Assessment Task 1 Coversheet
Assessment Task 1 Coversheet
Students: Please fill out this cover sheet clearly and accurately. Make sure you have kept a copy of your work.
Student and Submission Details
Student Name Student ID Unit Code and Name ICTNWK546 - Manage network security Date of submission Student Declaration
I declare that
These tasks are my own work.
None of this work has been completed by any other person.
I have not cheated or plagiarised the work or colluded with any other student/s.
I have correctly referenced all resources and reference texts throughout these assessment tasks.
I understand that if I am found to be in breach of policy, disciplinary action may be taken against me.
Student Signature Assessor To Complete
Assessment Task Task Result Type of Submission
Knowledge Test
C (Competent)
First submission
NYC (Not Yet Competent)
First re-submission
NA (Not Assessed)
Second re-submission
Assessor feedback Assessor Name Date Assessor Signature Task 1 Knowledge Test
Assessment Task 1 Knowledge Questions
Please answer the following questions. A word limit of 150 words applies to each response, unless otherwise specified.
You must read thoroughly the Student Workbook/Learner Guide before attempting this Task.
List two types of ICT networks. Include a description of their configuration in your answer.
13970248920
Complete the following table about network attacks, vulnerabilities and security technologies.
Network attack 1 Network attack 2
List two types of network attack. Briefly describe the type of attack. Outline the vulnerabilities of the ICT system that may have led to each of the attacks. List a security technology that can prevent such an attack With the expansion of cloud services and new technologies, the use of mobile devices and the Internet of Things (IoT), there have also emerged a number of security issues. List two examples of emerging security issues.
0-635
Outline the terms auditing and penetration testing that can be used to measure a networks security.
0-635The student must outline the terms auditing and penetration testing that can be used to measure a networks security. Their response may include but is not limited to:
A security audit is a systematic evaluation of the IT infrastructure defences and measures how well security protocols comply with a list of established criteria to ensure network security.
Penetration testing is used to try to breach an ICT system just like a hacker would. This will therefore determine if the IT infrastructure could withstand a range of attacks.
right4216400Outline two logging analysis techniques that can be used to measure the security of a network.
Outline two types of security measures that can be put in place in a network.
right-31750
right4235450List a type of software that can be used for network security and summarise its capabilities.
List a type of hardware that can be used for network security and summarise its capabilities.
0-152400
Given the importance of network security, describe the key features that a network security policy should include, as well as procedures that should be included.
right-6350
Outline two network management and security process controls that can be put in place to ensure network security.
00
Explain the importance of a risk management plan and procedures in network security implementation.
right-25400
Outline the process of developing risk management plans and procedures as part of network security planning.
0-635
Explain how risk management should be built into cost analysis and budgeting of network security. Give an example to illustrate your answer.
00
Assessment Task 2 Coversheet
Students: Please fill out this cover sheet clearly and accurately. Make sure you have kept a copy of your work.
Student and Submission Details
Student Name Student ID Unit Code and Name ICTNWK546 - Manage network security Date of submission Student Declaration
I declare that
these tasks are my own work.
None of this work has been completed by any other person.
I have not cheated or plagiarised the work or colluded with any other student/s.
I have correctly referenced all resources and reference texts throughout these assessment tasks.
I understand that if I am found to be in breach of policy, disciplinary action may be taken against me.
Student Signature Assessor To Complete
Assessment Task Task Result Type of Submission
Project One C (Competent) First submission
NYC (Not Yet Competent) First re-submission
NA (Not Assessed) Second re-submission
Assessor feedback Assessor Name Date Assessor Signature Assessment Task 2 Project Portfolio
Information for students
In this task, you are required to demonstrate your skills and knowledge by working through a number of activities and completing and submitting a project portfolio.
You will need access to:
a suitable place to complete activities that replicates an ICT environment including access to network infrastructure where network security will be implemented
network support tools i.e. information about network security tools that can be used as part of the design
security policies and standards e.g. as discussed at: https://business.gov.au/online/cyber-security/how-to-create-a-cyber-security-policy
manufacturers recommendations for network security equipment (depending on the security equipment chosen for the design)
your learning resources and other information for reference
Project Portfolio template
Simulation Pack (if you need a case study).
Ensure that you:
review the advice to students regarding responding to written tasks in the IT Works Student User Guide
comply with the due date for assessment which your assessor will provide
adhere with your RTOs submission guidelines
answer all questions completely and correctly
submit work which is original and, where necessary, properly referenced
submit a completed cover sheet with your work
avoid sharing your answers with other students.
Activities
Complete the following activities:
Carefully read the following:
This project requires you to manage network security for an organisation. You can complete this project based on the case study organisation in the ICTNWK546 Simulation Pack or you can base it on an organisation that you are familiar with or working for. If you choose to complete the project based on a business of your choice, it is important that you can access the network infrastructure where network security will be implemented, as well as network support tools used to manage network security and security policies, standards and manufacturers recommendations for network security equipment (see the list of information you must be able to access). Speak to your assessor to get approval if you want to base this on an organisation of your choice.
You will be collecting evidence for this unit in a Project Portfolio. The steps you need to take are outlined below.
Preparation
Make sure you are familiar with the organisation you are basing this assessment on and have read through the necessary background information. For the case study organizations, this is all of the documents included in the ICTNWK546 Simulation Pack. If its your own organisation, its important that you have this approved by your assessor.
Complete Page 4 of your Project Portfolio for this unit.
Read through the requirements of Section 1 and 2 of your Project Portfolio which include detailed guidance relevant to all the assessment activities.
Preparing for the security design
You are required to prepare for the network security design process, as well as identify and analyze threats and risks. This involves:
Defining processes that needs to be followed in order to plan, build and manage network security.
Researching and reporting on major threats to any network security, as well as their origins.
Researching and reporting on network vulnerabilities.
Determining current risks to the network and developing a risk management plan.
Listing the assets that need to be protected, as well as categorizing them according to their value.
Complete Section 1 of your Portfolio.
Create a security design and security policies
You are to create a security design to protect the network for your chosen organisation. You are also to develop and document relevant security policies which is also to include the auditing of the network, as well as how to respond to incidents. Detailed instructions are included in your Portfolio.
You are also to prepare a short presentation about the work that you have completed that can be presented to a team for feedback. If you are completing this in your RTO, this will be to a small group of students organised by your assessor. If you are completing this based on your own business, it can be a presentation to your team at work or you can also present it to a small group of students.
Your presentation should be for approximately 10 minutes.
Complete Section 2 of your Portfolio.
Security design presentation
Provide your presentation to your team about the security design you have developed. Make sure you provide your team the opportunity to provide feedback. Following the presentation, you will document the feedback in your Portfolio, as well as your response.
During the presentation, you are to use oral communication skills including:
speaking clearly and concisely
asking questions to identify required information
responding to questions as required
using active listening techniques to confirm understanding
observational techniques to ensure that everyone is participating so that you can gain a range of different perspectives.
ii This can either be viewed in person by your assessor or you may like to video record the session for your assessor to watch later. Your assessor can provide you with more details at this step. Make sure you follow the instructions above and meet the timeframes allocated.
Following the presentation, include the feedback you received in Section 1 of your Portfolio and make amendments to your quality management plan to include the corrective action. Further report on the skills of staff, confirming their ability to meet quality standards or otherwise.
Submit your completed Project Portfolio
Make sure you have completed all sections of your Project Portfolio, answered all questions, provided enough detail as indicated and proofread for spelling and grammar as necessary.
Submit to your assessor for marking.
-989966-1080135003810342265Portfolio
Student Version
020000Portfolio
Student Version
07265670ICTNWK546
Manage network security
00ICTNWK546
Manage network security
CONTENTS
TOC h z t "RTO Works Heading 1,1" Section 1: Security design preparation PAGEREF _Toc75505540 h 5Section 2: Security design and policy PAGEREF _Toc75505541 h 7
Student name: Assessor: Date: Business this assessment is based on:
Section 1: Security design preparationNetwork security planning
Provide an outline of the processes you will use to plan, build and manage a network security design to meet the organisations requirements. ICT assets
Provide an overview of the organisations assets that need protecting. Remember assets are not just physical assets.
Categorise each of the assets in terms of their value. The value does not need to be a monetary value but instead can be based on the value to the organisation e.g., high, medium, low, etc. Threat modelling
Describe at least three major threats to network security that can happen to any organisation, as well as where these threats originate from.
For each threat, describe a system vulnerability that may have led to the threat. Risk management plan
For each of the threats you have identified, identify the level of risk that the threat presents (use a risk legend to do this).
Rank the threats in order of severity from least severe to most severe.
Outline a risk control relevant to each threat.
Use the table included in the Portfolio to develop your plan. Presentation
Write the title of your presentation here and attach it to your Portfolio. 61859414351000 Attach: Presentation
Section 2: Security design and policyNetwork security design
Provide an overview of your design to protect network security.
Include screenshots to illustrate your work as required.
Make sure you take into account manufacturers recommendations for use of the tools you will incorporate into your design. Write about how you have done this.
Further, include the costs of the equipment/software you have identified and document them here. Security policies
Develop and document security policies to accompany your network security design.
Your security policy must include as a minimum:
Purpose of the policy.
Key procedures relevant to maintaining security e.g., identity management, threat management (including incident response procedures) and auditing procedures.
As a guide your policy should be 2 3 pages. Write the name of your policy here and attach it your Portfolio. Feedback
Write the feedback you received here and your response to it.
