Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Certificate IV in Cyber Security Student Version Section A – Program/Course details Qualification code: 22334VIC Qualification title: Certificate IV in Cyber Security Unit code: VU21988 Unit title:...

1 answer below »
Certificate IV in Cyber Security
Student Version
    
Section A – Program/Course details
Qualification code:    22334VIC    Qualification title:    Certificate IV in Cyber Security
Unit code:        VU21988    Unit title:        Utilise basic network concepts and protocols required in cyber security
Department name:    BDIT, Computer and Information Technology    CRN number:    Enter CRN numbe
Section B – Assessment task details
Assessment number:     2 of 2    Semeste
Year:    1/2020
Due date:    Session 16    Duration of assessment:    6 Weeks
Assessment method    Portfolio    Assessment task results    ☒Ungraded result
            ☐Other: Click here to enter text.
Section C – Instructions to students
Task instructions:
Student will have to answer all the questions to be deemed competent.
This is an individual task and answers must be in your own words, do not copy and paste from internet.
Assessment will be given in session 8.
Due of this assessment is session 16.
Each session teacher will inform the question numbers to be answered and student requested to give the answers following week.
week 16 students need to upload the completed answers to Brightspace for marking and feedback.    
Section D – Conditions for assessment
Conditions:     Student to complete and attach Assessment Submission Cover Sheet to the completed Assessment Task.
- Assessment to be completed individually.
- Discuss with your assessor if you feel you require special consideration or adjustment for this task.
- Students must meet all criteria listed in the marking guide to be satisfactory in this task.
- Students may resubmit this task if not successful within the enrolment period as per Holmesglen conducting
assessment procedure.
- This is an open book assessment.
- The learner may use the internet for research
- This Assessment task must be uploaded to Brightspace along with a complete and signed coversheet.
- It is expected all documents will be completed and submitted electronically but if this is not possible, make alternative a
angements for submitting the documents with your assessor.
- You will have the opportunity to resubmit if any part of the assessment is deemed unsatisfactory (one resubmit allowed per task).
- You can appeal an assessment decision according to the Holmesglen Assessment Complaints and Appeals Procedure.
- If you feel you require special allowance or adjustment to this task, please decide with your assessor within one week of commencing this assessment.
- The learner may use the internet research answers for this assessment    
Equipment
esources students must supply:    Equipment
esources to be provided by the RTO:
N/A        N/A    
    
Section E – Marking Sheet - Student Answer Sheet
    Student ID:
    
    Student name:
    
    Date:
    
    Criteria for assessment
    Satisfactory
    Comment
    
    Yes
    No
    
    The following has been submitted for assessment:
    Part A - Background    ☐    ☐    
    Part B - Ransomware and DDoS    ☐    ☐    
    Part C - Network Security vs. Cyber Security    ☐    ☐    
    Part D - Security Policy    ☐    ☐    
    Part E – Test Configuration
    ☐    ☐    
    
    Part A - Background
Marking criteria for each product document/s supplied:
    1.
    Prepare a Physical AND Logical topology diagram     ☐    ☐    
    2.
    Implement IPv4/IPv6 address scheme.     ☐    ☐    
    3.
    List of security equipment, both hardware & software.    ☐    ☐    
    4.
    Recommendations of software that increase the security of the business from cyber security attacks.
    ☐    ☐    
    5.
    List all external resources used in response to the case study
    ☐    ☐    
    Part B - Ransomware and DDoS
Marking criteria for each product document/s supplied:
    1
    Research and cu
ent example of DDoS Attack    ☐    ☐    
    2
    Research and cu
ent example of Ransomware Attack    ☐    ☐    
    Part C - Network Security vs. Cyber Security
Marking criteria for each product document/s supplied:
    1
    Network Security definitions with appropriate examples given    ☐    ☐    
    2
    Cyber Security definitions with appropriate examples     ☐    ☐    
    3
    Differences between the two concepts explained.
    ☐    ☐    
    Part D - Security Policy
Marking criteria for each product document/s supplied:
    1
    Draft Security Policy covering three (3) elements.
    ☐    ☐    
    
    
    
    
    
    Part E – Test Configuration
Marking criteria for each product document/s supplied:
    1
    Create x2 Virtual machines and configure both machines with IPv4 addresses.
    ☐    ☐    
    2
    Test connectivity of the virtual machines using CMD commands (Netstat/Ping)
    ☐    ☐    
    3
    Testing your machines for external connectivity by pinging a public IP Server XXXXXXXXXX).     ☐    ☐    
    4
    Identify and test the tools for network/Cyber security testing
Nmap commands    ☐    ☐    
    5
    Advise of any connectivity issues that you may have from an unsuccessful ping attempt.
    ☐    ☐    
    6
    Basic Configuration of a Router or Switch using Packet Tracer & script.
    ☐    ☐    
    7
    Connect the cables to network – Console & Straight Through
cabling
    ☐    ☐    
    Section F – Feedback to Student
    Has the student successfully completed this assessment task?
    Yes
    No
    
    ☐
    ☐
    Additional Assessor comments (as appropriate):
    
    Resubmission allowed:
    Yes ☐
    No ☐
    Resubmission due date:
    
    Assessor name:
    
    Assessor signature:
    
    Student signature:
    
    Date assessed:
    
CRS180
Revision 101
May 2018
Page 2
Assessment Task 2: Case Study
FOR OFFICIAL USE ONLY Holmesglen: BW_CAIT 5-Feb-2020 L:\CAIT\Teaching\T&L XXXXXXXXXX22334VIC\Network_Fundamentals_for_Cyber_Security\CRS180_VU21988_2of2_V7_LEARNER.docx
Supporting document
Assessment Task 2: Case Study Answers
    Student ID:
    
    Student name:
    
    Date of submission:
    
    Student signature:
    
Part A: Background
You are a consultant for a small IT Consulting firm and have been approached by Metasploitable Pty Ltd to put forward a recommendation/solution to enhance their security stance.
The firm cu
ently has 20 desktops, 15 laptop computers and few iPad and mobile phones connected to local internet. The CEO of Metasploitable uses their own suite of end devices which consists of x1 Desktop; x1 Laptop, x1 iPad, and x1 iPhone. The remaining end devices are shared amongst the employees. Metasploitable is considering BYOD policy.
The business is housed in a small premise with a reception area, staff lounge, common are housing 10 workstation and 3 office spaces.
There is 1 reception desktop, each staff member has their own desktop. The Firm uses local email and file server. There are 5 trainees that will be joining the firm next month. The CEO is concerned about internal security of files/data in general and does not want all staff members to have access to all areas of the network server, this includes trainees.
Staff have reported increased abnormal amount of suspected phishing emails and complaints regarding unusual/slow performance of computer network have increased. Although Metasploitable Pty Ltd have no plausible reason for the increased receipt of threats/suspect emails, the CEO is wanting to implement a suitable data backup system which backs up daily to the cloud and an in-house physical device. This would also cover password complexity and periodic changing of passwords.
Further requirements for consideration are that the CEO requires a solid end-point solution which will check all end points on the cu
ent network for unusual behaviour.
To ensure you meet the client’s requirements, your report should include the following areas
1. A logical and physical topology.
2. An IP design (IPv4 only) that meets the needs of their new office and business.
3. A list of any network and (if necessary) security equipment required to run the office, you must include a switch, router, wireless access point and firewall (hardware or software)
4. Recommendations for securing their business at a software level and how it protects from cyber-attacks (give 2 examples)
Your client has also expressed concern regarding the firm’s vulnerability to cybersecurity attacks. You are required to provide the following additional reports to the client:
Part B - Ransomware and DDoS
Research one (1) cu
ent DDoS & Ransomware Attack with focus on the following criteria.
· How was each attack conducted/started?
· How did the attack spread?
· List any specific targets, if none, who were the targets
· What were the effects/consequences of your chosen attack?
· Who was held responsible for the attacks – individual or group
· Were there any business consequences?
Part C - Network Security vs. Cyber Security
You client has significant confusion regarding the differences between ‘Network & Cyber’ Security. Conduct some research regarding the key differences between both and document your research accordingly. Consider reviewing the following resources as a start of your own research.
· www.nist.gov
· www.cisco.com
· www.acsc.gov.au
· www.sans.org
Part D - Security Policy
All organizations, particularly corporate organizations are required to have a policy document called a ‘Security Policy’ this policy document is generally a smaller section of a larger document called an Information Technology Policy.
Based on the Case Study Scenario, you are required to conduct research into a security policy, create your own ‘draft’ SecPol. Your draft SecPol should cover three (3) of the following areas:
-    Acceptable Use Policy
-    Confidential data Policy
-    Password Policy
-    Email Policy
-    Physical Security Policy
-    BYOD Policy
Part E – Test Configuration
You are now required to ‘test’ a segment of your network solution as a demonstration to your client.
a) Create two (2) virtual machines using VMware Workstation or Oracle VirtualBox. Create a Windows Operating System & a Linux OS.
) Assign both machines a host IPv4 address using a network address of your choice.
c) Test connectivity of each machine to each other by using different CMD commands
d) Using one (1) machine, verify connectivity to a public server address.
e) Using Packet Tracer, build the PC – Switch – Router - PC topology. Cable the topology using the appropriate cables and demonstrating a console cabling for both PCs. You must identify the types of cabling you have used.
f) Use the following script to configure some basic settings. You are then required to finalise all other basic configurations.
conf t
hostname TRS-80CoCo
enable secret class
no ip domain-lookup
anner motd $NO UNAUTHORISED ACCESS ALLOWED$
exit
Assessment Submission Cover Sheet (VET)
Student to complete relevant sections and attach this cover sheet to each assessment task for submission.
    Student information
    To be completed by Student
    Student name:
    
    Student ID:
    
Program/Course details
Qualification code:    22334VIC    Qualification title:    Certificate IV in Cyber Security
Unit code:        VU21988    Unit title:        Utilise basic network concepts and protocols required in cyber security
Department name:    BDIT, Computer and Information Technology    CRN number:    Enter CRN numbe
    Assessment information
    To be completed by Student
    Teacher name:
    
    Due date:
    Session 16    Date submitted:
    
    Re-submission:
    ☐
    
    Student declaration
    
    By submitting this assessment task and signing the below, I acknowledge and agree that:
1. This completed assessment task is my own work.
1. I understand the serious nature of plagiarism and I am aware of the penalties that exist for
eaching this.
1. I have kept a copy of this assessment task.
1. The assessor may provide a copy of this assessment task to another member of the Institute for validation and/or benchmarking purposes.
    Student signature
For electronic submissions: By typing your name in the student signature field, you are accepting the above declaration.
    
Note:
Assessor to attach a photocopy of the completed Marking Guide (Section E) from the Student version of the Assessment Task.
Final result of the subject/unit will be entered on Banner by the teache
assessor once all assessment tasks have been assessed.
Answered Same Day Jun 23, 2021

Solution

Ritu answered on Jun 27 2021
126 Votes
(
2
)
Assessment Submission Cover Sheet (VET)
Student information    To be completed by Student
Student name:        Student ID:    
Program/Course details
Qualification code:    Code    Qualification title:    Title
Unit code:        Unit code    Unit title:        Unit title
Department name:    BDIT, Computer and Information Technology    CRN number:    Enter CRN numbe
Assessment information    To be completed by Student
Teacher name:    
Due date:    Provide due date to students on starting this unit.    Date submitted:        Re-submission:    ☐
Student declaration    
By submitting this assessment task and signing the below, I acknowledge and agree that:    This completed assessment task is my own work.     I understand the serious nature of plagiarism and I am aware of the penalties that exist for
eaching this.    I have kept a copy of this assessment task.     The assessor may provide a copy of this assessment task to another member of the Institute for validation and/or benchmarking purposes.
Student signature    For electronic submissions: By typing your name in the student signature field, you are accepting the above declaration.    
Contents
Part A    4
A logical and physical topology created by Metasploitable Pty Ltd    4
An IP design (IPv4 only) that meets the needs of their new office and business    5
A list of any network and (if necessary) security equipment    5
Modem    5
Router    6
Firewall    6
Switch    6
Wireless access point    6
Recommendations    6
Install the surge protector and the uninte
uptible power supply    6
Periodically patch operating systems and software    6
Part B    7
Introduction to DDoS & Ransomware Attack    7
How was each attack conducted/started?    7
How did the attack spread?    7
Specific targets    7
Effects/consequences of the attack    7
Business consequences    8
Part C    8
Cybersecurity    8
Social Engineering    8
Network Security    9
Part D    10
Security Policy Document    10
Acceptable Use Policy    10
Password Policy    10
Email Policy    11
BYOD Policy    11
Part E    12
Test Configuration    12
Part A
A logical and physical topology created by Metasploitable Pty Ltd
Below are the topology diagrams –
An IP design (IPv4 only) that meets the needs of their new office and business
We can configure the IP of a device as well as assign an IP address to a network interface. This includes
oadcast, Unicast, multicast, as well as addressing such as VLSM, address resolution protocol-ARP, as well as DHCP relay. As a server as well as DHCP protocol operations.
A list of any network and (if necessary) security equipment
The following is a list of the equipment required to set up your office with instructions -?
Modem
A modem is typically a device provided by an Internet service provider that allows one or more computers to connect to the Internet. We can buy a third-party modem, but we need to see a list of modems supported by your cable company. This can be achieved in a short period of time, depending on the ISP asking we to rent one of the modems.
Route
A router is an equipment gadget that advances information traffic between at least two systems. Switches run from little changes to enormous, independent, committed PCs, just as likewise offer extra types of assistance, for example, firewall, load adjusting, just as system dividing, just as investigating.
Firewall
A firewall is hardware or software that acts like a filter or gatekeeper to prevent unauthorized users from accessing company internal or sensitive data or applications. A computer firewall provides this isolation by preventing computers outside the firewall from connecting directly to computers inside the firewall. All requested information or services are "relayed" through the firewall rather than being delivered directly to the user.
Switch
Switches are used to connect devices on a computer network called a local area network (LAN). The size can range from 4 to 24 ports as well as may include fiber interconnect ports. The speed of network traffic differs from 10, 100, as well as 1000 (Gigabit). Although 10GbE provides high speed, it is not widely available today as well as is expensive for most equipment.
Wireless access point
A wireless access point (WAP) is a device that can be placed anywhere on the network (using a network cable) as well as provides wireless Internet for other devices. The advantage of using WAP is that we can place the WAP where we want it, not in the server room, but in the location where the modem is installed.
Recommendations
The following are recommendations for protecting your business at the software level as well as how to protect against cyber attacks.
Install the surge protector and the uninte
uptible power supply
An uninte
uptible power supply (UPS) provides a sufficient battery life as well as time to save data during a power outage. Ensure that the UPS type as well as size meets your company's standards as well as requirements. All computers as well as network devices must be connected to the UPS. For sensitive or networked devices, a standard surge protector is sufficient. Test as well as replace each UPS as well as surge protector as the manufacturer recommends.
Periodically patch operating systems and software
On the off chance that we don't normally refresh or refresh the entire product on the entirety of your gadgets, all new applications can make the way for digital assaults. Continuously check for refreshes when we buy another PC or introduce another product framework. Note that product sellers don't have to give security updates to items that are not upheld. For instance, Microsoft will no longer help Windows 7 in January 2020, so in the event that we have not as of now overhauled, it would be ideal if we redesign now. Try not to defer downloading working framework refreshes. These updates regularly incorporate new or upgraded security highlights.
Part B
Introduction to DDoS & Ransomware Attack
Cyber criminals are eating fear to maximize the impact of attacks. In some operations, the ransomware as well as DDoS attacks are enhanced, making remote access to computer networks as well as on line services more important than ever. Like the Ransomware attack, the purpose of DDoS attackers is confusing. Maintaining access is essential to business daily operations, as are most people who work remotely as well as need access to virtual enterprise networks. It provides cruel DDoS attackers with the opportunity to run a threatening campaign against their organization as well as provide critical services that ove
un traffic from the Bot as well as take away on line services unless paid. Perhaps one of the biggest concerns about DDoS attacks is that even low-level attackers can do it relatively easily. Europol describes DDoS as a "cheap, easily available, accessible type of crime with limited entry ba
iers".
How was each attack conducted/started?
Distributed Denial of Service (DDoS) attacks have increased over the past few weeks. ...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here