代写辅导接单-BISM7213 --Assignment 2

欢迎使用51辅导,51作业君孵化低价透明的学长辅导平台,服务保持优质,平均费用压低50%以上! 51fudao.top

1

BISM7213 – Securing Business Information

Assignment 2

Security Topic Analysis

Dr Yao Zhao – 2025 S2

Assignment Overview

This assignment must be completed individually by each student. The submission deadline is 3pm,

27 October 2025. This assignment requires a student to answer 3 questions (each with sub-parts)

that focus on the course material covered across the course. Assignment 2 is worth 30% of the

overall course marks. A student’s answer to each of the 3 questions (that is, each question and all its

sub-parts) cannot exceed 300 words (+10% tolerance per UQ policy). This word limit per question

requires a student to soundly analyse/research each question and then structure a response in a

concise, business- informative fashion. There is no need to reference an answer unless referencing

is specifically requested in the question. A student must construct each answer in her/his own

words – and in ‘plain English’ business language (using the language we use in class and not too

technical language that would be more suited to computing science/engineering contexts). Please

note that each question in this assignment may well span work covered across all weeks (and not

simply relate to one specific week).

This assignment assumes that a postgrad student is capable to assimilate information from not only

this course, but also many other courses and reputable sources on the Internet as would be

required in a business setting. Each assessment question evaluates students’ abilities, skills and

knowledge.

• PDF submission via Turnitin. Full details and links closer to submission date.

• Please include a cover/title page that contains your student number, name, course code and

course title, date, total word count (for all three questions), and the AI usage table.

• Clearly label which question and if relevant subquestion you answer (e.g., Question 2(a)).

You don‘t have to repeat the question.

• Answer in full sentences but you may want to use bullet points, numbering, or headers to

help structuring your answer.

• Late submission: A penalty of 10% of the maximum possible mark will be deducted per 24 hours

from time submission is due for up to 7 days. After 7 days, you will receive a mark of 0.

Assignment Marking Guide

Each submission will be marked as per the rubric in Table 1 (Page 3).

BISM7213 Assignment 2 – Semester 2, 2025

2

Use of Artificial Intelligence

In this Assessment Guideline it is noted that Artificial Intelligence (AI) provides emerging tools that

may support students in completing this assessment task. Students may appropriately use AI in

completing this assessment task. Students must clearly reference any use of AI in each instance.

A failure to reference generative AI use may constitute student misconduct under the Student Code

of Conduct.

The University of Queensland has specific rules for the use of artificial intelligence – refer to the web

page ‘UQ’s rules for using AI’.

In this course, AI is allowed and must be acknowledged and you must reference your use according

to the course coordinator’s requirements.

The instructions specified in the assessment task are as follows.

You might use AI in several ways:

• To generate ideas that you have adapted.

This requires general acknowledgement.

• To generate a summary of specific material(s) you identified and used to inform your work.

This requires general acknowledgement.

• To support your writing (e.g. grammar, spelling, sentencing, or phrasing) and enhance the

clarity of your expression.

This requires general acknowledgement.

• To machine translate from one language to another. This requires general

acknowledgement.

• To derive and build content (including arguments, structure, examples, facts, or sources)

that you include directly in your work with little adaptation. This requires general

acknowledgement.

General acknowledgement of the use of AI tools requires a table on the assignment cover page. Use

the UQ exemplar below as a guide for your table:

If you have not used artificial intelligence in this assessment task, you should then note this on the

cover page.

3

Table 1 - Marking rubric for assignment 2.

Criteria High distinction (8.5-10) Distinction (7.5-8.4) Credit (6.5 – 7.4) Pass (5-6.4) Marginal fail (4.7-4.9) Fail (3-4.6) Low fail (0-2.9)

(10 marks)

Question 1

Provides

outstanding

explanations of

hybrid security

protocols (TLS) and

PKI.

Provides very good

explanations of

hybrid security

protocols (TLS) and

PKI.

Provides good

explanations of

hybrid security

protocols (TLS)

and PKI.

Provides basic

explanations of

hybrid security

protocols (TLS) and

PKI.

Provides limited

explanations of

hybrid security

protocols (TLS) and

PKI.

Provides minimal

explanations of

hybrid security

protocols (TLS) and

PKI.

Provides

inadequate or

incorrect

explanations of

hybrid security

protocols (TLS)

and PKI.

(10 marks)

Question 2

Provides

outstanding

explanations of

Kerberos

Provides very good

explanations of

Kerberos

Provides good

explanations of

Kerberos

Provides basic

explanations of

Kerberos

Provides limited

explanations of

Kerberos

Provides minimal

explanations of

Kerberos

Provides

inadequate or

incorrect

explanations of

Kerberos

(10 marks)

Question 3

Provides

outstanding

explanations of

PCI DSS, and

the CDE.

Provides very good

explanations of PCI

DSS, and the CDE.

Provides good

explanations of

PCI DSS, and

the CDE

Provides basic

explanations of

PCI DSS, and

the CDE

Provides limited

explanations of

PCI DSS, and

the CDE.

Provides minimal

explanations of

PCI DSS, and the

CDE.

Provides

inadequate or

incorrect

explanations of

PCI DSS and the

CDE.

BISM7213 Assignment 2 – Semester 2, 2025

Question 1

Please answer the following questions in relation to our topics of hybrid security protocols (TLS) and

PKI.

You are a business analyst working for an online retailing business “Travel Shoppers”. Travel

Shoppers works within a global PKI and the digital certificate supporting its web sales process is a

central asset. Your manager needs you to explain to him how this digital certificate is secured so

that it can distribute the Travel Shoppers public key with trust. He needs to know how all Travel

Shoppers clients can fully trust that fraudulent copies of the Travel Shoppers digital certificate will

be quickly and effectively detected.

His central need is to be assured that all Travel Shoppers clients can totally trust that – when securely

making a transaction-based secure connection with Travel Shoppers, the clients are indeed dealing

with the legitimate Travel Shoppers web server.

Finally, he wants to know what is the central strategy that Travel Shoppers needs to focus upon to

support TLS in this specific area.

(10%)

Question 2

Please answer the following question in relation to our coverage of the Kerberos authentication

service.

a) We have discussed how Kerberos implements the ‘shared secret’ principle and that this

delivers mutual authentication. Explain how the Kerberos server will authenticate itself back

to the user. You must ensure to explain what the Kerberos server does, and you must explain

fully why this proves the identity of the Kerberos server to the user.

(6%)

b) In the Kerberos authentication system at UQ, what is the actual secret that is known to

Kerberos and also to the user. What type of cryptography does Kerberos utilize? Does

Kerberos solve the key distribution problem – explain your answer.

(4%)

BISM7213 Assignment 2 – Semester 2, 2025

Question 3

Please answer the following questions in relation to our topic of PCI-DSS. The network diagram that

relates to this question is at the end of this assignment with the heading “Network Diagram – Travel

Shoppers”.

Your manager at “Travel Shoppers” is worried about an upcoming PCI-DSS compliance audit and

wants to know more about the PCI DSS. Specifically, your manager wants you to concisely explain to

him what the CDE is, the concept of network segmentation and CDE scope, and why these are very

significant in relation to Travel Shoppers’s adoption of PCI DSS.

He also wants to know whether and how Travel Shoppers has achieved segmentation of its CDE. He

also wants you to list Travel Shopper’s system components within the CDE. Finally, he wants to

know if he should expect high or low auditing costs and why.

(10 %)

Network Diagram follows on next page

BISM7213 Assignment 2 – Semester 2, 2025

Internet

Ethernet

VPN

NIDS

Work area for

Sales

representatives

Network Diagram – Travel Shoppers

Database Server (for Cardholder Data)

End of assignment specification

51作业君版权所有

51作业君

Email:51zuoyejun

@gmail.com

添加客服微信: Fudaojun0228