MODULE:

NETWORK SECURITY & CRYPTOGRAPHY

ASSIGNMENT TITLE:
POLICE AUTHORITY

DECEMBER 2014

MARKING SCHEME

Markers are advised that unless a task specifies that an answer be provided in a particular
form, then an answer that is correct, factually or in practical terms, must be given the available
marks. If there is doubt as to the correctness of an answer the relevant NCC Education
textbook should be the first authority.

This Marking Scheme has been prepared as a guide only to markers and there will frequently
be many alternative responses which will provide a valid answer.

Each candidate’s script must be fully annotated with the marker’s comments, where applicable,
and the marks allocated for each part of the tasks.

Throughout the marking, please credit any valid alternative point.

Notice to Markers

Where markers award half marks in any part of a task they should ensure that the total
mark recorded for a task is rounded up to a whole mark.

Network Security & Cryptography December 2014 Final  NCC Education 2014
 Task Guide Maximum
Marks
3.1 Looking for understanding of architectures available to meet
the needs of the police authority for data transfer and storage.
Up to a
a. Discussion of data protection issues maximum of
- Looking for discussion on sensitive nature of data 10 marks.
held on criminals, victims and suspects.

b. Explanation of data protection plans for both stored and Up to a

transmitted data maximum of
- Protection for data stored on central servers. 5 marks for
- Protection required for data accessed on each
workstations in police stations. point/area
- Protection for data accessed on mobile devices. explored.
- Protection for data during transmission between.
police stations and headquarters and to/from mobile
devices.

c. A discussion of alternative data protection methods. Up to a

- A range of potential alternatives to the chosen maximum of
methods should be discussed and for full marks 10 marks.
valid reasons should be given for the chosen
solutions

Many alternative solutions are available but data will be held

on individuals, much of which may be sensitive.
Communication with mobile devices and between the police
Total Marks
stations and the regional headquarters will also take place.
= 40
Encryption and secure transmission lines will be required plus
staff training and policies for data protection.

3.2 Looking for detail regarding:

a. User authentication methods for staff (due to the sensitivity
of data, strong encrypted passwords should be used in
conjunction with policies for regular password changes and
possibly biometric methods. There should be a robust
method for logging access by users).
Up to a
- Creation of user categories with explanation of how maximum of
each category is determined. 3 marks for
- Services allowed for each user category with each point.
explanation of why each service is required.
Up to a
- User authentication method chosen and reasons for maximum of
this. 2 marks for
- User authentication data storage method including each point.
any encryption techniques used with reasons for
choices.
Network Security & Cryptography December 2014 Final  NCC Education 2014
 Up to a
maximum of
b. Discussion of alternative authentication methods 6 marks for
considered with reasons why they were discarded the first
- Alternative authentication methods (6 marks). point and 4
- Reasons for discarding alternative methods (4 marks for the
marks). second
point.

Up to a
c. Secure data transmission methods for remote working and maximum of
communication between the police stations and regional 3 marks for
headquarters (due to the sensitivity of data, message the first
encryption should be used along with some form of private point and 7
network) marks for the
- Data that will be transmitted securely (3 marks). second
- Transmission methods used (7 marks). point.

Up to a
d. Discussion of alternative secure transmission methods maximum of
considered with reasons why they were discarded. 6 marks for
- Alternative encryption and transmission methods (6 the first
marks). point and 4
- Reasons for discarding alternative methods (4 marks for the
marks). second
point.

Up to a
e. Measures and procedures to check for vulnerabilities and maximum of
remove them. 6 marks for
- Outline plans for vulnerability scanning of the the first
network (what scanned, frequency of scans, who point. Up to
responsible, etc.) (6 marks). a maximum
- Tools used in vulnerability scanning and detail of of 2 marks
data provided by tools (2 marks). for both the
- Plans for automated updating of software and OS. second and
(2 marks). third points.

Where appropriate details should be provided of hardware,

protocols, standards and cryptographic methods used in
providing network security. A discussion around a plan for Total Marks:
vulnerability scanning plus automated updating of software 50.
and OS should be included.

3.3 Looking for a reflective commentary on the completed

assignment, the work as it was carried out and the lessons
learned:
Up to a
 Feasibility of implementing the measures designed by the maximum of
student. 4 marks.

Network Security & Cryptography December 2014 Final  NCC Education 2014
  Success of methods and problem-solving techniques used. Up to a
maximum of
4 marks.

Up to a
 Lessons learned in completing the assignment. maximum of
4 marks.

Total Marks:
10.

Total 100 Marks

Learning Outcome Matrix

Question Learning Outcomes Marker can differentiate
between varying levels of
achievement
3.1 1, 2, 3, 4, 7, Y
3.2 1, 2, 3, 5, 6, 8. 9 Y
3.3 1, 2, 3, 4, 5, 6, 7, 8. 9 Y

Network Security & Cryptography December 2014 Final  NCC Education 2014
 Grade descriptors for Network Security and Cryptography
Learning
Pass Merit Distinction
Outcome
Demonstrate Demonstrate
Understand the Demonstrate highly
adequate robust
most common comprehensive
understanding of understanding of
types of understanding of
common types of common types of
cryptographic common types of
cryptographic cryptographic
algorithm cryptographic algorithm
algorithm algorithm
Understand the Demonstrate Demonstrate Demonstrate highly
Public-key adequate level of robust level of comprehensive level of
Infrastructure understanding understanding understanding

Understand Demonstrate Demonstrate Demonstrate highly

security protocols adequate robust comprehensive
for protecting understanding of understanding of understanding of
data on networks security protocols security protocols security protocols
Demonstrate
Be able to Demonstrate Demonstrate ability to
ability to perform
digitally sign ability to perform perform the task to the
the task
emails and files the task highest standard
consistently well
Understand
Vulnerability
Demonstrate Demonstrate Demonstrate highly
Assessments and
adequate level of robust level of comprehensive level of
the weakness of
understanding understanding understanding
using passwords
for authentication
Be able to
Demonstrate
perform simple Demonstrate Demonstrate ability to
ability to perform
vulnerability ability to perform perform the task to the
the task
assessments and the task highest standard
consistently well
password audits
Be able to Demonstrate Demonstrate Demonstrate highly
configure simple adequate level of robust level of comprehensive level of
firewall understanding understanding understanding and
architectures and ability and ability ability

Understand Demonstrate Demonstrate Demonstrate highly

Virtual Private adequate level of robust level of comprehensive level of
Networks understanding understanding understanding
Demonstrate
Demonstrate Demonstrate ability to
Be able to deploy ability to perform
ability to perform perform the task to the
wireless security the task
the task highest standard
consistently well

Network Security & Cryptography December 2014 Final  NCC Education 2014