Description
1-Question one
Write a one-page confidentiality agreement tailored for a small tech startup. Your agreement should include:
- The definition and scope of confidential information
- The obligations of the recipient in protecting this information
- Any exceptions to confidentiality obligations
- The duration of the agreement and handling of confidential materials after termination.
2- Question Two
Why is using social media considered a type of background check, and what implications does this practice have for privacy and employment decisions?
3-Question Three
The Saudi Electronic University (SEU) has recently established a new Data Centre at its Riyadh campus to host critical systems, including Blackboard, Student Information Records, and administrative services. During an internal security audit, several issues were identified: unauthorized access by cleaning staff to the server room, unlocked workstations in administrative offices after hours, power fluctuations caused by nearby construction, disposal of old laptops and hard drives without secure data wiping, and expired fire extinguishers with no automated suppression system.
Question:
Based on ISO 27002:2013 physical and environmental security controls, identify and analyze at least four major physical and environmental security risks observed in this scenario. Then, propose a layered security design for the SEU Data Center, addressing perimeter defense, physical entry control, and internal monitoring mechanisms. Next, describe the preventive and responsive measures SEU should implement to mitigate fire, power failure, and device theft risks. Finally, discuss how the failure to comply with these physical security controls could constitute a violation of SEU’s Acceptable Use Policy and the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) in Saudi Arabia.
Answer:
Assignment 2
Deadline: Tuesday 10/11/2025 @ 23:59
[Total Mark for this Assignment is 8]
Student Details:
Name:
ID:
CRN:
Instructions:
• You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on
Blackboard via the allocated folder. These files must not be in compressed format.
• It is your responsibility to check and make sure that you have uploaded both the correct files.
• Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between
words, hide characters, use different character sets, convert text into image or languages other than English
or any kind of manipulation).
• Email submission will not be accepted.
• You are advised to make your work clear and well-presented. This includes filling your information on the cover
page.
• You must use this template, failing which will result in zero mark.
• You MUST show all your work, and text must not be converted into an image, unless specified otherwise by
the question.
• Late submission will result in ZERO mark.
• The work should be your own, copying from students or other resources will result in ZERO mark.
• Use Times New Roman font for all your answers.
Restricted – مقيد
Question One
Pg. 01
Learning
Outcome(s):
CLO5: Apply the
most appropriate
solutions to
problems related
to the field of
Security and
Information
Assurance.
Restricted – مقيد
Question One
3 Marks
Write a one-page confidentiality agreement tailored for a small tech startup. Your
agreement should include:
• The definition and scope of confidential information
• The obligations of the recipient in protecting this information
• Any exceptions to confidentiality obligations
• The duration of the agreement and handling of confidential materials after
termination.
Answer:
Question Two
Pg. 02
Learning
Outcome(s):
Question Two
2 Mark
CLO3: Develop
Why is using social media considered a type of background check, and what
security policies
implications does this practice have for privacy and employment decisions?
and put in place
an effective
security
architecture that
comprises
modern hardware
and software
technologies and
protocols
Restricted – مقيد
Answer:
Question Three
Pg. 03
Learning
Outcome(s):
LO1: Apply
effective, proper,
and state-of-theart security tools
and technologies.
Question Three
3 Marks
The Saudi Electronic University (SEU) has recently established a new Data Centre at its
Riyadh campus to host critical systems, including Blackboard, Student Information
Records, and administrative services. During an internal security audit, several issues
were identified: unauthorized access by cleaning staff to the server room, unlocked
workstations in administrative offices after hours, power fluctuations caused by nearby
construction, disposal of old laptops and hard drives without secure data wiping, and
expired fire extinguishers with no automated suppression system.
Question:
Based on ISO 27002:2013 physical and environmental security controls, identify and
analyze at least four major physical and environmental security risks observed in this
scenario. Then, propose a layered security design for the SEU Data Center, addressing
perimeter defense, physical entry control, and internal monitoring mechanisms. Next,
describe the preventive and responsive measures SEU should implement to mitigate fire,
power failure, and device theft risks. Finally, discuss how the failure to comply with
these physical security controls could constitute a violation of SEU’s Acceptable Use
Policy and the National Cybersecurity Authority (NCA) Essential Cybersecurity
Controls (ECC) in Saudi Arabia.
Answer:
Restricted – مقيد
Purchase answer to see full
attachment
