Technical Report

Word length body of report : 2500( exclude appendices and reference)

Aims:

Collect one cases of cloud-based security incidents and apply analytical frameworks, such that appropriate preventive measures and response measures can be identified and contrasted. Prepare a comprehensive research report and corresponding oral presentation.

Instructions:

Step 1: Collect as much information as possible on one cases of cloud-based security incidents from reliable news sources. You may aggregate information from multiple news sources with the date of the particular incident. Possible news sources include, but are not limited to:

• The Register
• Netcraft
• Dark Reading

If professional analysis of the particular incident has been previously conducted and documented by security companies, choose another incident.

Chapter 1 — What happened, Summary & sources

Step 2: Use publicly available cybersecurity knowledge base and hypothesize on 2 possible reasons for each cloud-based security incident, considering the timeframe of the incident and the date of vulnerability disclosures.

Chapter2 – Reasonable guess what cause the incident

Support of your guess

Step 3: For each of the hypothetical root cause, propose two preventive measures. Provide rationale for proposing each preventive measure, e.g., by referring to best practices and/or international standards that are introduced in the past lectures. Describe how each preventive measure could prevent occurrence of the incident, and then describe residual risks.

Chapter3 – Proposed preventive measures

Reasoning(link to docs & how it may works)

Step 4: For each of the hypothetical root cause, propose two response measures. Provide rationale for proposing each response measure, e.g., by referring to best practices and/or international standards that are introduced in the past lectures. Describe when each of the response measures can detect same kind of incident, and then discuss its pros and cons, with consideration to cloud tenants in multitenant environment.

Based on Steps 1 to 4, complete a technical report, which reflects your investigation, hypothesis, proposals and their impact assessments. For each incident, generate your recommendation by contrasting preventive measures and response measures. Your ability to correctly use cloud computing and cybersecurity terminologies, existing models, knowledge base standards, risk management standards and cloud security standards will be evaluated during our review. Organize your report for readability and integrity, and create Appendices wherever appropriate.

Chapter4 proposed response measure

Reasoning(link to docs & how it may works)