| University | Unitec Institute of Technology (Unitec) |
| Subject | HTCS6701: Information System Security |
New Zealand Diploma in Cybersecurity |
||
| Course No: HTCS6701 | Information System Security | Level: 6
Credits: 15 |
| Student Name: | Student ID: |
|
Assessment Type: Assignment 2 |
Weighting: 70% |
| Due Date: Refer to Moodle | Total Marks: 100 |
| Student declaration
I confirm that: • This is an original assessment and is entirely my own work. • The work I am submitting for this assessment is free of plagiarism. I have read and understood the Academic Integrity Policy here. I have also read and understood the Student Disciplinary Statue here. · Where I have used ideas, tables, diagrams etc of other writers, I have acknowledged the source in every case. · I understand that if I do not equally contribute to the team tasks that I may fail this assessment. |
|
| Student Signature |
Date: |
Stuck! Do not Know Assessment Answers?
Hire NZ Native Experts 24/7.
Assessment Mapping
After completing this assessment, the student will have met the following learning outcomes related to the graduate profile outcome.
| Graduate Profile Outcome | Learning Outcome | Part A | Part B | Part C |
| Analyse organisational contexts from a security perspective using information management principles and terminology, data inputs, organisational strategy and processes, outputs, systems, and stakeholders’ roles and responsibilities. | 1. Analyse the security requirements of an organisation’s information system using information management principles. | ü
|
ü
|
ü
|
| Apply knowledge of risk management frameworks to perform cybersecurity risks assessments and communicate the results to support the organisational risk management process | 2. Analyse the impact of different types of security risks on the operations of an organisation’s information system. | ü
|
ü
|
ü
|
| Apply communication, information design, teamwork, personal, and interpersonal skills, to enhance working effectiveness, efficiency, and quality outcomes in a variety of situations in an organisational environment. | 4. Apply personal and communication skills to present information system security essentials. | ü
|
ü
|
Assessment information:
- This is a compulsory assignment with individual and team component.
- Read the scenario provided carefully on page 4 and 5.
- This assignment has 3 parts. Please see the table below for more details
| Parts | Description | Submission date and time |
| Part A (Task A & B) | Team Investigation and Report (2 members) | Refer Moodle |
| Part B
|
Team Presentation (2 members)
|
Live presentation, no submissions required. |
| Part C | Peer Evaluation | Refer Moodle |
- Correctly reference your used sources in-text and include a full reference list at the end of the part, using APA 7thedition or IEEE guidelines.
Assessment submission instructions:
- Upload your Part A and C (Team Report, Investigative document and Peer Evaluation) form to the Moodle link “Upload Part A here” and “Upload part C here”.
- Part B is a presentation and there is no need for an upload.
Scenario
Read the scenario give below carefully:
After completing Unitec’s Diploma in Cybersecurity, you land a role with an IT Systems admin team at a medium-sized health provider in Auckland.
One day, a colleague from HR informs you that they clicked on a suspicious DocuSign hyperlink in an email, and are now suspecting it might have been a phishing attempt. This occurred in April 2023, but they didn’t think anything of it until having been present at a recent Cyber TTX where these exact vectors were being discussed.
They admit to being distracted and not thinking twice about it as they were expecting a similar DocuSign email at that time, and it really didn’t cross their mind until now.
Since this occurred, they’ve noticed a performance lag in their endpoint (Laptop) and are concerned.
Actions:
You take immediate action by isolating the device and handing it over to your managed DFIR team for analysis.
The DFIR team completes a triage and shares three key artifacts for your investigation:
- The network PCAP file.
- The potential malware binary (In hashed format)
- The malicious email.
The company’s CISO wants you to thoroughly investigate these artifacts, looking for any evidence/ Indicators of Compromise (IOCs), and report your suspicions in a formal report not exceeding 3000 words.
Once completed, you and your team need to brief the executive on the Cybersecurity principles affected by the malware (CIA-AAA), suggest mitigation principles (like POLP, DID, Zero Trust), and explain the frameworks you would adopt, following this investigation. Top of Form
Bottom of Form
Part A
[Total = 50 marks
Task 1
Instructions:
Commence an investigation with the three artefacts provided, looking for evidence of
malware existence and indicators of compromise:
- Task 1 marks are awarded via the report in Task 2. There are 50 marks in total to be awarded
- You will work in a team of 2 students to complete this task. If there is an odd number, the lecturer will approach those student(s) to ensure fairness.
- In this task your team will analyse the three artefacts provided in order to locate evidence and/or Indicators of compromise (IOC’s) to prove or disprove the existence of malware on the end point.
- These artefacts are:
- 1. The network Packet Capture (PCAP) file.
- The potential malware specimen (In hashed format only)
- The suspicious email.
- Using best practice and the skills taught to you during this paper, examine these artefacts:
- With the Suspicious email examination, examine the headers and obtain basic forensic information. Take notes and record the details.
- With the PCAP file, examine the content and correlate the information with that found in the email. Take notes and record details.
- With the Suspicious binary hash, use Virus Total and Any.Run to examine it. Report on the processes and beacons, IP addresses and domains called out to, Registry changes and what it actually does!
Task 2
Instructions:
Again, in your team, you must present your evidential findings from the three artefacts, in the form of investigative document/ report. The suggested structure for the document is as follows:
- A title page
- Table of Contents
- Introduction
- Part A (Task 1) analysis of the three artifacts and robust reporting of any indicators located.
- Conclusion
- References
- Appendices (any other relevant document)
- There are 50 marks in total, 10 marks for the report structure and logic and 40 marks for the investigation from Task 1.
- Total word count for this part of the assignment is 3000 words [+/-10%], excluding reference list, table of contents, or any other administrative sections.
Part B: Task 1 – Presentation
[20 marks]
Part B Task 1
Instructions:
Once completed, you and your team need to brief the executive on three aspects:
- The Cybersecurity principles affected by the malware (CIA-AAA)
- Suggest 3 x mitigation principles (eg POLP, DID, Zero Trust),
- Explain the frameworks you would adopt, following this investigation.
- Your team will present on three topics, the presentation itself must not exceed 15 minutes in duration and all team members must be involved.
- Topic 1 – Discuss how the malware impacted the Confidentiality, Availability and/or Integrity of the infosec System. Then consider the Authentication, Availability and Accounting of the network facing system.
- Topic 2 – Discuss three potential mitigation principals, such as (but not limited to), Principal of least privilege, Zero Trust, Defence in Depth.
- Topic 3 – Discuss the Security framework you consider should be adopted and explain why.
- You will apply personal and communication skills to present your analysis findings.
- You will not be marked individually, it’s a team effort so practice and take this seriously!
- Your presentation will be 10 minutes long allowing 5 minutes for each team member to speak, and additional question and answer time.
- You can prepare a visual presentation using Microsoft PowerPoint or similar software, however this is not mandatory.
- Your presentation will be recorded for marking and moderation purposes.
- Familiarise yourself with the attached observation checklist (page 9) to ensure you meet the requirements. Your lecturer will complete the attached observation checklist for each team member.
Part C: Peer evaluation
Use this form to evaluate your peer. Write your name and the name of the person you are evaluating.
Peer Evaluation Form
Your name:
Team member’s name:
| Evaluation Criteria | Team member | Comments |
| Regularly attends meetings
|
||
| Demonstrates a cooperative and supportive attitude.
|
||
| Contributes meaningfully to discussions.
|
||
| Completes assigned tasks on time.
|
||
| Prepares work in a quality manner. | ||
| Acceptable Y/N |
Buy Custom Assignment & Homework Solutions
Pay to NZ Native Writers | Cheap Cost & Plag Free
HTCS6701 Assessment 2 – Marking Scheme
Student Name:
| Marking Scheme | ||||
| Maximum
Marks |
Your mark | Comment | ||
| Part A | Task 2 | 50 | ||
| Part B | Task 1 | 20 | ||
| Part C | Peer evaluation | Nil | ||
| Total | 70 | |||
HTCS6701 Assessment 2 Marking Rubric
Marking Rubric – Part A Task 2
50 Marks
| Part A: Task 2 | Excellent | Good | Pass | Need to improve |
| Report formatting
[10 marks]
|
A robust, complete and professional report with the correct headings and format as outlined [7.5-10 Marks]
|
As per excellent, but one or two of the requirements is missing and/or relevant formatting aspects are not appropriately considered. [5-7.5 Marks]
|
As per excellent, but two or three of the requirements are missing and relevant formatting aspects are not appropriately considered.
[3-5 Marks]
|
Fails to provide an appropriate formatted and professional report. [1-3 Marks]
|
| Item 1: PCAP file examination and analysis (10 marks)
|
Correctly deciphering the PCAP information and detecting at least three (3) IOC’s to support the argument
[7.5-10 Marks] |
Correctly deciphering the PCAP information and detecting at least two (2) IOC’s to support the argument
[5-7.5 Marks]
|
Correctly deciphering the PCAP information and detecting at least one (1) IOC’s to support the argument
[3-5 Marks] |
Incorrectly deciphering the PCAP information and failing to detect evidence to support the argument
[1-3 Marks] |
| Item 2: Suspicious email examination and analysis
(10 marks)
|
Analysing email header and body information manually and checking the results via MXToolbox. Locating three (3) artifacts.
[7.5-10 Marks] |
Analysing email header and body information manually and checking the results via MXToolbox. Locating two (2) artifacts.
[5-7.5 Marks]
|
Analysing email header and body information manually and checking the results via MXToolbox. Locating one (1) artifact.
[3-5 Marks] |
Failing to analyse email header and body information manually and checking the results via MXToolbox and/or Locating no artifacts.
[1-3 Marks] |
| Item 3: Suspicious binary examination and analysis
(20 marks) |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system.
15-20 marks |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system. Being slightly deficient in one of the areas listed above
[10-15 marks] |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system. Being very deficient in the areas listed above.
[5-10 marks] |
Analysing Hashed values in Virus total and another sandboxed environment. After full analysis of all hashed values (they are from the same malware), describing in detail where the malware originated from, what variant the malware is, what processes it started, and did it have persistence. Discover the C2 server and report on the stages that the malware triggered (ie- Dropper calls to C2 server on [ip add] and spawns these processes [processes]. This allows for traversal of the system and discovery etc…actually describe what the malware is doing on the system.
No identification of processes and IOCs relevant to this investigation [0-5 marks] |
Assessment 2
Marking Rubric – Part B
| Part B: | Excellent | Good | Pass | Need to improve |
| CIA, AAA principals discussed in regard to malwares impact.
[3 marks]
|
A robust, logical and correct analysis of the malwares impact across both the CIA triad and AAA networking.
[3 Marks]
|
As per excellent, but analysis is missing some relevant considerations
[2 Marks]
|
As per excellent, but analysis of two or three of the relevant principals are not understood or explained correctly.
[1 Mark]
|
Fails to provide an appropriate analysis and/or understanding of the security principals. [0 Marks]
|
| Mitigations:
Defence in Depth
Principal of least privilege
Zero Trust model and ‘Least privilege’ access controls
Access control lists and Security policy and procedures
[3 marks]
|
A robust, logical and correct analysis and understanding of three [3] of the mitigations impact with reducing harm from malware.
[3 Marks]
|
A robust, logical and correct analysis and understanding of two [2] of the mitigations impact with reducing harm from malware..
[2 Marks]
|
A robust, logical and correct analysis and understanding of one [1] of the mitigations impact with reducing harm from malware..
[1 Marks] |
A lack of robust, logical and correct analysis and understanding of any of the mitigations impact with reducing harm from malware..
[0 Marks] |
| Cyber Security Frameworks (ISO, NIST etc)
[3 marks]
|
Good understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[3 marks] |
Some understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[2 marks] |
Sub-par understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[1 mark] |
No understanding and appreciation of a framework to enhance cyber security and how it could have prevented this attack.
[0 marks] |
| Presentation
[11 marks]
You will be marked as a team, not individually so make sure you practise this! |
· Well dressed
· good tone · engaging audience · maintaining eye contact · Easy to hear and understand · Interesting · Not solely relying on notes · Hands not in pockets
[8-11 marks] |
As per excellent but missing three points
[5-8 marks] |
As per excellent but missing five points
[3-5 marks] |
Missing more than five points.
[1-3 marks] |
In quest for a professional assignment help?
Flexible rates compatible with everyone’s budget
Many cybersecurity learners pursuing the New Zealand Diploma in Cybersecurity struggle with HTCS6701 Information System Security Assessment 1 and 2 — especially when analysing malware artefacts, identifying IOCs, or preparing professional reports. Don’t let complex DFIR tasks or frameworks like CIA-AAA, POLP, and Zero Trust overwhelm you! At NZ Assignment Help, our cybersecurity professionals craft precise, 100% human-written assessment reports tailored to New Zealand’s Level 6 academic standards. Get our Unitec Assignment Help for 100% human written and plagiarism free.
- Human Resources Management Assignment 3: Strategic HRM Reflection Report – University of Auckland
- Master of Teaching and Learning Early Childhood Education Assignment – New Zealand Tertiary College
- PUT103 Traditional and Contemporary Practices and Solutions – Assessment Two: Field-Based Observation Plan (Mātauranga Māori)
- PUT103 Traditional and Contemporary Practices and Solutions Assessment One Field Based Observation Report – Scientific
- CONS6906 Development and Finance Assignment Part B 2025 – Unitec School of Construction
- AS91900v1 Conduct a Critical Inquiry to Propose a Digital Technologies Outcome Assessment Brief
- ACCY5105 Level 5 Commercial Law Assignment Semester 2 2025
- Report Writing Assessment Task 2: Part A – Individual Report on In-Class Investigation
- Workshop on Te Ao Maori understandings for ECE Assessment 1
- PGISE8.200 Information Sourcing and Evaluation Assignment 1 – Eastern Institute Of Technology
