Student Name Student Number Unit code and name VU23223 Apply cyber security legislation, privacy and ethical practices

Student Name Student Number Unit code and name VU23223 Apply cyber security legislation, privacy and ethical practices

Assessment name Cyber security legislation, privacy and ethical practices Portfolio Assessment Task No. 2 of 2

Assessment due date Week 8

Assessor name Daniel Moore

Student declaration: I declare that this assessment is my own work. All ideas and comments from other people have been acknowledged as references. I understand that if this statement is found to be false, it will be considered misconduct and will be subject to disciplinary action as outlined in the TAFE Queensland Student Rules. I understand that by emailing or submitting this assessment electronically, I am agreeing to this statement in lieu of a written signature.

PRIVACY STATEMENT: TAFE Queensland is collecting your personal information on this form for the purpose of assessment. In accordance with the Information Privacy Act 2009 (Qld), your personal information will only be accessed by staff employed by TAFE Queensland for the purposes of conducting assessment. Your information will not be provided to any other person or agency unless you have provided TAFE Queensland with permission, if authorised under our Privacy Policy (available at https://tafeqld.edu.au/global/privacy-policy.html) or disclosure is otherwise permitted or required by law. Your information will be stored securely. If you wish to access or correct any of your information, discuss how it has been managed or have a concern or complaint about the way the information has been collected, used, stored, or disclosed, please contact the TAFE Queensland Privacy Officer at privacy@tafeqld.edu.au

Instructions for students General instructions

You are employed by MidTown IT as a Cyber Security Analyst/Consultant. Your task is to analyse the cyber security legislative/regulatory requirements of two organisations and prepare a written report on each organisation.

The organisations are:

Angelonia Fashion

Turtle Movers.

Your teacher/assessor will take on the role of Project Manager assigned to this project by MidTown IT.

Read the project documentation provided and familiarise yourself with the Project Scenario or Case Study before proceeding with the portfolio tasks.

Confirm anything you are not sure about with your supervisor (teacher/assessor). It is important that you have a clear understanding of the scenario and the tasks you need to complete.

This assessment tool requires you to complete a project portfolio divided into four (4) parts:

Part 1: Review of legislative and regulatory cyber security requirements for Australian organisations

Part 2: Examine and verify compliance with an organisations policies and procedures

Part 3: Reviewing an organisations ethical practices and procedures

^ Answer Parts 1-3 in the Report Template document provided

Part 4: Contingency task

^ Answer this part in this document

Online delivery

Students must provide their own PC or laptop, peripherals and Internet access.

Students will need permission to install the required software.

Students will need access to Microsoft Office or a similar application.

Documentation

MidTown IT Scenario or Case Study in this document

MidTown IT Cyber Legislation and Policies Report Template VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 docx

Policy and Privacy Practices for the two organisations VU23223_Privacy Policy and Privacy Practices for the two organisations_SH_TQM_v2 pdf

Assessment criteria

To achieve a satisfactory result, your assessor will be looking for your ability to demonstrate the following key skills/tasks/knowledge to an acceptable industry standard. Demonstrated ability to:

Identify Federal, State/Territory and sector-specific legislation

Identify relevant international legislation that affects Australian organisations

Recognise interdependencies between regulators and legislative instruments

Identify current legislation reforms

Determine compliance with policies and procedures against current standards

Understand red and blue team tools, as well as the consequences of misusing skills gained through their implementation

Consequences of unethical behaviour regarding cyber security practices

Refer to the marking criteria for specific details

VU23223_AT2_MC_TQOL_v2

Level of assistance allowed

Staff cannot directly show students answers or solutions, but can support and guide them in completing tasks individually. Teachers should be available by email for students.

Reasonable adjustments

Reasonable adjustments are available to students for a variety of reasons, including: disability; language, literacy and numeracy (LLN) difficulties; or extenuating circumstances. Talk to your teacher, counsellor or disability officer if you need extra support or an extension based on the conditions identified.

Number of attempts

You will be given up to two (2) attempts at this assessment task. If your first attempt is Unsatisfactory (U), your teacher will give you feedback, discuss the relevant sections/questions with you and agree a due date for your second attempt. If your second submission is Unsatisfactory (U), or you fail to submit a second attempt, you will receive an overall Unsatisfactory mark for that assessment task. Only one resit is allowed for each assessment task.

For more information, please see the Student Rules.

Work, health and safety

The work environment should be assessed for safety prior to training. Particular attention should be paid to potential ICT related hazards such as tripping hazards, electromagnetic radiation, ergonomics and posture. TAFE Queensland's health and safety policies and procedures should be followed at all times.

Submission details(if relevant) Evidence Required to be Submitted:

Fill in your details on Page 1. Enclose this form with your submission.

Submission via Connect:

Upload two files into AT2 - Portfolio assignment folder in Connect.

Upload your files as they aredont compress them to 7z/ZIP.

Name the files as :

VU23223_AT2_PE_TQOL_v3_YourName

VU23223_MidTownIT CyberLegislation and Policies Report Template-v3_YourName

Assessment to be submitted via:

TAFE Queensland Learning Management System (Connect): https://connect.tafeqld.edu.au/d2l/loginUsername: 9 digit student number

For Password: Reset password go to:https://passwordreset.tafeqld.edu.au/default.aspxInstructions for assessors Specifications of assessment:

To be judged competent in this assessment item, the student is required to demonstrate competence in all indicators shown in the marking guide.

Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions, and time variances must be typical of those experienced in the cyber security field of work and include access to:

Project requirements

Ensure that students read and familiarise themselves with the Project Scenario provided and relevant files and/or resources before attempting the assessment.

Storage Devices:

Students are required to provide their own storage device.

Online Delivery:

Student to supply their own PC or laptop, peripherals and internet access

Students will require permission to install the required software

Students will require access to Microsoft Office or a similar application

Documentation:

MidTown IT Cyber Legislation and Policies Report Template

Privacy Policy and Privacy Practices for the two organisations

Level of Assistance Permitted:

Teachers and tutors should be available in class, and accessible by email for students working from home. Staff cannot directly show students answers but can support and guide them to complete tasks individually. Students with disability will receive reasonable adjustments.

Contingencies:

Reasonable adjustment is available to students for a variety of reasons, including: disability, language, literacy and numeracy (LLN) problems or extenuating circumstances.

Work, Health and Safety:

The work environment should be assessed for safety prior to class. Special consideration should be taken regarding potential ICT related hazards such as tripping hazards, electromagnetic radiation, ergonomics, and posture. TAFE Queensland health and safety policies and procedures should be followed at all times.

Note to students An overview of all assessment tasks relevant to this unit can be found in the Unit Study Guide.

If you have any questions or need help with this assessment task, please contact your teacher by email, zoom, or phone.

Project Scenario

MidTown IT employs you as a Cyber Security Analyst/Consultant.

Your task is to analyse the cyber security legislative/regulatory requirements of two organisations and prepare a written report on each.

The organisations are:

Angelonia Fashion

Turtle Movers.

Your teacher/assessor will take on the role of the Project Manager assigned to this project by MidTown IT.

Although the customers come from two very different industries, there are some similarities:

Both started small family businesses

Have grown too fast to keep up with technology

Are concerned about their cyber security compliance with legislation/regulation

The main differences between the two organisations are:

Industry sectors

Only one company trades internationally (Angelonia Fashion )

Turtle Movers only trades online

Angelonia has both a physical and online presence

Case study

Organisation 1 - Angelonia Fashion

Started 10 years ago as a small family business employing 3 peoplethey were the owners of a local fashion shop that specialising in clothing arrangements, selling mainly Australian labels.

Today they employ 40 people across Australia.

They have developed their own fashion label and export their creations internationally.

Headquarters: Southport, Gold Coast.

The company has 7 stores throughout Australia:

NSW - 3 stores

Qld - 2 stores

VIC - 2 stores

Data transactions include:

Physical and online sales

Online orders

Refunds

Credit card payments and bank transfers with major fabric and haberdashery suppliers nationally and internationally

Angelonia Fashion have basic security in place to run their website and database. Their security includes:

Strong passwords

A firewall

Backups

Case study

Organisation 2 - Turtle Movers

A small family removal business that started 7 years ago with 2 trucks operating mainly in NSW.

Today they have a fleet of 50 trucks of varying capacities and operate throughout Australia.

The company operates entirely online and its only physical presence is its head office in Sydney, NSW.

Online data transactions are processed through the Turtle Movers website. These transactions include:

- Bookings

- Cancellations and postponements

- Insurance purchases

- Credit card and bank transfer payments

- Refunds

- Customer rewards and loyalty benefits, such as referrals.

Management has acknowledged concerns about their online security and compliance with cyber legislation/regulation.

Turtle Movers security system is basic, relying on protection provided by the website provider and an in-house, self-trained security officer.

Portfolio instructions

Important

You will answer all Parts 1-3 in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 docx file we provide for download.

Only Part 4 will be answered in this file.

To comply with organisational procedures and standardised documentation, you must use the MidTownIT CyberLegislation and Policies Report template for Parts 1-3.

Legislation, standards and regulatory bodies

As a starting point, the list below provides examples of relevant legislation, standards and regulatory bodies.

As these are subject to change and updating, you should carry out your own research to confirm their applicability.

You are encouraged to add additional legislation, standards and regulators if they are relevant to the organisation's needs.

Commonwealth Legislation

Examples are:

Telecommunications (Interception & Access) Act 1979

Criminal Code Act 1995

Corporations Act 2001 (Cth) on their IT management systems (Australian Securities and Investments Commission (ASIC) Regulatory Guide 104: Licensing: Meeting the general obligations)

Privacy Act 1988

Australian Regulators

Examples are:

Australian Prudential Regulation Authority (APRA) - CPS 234 (Prudential regulator)

Australian Securities and Investments Commission (ASIC) (Corporate Regulator)

Australian Competition and Consumer Commission (ACCC) (Consumer & consumer data rights)

Australian Energy Sector Cyber Security Framework (AESCSF) (Energy regulator)

Protective Security Policy Framework (Australian Government rules for cybersecurity)

Australian Signals Directorate (ASD)

Australian Cyber Security Centre (ACSC)

International Law and conventions

Examples are:

Budapest convention (Convention on Cyber Crime)

Australian Criminal Code Act 1995

Payment Card Industry Data Security Standard (PCI DSS) (payment cards)

General Data Protection Regulation (GDPR)

Global Standards

Examples are:

ISO/IEC 27001 information security management systems

AS 27701: 2022 Security techniques Extension to ISO/IEC 27001

NIST SP 800-53 & Essential 8

Part 1: Review of cyber security legislative and regulatory requirements for Australian organisations

Important

You will answer all Parts 1-3 in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 docx file we provide for download.

Only Part 4 will be answered in this file.

To comply with organisational procedures and standardised documentation, you must use the MidTownIT CyberLegislation and Policies Report template for Parts 1-3.

This part of the assessment must be completed for each organisation presented. The organisations correspond to two industrial sectors.

Read the case studies above and complete the following tasks:

Provide an overview of the sector of the scenario presented (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Identify the current federal, state, territory and sector-specific cyber security and related legislation that applies to the organisation. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

1.2 For each organisation presented, analyse its business activities:

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Identify if there is any international cyber security legislation that has an impact on their data security

Identify the areas of the business that are affected by the international legislation

Assess/Evaluate the impact on business operations and data security

For each organisation, identify and explain at least one (1) interdependency between different legal/legislative instruments related to cyber security. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

For each organisation, identify one (1) instance where a Regulator can contribute to the security of business data operations.

Clarify the impact of the contribution.

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Identify and explain the role and scope of each of the regulatory bodies listed below.

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

REGULATOR ROLE SCOPE

Australian Prudential Regulation Authority (APRA) (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Australian Securities and Investments Commission (ASIC) Australian Competition and Consumer Commission (ACCC) Australian Energy Sector Cyber Security Framework (AESCSF) Protective Security Policy Framework (Australian Government rules for cybersecurity) Investigate current and upcoming reforms in data privacy/protection legislation and explain how these could benefit each organisation. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)Investigate current and upcoming reforms in consumer and surveillance legislation and explain how these could benefit each organisation. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Having completed the review of the two organisations in the previous tasks, write up the recommendations you would make to each organisation as a Cyber Analyst/Consultant in relation to:

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Legal/Legislation and regulatory compliance

International cyber security legislation affecting their businesses

Potential impact of upcoming reforms in privacy, consumer and surveillance legislation.

Part 2: Verifying and examining compliance with organisations policies and procedures

Important

You will answer all Parts 1-3 in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 docx file we provide for download.

Only Part 4 will be answered in this file.

To comply with organisational procedures and standardised documentation, you must use the MidTownIT CyberLegislation and Policies Report template for Parts 1-3.

This part of the assessment must be completed for each organisation presented.

2.1Review the privacy documentation provided.

Review policy compliance across the organisation against current standards.

Current privacy standards can be understood as the Australian Privacy Principles (APPs).

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

2.2Access the organisational practices from the documentation provided for the two organisations.

For each organisation, select two (2) practices that could be improved.

a)Evaluate each practice and identify its shortcomings

b)Suggest improvements for each selected practice.

BEST PRACTICES EVALUATION/SHORTCOMINGS PROPOSED IMPROVEMENTS

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

2.3After reviewing the privacy policies and practices of the two organisations, write a report containing your findings and a set of recommendations for each organisation:

a)Level of compliance with current data protection / privacy legislation and improvements needed

b)Adequacy of current practices and improvements needed

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Part 3: Reviewing the organisation's ethical practices and procedures

Important

You will answer all Parts 1-3 in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 docx file we provide for download.

Only Part 4 will be answered in this file.

To comply with organisational procedures and standardised documentation, you must use the MidTownIT CyberLegislation and Policies Report template for Parts 1-3.

This part of the assessment must be completed for each organisation presented.

3.1Identify and describe four (4) Red Team tools that the organisation could use to exploit and compromise blue teams defences. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

3.2Identify and describe four (4) Blue Team tools that the organisation could use to protect the network from cyber attack. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

3.3Outline a set of ethical practices for employees to follow when using Red and Blue Team tools on public networks. (Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

3.4Consequences of unethical behaviour:

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

a)Explain the legal consequences of misusing skills acquired through Red and Blue Team tools and the potential data breaches that can occur through unauthorised use of these skills.

b)Explain the consequences of unauthorised access to network devices/equipment

c)Explain the consequences of circumventing/bypassing copyrighted media and applications obtained through file sharing or downloading.

3.5Identify at least four (4) examples of unethical behaviour that could occur in the organisations at the hands of cyber security engineers.

- For each example, explain the impact on the overall network and data security.

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

3.6Ethics Code of Practice

Choose one of the two organisations presented and draw up a Ethics Code of Practice for its cyber security engineers.

- Explain how the code will be distributed and implemented in the organisation.

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

3.7Identify three (3) file sharing services for downloading.

- For each service, identify its suitability and the security risks associated with it.

FILE-SHARING SERVICE (Downloading) SUITABILITY ASSOCIATED SECURITY RISKS

(Write your answer in the VU23223_MidTownIT CyberLegislation and Policies Report Template-v3 file)

Part 4: Contingency task

Important

Answer this part in this document.

4.1Assume that, due to staff shortages, two junior cyber security engineers have been given responsibilities beyond their level of expertise. They are happy with the new job but concerned about their new responsibilities.

Provide at least three (3) support measures that could be used to ease their role transition.

Support measure 1. Give ~50 words.

Support measure 2. Give ~50 words.

Support measure 3. Give ~50 words.

End of VU23223 Assessment Task

Legislation and Policies Report Template

MIDTOWN IT

Prepared by

<<INSERT YOUR NAME>>

For

Angelonia Fashion and Turtle Movers

Remove all highlighted blue text when your report is complete. The blue text is intended to give you some clues about the content of the document.

Contents

TOC o "1-3" h z u Abstract PAGEREF _Toc167917729 h 2Introduction PAGEREF _Toc167917730 h 3Part 1 Review of cyber security legislative and regulatory requirements for Australian organisations PAGEREF _Toc167917731 h 41.5 Regulators PAGEREF _Toc167917732 h 101.8 Cybersecurity findings and recommendations PAGEREF _Toc167917733 h 11Part 2: Verifying and examining compliance with organisations policies and procedures PAGEREF _Toc167917734 h 132.3 Privacy compliance findings and recommendations PAGEREF _Toc167917735 h 16Part 3: Reviewing the organisation's ethical practices and procedures PAGEREF _Toc167917736 h 17Part 3.6: Ethics Code of Practice PAGEREF _Toc167917737 h 21Ethics Code of Practice for Angelonia Fashion OR Turtle Movers (select one) PAGEREF _Toc167917738 h 213.7Ethical practicesfile sharing/downloading PAGEREF _Toc167917739 h 22Conclusion PAGEREF _Toc167917740 h 23Appendix PAGEREF _Toc167917741 h 24Organisation policies, procedures and best practices documentation PAGEREF _Toc167917742 h 24References PAGEREF _Toc167917743 h 25

AbstractWrite the abstract after you have completed this report. Give ~70 words.

The abstract is not an introduction. The abstract must contain a detailed summary of the findings and recommendations of this assignment.

Tips for writing an abstract

1. Keep it concise: Aim to summarise your entire work in a clear and concise way.

2. Highlight the key points: Emphasise the main objectives, results and conclusions.

3. Stay focused: Make sure that your abstract directly reflects the content of your assignment.

4. Revise and refine: Proofread your abstract to ensure it is error-free and effective.

Remember, an abstract is the first impression of your assignment, so make it shine!

IntroductionWrite an introduction for this report. Give ~70 words.

Part 1 Review of cyber security legislative and regulatory requirements for Australian organisationsComplete for each organisation as shown

Angelonia Fashion

1.1 a) In ~40 words, give an overview of the business sector in which Angelonia Fashion operates, based on the scenario presented.

1.1 b) Identify the current federal, state, territory and sector-specific cyber security and related legislation that applies to Angelonia Fashion. Be sure to include at least one state law in which Angelonia Fashion operates.

Use the table below to present the information.

SECTOR: Angelonia Fashion: Add small business sector(s) here

CYBER SECURITY and Related

LEGISLATION

(Code/Act Name and Date) SCOPE BUSINESS AREAS/ACTIVITIES AFFECTED

(Give ~30 words each)

Federal State Territory Add rows as required

Analyse the business activities of Angelonia Fashion and answer using the table below:

1.2 a) List/Identify if there is any international cyber security legislation that has an impact on their data security (Answer in the table below)

1.2 b) Identify the areas of the business that are affected by the international legislation (Answer in the table below)

1.2 c) Assess/Evaluate the impact on business operations and data security. (Answer in the table below)

Tip

Angelonia Fashion may or may not be involved in international transactions. Based on the case study, if so, complete the table below. If not, explain why you didnt complete the table.

Answer: (Either fill in the table below or give your reason for leaving it blank):

INTERNATIONAL

CYBER SECURITY

LEGISLATION(Name) BUSINESS AREAS/ACTIVITIES AFFECTED

(Give ~20 words each) IMPACT on DATA SECURITY

(Give ~50 words each)

Add rows as required 1.3 Identify and explain at least one (1) interdependency between different legal/legislative instruments related to cybersecurity for Angelonia Fashion. Give ~50 words.

1.4 Identify one (1) instance where a Regulator can contribute to the security of Angelonia Fashions business data operations.

- In your answer, also clarify the impact of the contribution

- Give ~100 words

(Note: 1.5 follows later in this documentcontinue with 1.6)

1.6 Investigate current and upcoming reforms in data privacy/protection legislation and explain how these could benefit Angelonia Fashion. Give ~80 words.

1.7 Investigate current and upcoming reforms in consumer and surveillance legislation and explain how these could benefit Angelonia Fashion. Give ~80 words

(Note: 1.8 follows later in this documentcontinue with Turtle Movers below)

Turtle Movers

1.1 a) In ~40 words, give an overview of the business sector in which Turtle Movers operates, based on the scenario presented.

1.1 b) Identify the current federal, state, territory and sector-specific cyber security and related legislation that applies to Turtle Movers. Be sure to include at least one state law in which Turtle Movers operates.

Use the table below to present the information.

SECTOR: Turtle Movers: Add small business sector(s) here

CYBER SECURITY and Related

LEGISLATION

(Code/Act Name and Date) SCOPE BUSINESS AREAS/ACTIVITIES AFFECTED

(Give ~30 words each)

Federal State Territory Add rows as required

Analyse the business activities of Turtle Movers and answer using the table below:

1.2 a) List/Identify if there is any international cyber security legislation that has an impact on their data security (Answer in the table below)

1.2 b) Identify the areas of the business that are affected by the international legislation (Answer in the table below)

1.2 c) Assess/Evaluate the impact on business operations and data security. (Answer in the table below)

Tip

Turtle Movers may or may not be involved in international transactions. Based on the case study, if so, complete the table below. If not, explain why you didnt complete the table.

Answer: (Either fill in the table below or give your reason for leaving it blank):

INTERNATIONAL

CYBER SECURITY

LEGISLATION

(Name) BUSINESS AREAS/ACTIVITIES AFFECTED

(Give ~20 words each) IMPACT on DATA SECURITY

(Give ~50 words each)

Add rows as required 1.3 Identify and explain at least one (1) interdependency between different legal/legislative instruments related to cybersecurity for Turtle Movers. Give ~50 words.

1.4 Identify one (1) instance where a Regulator can contribute to the security of Turtle Movers business data operations.

- In your answer, also clarify the impact of the contribution

- Give ~100 words

(Note: 1.5 follows later in this documentcontinue with 1.6)

1.6 Investigate current and upcoming reforms in data privacy/protection legislation and explain how these could benefit Turtle Movers. Give ~80 words.

1.7 Investigate current and upcoming reforms in consumer and surveillance legislation and explain how these could benefit Turtle Movers. Give ~80 words.

(Note: 1.8 follows later in this documentcontinue with 1.5 Regulators)

1.5 RegulatorsThe question below is a general question about the role and scope of Australian regulatorsyou should answer in general, and not specifically for Angelonia Fashion or Turtle Movers.

1.5 Identify and explain the role and scope of each of the regulatory bodies listed below. (Answer in the table below)

REGULATOR ROLE

(Give ~15 words each) SCOPE

(Give ~15 words each)

Australian Prudential Regulation Authority (APRA) Australian Securities and Investments Commission (ASIC) Australian Competition and Consumer Commission (ACCC) Australian Energy Sector Cyber Security Framework (AESCSF) Protective Security Policy Framework (Australian Government rules for cybersecurity)

1.8 Cybersecurity findings and recommendations1.8 Having completed the review of the two organisations in the previous tasks, write up the recommendations you would make to each organisation as a Cyber Analyst/Consultant in relation to:

Angelonia Fashion

1.8 a)Legal/Legislation and regulatory compliance. Give ~100 words.

1.8 b)International cyber security legislation affecting their businesses. Give ~100 words.

Note: If your review from Question 1.2 revealed that there is no international cyber security legislation that affects Angelonia Fashion, then it is OK to simply say that this business is not affected by international legislation.

1.8 c)Potential impact of upcoming reforms in privacy, consumer and surveillance legislation. Give ~100 words.

Turtle Movers

1.8 a)Legal/Legislation and regulatory compliance. Give ~100 words.

1.8 b)International cyber security legislation affecting their businesses. Give ~100 words.

Note: If your review from Question 1.2 revealed that there is no international cyber security legislation that affects Turtle Movers, then it is OK to simply say that this business is not affected by international legislation.

1.8 c)Potential impact of upcoming reforms in privacy, consumer and surveillance legislation. Give ~100 words.

Part 2: Verifying and examining compliance with organisations policies and procedures2.1 Review the privacy documentation providedVU23223_Privacy Policy and Privacy Practices for the two organisations_SH_TQM_v2 pdf.

Review Angelonia Fashions policy compliance across the organisation against current standards.

The Current privacy standards can be understood as the Australian Privacy Principles (APPs).

Copy and paste the titles of the 13 APPs into the Standard APPs column, then in the table below:

answer the Review Details for each in ~20 words

In your short review, indicate how/if Angelonia Fashion complies

and select the level of compliance.

Angelonia Fashion

POLICY STANDARDS APPs 1-13 REVIEW DETAILS

(Give ~20 words each) COMPLIANCE

Full Partial Poor Non- Compliance

Privacy Policy Add rows as required 2.1 Review the privacy documentation providedVU23223_Privacy Policy and Privacy Practices for the two organisations_SH_TQM_v2 pdf.

Review Turtle Movers policy compliance across the organisation against current standards.

The Current privacy standards can be understood as the Australian Privacy Principles (APPs).

Copy and paste the titles of the 13 APPs into the Standard APPs column, then in the table below:

answer the Review Details for each in ~20 words

In your short review, indicate how/if Turtle Movers complies

and select the level of compliance.

Turtle Movers

POLICY STANDARDS APPs 1-13 REVIEW DETAILS

(Give ~20 words each) COMPLIANCE

Full Partial Poor Non- Compliance

Privacy Policy Add rows as required 2.2 Access the organisational practices from the documentation providedVU23223_Privacy Policy and Privacy Practices for the two organisations_SH_TQM_v2 pdf.

For Angelonia Fashion, select two (2) practices that could be improved.

a)Evaluate each practice and identify its shortcomings.

b)Suggest improvements for each selected practice.

^Answer in the table below

Angelonia Fashion

BEST PRACTICES EVALUATION/SHORTCOMINGS

(~30 words each) PROPOSED IMPROVEMENTS

(~30 words each)

1.

2.

2.2 Access the organisational practices from the documentation providedVU23223_Privacy Policy and Privacy Practices for the two organisations_SH_TQM_v2 pdf.

For Turtle Movers, select two (2) practices that could be improved.

a)Evaluate each practice and identify its shortcomings.

b)Suggest improvements for each selected practice.

^Answer in the table below

Turtle Movers

BEST PRACTICES EVALUATION/SHORTCOMINGS

(~30 words each) PROPOSED IMPROVEMENTS

(~30 words each)

1.

2.

2.3 Privacy compliance findings and recommendationsAfter reviewing the privacy policies and practices of the two oganisations, complete this report with your findings and a set of recommendations for each organisation.

Angelonia Fashion

2.3 a) Level of compliance with current data protection / privacy legislation and improvements needed (Give ~100 words)

2.3 b)Adequacy of current practices and improvements needed (Give ~100 words)

Turtle Movers

2.3 a) Level of compliance with current data protection / privacy legislation and improvements needed (Give ~100 words)

2.3 b)Adequacy of current practices and improvements needed (Give ~100 words)

Part 3: Reviewing the organisation's ethical practices and procedures3.1 Identify and describe four (4) Red Team tools that the organisation could use to exploit and compromise blue teams defences

Angelonia Fashion

Red Team Tool Name / Web Address Description

(Give ~20 words) How it Protects

(Give ~30 words)

1. 2. 3. 4. Be sure to select four different/new tools from above

Turtle Movers

Red Team Tool Name / Web Address Description

(Give ~20 words) How it Protects

(Give ~30 words)

1. 2. 3. 4. 3.2 Identify and describe four (4) Blue Team tools that the organisation could use to protect the network from cyber attack.

Angelonia Fashion

Blue Team Tool Name / Web Address Description

(Give ~20 words) How it Protects

(Give ~30 words)

1. 2. 3. 4. Be sure to select four different/new tools from above

Turtle Movers

Blue Team Tool Description

(Give ~20 words) How it Protects

(Give ~30 words)

1. 2. 3. 4. 3.3 Outline a set of ethical practices for employees to follow when using Red and Blue Team tools on public networks.

Angelonia Fashion (Give ~50 words)

Turtle Movers (Give ~50 words)

3.4 Consequences of unethical behaviour:

a) In ~50 words, explain the legal consequences of misusing skills acquired through Red and Blue Team tools and the potential data breaches that can occur through unauthorised use of these skills.

b) In ~70 words, explain the consequences of unauthorised access to network devices/equipment.

c) In ~30 words, explain the consequences of circumventing/bypassing copyrighted media and applications obtained through file sharing or downloading.

3.5 Identify at least four (4) examples of unethical behaviour that could occur in the organisations at the hands of cyber security engineers.

- For each example, explain the impact on the overall network and data security. (Answer in the table below).

Angelonia Fashion

UNETHICAL BEHAVIOUR IMPACT ANALYSIS

(~20 words each)

1. 2. 3. 4. Add rows as required Be sure to select four different behaviours from above

Turtle Movers

UNETHICAL BEHAVIOUR IMPACT ANALYSIS

(~20 words each)

1. 2. 3. 4. Add rows as required

Part 3.6: Ethics Code of Practice3.6 Choose one of the two organisations presented and create an Ethics Code of Practice for its cyber security engineers. Give ~500 words.

Ethics Code of Practice for Angelonia Fashion OR Turtle Movers (select one) In ~300 words, give a complete Ethics Code of Practice for Angelonia Fashion OR Turtle Movers cyber security engineers.

Ethics Code of Practice for Cyber Security Engineers at ------- -------

- In ~ 50 words, explain how the code will be:

- distributed and

- implemented in the organisation.

Distribution

Implementation

3.7Ethical practicesfile sharing/downloading The questions below are general questions about ethical practicesyou should answer in general, and not specifically for Angelonia Fashion or Turtle Movers.

3.7 Identify three (3) file sharing services for downloading.

- For each service, identify its suitability and the security risks associated with it. (Answer in the table below).

FILE-SHARING SERVICE (Downloading) SUITABILITY

(Give ~20 words each) ASSOCIATED SECURITY RISKS

(Give ~20 words each)

1. 2. 3.

ConclusionIn ~ 50 words, write a conclusion to this report.

Reminder

Delete any text highlighted in blue in this report when you have finished.

Dont forget to complete Part 4 in document VU23223_AT2_PE_TQOL_v3.

AppendixOrganisation policies, procedures and best practices documentationIn this section, you should include all the organisations documentation provided to the MidTown IT Analyst/Consultant before the review and report completion.

If the documentation exists, it may include:

Cyber Security Policy

Cyber Security Best practices

Privacy Policy

Privacy Best practices

Ethics policies and/or policies and procedures

Other appendices can be created as necessary

ReferencesWe recommend that you use zotoerobib to create your reference list. The default Modern Language Association (MLA) or American Psychological Association (APA) is fine.

Student Name Student Number Unit Code/Name VU23213 - Utilise basic network concepts and protocols required in cyber security

AT Name AT2 - Portfolio AT No. 2 of 2

AT Due Date Week 8 Date Assessor Name See Connect

Student Declaration: I declare that this assessment is my own work. Any ideas and comments made by other people have been acknowledged as references. I understand that if this statement is found to be false, it will be regarded as misconduct and will be subject to disciplinary action as outlined in the TAFE Queensland Student Rules. I understand that by emailing or submitting this assessment electronically, I agree to this Declaration in lieu of a written signature.

Privacy Statement: TAFE Queensland is collecting your personal information on this form for the purpose of assessment. In accordance with the Information Privacy Act 2009 (Qld), your personal information will only be accessed by staff employed by TAFE Queensland for the purposes of conducting assessment. Your information will not be provided to any other person or agency unless you have provided TAFE Queensland with permission, if authorised under our Privacy Policy (available at https://tafeqld.edu.au/global/privacy-policy.html) or disclosure is otherwise permitted or required by law. Your information will be stored securely. If you wish to access or correct any of your information, discuss how it has been managed or have a concern or complaint about the way the information has been collected, used, stored, or disclosed, please contact the TAFE Queensland Privacy Officer at privacy@tafeqld.edu.au

Your Instructions

Youre hired as a Junior Network Engineer by E Conglomerate to test network concepts and protocols. Youre tasked with setting up a new simulated network using Packet Tracer, and demonstrating a virtual file share with 2 Virtual Machines (VMs).

You must complete all 4 parts:

TOC o "1-3" h z u Part 1 - Network Communication, Security and Policies PAGEREF _Toc167953241 h 6Task 1 - Network Models and Security PAGEREF _Toc167953242 h 6Task 2 - Security Policy Review PAGEREF _Toc167953243 h 7Task 3 - TCP/IP Suite, IP Addressing, Binary and Hexadecimal Conversions PAGEREF _Toc167953244 h 9Part 2 - Security Services, Standards, and Protocols PAGEREF _Toc167953245 h 11Part 3 - Networking Devices, Components, and Attacks PAGEREF _Toc167953246 h 12Task 1 - Network Devices and Testing Tools PAGEREF _Toc167953247 h 12Task - 2 Investigation and Presentation of Cyber Network Attacks PAGEREF _Toc167953248 h 13Task 3 - Contingency Task PAGEREF _Toc167953249 h 14Part 4 - Security Testing Environment PAGEREF _Toc167953250 h 14

Documents Required

Assessment Task 2 (VU23213_AT2_PE_TQOL_v*.docx)

Security Policy (VU23213_AT2_LHO_TQOL_Policy.pdf)

Network Template (VU23213_AT2_LHO_TQOL_Network_v*.pkt)

Materials Required

Computer, internet connection, Connect (LMS), software:

CISCO Packet Tracer,

Hypervisor (VirtualBox, VMWare, or Hyper-V, etc.),

Operating System ISO (Windows, Linux),

Word processing (Microsoft Word, Google Docs, LibreOffice, OpenOffice etc.).

Assessment Criteria: For a satisfactory result, demonstrate the following abilities:

Understand network security concepts and terminology. Identify threats, risks, and vulnerabilities Identify and manage cyber security breaches. Understand the OSI model and its layers functionality and protocols. Understand the TCP/IP model, its standards, and protocols Work with organisational security policies. Convert between decimal, binary, and hexadecimal notation. Work with Server Message Block (SMB). Use QUIC UDP to secure network traffic. Investigate NB-Io, IoT and LoRa-IoT standards for IoT. Demonstrate functionality of key network devices. Implement security of network components in a LAB practical. Investigate and present current cyber security attacks.

Time Restrictions: This AT to take place over 8 weeks, or approximately 32 hours. You should be able to commit to 3 additional hours per week to study.

Interactions: You can work in teams to consult and collaborate on practical activities. However, each student must complete ATs individually.

Level of Assistance Permitted: Teachers cannot directly show you answers or solutions but can support and guide you to complete tasks individually.

Reasonable Adjustments: Reasonable adjustments are available for a variety of reasons, including disability, language, literacy, and numeracy (LLN) problems or extenuating circumstances. Reach out to your teacher, counsellor, and/or disability officer for extra support.

Number of Attempts: You have up to 2 attempts. If your 1st attempt is unsatisfactory (M), your teacher will provide feedback for your 2nd attempt. If your 2nd submission is unsatisfactory (M), you will receive an overall unsatisfactory result for this AT. Only one re-assessment attempt may be granted for each AT. For more information, see the Student Rules.

Note to Student: An overview of all ATs relevant to this unit is in the Unit Study Guide. If you have any questions or need help regarding this AT, contact your teacher via email.

Submission Details

Include your name and student ID at the top of this document. By logging into Connect and uploading this document, you agree to the Student Declaration.

Upload each file below to the AT2 submission area via Connect. Multiple files can be uploaded at once, theyll be automatically compressed.

Rename the files:

VU23213_AT2_PE_TQOL_SURNAME.docx

VU23213_AT2_LHO_TQOL_Network_ SURNAME.pktATs are submitted via Connect with your username (9 digit ID) and password. To reset your password, go to Password Reset.

Contents

TOC o "1-3" h z u Part 1 - Network Communication, Security and Policies PAGEREF _Toc167881149 h 6Task 1 - Network Models and Security PAGEREF _Toc167881150 h 6Task 2 - Security Policy Review PAGEREF _Toc167881151 h 7Task 3 - TCP/IP Suite, IP Addressing, Binary and Hexadecimal Conversions PAGEREF _Toc167881152 h 9Part 2 - Security Services, Standards, and Protocols PAGEREF _Toc167881153 h 11Part 3 - Networking Devices, Components, and Attacks PAGEREF _Toc167881154 h 13Task 1 - Network Devices and Testing Tools PAGEREF _Toc167881155 h 13Task - 2 Investigation and Presentation of Cyber Network Attacks PAGEREF _Toc167881156 h 14Task 3 - Contingency Task PAGEREF _Toc167881157 h 14Part 4: Security Testing Environment PAGEREF _Toc167881158 h 15

Part 1 - Network Communication, Security and PoliciesTask 1 - Network Models and SecurityFill out the tables below to show your understanding of network security.

Describe 3 network security vulnerabilities with examples (minimum 15 words each).

Vulnerabilities Descriptions Examples

1 2 3 Explain 2 differences between network and cyber security (minimum 15 words each).

Differences

1 2 Describe 3 business impacts of cybersecurity breaches with examples (minimum 15 words each).

Business Impacts Descriptions

1 2 3 Open Systems Interconnection (OSI) model.

a) Summarise the Open Systems Interconnection (OSI) model and its purpose (minimum 40 words).

b) Define each OSI layer and its functions. Then provide 3 protocols for each layer (minimum 15 words each).

Layer Name Layer Definitions and Functionalities Layer Protocols

1 2 3 4 5 6 7 Task 2 - Security Policy Review

Complete the tables to show your understanding of network security from the policy (VU23213_AT2_LHO_TQOL_Policy.pdf). For Yes/No answers, indicate your choice by bolding, underlining, highlighting, or changing colours.

Check that the policy includes provisions for access by visitors and/or external technical personnel.

a) Is access information needed in the policy?

Yes No

Explain why you selected Yes or No (minimum 40 words).

b) Review section 3.11 Acceptable Use of Social Media.

Explain how this section could be improved (minimum 40 words).

c) Check who has access to official-sensitive data.Do you consider the current measures safe/secure?

Yes No

Explain why you selected Yes or No (minimum 20 words).

Outline any potential improvements (minimum 20 words).

d) Review section 3.7 Privacy Impact Statement.

Explain how this section could be improved (minimum 40 words).

e) Review section 3.12 Bring Your Own Device.

Consider the potential risks and consequences of external devices.

Would you change this section?

Yes No

Explain why you selected Yes or No (minimum 40 words).

Task 3 - TCP/IP Suite, IP Addressing, Binary and Hexadecimal Conversions1.6 Define the Transmission Control Protocol/Internet Protocol (TCP/IP) communication model and its layers.

Summarise the TCP/IP Suite (minimum 40 words).

Define each TCP/IP layer and its functions. Then provide 3 protocols for each layer (minimum 15 words each).

Layer Name Layer Definitions and Functionalities Layer Protocols

1 2 3 4 1.7 Explain how Transport Layer Security (TLS) and Hypertext Transfer Protocol Secure (HTTPS) secure network communications (minimum 40 words).

1.8 Compare and contrast the OSI and TCP/IP models.

Research 2 key things they have in common (minimum 30 words each).

1 2 Research 2 ways in which they differ (minimum 30 words each).

1 2 1.9 Explain Internet Protocol Version 4 (IPv4) and Version 6 (IPv6).

Give an example of IPv4 and IPv6.

IPv4 IPv6 Explain what IPv4 and IPv6 are (minimum 15 words each).

IPv4 IPv6 Explain the difference between IPv4 and IPv6 (minimum 30 words).

1.10 Explain the binary and hexadecimal number systems.

Explain what binary is (minimum 20 words).

Explain what hexadecimal is (minimum 20 words).

1.11 Convert the following decimal numbers to 8-bit binary representations.

129 78 54 1.12 Convert the following decimal numbers to hexadecimal notation.

8193 3512 61697 Part 2 - Security Services, Standards, and Protocols2.1Server Message Block (SMB)

Define the purpose of SMB (minimum 15 words).

Provide an example of SMB (minimum 15 words).

2.2QUIC

a) Define the purpose of QUIC (minimum 15 words).

b) Explain how QUIC enhances the security of the Hypertext Transfer Protocol (HTTP) (minimum 15 words).

Provide 2 examples of QUIC (minimum 15 words each).

1 2 2.3 Narrowband Internet of Things (NB-IoT)

a) Define the purpose of NB-IoT (minimum 15 words).

b) Identify what devices NB-IoT is for and provide 2 examples (minimum 15 words each).

1 2 2.4 Long-Range IoT (LoRa-IoT)

a) Define the purpose of LoRa-IoT (minimum 15 words).

b) Identify what devices LoRa-IoT is for and provide 2 examples (minimum 15 words each).

1 2 Part 3 - Networking Devices, Components, and AttacksTask 1 - Network Devices and Testing Tools3.1 Explain the functions of networking devices.

a) Explain how Switches work and what they do in networks (minimum 20 words).

b) Explain how Routers work and what they do in networks (minimum 20 words).

c) Explain how Wireless Access Points (WAP) work and what they do in networks (minimum 20 words).

d) Explain how Wireless Enabled End Points work and what they do in networks (minimum 20 words).

3.2 Explain how Firewalls work and what they do in networks (minimum 30 words).

3.3 Describe 3 tools (hardware or software) for testing network devices (minimum 15 words each).

Tools Descriptions

1 2 3 3.4 Explain how virtualisation can be used to test networking concepts (minimum 30 words).

3.5 Describe how virtualisation can be interconnected and used in live networks (minimum 30 words).

Task - 2 Investigation and Presentation of Cyber Network Attacks3.6 Researching cyber network attacks.

a) Explain what Distributed Denial of Service (DDoS) is and how it works (minimum 20 words).

b) Explain what Ransomware Breach is and how it works (minimum 20 words).

c) Explain what ARP Poisoning/Spoofing is and how it works (minimum 20 words).

3.7 Describe 3 resources to increase cyber security awareness (minimum 15 words each).

Resources Descriptions

1 2 3 Task 3 - Contingency Task3.8 Read the scenario below and answer the questions.

Scenario:

A recent network report identified an increase in DDoS attacks that have caused users to lose access to non-critical services. Although the attacks were monitored, not all of them were blocked.

Provide 2 solutions to the current systems to improve the scenario (minimum 30 words each).

1 2 Part 4 - Security Testing Environment4.1Read the instructions and scenario to build a simulated network using Packet Tracer.

Create a CISCO account to download Packet Tracer, alternatively, download Packet Tracer here.

If youre new to using Packet Tracer, go through:

Getting Started or Create a Simple Network Using Packet Tracer,

Exploring Networking, and

Exploring IOT with CISCO Packet Tracer.

Scenario:

Youre hired as a Junior Network Engineer by E Conglomerate. Youre tasked with setting up a new simulated network using Packet Tracer. The company is expanding its buildings and needs a new network topology, which includes the following:

- 2 networks, 1 per building.

- 3 Routers in total. 1 Router per building and 1 Router between both buildings.

- 4 Switches in total. 2 Switches per building.

- 2 Wireless Access Points in total. 1 per building, configured with the following:

- Building 1: SSID Building_1, with WPA2-PSK, AES Encryption, and password P@ssw0rd.

- Building 2: SSID Building_2, with WPA2-PSK, AES Encryption, and password P@ssw0rd.

- 10 client devices in total. 5 per building with 3 wired Desktops and 2 wireless Laptops.

- Set either static or dynamic IP Addresses for all client devices.

- Building 1: 192.168.0.0/24

- Building 2: 192.168.1.0/24

- To name the devices, use the Building Number B*_Device_Number:

- For example, the device Building 1 Router 1 would be B1_Router_1.

- Other examples include, B2_Router_1, B1_Switch_1, B1_Switch_2, etc.

- Configuring SSH is optional on Routers and Switches. If youre setting up SSH, set the usernames to admin, and the password to P@ssw0rd.

Download VU23213_AT2_LHO_TQOL_Network.pkt from Connect and open it with Packet Tracer. Use this pre-built network file and update it according to the scenario.

Here are some tips if you get stuck:

If youre having trouble installing Packet Tracer, see this guide.

Dont lose your work! The preferences menu has an auto-save feature.

Compare the devices in Building 2 with those in Building 1. Whats different? Default Router gateways?

If youre setting up SSH, see SSH Configuration and/or Configure SSH.

Optionally, you can start a PKT file from scratch if you prefer.

Provide screenshots of your Packet Tracer network and complete the following.

a) Provide 1 screenshot of the logical network diagram.

Be sure to include all network devices for both buildings.

b) Provide 2 screenshots of 1) the physical network diagram, and 2) the rack diagram.

Start by selecting Physical (top left) and then Create Rack. Here you can start to build your physical layout. Make sure you include as many devices as possible in your screenshots.

See Packet Tracer Physical View for more information.

1 2 c) Provide 2 screenshots of the configurations of 1) a Router and 2) a Switch.

1 2 d) Provide 1 screenshot of a Wireless Access Points (WAP) configuration.

e) Provide 1 screenshot of the Wi-Fi configuration of a wireless device.

For more information, see Connect to a Wireless Network.

f) Using either Real-time or Simulation mode, provide 2 screenshots of testing and troubleshooting connectivity between devices. If using the Simulation mode, use the play/next buttons for easier screenshots.

Use the command prompt of a wired device in Building 1 to ping a wireless device. Make sure theres an ICMP response. Provide 1 screenshot of a successful connection between devices.

Use the command prompt of a wired device in Building 2 to ping a wireless device. Make sure theres an ICMP response. Provide 1 screenshot of a successful connection between devices.

4.2Read the instructions and scenario below to test a virtual file share.

Scenario:

Youre still hired as a Junior Network Engineer at E Conglomerate. Youve been asked to demonstrate virtual file sharing. Set up 2 Virtual Machines (VMs) and enable file sharing. Then, present your demonstration to the manager.

Use a hypervisor ( HYPERLINK "https://www.virtualbox.org/wiki/Downloads" VirtualBox, VMware, or Hyper-V) and download Operating System (OS) ISOs for Windows or a Linux distro (Ubuntu, Kali, etc.). Name them VM1, and VM2.

Set VM1 and VM2 system resources to the OS requirements. For example, Windows 10 System Requirements are here - CPU 1GHz, RAM 1/2GB, HDD 16/32GB etc.

Set the network adapters to internal with the same network name (intnet). Have both VMs ping and communicate before starting.

Here are some tips if you get stuck:

If youre not familiar with hypervisors, stick with VirtualBox.

If youre not familiar with Linux, stick with Windows.

If newer versions of Windows (11 etc.) are giving you issues, use Windows 10.

If VMs dont ping, try:

renaming the internal network name intent to intent 2, or

set each VM to a static IP Address, or

set the adapter to Host-Only in the network adapter settings.

Provide screenshots of your VMs for the following:

Provide 2 screenshots of VM1 and VM2 network settings.

In your hypervisor, go to the VM1 settings and select the Network option. Repeat for VM2 and ensure that VM1 and VM2 are set to internal intent.

1 2 Provide 2 screenshots of the connectivity test between VM1 and VM2.

With VM1 and VM2 running, open terminals (PowerShell, CMD, Bash, Zsh, etc.) on each and find the IP addresses (ifconfig/ipconfig). Then ping <ip> from VM1 to VM2, and repeat this for VM2 to VM1.

1 2 Provide 2 screenshots of VM1 and VM2s file sharing commands and output being enabled.

Research how to enable file sharing (SMBv2/3, Samba, etc.). Do NOT share files at the hypervisor level, share files at the virtual OS level. For example, VirtualBox has a feature called Shared Folders-this is NOT acceptable for this AT.

1 2 Provide 1 screenshot of a shared folder.

On VM1, create a folder called Test in the root folder (C: or /) for example C:Test or /Test.

Provide 1 screenshot of the sharing permissions.

On VM1, configure the share permissions for the Test folder so that everyone has read/write access to it.

Provide 1 screenshot of a text file.

On VM1, create a file called testing.txt in the Test shared folder.

Provide 1 screenshot to test that VM2 can access the Test shared folder.

Copy the testing.txt file to the logged-in user of the VM2 desktop.

End of Assessment Check

Completed the AT1 Quiz via Connect.

Completed all of Parts 1-4, including the activities and tasks in this document.

Included your Name and Student ID at the top of this document.

Followed the Submission Details, renamed and uploaded the following 2 files to Connect:

1/2 files - VU23213_AT2_PE_TQOL_SURNAME.docx

2/2 files - VU23213_AT2_LHO_TQOL_Network_ SURNAME.pktEnd of Assessment Task

for

VU23213 - Utilise basic network concepts and protocols required in cyber security