1.   Mark Dean is a department  store founded  in 1876 that has a number  of physical  stores throughout  the United  Kingdom.  The department  store has decided to transition  sales away from its physical  stores to its online  store. The organisation  has made signific a nt investments   in  infrastructure   over  several  decades  but  has  decided  to  make  the transition  to cloud computing  infrastructure.

The transition  to cloud  computing  for the organisation  is motivated  by many factors, including  changes  in  staff.  The  organisation  has  lost many  of its  in-house  software engineers  and technical  staff over the years. The organisation  still  has a small team of technical  and  expert  staff that  can manage  endpoints,  access management  and data governance.   However,   the  organisation   does  not  have   sufficient   expert   staff  in managing  and configuring  applications,  network controls, operating systems or general infrastructure.  The management  team has also accepted it may have to transition  away from  existing  software  solutions  to more  modern  software  offerings   from  external providers as part of the transition.

a.   The management  team for the organisation  are aware there are different  service models  for cloud computing but are unsure which service  model is optimal  for the organisation.

Argue for the optimal  service model for the organisation  in the given context.

b.   The management  team appreciate  that many  of the benefits  of utilising  cloud computing  from an external provider  are realised  from the same infrastruc ture being used by multiple  tenants.  However, the management  team have concerns about how any external providers will  ensure strict access controls to data, how any external provider prevents data leakage while  data is in transit  and at rest as

well as external providers  storing data alongside  data from other tenants. Argue for THREE solutions  that would address the problems.

c.   The company  has an ageing  mainframe  system that is resistant  to change.  The compliance   team states  the  organisation  needs to encrypt  data to a specific standard.  The  technical  team have  advised  that  the  specific   standard  is  too demanding  for the existing  mainframe  system.  The team advise  that evolving the system would  require  considerable  investment  and take 36 to 48 months . The  compliance  team states the specific  standard  must  be applied  within  18 months.

Argue for an optimal  solution  to encrypt data in the given  context. (approximately  200 words)

2.   Inmos   International   is  a  technology   conglomerate   that  provides  teleconferenc ing services  to enterprises  throughout  the world.  The company has been the victim  of an attack that has resulted  in unplanned  downtime   and in 654 virtual  machines  that the company  relies  upon  having  been destroyed.  The  loss  of the  virtual  machines  has resulted  in over 16,000 clients being unable  to access their accounts and data.

The management  team suspect the attack has originated  internally  from an employee  or employees.  The management team have requested Holberton,  Antonelli  and Meltzer  to investigate  to determine  the anatomy ofthe suspected cyber-attack as well as to suggest appropriate defences.

Holberton, Antonelli  and Meltzer have audited systems and reviewed logs to determine pertinent  security  incidents  over the past 48 weeks. The following  incidents  have been deemed relevant:

-    Bespoke source code has been recovered that was central to the destruction of the virtual  machines.  The bespoke source  code  demonstrates  intima te knowledge    of  the   infrastructure    and   systems    as   well   as   advance organisational  information.

-    789 files  on virtual machines  with unusually  high  access rates and unusua l access times  from some employees  where there is no clear justification.

-    37 files  with  misleading  filenames  that  are disguised  as media  files  when they are actually  sensitive  PDF documents  found  in employees  workspace accounts.

-     1098 emails  between various  employees  have been identified  that  discuss circumventing  technical  controls  on corporate systems  to install  third-party commercial   software,  such  as  media  players,  photo  viewers  and  video games.

-    Technical  controls that log application  usage and monitor  employee  use of systems   have   been   disabled   on   678  employee    systems    across  the organisation.

-    Unauthorised   third-party  software  has  been identified   on  546 employee systems   across  the   organisation   that   affords   individuals   to  use   their smartphone  as an external hard disk to transfer  files.

Holberton,  Antonelli  and Meltzer  have agreed these incidents  alone  are not suffic ie nt to determine  the anatomy  of the attack  and determine  appropriate  defences.  The  trio need use an approach to determine  the anatomy of the cyber-attack and plan defences.

a.   Holberton,   Antonelli   and  Meltzer   propose  using   an  approach  to   better understand   the  cyber-attack,   but   cannot   agree   on  an  optimal   approach. Holberton  argues STRIDE would be the optimal  approach, Antonelli  suggests

CAPEC would be the best approach to model and determine  the attack, while Meltzer believes  the Cyber Kill Chain approach would be optimal.

Appraise  each  of the  proposed  approaches  from  Holberton,  Antonelli   and Meltzer  in  the  given  context.  Argue  for the  optimal  approach  in  the  given context.

b.   Holberton,  Antonelli  and Meltzer  need to determine  the anatomy of the cyber- attack. The trio are confident that the cyber-attack has stemmed from an insider, a trusted individual  within  the company.

Formulate  the anatomy of attack in the given context using the optimal approach identified  in (a). Argue for any adaptions  or adjustments  to the approach.

c.   The management  team want to ensure that the company is not susceptible  to such an attack in the future.

Argue  for  THREE  distinct   defensive  steps that  could  be taken  to optimally defend  against  the  attack formulated  or identified   in  (b),  at what  stage  they should be taken and why at that stage.

3.   Granville  & Clay Services provide specialised  back-up services  for medical records to health  organisations  throughout  Europe.  The  medical  records primarily  comprise  of standard forms and letters generated for patients where only specific  variables  changes, such as name, date of birth and patient notes for each patient.

The management  team want to improve utilisation  of infrastructure  so as to maximise profit  and minimise  waste. The management  team want to store more data on existing infrastructure   and  they  want  to  ensure  a  seamless   transition   for  clients   with  no requirement  to download special software.

a.   Devise  and justify  an appropriate  solution  that reduces redundant  data in the given  context.

b.   The  management   team  are  concerned  about  the  security   of any  proposed solution and want all medical records encrypted. The management team are also