ICTCYS612 Assessment Student Workbook

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 54

Suite 1, Level 1, 37 – 39 George Street, Parramatta, NSW 2150 Australia

T: +61 2 8844 1000 | E: [email protected] | RTO ID: 45432 | CRICOS Code: 03717E

Assessment Workbook
ICTCYS612 Design and implement
virtualised cyber security infrastructure for
organizations

student
assessment
tasks
Table Of Contents
Introduction 4
Assessment Task 1: Knowledge Questions 5
Assessment Task 1: Checklist 8
Assessment Task 2: Project Portfolio 9
Section 1: Virtualised cyber security infrastructure 13
Section 2: Implementation and testing 19
Assessment Task 2: Checklist 21
Final Results Record 23
Case Study 24
Student name: Muhammad Usman

Student ID:

Assessor: Md Rajjaqul Haider

Date: 10/22/2024

Business this assessment Simulation Pack (Jonathans’ Graphic Design & King Edward VII
is based on: College)

Documentation reviewed  Simulation Pack


as preparation:
 Assessment Task
 Project Portfolio

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 3 of


Introduction
The assessment tasks for ICTCYS612 Design and implement virtualised cyber security
infrastructure for organisations are outlined in the assessment plan below. These tasks have been
designed to help you demonstrate the skills and knowledge that you have learnt during your
course.
Please ensure that you read the instructions provided with these tasks carefully. You should also
follow the advice provided in the IT Works Student User Guide. The Student User Guide provides
important information for you relating to completing assessment successfully.

Assessment for this unit


ICTCYS612 Design and implement virtualised cyber security infrastructure for organisations
describes the skills and knowledge required to research, design, implement and test virtualised
cyber security infrastructure in a small to medium sized organisation.
For you to be assessed as competent, you must successfully complete two assessment tasks:
 Assessment Task 1: Knowledge questions – You must answer all questions correctly.
 Assessment Task 2: Project – You must work through a range of activities and complete a
project portfolio.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 4 of


Assessment Task 1: Knowledge Questions

Information for students


Knowledge questions are designed to help you demonstrate the knowledge which you have
acquired during the learning phase of this unit. Ensure that you:
 review the advice to students regarding answering knowledge questions in the IT Works
Student User Guide
 comply with the due date for assessment which your assessor will provide
 adhere with your RTO’s submission guidelines
 answer all questions completely and correctly
 submit work which is original and, where necessary, properly referenced
 submit a completed cover sheet with your work
 avoid sharing your answers with other students.

i Assessment information
Information about how you should complete this assessment can be found in Appendix
A of the IT Works Student User Guide. Refer to the appendix for information on:
 where this task should be completed
 the maximum time allowed for completing this assessment task
 whether or not this task is openbook.
Note: You must complete and submit an assessment cover sheet with your work. A
template is provided in Appendix C of the Student User Guide. However, if your RTO
has provided you with an assessment cover sheet, please ensure that you use that.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 5 of


Questions
Provide answers to all of the questions below:

1. List three features associated with implementation methodologies for cyber security.

 Risk Assessment: This involves identifying, assessing, and prioritizing potential


cybersecurity risks and vulnerabilities within an organization's network and systems. It
helps in understanding the potential impact of various threats and developing strategies
to mitigate these risks effectively.

 Access Control: This feature refers to the establishment of measures and protocols to
regulate and restrict access to sensitive data and critical systems within an
organization. It involves implementing authentication and authorization processes to
ensure that only authorized personnel can access specific resources, thereby reducing
the risk of unauthorized access and data breaches.

 Incident Response Planning: This includes creating a comprehensive plan to effectively


manage and respond to cybersecurity incidents and breaches within an organization. It
involves establishing protocols for detecting, analyzing, and responding to security
breaches promptly, minimizing their impact, and restoring normal operations as quickly
as possible.

2. Describe each of the following that are key features of a cyber security infrastructure.

Features of cyber Provide a brief description


security infrastructure

Application security In order to guard against dangers like unauthorised access


and alteration, application security is the process of creating,
integrating, and testing security measures within applications.

Business continuity A proactive business practise called business continuity


planning planning enables a corporation to identify potential risks,
weaknesses, and vulnerabilities to its organisation during
times of crisis. The development of a business continuity plan
guarantees that corporate executives can respond promptly
and effectively to a disruption in business.

Disaster recovery planning An organization's comprehensive disaster recovery (DR)


strategy outlines in great detail how to deal with unanticipated
events including natural disasters, power outages,
cyberattacks, and other disruptive occurrences.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 6 of


Features of cyber Provide a brief description
security infrastructure

Operational security Organisations use operational security (OPSEC) as a


(OPSEC) procedure to stop sensitive information from falling into the
wrong hands. OPSEC spots behaviours that may appear
innocent, but which unintentionally expose or leak sensitive
or crucial information to a potential adversary.

Threat vectors The technique a cybercriminal employs to acquire first


access to a target network or infrastructure is referred to as a
threat vector. Attack vector and threat vector are frequently
used interchangeably.

3. Describe the purpose of each of the following organisation procedures when designing and
implementing cyber security infrastructure.

Approval processes e.g. identifying An approval process is a type of business process


and documenting cyber security that includes steps to formally approve work from
requirements/features different levels of the organization. The work can
include budgets, invoices, project outlines,
marketing initiatives, or any other items that need a
series of approvals from different departments.

Risk management The goal of risk management is to recognise


possible issues before they arise so that risk
handling actions can be planned and implemented
as necessary over the course of a project or
product to reduce negative effects on
accomplishing goals.

Establishing maintenance and alert An approach for ongoing maintenance that


processes continuously assesses an asset's real state to
determine what maintenance is required. a
maintenance method that states that work should
only be done when specific indicators point to a
system's performance declining or impending
breakdown.

Testing methods and procedures The goal of testing involves determining the
predicted observation in advance and contrasting it
with what is actually observed.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 7 of


4. List two cyber security risks.

 Malware attack: Attackers utilise a variety of techniques, most frequently social


engineering, to install malware on a user's device. Users could be prompted to perform
an action, like opening an attachment or clicking a link. In other instances, malware
installs itself without the user's knowledge or agreement by taking advantage of flaws in
operating systems or browsers.

 Distributed denial of service (DDoS): A denial of service (DoS) attack aims to overtax
the resources of a target system, render it inoperable, and prevent people from
accessing it. In a distributed denial of service (DDoS) attack, a large number of
compromised computers or other devices are used in a coordinated assault on the
target system.

5. List three factors that can influence tolerance of cyber security risk.

 Lack of Understanding: As we mentioned earlier, some organizations don’t have the


financial or staff resources to keep up with cyber security. They might not realize where
they have gaps and might not fully understand the risk that security gaps pose to their
infrastructure and business.

 Software: Some businesses implement centralised updates and patch management.


They have an IT department that manages these upkeep tasks for the entire company.
Again, smaller organisations frequently fall behind in updating their systems since they
may lack a centralised IT staff, which can result in individuals installing updates who
may or may not be aware of the priority.

 Public WiFi: Employees should never use public wifi when conducting personal or
business tasks. You should assume that all network traffic on your computer while
connected to public wifi can be accessed.

6. Describe an industry standard and regulation applicable to implementing cyber security


infrastructure.

IEC/ISO 27032: A widely acknowledged standard known as ISO 27032 offers organisations
advice on cybersecurity. The Standard is made to assist organisations in managing the
risks related to the use of technology and defending themselves against cyberattacks. It
offers recommendations on how to recognise, evaluate, and control cyber threats and is
based on a risk management strategy. Guidance on incident response and recovery is also
provided in the Standard.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 8 of


ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 9 of
Assessment Task 1: Checklist

Student’s name:

Did the student provide a Completed


sufficient and clear answer successfully? Comments
that addresses the
suggested answer for the Yes No
following?

Question 1 ☐ ☐

Question 2 ☐ ☐

Question 3 ☐ ☐

Question 4 ☐ ☐

Question 5 ☐ ☐

Question 6 ☐ ☐

Task outcome: Satisfactory Not satisfactory

Assessor signature:

Assessor name:

Date:

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 10 of


Assessment Task 2: Project Portfolio

Information for students


In this task, you are required to demonstrate your skills and knowledge by working through a
number of activities and completing and submitting a project portfolio.
You will need access to:
 a suitable place to complete activities that replicates an ICT environment including relevant
hardware, software and components, as well as application and user security technologies
and cyber security providers
 ICTCYS612 Simulation Pack or access to operational details required to determine cyber
security requirements
 your learning resources and other information for reference
 Project Portfolio template.
Ensure that you:
 review the advice to students regarding responding to written tasks in the IT Works Student
User Guide
 comply with the due date for assessment which your assessor will provide
 adhere with your RTO’s submission guidelines
 answer all questions completely and correctly
 submit work which is original and, where necessary, properly referenced
 submit a completed cover sheet with your work
 avoid sharing your answers with other students.

Assessment information
i
Information about how you should complete this assessment can be found in Appendix
A of the IT Works Student User Guide. Refer to the appendix for information on:
 where this task should be completed
 how your assessment should be submitted.
Note: You must complete and submit an assessment cover sheet with your work. A
template is provided in Appendix B of the Student User Guide. However, if your RTO
has provided you with an assessment cover sheet, please ensure that you use that.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 11 of


Activities
Complete the following activities:

1. Carefully read the following:

This project requires you to research, design, implement and test virtualised cyber
security infrastructure on two different occasions.
You can complete this project based on the case study organisations in the
ICTCYS612 Simulation Pack or you can base it on two organisations that you are
familiar with or working for. If you choose to complete the project based on the two
organisations of your choice, it is important that they are both small to medium
sized business and you can access information about the operational details
required to determine cyber security requirements. You will also need to able to
access all of the required hardware and software and components, as well as
application and user security technologies and cyber security providers. Speak to
your assessor to get approval if you want to base this on two organisations of your
choice.
You will be collecting evidence for this unit in a Project Portfolio. The steps you
need to take are outlined below.

2. Preparation

Make sure you are familiar with the organisations you are basing this assessment
on and have read through the necessary background information. For the case
study organisations, this is all of the documents included in the ICTCYS612
Simulation Pack. If it’s your own organisations, it’s important that you have this
approved by your assessor.
Complete Page 4 of your Project Portfolio for this unit.
Read through the requirements of Section 1 and 2 of your Project Portfolio which
include detailed guidance relevant to all the assessment activities.

3. Designing the virtualised cyber security infrastructure

You are now to complete Section 1 of your Project Portfolio by preparing to design
and then designing the virtualised cyber security infrastructure. This involves:
 Reviewing and reporting on each organisation’s operations to determine their
cyber security needs
 Researching and identifying options for network security for each organisation,
as well as security technologies that can be used.
 Determining the data types that need to be protected, required security levels
and boundaries and mission critical server requirements.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 12 of


Based on your review and research you are now to design the virtualised cyber
security infrastructure for each organisation, as well as a plan for implementing the
infrastructure including timelines and for monitoring the security of the network.
In preparation for implementing the infrastructure for each organisation, you will
also need to identify and obtain all of the tools you need to implement the
infrastructure, as well as gain access to the network and data that needs to be
protected.
Answer all the questions in the Portfolio and then prepare a presentation to present
your infrastructure designs in the next activity. Your presentation will be to a small
group of students and your assessor will advise you of the date and time for the
presentation. Your presentation is to be for approximately 15 minutes and you will
be required to ask for feedback and then to incorporate this feedback into your
design following the meeting.

Complete Section 1 of your Project Portfolio.

4. Infrastructure designs presentation

You are now to present your infrastructure designs. Your presentation will be
approximately 15 minutes.
Speak carefully to your presentation and ensure you clearly articulate the
information using industry standard technical language. In addition use suitable
questioning techniques to seek feedback and active listening skills to listen to
feedback provided.

This can either be viewed in person by your assessor or you may like to video
i
record the session for your assessor to watch later. Your assessor can provide you
with more details at this step. Make sure you follow the instructions above and
meet the timeframes allocated.

5. Implement and test infrastructure

Now that you have designed your virtualised cyber security infrastructure for each
organisation, you are to implement your infrastructure as set out in your
implementation plan. Once the infrastructure for each organisation is in place, you
will also need to test it to ensure it is functioning correctly and adjust it as required.
You will also need to speak to your assessor to get their feedback on your
implementation of the design and testing.

Complete Section 2 of your Project Portfolio.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 13 of


6. Submit your completed Project Portfolio

Make sure you have completed all sections of your Project Portfolio, answered all
questions, provided enough detail as indicated and proofread for spelling and
grammar as necessary. Remember to submit all necessary attachments.
You are then to submit this to management (your assessor) via email. Your email
must seek final sign off for the identify management plan, as well as seeking
feedback (which you must also respond to).

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 14 of


Section 1: Virtualised cyber security
infrastructure
Complete this section for each organisation.
Organisation 1 (Jonathan’s Graphic Design)

Organisation operations Jonathan’s Graphic Design – Business information


Provide an analysis of your
Chosen Organization Operations:
chosen organisation’s
operations. Jonathan’s Graphic Design is a single owner graphic
design business that necessitates a versatile and secure IT
Describe the cyber security
infrastructure. The business operations include:
needs the organisation has
based on their operations. 1. Graphic Design Work: Utilization of specialized
software that may require both Mac and Windows
environments.
2. Customer Management: Maintaining a customer
database which includes personal but not financial
information.
3. Accounting: Using Xero for financial management
and accounting needs.
4. File Storage and Sharing: Storing and sharing files
via OneDrive.
IT Infrastructure Needs:
1. Dual Operating Systems: To run specific
applications that are exclusive to Mac or Windows, a
virtual machine (VM) setup is required to support
both OS environments on a single system.
2. Cyber Security: Given the sensitive nature of
customer data and critical business operations,
robust cyber security measures are imperative.
Cyber Security Needs:
Based on Jonathan’s Graphic Design operations, the
following cyber security needs are essential:
1. Virtual Machine Security:
 Isolation: Ensuring that both operating
systems (Mac and Windows) running on the
virtual machine are properly isolated to
prevent crosscontamination of malware.
 Regular Updates: Keeping the virtual
machine software, along with both operating
systems, uptodate with the latest security
patches.
2. Customer Database Protection:

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 15 of


 Encryption: Encrypting the customer
database to protect personal information.
 Access Control: Implementing strong
authentication mechanisms to control
access to the customer database.
3. Accounting System Security:
 Secure Access to Xero: Using multifactor
authentication (MFA) to access Xero to
protect financial data.
 Data Encryption: Ensuring that any data
transferred between the local system and
Xero is encrypted.
4. File Storage and Sharing Security:
 Secure OneDrive: Implementing MFA for
OneDrive access and ensuring that files
stored and shared are encrypted.
 Backup: Regularly backing up files to
prevent data loss due to cyber incidents.
5. General Network Security:
 Firewall: Using a firewall to control the
inputs and outputs of the digital estate.
 Antivirus and AntiMalware: Installing
reliable antivirus and antimalware software
to protect against malicious threats.
 Regular Audits: Conducting regular security
audits to identify and mitigate potential
vulnerabilities.
6. Single User Security:
 Personal Security Practices: Training the
business owner in best practices for cyber
security, including recognizing phishing
attempts and securing personal devices.

Network security options and Network 1 Virtual Private Network (VPN): A VPN
technologies Security . creates a secure, encrypted connection
Options over a less secure network, such as the
Based on the organisation’s
internet. This ensures that data
cyber security needs, identify
transmitted between the business
and describe network security
owner’s device and the virtual machine
options, as well as suitable
(VM) is secure. It also protects data in
security technologies.
transit from eavesdropping and man in
Remember that these must
the middle attacks.
relate to virtualised cyber
security infrastructures.
2 Virtual Firewall: A virtual firewall is a
Include at least two options for . software-based firewall deployed within

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 16 of


network security and two a virtualized environment. It provides
security technologies. similar protection to a physical firewall
but is specifically designed to protect
VMs. It can monitor and filter incoming
and outgoing traffic based on an
organization's security policies.

Network 1 Intrusion Detection and Prevention


Security . System (IDPS): An IDPS monitors
Technologies network traffic for suspicious activity
and can take action to prevent potential
threats. It combines the capabilities of
an intrusion detection system (IDS) and
an intrusion prevention system (IPS).
Within the VM to monitor for malicious
activities or policy violations.

2 Endpoint Detection and Response


. (EDR): EDR solutions focus on
detecting, investigating, and responding
to suspicious activities on endpoints
(such as the VM in this case). An EDR
solution within the VM to continuously
monitor and collect data on endpoint
activities.

Requirements Requirements
Describe the data types to be
Data Types to be Protected
protected, security levels
required and secure boundary 1. Customer Database:
requirements.
 Description: Contains personal information
Further, describe the of customers.
missioncritical network servers  Protection Needs: Encryption, access
that are part of the infrastructure. control, regular backups.
2. Financial Data:
 Description: Managed through Xero,
includes financial transactions and
accounting information.
 Protection Needs: Multifactor
authentication (MFA), encrypted data
transfer, secure access controls.
3. Graphic Design Files:
 Description: Design projects and related
files stored on OneDrive.
 Protection Needs: Encryption, secure

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 17 of


sharing permissions, regular backups.
Security Levels Required
1. High Security for Customer Database:
 Encryption: Data should be encrypted both
at rest and in transit.
 Access Controls: Implement strong
authentication and authorization
mechanisms.
 Regular Audits: Conduct regular security
audits to ensure data integrity.
2. High Security for Financial Data:
 MFA: Ensure multifactor authentication is
enabled for accessing Xero.
 Secure Data Transfer: Use secure
channels (e.g., HTTPS) for data transfer.
 Access Control: Limit access to
authorized personnel only.
3. Medium to High Security for Design Files:
 Encryption: Encrypt files stored on
OneDrive.
 Access Management: Use secure sharing
options and restrict access to only those
who need it.
 Backup: Regularly back up files to prevent
data loss.
Secure Boundary Requirements
1. Access Control:
 User Authentication: Implement strong
password policies and MFA.
 RoleBased Access Control (RBAC):
Assign permissions based on user roles
and responsibilities.
2. Network Security:
 Firewall: Deploy a firewall to control
inbound and outbound traffic.
 Intrusion Detection System (IDS): Use
IDS to detect and respond to potential
security breaches.
3. Data Protection:
 Encryption: Ensure all sensitive data is
encrypted.
 DLP: Implement Data Loss Prevention

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 18 of


measures to prevent unauthorized data
transfers.
4. Monitoring and Logging:
 Activity Logs: Maintain logs of user
activities for monitoring and auditing.
 Network Monitoring: Continuously monitor
network traffic for suspicious activity.
MissionCritical Network Servers
1. Xero (Accounting System):
 Description: Cloudbased accounting
software used for financial management.
 Criticality: Essential for managing the
financial operations of the business.
 Security Measures: MFA, secure access,
regular backups, data encryption.
2. OneDrive (File Storage and Sharing):
 Description: Cloud storage service used
for storing and sharing design files.
 Criticality: Vital for storing and accessing
design projects and related files.
 Security Measures: MFA, secure sharing,
encryption, regular backups.
3. Virtual Machine Hosting:
 Description: Hosts the dual operating
systems (Mac and Windows) required for
running graphic design software.
 Criticality: Essential for running software
that is specific to Mac or Windows.
 Security Measures: Isolation of OS
environments, regular updates, robust
antivirus and antimalware protection.
By focusing on these areas, Jonathan’s Graphic Design can
ensure a robust and secure IT environment that protects
sensitive data and supports the business’s operational
needs.

Infrastructure design Infrastructure design (Screenshot)


Provide your design for the
To design a secure virtualized infrastructure for Jonathan’s
virtualised cyber security
Graphic Design, the following elements should be included:
infrastructure. You can include
this as a screenshot and attach

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 19 of


it to your Portfolio.
1. Virtual Machine Host:
 Physical Host Machine: A high-performance
computer with sufficient RAM, CPU, and storage.
 VM Software: Software like VMware or VirtualBox to
create and manage virtual machines.
2. Virtual Machines (VMs):
 Mac VM: Running macOS for design specific
applications.
 Windows VM: Running Windows OS for other
required applications.
3. Network Security:
 Firewall: To control incoming and outgoing traffic.
 Antivirus and Antimalware: To protect both VMs.
 Network Segmentation: Isolating the VMs from each
other and from the host OS.
4. Data Protection:
 Encryption: For both storage and data in transit.
 Regular Backups: Automated backups of both VMs
and critical data.
5. Access Control:
 Multifactor Authentication (MFA): For accessing both
VMs and critical applications like Xero and
OneDrive.
 Role Based Access Control (RBAC): Even though
there is only one user, enforcing permissions to
restrict access to certain functions.
6. Monitoring and Logging:
 Activity Logging: Tracking user activities and access
logs.
 Intrusion Detection System (IDS): Monitoring for any
suspicious activities.
7. Regular Updates:
 Patch Management: Regularly updating the OS,
VM software, and security tools.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 20 of


Here's a visual representation of the infrastructure design:

Implementation plan Action Responsibilitie Timelines


Provide your implementation s
plan for your design. Make Procure Hardware and Business Owner 1 week
sure you plan includes: Software
Actions for implementation
including network Set Up Physical Host and VM IT Consultant 2 days
boundaries and Software
technologies that will be
used. Create and Configure VMs IT Consultant 1 week
responsibilities and
timelines.
Implement Network Security IT Consultant 3 days

Establish Data Protection IT Consultant 2 days


Measures

Implement Access Control Business Owner, 2 days


IT Consultant

Set Up Monitoring and Logging IT Consultant 3 days

Regular Maintenance and Business Owner, Ongoing


Updates IT Consultant (monthly)

Network security monitoring Network Security Monitoring Strategy

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 21 of


strategy Jonathan’s Graphic Design will implement a comprehensive
Describe the strategy that network security monitoring strategy to protect its virtualized
will be used for monitoring environment, ensuring the integrity, confidentiality, and
the network security. availability of its systems and data.
Key Components
1. Intrusion Detection System (IDS):
 Deployment: Install IDS on both Mac and Windows
VMs.
 Function: Continuously monitor network traffic for
suspicious activities and potential threats.
2. Activity Logging:
 Configuration: Enable detailed logging on both VMs
and critical applications (Xero, OneDrive).
 Monitoring: Regularly review logs for unauthorized
access attempts and anomalies.
3. Real-Time Alerts:
 Setup: Configure IDS and logging systems to send
real-time alerts for critical security events.
 Response: Immediate investigation and remediation
of any alerts by the business owner or IT consultant.
4. Regular Security Audits:
 Frequency: Conduct monthly security audits to
identify and address vulnerabilities.
 Scope: Review firewall settings, access controls,
and software updates.
5. Network Segmentation:
 Implementation: Isolate VMs from each other and
the host OS to contain potential breaches.
 Monitoring: Ensure traffic between segments is
monitored and controlled.
6. Antivirus and Anti-Malware Updates:
 Automation: Schedule automatic updates for
antivirus and anti-malware software on both VMs.
 Monitoring: Regularly verify that definitions are up-
to-date and scans are performed.

Responsibilities
 IT Consultant: Set up IDS, configure logging, establish

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 22 of


real-time alerts, and conduct security audits.
 Business Owner: Monitor alerts, review logs, and
coordinate with the IT consultant for any required
actions.

Tools Tools
Outline the tools that you 1. VMware Workstation/Fusion or VirtualBox: These tools
will use to implement the will be used to create and manage the virtual machines for
infrastructure. Explain how both Mac and Windows environments.
you will obtain access to the 2. Firewall Software:
network and data you need.  Windows Firewall: Built-in firewall for the Windows
VM.
 macOS Firewall: Built-in firewall for the Mac VM.
3. Antivirus and Anti-Malware Software:
 Windows Defender: Built-in antivirus for the
Windows VM.
 ClamXAV or Sophos: Antivirus solutions for the
Mac VM.
4. Encryption Tools:
 BitLocker: For encrypting data on the Windows VM.
 FileVault: For encrypting data on the Mac VM.
5. Backup Solutions:
 Time Machine: For backing up the Mac VM.
 Windows Backup and Restore: For backing up the
Windows VM.
6. Multi-Factor Authentication (MFA) Tools:
 Authy or Google Authenticator: For implementing
MFA for access to critical applications like Xero and
OneDrive.
7. Intrusion Detection System (IDS) and Monitoring Tools:
 Snort or Suricata: Open-source IDS tools for
monitoring network traffic and detecting suspicious
activities.
8. Network Segmentation Tools:
 Virtual LAN (VLAN): To create isolated networks for
the VMs.

Explanation for obtain access to the network and data

1. Customer Database:
 Location: Stored locally on the physical host or
within the VMs.
 Access: Direct access through the VM software,
with encryption and access controls in place.
2. Xero Accounting System:
 Location: Cloud-based service.
 Access: Via a web browser or dedicated app,
secured with MFA. Ensure that secure connections
(HTTPS) are used.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 23 of


3. OneDrive:
 Location: Cloud-based storage service.
 Access: Via a web browser, desktop app, or mobile
app, secured with MFA. Ensure files are encrypted
both at rest and in transit.

Presentation Presentation PPT


Include the title of your
presentation here and Jonathans_Graphic_Design.pptx
attach it to your Portfolio.

Feedback Feedback
Document the feedback you
received from the
presentation regarding your
design.
Adjustments
Describe your response to
this feedback and
adjustments you will make.

Attach: Screenshots ☒

Presentation ☒

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 24 of


Organisation 2 (Kind Edward VII College)
Organisation operations King Edward VII College – Business information
Provide an analysis of
Business Operations Overview
your chosen
organisation’s King Edward VII College is a vocational institution that requires a
operations. robust IT infrastructure to support its academic and administrative
functions. The college operations include:
Describe the cyber
security needs the 1. Software Testing: Establishing a virtual machine (VM)
organisation has based environment for testing software applications.
on their operations. 2. Academic Management: Utilizing a Student Management
System (RTO Manager) to manage student information,
academic records, and enrolment processes.
3. Administrative Functions: Using Xero for accounting and
financial management.
4. Staff and Operational Files: Managing files related to staff,
academic documentation, and enrolment records.
IT Infrastructure Needs
1. Virtual Machine Setup: A VM is required for the purpose of
testing software in a controlled and secure environment.
2. Cyber Security: Ensuring the VM and the entire IT
infrastructure are secure to protect sensitive data and
maintain operational integrity.
Cyber Security Needs
Based on King Edward VII College’s operations, the following cyber
security needs are essential:
1. Virtual Machine Security:
 Isolation: Ensuring the VM used for software
testing is isolated from the main network to prevent
potential threats from spreading.
 Regular Updates: Keeping the VM software and
the operating system up-to-date with the latest
security patches.
2. Data Protection:
 Encryption: Encrypting sensitive data, including
student information, staff files, and academic
documents.
 Access Control: Implementing a multilevel security
mode where access permissions are granted based
on user roles.
3. Network Security:
 Firewall: Using firewalls to control and monitor
network traffic, ensuring only authorized access to
the network.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 25 of


 Antivirus and Anti-Malware: Installing and
regularly updating antivirus and anti-malware
software to protect against malicious threats.
4. Secure Access to Critical Systems:
 RTO Manager and Xero: Using multi-factor
authentication (MFA) and secure connections
(HTTPS) to access these systems.
 OneDrive: Ensuring that files stored and shared are
encrypted and access is controlled via MFA.
5. Monitoring and Logging:
 Activity Logging: Implementing logging
mechanisms to track user activities and access
attempts.
 Intrusion Detection System (IDS): Monitoring
network traffic for any suspicious activities.
6. Regular Backups:
 Data Backup: Regularly backing up critical data to
prevent data loss due to cyber incidents.
7. Compliance and Training:
 Regulatory Compliance: Ensuring the college
complies with relevant data protection regulations.
 Staff Training: Educating staff on best practices for
cyber security, including recognizing phishing
attempts and securing personal devices.

Network security options Network Security 1. Firewalls: Next-Generation Firewall


and technologies Options (NGFWs) provide advanced security
features beyond traditional firewalls,
Based on the
including deep packet inspection,
organisation’s cyber
intrusion prevention systems (IPS),
security needs, identify
and application awareness. Deploying
and describe network
an NGFW at the network perimeter to
security options, as well
filter incoming and outgoing traffic,
as suitable security
ensuring only legitimate traffic is
technologies. Remember
allowed.
that these must relate to
virtualised cyber security
2. Virtual Private Network (VPN): A
infrastructures.
VPN provides a secure connection
Include at least two between remote users and the
options for network college's internal network, encrypting
security and two security data transmitted over the internet.
technologies. Setting up a VPN for remote staff and
students to access the college’s
network securely.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 26 of


Network Security 1. Intrusion Detection System (IDS) /
Technologies Intrusion Prevention System (IPS):
Description: IDS/IPS solutions
monitor network traffic for suspicious
activity and take action to prevent
potential threats. Deploying IDS/IPS
sensors at key points in the network,
such as at the perimeter and within
internal segments.

2. Multi-Factor Authentication (MFA):


Description: MFA requires users to
provide multiple forms of verification
before accessing sensitive systems
and data. Enforcing MFA for accessing
critical systems like RTO Manager,
Xero, and OneDrive, as well as for
logging into the virtual machine
environment.

Requirements Requirements
Describe the data types
Data Types to be Protected
to be protected, security
levels required and 1. Student Management System Data:
secure boundary  System: RTO Manager
requirements.  Data: Student personal information, academic
records, enrolment details.
Further, describe the
2. Accounting Data:
mission critical network
 System: Xero
servers that are part of
 Data: Financial records, transaction details,
the infrastructure.
invoices.
3. Staff Files:
 Data: Personal information, employment records,
performance reviews.
4. Operational Files:
 Data: Academic documentation, enrolment forms,
institutional records.

Security Levels Required


1. Multilevel Security Mode:
 General Access: All users must have permission to
access the system.
 Specific Access: Role-based access controls
(RBAC) to restrict specific data access based on
user roles.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 27 of


2. Encryption:
 Data at Rest: Encrypting sensitive data stored on
servers and VMs.
 Data in Transit: Encrypting data transmitted over
the network.
3. Multi-Factor Authentication (MFA):
 Critical Systems: Implementing MFA for accessing
RTO Manager, Xero, and OneDrive.
4. Regular Security Updates:
 Patches: Ensuring all systems and software are
updated with the latest security patches.

Secure Boundary Requirements


1. Controlled Access:
 Firewalls: Implementing firewalls to manage and
monitor network traffic.
 Network Segmentation: Isolating the VM for
software testing from the main network.
2. Monitoring and Logging:
 IDS/IPS: Deploying Intrusion Detection/Prevention
Systems to monitor and respond to suspicious
activities.
 Activity Logs: Keeping detailed logs of user
access and activities.
3. Data Loss Prevention (DLP):
 Software: Implementing DLP solutions to prevent
unauthorized data transfer.

Mission Critical Network Servers


1. RTO Manager:
 Function: Manages student information and
academic records.
 Security: Requires high security with encryption,
access controls, and regular audits.
2. Xero:
 Function: Handles financial and accounting
operations.
 Security: Needs MFA, encrypted data storage, and
secure access protocols.
3. OneDrive:
 Function: Provides cloud storage for staff and
operational files.
 Security: Ensures file encryption, controlled
access, and secure sharing practices.

Infrastructure design Infrastructure design


Provide your design for The infrastructure design for King Edward VII College focuses on
the virtualised cyber establishing a secure and efficient virtual machine (VM)

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 28 of


environment for software testing, along with robust protection for
security infrastructure.
sensitive data and critical systems.
You can include this as a
screenshot and attach it
to your Portfolio. Components of the Infrastructure:
1. Physical Host Machine:
 High-performance computer with sufficient RAM,
CPU, and storage to support VMs.
2. VM Software:
 VMware Workstation/Fusion or VirtualBox to
create and manage VMs.
3. Virtual Machines (VMs):
 Test VM: A dedicated VM for software testing.
 Admin VM: A separate VM for administrative tasks.
4. Network Security:
 Firewall: To control and monitor network traffic.
 Antivirus and Anti-Malware: Installed on both
VMs.
5. Data Protection:
 Encryption: For sensitive data storage and
transmission.
 Regular Backups: Automated backups for critical
data.
6. Access Control:
 Multi-Factor Authentication (MFA): For accessing
critical systems.
 Role-Based Access Control (RBAC):
Implementing permissions based on user roles.
7. Monitoring and Logging:
 Activity Logging: Tracking user activities and
access attempts.
 Intrusion Detection System (IDS): Monitoring for
suspicious activities.
8. Compliance and Training:
 Regulatory Compliance: Ensuring adherence to
data protection regulations.
 Staff Training: Regular training on cyber security
best practices.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 29 of


Here's a visual representation of the infrastructure design:

Implementation plan Action Responsibilities Timelines


Provide your implementation
Planning Phase IT Manager, Project 1 week
plan for your design. Make sure
Manager, Security Analyst
you plan includes:
Actions for implementation
Infrastructure IT Team, Security Analyst 2 weeks
including network boundaries
Setup
and technologies that will be
used. Virtual Machines IT Team, Security Analyst 1 week
responsibilities and timelines. Configuration

Security Security Team, IT Team 1 week


Implementation

Data Protection Security Team, IT Team 1 week


and Access
Control
Backup and IT Team, Security Team 1 week
Disaster
Recovery
Monitoring and Security Analyst, Ongoing
Auditing Compliance Officer

Staff Training HR Team, Compliance Ongoing


and Compliance Officer

Network security monitoring Network Security Monitoring Strategy


strategy
Objectives

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 30 of


The primary objectives of the network security monitoring
Describe the strategy that will
strategy are to:
be used for monitoring the
1. Detect Intrusions and Anomalies: Identify
network security.
unauthorized access and unusual network activity.
2. Ensure Data Integrity: Protect sensitive data from
breaches and unauthorized modifications.
3. Maintain Compliance: Adhere to regulatory
requirements for data protection and security.

Components of the Strategy


1. Intrusion Detection System (IDS)
 Tool: Snort or Suricata
 Function: Monitor network traffic for
suspicious activities and potential threats.
 Deployment: Placed at key points within the
network to analyze traffic entering and
leaving the network.
2. Security Information and Event Management
(SIEM)
 Tool: Splunk or ELK Stack (Elasticsearch,
Logstash, Kibana)
 Function: Collect, analyze, and correlate
security data from various sources to provide
real-time monitoring and alerting.
 Deployment: Centralized platform to
aggregate logs from firewalls, IDS/IPS,
servers, and endpoints.
3. Firewall and Network Access Control (NAC)
 Tool: pfSense or Cisco ASA
 Function: Control and monitor incoming and
outgoing network traffic based on
predetermined security rules.
 Deployment: Implemented at the network
perimeter and between internal network
segments.
4. Endpoint Detection and Response (EDR)
 Tool: CrowdStrike Falcon or Carbon Black
 Function: Monitor endpoints (computers,
mobile devices) for malicious activities and
potential threats.
 Deployment: Installed on all endpoints,
including VMs, staff computers, and servers.

5. Network Traffic Analysis (NTA)


 Tool: Darktrace or Vectra
 Function: Use machine learning to analyze
network traffic patterns and detect
anomalies.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 31 of



Deployment: Integrated with network
infrastructure to continuously monitor and
analyze traffic..
6. Regular Audits and Penetration Testing
 Function: Conduct regular security audits
and penetration testing to identify and
address vulnerabilities.
 Deployment: Scheduled on a quarterly or bi-
annual basis, with external experts
performing the tests.

Tools Tools
Outline the tools that you will VMware Workstation/Fusion or VirtualBox:
use to implement the  Purpose: Creating and managing virtual machines.
infrastructure. Explain how you  Access: Download and install from the official
will obtain access to the websites. VMware products require licenses,
network and data you need. VirtualBox is free.
Windows Firewall and macOS Firewall:
 Purpose: Network traffic control and monitoring.
 Access: Integrated into Windows and macOS
operating systems.
Windows Defender and ClamXAV/Sophos:
 Purpose: Antivirus and anti-malware protection.
 Access: Windows Defender is pre-installed;
ClamXAV/Sophos can be downloaded from their
websites.
BitLocker and FileVault:
 Purpose: Encrypting data on Windows and Mac
VMs.
 Access: Integrated into Windows and macOS
operating systems.
Time Machine and Windows Backup and Restore:
 Purpose: Regular backups of VMs.
 Access: Built into macOS and Windows operating
systems.
Authy or Google Authenticator:
 Purpose: Implementing multi-factor authentication
(MFA).
 Access: Available for download from app stores.
Snort or Suricata:
 Purpose: Intrusion detection system (IDS) for
network monitoring.
 Access: Download from official websites.
Virtual LAN (VLAN):
 Purpose: Network segmentation for isolating VMs.
 Access: Configure through network router or switch
settings.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 32 of


Explanation for obtain access to the network and data

Customer Database and Student Management System


(RTO Manager):
 Access: Direct access through VM software with
encrypted connections and role-based access
controls.
Xero Accounting System:
 Access: Secure connections via web browser or
app, with MFA enabled.
OneDrive:
 Access: Encrypted file storage and access via web
browser, desktop app, or mobile app, with MFA.
Staff Files and Academic Documentation:
 Access: Stored within the VMs or on secure cloud
storage, with encryption and access control
measures in place.
Network:
 Access: Controlled and monitored using firewalls,
IDS, and VLAN configurations to ensure secure
communication channels.

Presentation Presentation PPT


Include the title of your
presentation here and attach it King_Edward_VII_College.pptx
to your Portfolio.

Feedback Feedback
Document the feedback you
received from the presentation
regarding your design.

Describe your response to this Adjustments


feedback and adjustments you
will make.

Attach: Screenshots ☒

Presentation ☒

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 33 of


Section 2: Implementation and testing
Complete this section for each organisation.
Organisation 1 (Jonathan’s Graphic Design)

Implementation Implementation (Screenshots)


You are to provide
evidence of the 1. Network Boundaries Created
implementation of your Step: Setting up Network Segmentation and Firewall
design. This should
1. VM software (e.g., VMware or VirtualBox).
include screenshots that
show:
 Network boundaries
created
 Relevant
technologies
implemented
 Security levels set
 User access set

2. Relevant Technologies Implemented


Step: Installing Antivirus and Anti-Malware Software
1. For Mac VM:
o Install software like Bitdefender Antivirus for
Mac.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 34 of


2. For Windows VM:
o Install software like Windows Defender or
Malwarebytes.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 35 of


3. Security Levels Set
Step: Configuring Encryption and Backup
1. Data Encryption:
o Use FileVault for Mac and BitLocker for Windows
to encrypt the entire disk.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 36 of


2. Automated Backups:
o Set up Time Machine for Mac and Windows
Backup for Windows.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 37 of


ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 38 of
ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 39 of
4. User Access Set
Step: Implementing Multi-Factor Authentication (MFA) and
User Access Controls
1. Set up MFA for critical applications like Xero and
OneDrive.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 40 of


Testing Testing Results (Screenshots)
Run tests on your network
which will also
demonstrate how you
monitor the network.
Describe the tests you
undertook and the results.
Provide screenshots of
the test results including
logs.

User feedback User feedback


Document the user
feedback from your
assessor.

Adjustments Adjustments
Based on the tests you
ran, monitoring and user
feedback describe the
adjustments you need to
make.

Attach:
Screenshots ☒

Organisation 2 (King Edward VII College)

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 41 of


Implementation Implementation (Screenshots)
You are to provide evidence
of the implementation of . 1. Network Boundaries Created
your design. This should VLAN Configuration Screenshot: To demonstrate the network
include screenshots that segmentation, a VLAN configuration screenshot from the network
show: switch/router is provided.
 Network boundaries
created
 Relevant technologies
implemented
 Security levels set
 User access set

2. Relevant Technologies Implemented


VM Software Setup Screenshot: This screenshot shows the VM
software (e.g., VMware Workstation) with the Test VM and Admin
VM created.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 42 of


Firewall Configuration Screenshot: This screenshot displays
the firewall settings for the Test VM and Admin VM, showing the
configured rules.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 43 of


ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 44 of
Antivirus/Anti-Malware Installation Screenshot: This
screenshot illustrates the installation and setup of antivirus
software on both VMs.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 45 of


3. Security Levels Set
Data Encryption Screenshot: This screenshot shows the
encryption settings for data on the VMs, utilizing BitLocker for
Windows and FileVault for macOS.

Backup Configuration Screenshot: This screenshot displays

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 46 of


the backup settings for automated backups of critical data.

4. User Access Set


Multi-Factor Authentication (MFA) Configuration Screenshot:
This screenshot demonstrates the setup of MFA for accessing
critical systems like RTO Manager and Xero.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 47 of


Testing Testing Results (Screenshots)
Run tests on your network
which will also demonstrate
how you monitor the
network.
Describe the tests you
undertook and the results.
Provide screenshots of the
test results including logs.

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 48 of


User feedback User feedback
Document the user
feedback from your
assessor.

Adjustments Adjustments
Based on the tests you ran,
monitoring and user
feedback describe the
adjustments you need to
make.

Attach:
Screenshots ☒

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 49 of


Assessment Task 2: Checklist

Student’s name:

Completed
successfully? Comments

Did the student: Yes No

Design and implement cyber security ☐ ☐


infrastructure and review results against
organisational needs on at least two
different occasions?

Analyse each organisation’s operations ☐ ☐


and determine and report on cyber
security needs?

Research and identify industry standard ☐ ☐


network security options and security
technologies?

Determine and report on data types, ☐ ☐


security levels, missioncritical network
servers and secure boundary
requirements?

Design and document infrastructure ☐ ☐


requirements following organisation
requirements?

Determine and document ☐ ☐


implementation plan and timeframes?

Obtain tools, network access and data ☐ ☐


as per organisational requirements?

Plan and document network security ☐ ☐


monitoring strategy following
organisational requirements?

Distribute documentation and seek ☐ ☐


feedback?

Use oral communication skills to ☐ ☐


articulate information using industry
standard technical language?

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 50 of


Use oral communication skills including ☐ ☐
using suitable questioning techniques to
seek feedback and active listening skills
to listen to feedback provided?

Respond to feedback provided? ☐ ☐

Establish and create network boundaries ☐ ☐


following the infrastructure plan
requirements?

Implement network and server ☐ ☐


technologies as per the infrastructure
plan requirements?

Implement user security technologies as ☐ ☐


per the infrastructure plan requirements?

Set security levels and user access as ☐ ☐


per the organisation’s requirements?

Establish network security monitoring ☐ ☐


strategy according to plan requirements?

Test deployment of security ☐ ☐


infrastructure and its components
according to technical specifications and
infrastructure plan requirements?

Obtain and analyse test results, logs and ☐ ☐


user feedback?

Adjust implemented technologies as per ☐ ☐


organisational requirements and user
feedback?

Task outcome: Satisfactory Not satisfactory

Assessor signature:

Assessor name:

Date:

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 51 of


Final Results Record

Student name:

Assessor name:

Date

Final assessment results

Result

Task Type Satisfactory Unsatisfactory Did not submit

Assessment Task 1 Knowledge questions S U DNS

Assessment Task 2 Project Portfolio S U DNS

Overall unit results C NYC

Feedback

 My performance in this unit has been discussed and explained to me.


 I would like to appeal this assessment decision.

Student signature: _________________________________________ Date: _________________

 I hereby certify that this student has been assessed by me and that the assessment has been
carried out according to the required assessment procedures.

Assessor signature: _______________________________________ Date: _________________

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 52 of


Case Study
IT Biz Solutions offers a wide range of Information and Communication Technology services to
businesses of all sizes.
Assume you are the IT Manager for IT Biz Solutions and you have been asked to consider the
virtualised cyber security infrastructure for two case study organisations as follows:

Jonathan’s Graphic Design – Business information

Business type Graphic design business

IT needs Wants to run two operating systems – Mac and Windows –


therefore a virtual machine is required.
Wants to make sure that the virtual machine is cyber secure.

Data types Customer database stored on system, however, no bank details


stored
Accounting system – Xero
Files associated with graphic design
Uses OneDrive

Security levels Set for one user as single business owner.

Mission critical network Through service providers i.e. Xero and OneDrive.
servers

Secure boundary Must control input and outputs of digital estate.


requirements

King Edward VII College – Business information

Business type Vocational college

IT needs Wants to establish a virtual machine for testing software.


Wants to make sure that the virtual machine is cyber secure.

Data types Student management system – RTO Manager


Accounting system – Xero
Staff files

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 53 of


Files associated with all aspects of operations e.g. academic
documentation, enrolment documentation

Security levels A multilevel security mode is needed such that everyone must
have permission to access the system but specific access for
specific data will be required.

Mission critical network Through service providers i.e. RTO Manager, Xero and OneDrive.
servers

Secure boundary Must control input and outputs of digital estate.


requirements

ICTCYS612 Assessment Tasks – v1.1 November 2023 Page 54 of

You might also like