ICAS5118B

brokenroomNetworking and Communications

Nov 21, 2013 (3 years and 6 months ago)

93 views

Assessment Event




Created on
3/07/2007

brokenroom_1e3e71e4
-
398f
-
4b01
-
b017
-
05676ef10aa2.docx

Last saved by Steve Wigmore on
21/11/13

Page
1

of
5


Audit and implement network security

ICAB5159B

-

Build a security shield for a network

ICAS5118B

-

Manage system security

Weight:

5
0
%

Course
190
15

Diploma

in IT
System
Administration



Event No. 1 of
2

Date Due
:

2
7
th

November (Week 17)

Teacher

Steve Wigmore

Elements of competence

(Learning Outcomes)
:




ICAB5159B

(Element
1
)

Develop security framework

(Element 2)

Implement security framework

(Element 3)

Test and validate security
processes

Elements of competence

(Learning Outcomes)
:



ICAS5118B

(
Element

1
)

Identify threats to system

(
Element
2)

Determine risk category

(
Element
3
)

Identify appropriate controls

(Element 4)

Include controls in the system

(Element
5
)

Monitor system
tools and procedures

Submit the following items:




Perform security maintenance tasks

and provide
verbal
comments on issues
encountered
(
live demonstration or
printed)



Marking sheet (printed)


All printed documents are to be presented in
stapled pages or l
oose
items

presented in
a
single A4 plastic sleeve
.

Where professional presentation is required, marks may be lost
for typos, spelling errors,
and grammatical

errors and difficult to use format or layout.

Always keep a backup copy of your assignment. Loss
of your assignment by either
yourself or the teacher will not be accepted as an excuse for non
-
submission.

Assessment Event




Created on
3/07/2007

brokenroom_1e3e71e4
-
398f
-
4b01
-
b017
-
05676ef10aa2.docx

Last saved by Steve Wigmore on
21/11/13

Page
2

of
5

Instructions



Group of work

(maximum of two).
Please put your name at the top of
this
document,

to be submitted at each part

below. Please don’t lose
this
document

as it is the only record of your progress until the assignment is
completed.


When demonstrating each of the following
network
security

features

to the teacher,
provide a verbal evaluation of the potential risk to a typical organisation
and explain any
technical issues

and user education

that would affect its implementation
.


Part 1

Install a firewall
/IDS


Install personal or network firewall soft
ware

that includes Intrusion Detection
System (IDS) features.

U
se scanning software to prove that access is denied to
untrusted sources

and attempts detected
.

ICAB5159B
.1
Develop security framework

ICAB5159B
.2 Implement security framework

ICAB5159B
.3 Test
and validate security processes

ICAS5118B
.1 Identify threats to system

ICAS5118B
.2 Determine risk category

ICAS5118B
.3 Identify appropriate controls

Competent



Completed without teacher assistance apart from task clarification

Evaluation of potential
risk

Explanation of implementation issues

(+
1

mark)


(+1 mark)


(+1 mark)



Part 2

Password audit


Set up examples of both good and bad passwords and run a utility program that
attempts to discover them.

ICAB5159B
.1 Develop security framework

ICAB5159B
.2
Implement security framework

ICAB5159B
.3 Test and validate security processes

ICAS5118B
.1 Identify threats to system

ICAS5118B
.2 Determine risk category

ICAS5118B
.3 Identify appropriate controls

Competent



Completed without teacher assistance apart from
task clarification

Evaluation of potential risk

Explanation of implementation issues

(+1 mark)


(+1 mark)


(+1 mark)



Part 3

Examine logs


Perform some potentially malicious activity

on
a target system

(eg
logging on
with invalid password
s
)

and
demonstrate

system
log entries that indicate th
ose

activities.

ICAB5159B
.1 Develop security framework

ICAB5159B
.2 Implement security framework

ICAB5159B
.3 Test and validate security processes

ICAS5118B
.1 Identify threats to system

ICAS5118B
.2 Determine ris
k category

ICAS5118B
.3 Identify appropriate controls

ICAS5118B
.4 Include controls in the system

ICAS5118B
.4 Monitor system tools and procedures

Competent



Completed without teacher assistance apart from task clarification

Evaluation of potential risk

Explanation of implementation issues

(+1 mark)


(+1 mark)


(+1 mark)





Assessment Event




Created on
3/07/2007

brokenroom_1e3e71e4
-
398f
-
4b01
-
b017
-
05676ef10aa2.docx

Last saved by Steve Wigmore on
21/11/13

Page
3

of
5

Part 4

Test for altered software


Install a program that snapshots a system and detects an altered
system
file.

ICAB5159B
.1 Develop security framework

ICAB5159B
.2 Implement security
framework

ICAB5159B
.3 Test and validate security processes

ICAS5118B
.1 Identify threats to system

ICAS5118B
.2 Determine risk category

ICAS5118B
.3 Identify appropriate controls

ICAS5118B
.4 Include controls in the system

ICAS5118B
.4 Monitor system tools and
procedures

Competent



Completed without teacher assistance apart from task clarification

Evaluation of potential risk

Explanation of implementation issues

(+1 mark)


(+1 mark)


(+1 mark)



Part 5

Monitor emails


Send email between two accounts and
ensure a copy is silently copied to the
administrator.

ICAB5159B
.1 Develop security framework

ICAB5159B
.2 Implement security framework

ICAB5159B
.3 Test and validate security processes

ICAS5118B
.1 Identify threats to system

ICAS5118B
.2 Determine risk catego
ry

ICAS5118B
.3 Identify appropriate controls

ICAS5118B
.4 Include controls in the system

ICAS5118B
.4 Monitor system tools and procedures

Competent



Completed without teacher assistance apart from task clarification

Evaluation of potential risk

Explanation

of implementation issues

(+1 mark)


(+1 mark)


(+1 mark)




It
may

not be practical to assess more than one of the above points per week.
So even though the entire assessment is not due until Week 17, each point
must be completed earlier.


IMPORTANT!

Attempting to hack into any network system where you are not the recognised
administrator, including the TAFE administrative or academic systems, could be
illegal and will result in Fail result for this module and possible further disciplinary
action.


Marks will be deducted for late
or unprofessional
submission.

Competencies
contribute half the total possible 30 marks
.


NOTE:

Always keep a backup copy of your assignment. Loss of your assignment by either yourself
or the teacher will not be accepted as a
n excuse for non
-
submission.

Assessment Event




Created on
3/07/2007

brokenroom_1e3e71e4
-
398f
-
4b01
-
b017
-
05676ef10aa2.docx

Last saved by Steve Wigmore on
21/11/13

Page
4

of
5

Audit and implement network security

STUDENT:




Marking Details

Competent

Grading

Your
Mark

Network security


3
0



Unit
ICAB5159B

(Element
1
)

Develop security framework

(Element 2)

Implement security framework

(Element
3)

Test and validate security processes


C



NYC



MER






Unit
ICAS5118B

(Element
1
)

Identify threats to system

(Element 2)

Determine risk category

(Element 3)

Identify appropriate controls

(Element 4)

Include controls in the system

(Element
5
)

Monitor system tools and procedures


C



NYC



MER





Total Marks
Unit
ICAB5159B

and
ICAS5118B

PASS/FAIL



Total Possible Marks

1
5

3
0

3
0

Final mark will be extrapolated to calculate your mark from 100 to be used for your grading result

FEEDBACK:








C

= Competent

NYC = Not yet competent

MER = More evidence required



Assessment Event




Created on
3/07/2007

brokenroom_1e3e71e4
-
398f
-
4b01
-
b017
-
05676ef10aa2.docx

Last saved by Steve Wigmore on
21/11/13

Page
5

of
5

MARKING GUIDE EXPLANATION:


To gain a
minimum
pass mark of 50
%

you must be declared competent in
all

tasks.


Additional marks are awarded

based on the
following
criteria
:


Distinction (83
-

100):

Students work demonstrates development of original concepts, creativity in problem
solving techniques, thorough understanding of directions and ability to follow them,
and competency with the media.


Credit (70
-

82):

Students work

demonstrates a good understanding of the material but lacks the
ability to combine the new concepts to form an original idea or interpretation.


Pass (50
-

69):

Student has demonstrated competency in all elements but has done minimal work
and shows little

technical proficiency with the media

or subject matter
.


Resubmission penalty:

If you receive an NYC (Not yet competent) or MER (More evidence required) you
will be

given
one

opportunity to resubmit your work for remarking.

The maximum
mark

awarded for a
resubmitted assessment will be a pass mark of 50%.


Late submission penalty:


20% will be deducted from the overall total for assessments
handed in from 1 to
7

days
after the due date
.

Assessments handed in
8

days or
more

after the due date
will receive a maximum mark of 50%.