ICANWK503A – Install and Maintain Valid Authentication Processes
RTO No: 20829
CRICOS Provider Code: 02044E
ABN: XXXXXXXXXX
STUDENT COPY- CR
Assessment Resources Summary
Unit Details ICTNWK503 - Install and maintain valid authentication processes
Students are required to complete ALL summative assessments listed
elow in order to be deemed “Competent” in this unit of competency.
Assessment
Methods
Written Assessment
Assessment 1
Case Study
Assessment 2
La
Assessment 3
Questions
Assessment 4
Issue Date January 2018
Version 1.2
a
Page 2 of 17
Assessment Resources ICTNWK503
Unit Summary
The unit objectives, prerequisites, co-requisites and other pertinent information about this unit
is described at https:
training.gov.au/Training/Details/ICTNWK503
Resources
Students should refer to this unit in Moodle (e-learning.vit.edu.a) to access a list of
esources for this unit (see Learner Resources section for relevant articles, links, videos,
etc).
Lab-1 resources:
“How to set up two-factor authentication in Gmail” https:
www.youtube.com/watch?v=Xhmae4_fG2o
Lab-2 resources:
“70-410 Lesson 3: Installing and Configuring Active Directory Domain Services”
https:
www.youtube.com/watch?v=IFkwRgmEjbU
“70-410 Lesson 4: Configuring User Account Management”
https:
www.youtube.com/watch?v=EVDIPEqhAPM
Read “Lesson 3 Installing Domain Controllers” and “Lesson 4 Managing users and computers” in
Installing and Configuring Windows 2012 Server book (in Learner Resources)
https:
www.youtube.com/watch?v=5mKPhIYMfX8 How to Install Windows 2012 Server R2 on
VMWorkstation
https:
www.youtube.com/watch?v=5mKPhIYMfX8
a
Page 3 of 17
Assessment Resources ICTNWK503
Assessment 1: Written Assessment
Student Name: ______________________________________________________________
Student ID No: ______________________________________________________________
Student Instructions:
• Your answers should be on a separate document using word processing software such as
MS Word & or other software (hand written submissions are only acceptable with prior approval
from your Trainer)
• Your document should be professionally formatted and include
o Your Name
o Your Student ID
o Unit Code
o Assessment Number (i.e. ICTNWK503 Assessment 1)
• Please reference to each question number and retype each question with your answers
• This is an open book assessment, you must answer every question and provide enough
information to demonstrate sufficient understanding of what has been asked to achieve
competency. Please ask your Traine
Assessor if you are unsure what is sufficient detail for an
answer
• Ask your traine
assessor if you do not understand a question. Whist your traine
assessor
cannot tell you the answer, he/she may be able to re-word the question for you or provide further
assistance based on the Institute’s “Reasonable Adjustment Policy”
• Answers should be your own work, in your own words and not plagiarised, nor copied.
However, if an answer is cut & pasted (such as a definition), then the source should be
eferenced
a
Page 4 of 17
Assessment Resources ICTNWK503
Written Assessment Questions
1. In your own words
iefly describe the problems and challenges dealing with resource
accounting through authentication. (Not more than 300 words).
2. Briefly discuss your understanding of the followings virtual private network (VPN) issues
(Not more than 300 words for each items):
• Quality of service (QOS) considerations
• Bandwidth
• Dynamic security environment
• Function and operation of VPN concepts
3. What are two common authentication adaptors? Discuss in your own words. (Not more
than 300 words).
4. Briefly describe two biometric authentication adaptors. (Not more than 300 words).
5. Briefly describe your understanding of the followings (Not more than 300 words for each
items):
• Digital certificates
• Verisign
• X.509
• SSL
6. Explain the function and operation of the following authentication controls: (Not more than
300 words for each items)
• Passwords
• Personal identification numbers (pins)
• Smart cards
• Biometric devices
• Authentication protocols
7. Briefly discuss the following network authentication services (Not more than 300 words for
each items):
• Ke
eros and
• NT LAN Manager (NTLM)
a
Page 5 of 17
Assessment Resources ICTNWK503
8. List at least 2 features of the following password protocols (Not more than 300 words for
each items):
• Challenge handshake authentication protocol (CHAP)
• Challenge phrases
• Password authentication protocol (PAP)
• Remote authentication dial-in user service (RADIUS) authentication
9. Describe the principles of security tokens. (Not more than 300 words).
Assessor Use Only
Assessor Comments
Satisfactory (S) Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 6 of 17
Assessment Resources ICTNWK503
Assessment 2: Case Study
Information for students
Read the case study below and prepare a report addressing the requirements below. Note that you
can optionally do this as a group assignment, (your group can have no more than three members),
and the members of your group should be listed in the report introduction. All students in the group
need to hand in a copy of the assignment when they submit their student workbooks for marking.
Scenario
You are working as an IT/Network security Engineer at NetSecurity Pty Ltd. NetSecurity is an
outsourced security specialists and work with multiple companies to provide secure authentication
services and develop Security Policies for companies.
Recently Company has got a new client EducationFirst Pty Ltd, and they want to secure the network
due to recent virus and security threats.
EducationFirst is an institute and having more than 6 campuses around Melbourne. Each campus has
got two admin PC and 2 PCs for Teachers to access internet and online Moodle. Cu
ently all the
computers are in workgroup.
EducationFirst’s organisational policy is to for all users to have password access, and for no user
accounts to be shared between users.
The head office in Dandenong and they have got around 10 teachers and two admin staffs. Since the
number of students increased they must get more teachers to each campus. They also want to
provide VPN access to their employees so that they can work securely from home.
The management is concern about their materials and they don’t want any others to access their
online and stored materials. They have approached your company to provide a secure authentication
method to their computers, online Moodle and, they want to make sure no virus and security threats
on their systems.
As a part of the security team you have been asked to prepare a report document for Ms. Keegan, the
IT Manager of Education First.
a
Page 7 of 17
Assessment Resources ICTNWK503
Your report must include the following:
1. Describe the enterprise security plan.
2. Identify the enterprise security requirements.
3. Identify different authentication and authorization methods for users
4. Identify different authentication and authorization methods for enterprise requirement
5. Select and explain the suitable authentication and authorization method.
6. Describe the user attributes and user attributes setup.
7. Brief the user on the authentication system and the user’s responsibilities in the authentication
system. (For this information, you should write this down in your report and be prepared to do
an oral
iefing to a user of the system in response to a trainer request in class or when your
present the assignment).
8. Describe the Secure location to store the permission and configuration information.
9. Review the authentication system, and keep the system cu
ent
10. Prepare the ongoing monitoring plan using incident management and reporting processes
11. Prepare incident management and reporting document.
12. Process to do the Adjustment on requirements if required
a
Page 8 of 17
Assessment Resources ICTNWK503
ASSESSMENT 2 – CASE STUDY
ASSESSOR CHECKLIST
This assessor checklist is to be used when assessing the students in the associated task. The checklist below
must be completed for each student. Please refer to separate mapping document for specific details relating to
alignment of this task to the unit requirements.
Student Name:
Assessor Name:
The student must satisfactorily complete Written Report tasks to the standards outlined below.
ASSESSOR CHECKLIST S NS
Has the student?
1. Described the enterprise security plan
2. Identified the enterprise security requirements
3. Identified different authentication methods for users
4. Identified different authorization methods for users
5. Identified different authentication and authorization methods for
enterprise requirement
6. Selected the suitable authentication and authorization method
7. Explained the suitable authentication and authorization method.
8. Listed the user attributes.
9. Provided details of the user permissions and responsibilities on the
authentication system.
10. Described the Secure location to store the permission and
configuration information.
11. Reviewed the authentication system.
a
Page 9 of 17
Assessment Resources ICTNWK503
12. Prepared the ongoing monitoring plan
13. Prepared incident management and reporting document.
14. Created Process to do the Adjustment on requirements if required.
Assessor Use Only
Assessor Comments
Satisfactory (S) Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 10 of 17
Assessment Resources ICTNWK503
ASSESSMENT 3 – LAB
Information for students:
This assessment is to be undertaken in a classroom/simulated environment. The student is to complete
the following Labs:
• Two factor