splitting information over two pages. Diagrams must carry the appropriate captioning.


6. Referencing

There are requirements for referencing this report using APA style for citing and referencing research. It is expected that you used 10 external references in the relevant subject area based on readings and further research.

7. You are strongly advised to read the rubric, which is an evaluation guide with criteria for grading the assignment. This will give you a clear picture of what a successful report looks like.


Submission Instructions

Submit Assessment 2 via the Assessment l ink in the main navigation menu in MIS607 Cybersecurity. The Learning Facilitator will provide feedback via the Grade Centre in the LMS portal.


Case Scenario

The Business &Communication Insurance (B&C Insurance) began business as a private health insurer, established by Gary RT.L & family in 1965 through the Health Insurance Commission. This company was set up to compete with private "for-profit" funds. The company’s headquarters is located in New York and has offices in various other countries including Spain, Australia and Hong Kong. The CEO of the B&C Insurance recently received a ransom em ail from an unknown company claiming that they have access to the company strategic plans and personal details of 200,000 clients. A sample of personal details of 200 clients was included in the em ail as a ‘proof’.

Ransom em ails are normally sent through unreliable external networks that are outside the company’s security boundary. The CEO consulted the senior management and they acted promptly to investigate and contain the threat with the aid of forensic computer specialists. The first step was to validate the threat. The management team found a discussion on a hacker site in the dark net that had personal information of 200,000 clients of B&C Insurance for sale. This also included the details of the 200 clients, provided in the ransom em ail as ‘proof’. The investigation also confirmed that the details of the 200 customers are genuine.

The senior management considered the need to identify threats and give practical guidance on how to manage the risks of identity fraud to be of utmost importance. Therefore, a team of consultants was appointed to prepare a series of reports to identify various threats and to develop cybersecurity crisis management plans in order to respond to potential threats/ risks of sophisticated hackers penetrating into the internal systems of the company and accessing client information.

As the cybersecurity specialist in the team, you have been asked to write a report to identify the threat types and key factors involved. In doing so, you are required to identify the most ‘at-risk’ components, create awareness among the staff of such high-risk components and how to manage them. In addition, this report is to help key stakeholders, including the executive managers, to make decisions on what course of actions must be undertaken to mitigate potential threats.


Course:MIS607 Cybersecurity




Available Answer
$ 11.90

[Solved] MIS607 Assessment 2 (Assessment 2 Brief Threat Model Report)

  • This solution is not purchased yet.
  • Submitted On 10 Sep, 2021 08:53:48
Answer posted by
Online Tutor Profile
MIS 607_Assess...
Buy now to view the complete solution
Other Similar Questions
User Profile

MIS607 Assessment 3 (Assignment 3 - Mitigation Plan for Threat Report)

MIS607 Cybersecurity - MIS607_Assessment_3_Mitigation plan for threat report...
User Profile

MIS607 Assessment 2 (Assessment 2 Brief Threat Model Report)

MIS 607_Assessment_2_Brief_Threat Model Report.............
User Profile

MIS607 Assessment 1 - Online Quiz (MIS607 Cybersecurity)

MIS607 Assessment 1 Brief online test Quiz .................

The benefits of buying study notes from CourseMerits

Assurance Of Timely Delivery
We value your patience, and to ensure you always receive your homework help within the promised time, our dedicated team of tutors begins their work as soon as the request arrives.
Best Price In The Market
All the services that are available on our page cost only a nominal amount of money. In fact, the prices are lower than the industry standards. You can always expect value for money from us.
Uninterrupted 24/7 Support
Our customer support wing remains online 24x7 to provide you seamless assistance. Also, when you post a query or a request here, you can expect an immediate response from our side.

$ 629.35