Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Final Security Assignment 56

Download as pdf or txt
Download as pdf or txt
You are on page 1of 7

Assignment

Course Tittle Pearson BTEC Higher National Diploma in Computing.

Unit Number and Title: 05: Security

Assignment Title Security Solution for E-Tec

Name of the Learner

Ref. No. of the Learner Pearson Regd. No.


01, 02, 03 & 04 Batch No & Semester HND 12,13 & 14
Assignment Number
Semester 01
Issue Date 11.01.2023 Final Submission Date 11.02.2023

Re-submission Date Actual Submission Date

Unit Assessor: Mr. Mohamed Ishraque Academic Year 2022/2023

Assessor Summative Feedback

Formative feedback

Grade: Assessor Signature: Date


Feedback: Student to Assessor

Student Signature Date

Student Agreement:
I understand the feedback given to me and agree to carry out the actions in future works as required and indicated.

Please note that grade decisions are provisional. They are only confirmed once internal and external moderation has taken
place and grades decisions have been agreed at the assessment board.

Form\KIT\020
STUDENT ASSESSMENT SUBMISSION AND DECLARATION
When submitting evidence for assessment, each student must sign a declaration confirming that the work is their own.

Student name: Assessor name: Mr. Mohamed Nizzad

Issue date: Submission date: Submitted on:


11.02.2023
11.01.2023
Programme:
Pearson BTEC Higher National Diploma in Computing.

Unit: 05 : Security

Assignment number and title:


Security Solution for E-Tec

Plagiarism
Plagiarism is a particular form of cheating. Plagiarism must be avoided at all costs and students who break the rules,
however innocently, may be penalised. It is your responsibility to ensure that you understand correct referencing practices.
As a university level student, you are expected to use appropriate references throughout and keep carefully detailed notes
of all your sources of materials for material you have used in your work, including any material downloaded from the
Internet. Please consult the relevant unit lecturer or your course tutor if you need any further advice.

Student Declaration
Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I
understand that making a false declaration is a form of malpractice.

Student signature: Date:

Form\KIT\020
Task Evidence

Review plan and Progress Review 1: Date Task to be


completed Review 2: Date Task to be completed

Review Number Review 2

Tasks shown (To be filled by Student)

Date of work shown

Type of evidence shown

Student Signature

Assessor Signature

Form\KIT\020
Achievement Summary and Review Feedback

Achieve
Grading criteria Reference Task feedback to student(comments) d(Yes/No
)

Review
Feedback

Part
LO 1&2 1

LO
Summative
Feedback

Review
Feedback

Part
LO 3 & 4 2

LO
Summative
Feedback

Form\KIT\020
Higher National Diploma in Computing
Assignment Brief

Student Name/ ID Number


Unit Number and Title 05 : Security
Academic Year Year 1, Semester 2
Unit Tutor Mr. Mohamed Ishraque
Assignment Title Security Solution
Issue Date 11.01.2023
Submission Date 11.02.2023

Submission Format
Part 1:
The submission is in the form of an individual written report. This should be written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings, paragraphs,
and subsections as appropriate, and all work must be supported with research and referenced using the
Harvard referencing system. Please also provide a bibliography using the Harvard referencing system. The
recommended word limit is 1500-2,500 words, although you will not be penalized for exceeding the total word
limit

Part 2:
The submission is in the form of an individual written report. This should be written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings, paragraphs,
and subsections as appropriate, and all work must be supported with research and referenced using the
Harvard referencing system. Please also provide a bibliography using the Harvard referencing system. The
recommended word limit is 1500-2,500 words, although you will not be penalized for exceeding the total word
limit

Part 3:
The submission is in the form of an individual written report. This should be written in a concise, formal
business style using single spacing and font size 12. You are required to make use of headings, paragraphs,
and subsections as appropriate, and all work must be supported with research and referenced using the
Harvard referencing system. Please also provide a bibliography using the Harvard referencing system. The
recommended word limit is2000-2,500 words, although you will not be penalized for exceeding the total word
limit

Security policies must be separately attached. This should be written in a concise, formal business style using
single spacing and font size 12. You are required to make use of headings, paragraphs, and subsections as
appropriate.

Unit Learning Outcomes


LO1 Assess risks to IT security
LO2 Describe IT security solutions
LO3 Review mechanisms to control organisational IT security
LO4 Manage organisational security
Form\KIT\020
Assignment Brief and Guidance

Part 1
E- Tec Is a software development company in Kalmuna. Recently E-Tec lost several important data due to
security vulnerabilities. Immediately E-Tec wanted to solve this problem at any cost.

You have been appointed as the Penetration tester to E-tec. As the first part of your duty, you decided to identify
the possible security risks E-Tec might have faced and to required to access and treat the identified risks.

And additionally, you decided to suggest security procedures to E-Tec, to streamline and to avoid any future
security threats.

Part 2
You work as IT security head in E-Tec company. One of your junior network administrators made a mistake by
incorrect configuration of firewall, thankfully you noticed it by regular monitoring and prevented the exposure.
Because of this incident you thought of conducting a workshop for all the junior IT staff members who work
under you. For your workshop you decided to address the following issues.
1. The potential impact of incorrect configuration of Firewalls and third-party VPNs. Provide real time
examples.
2. To improve network security in any organization, how implementing DMZ, static IP, and NAT aid the
security?
3. Discuss the importance of network monitoring, provide benefits with proper reasons.
4. Evaluate suitable physical and virtual security measures for E-Tec company, which can ensure the
integrity of the E-tec’s IT security. (3 security measures for each)
Part 3
As the penetration tester you decided to conduct an IT security Audit for ABC. Before conducting the audit ABC
management asked you to give a report about the possible impacts of an IT security audit to ABC company.
Your report should include the recommendations suggested by the stakeholders.

After you conducted the audit successfully, you found some major flows in the current security system and
procedures.
The problems are listed below

• No proper procedures to assess the risks and ABC does not comply with any data protection processes
or regulations.
• No organizational disaster recovery plans
• No IT security policy
To streamline ABC’s IT security, you decided to create a report to do the following steps as the initial part of the
solution.

• Explain about the applicable data protection processes and regulations to ABC Company with the
guidance of ISO 31000 Standard
• Proper risk assessment procedures and the possible impact of not having a risk assessment procedure
for ABC company.
• Create a disaster recovery plan by identifying the key components of an organizational disaster
recovery plan with the proper justification for the inclusion of the key components.
• Create an IT security policy for ABC, in your IT security policy include 3 of the following policies.
(Password Policy, email policy, acceptable use policy, Ethics policy, DRP policy & clean desk policy)
• Explain how IT security policy can be aligned with organizational policy, and negative impacts of
misalignments of these policies.
• Finally identify the tools used in the organizational policy and evaluate them.

Form\KIT\020
Learning Outcomes and Assessment Criteria
Pass Merit Distinction
LO1 Assess risks to IT security LO1 & 2
P1 Identify types of security M1 Propose a method to assess D1 Investigate how a ‘trusted network’
risks to organisations. and treat IT security risks. may be part of an IT security solution.

P2 Describe organisational
security procedures.
LO2 Describe IT security solutions

P3 Identify the potential M2 Discuss three benefits to


impact to IT security of implement network monitoring
incorrect configuration of systems with supporting reasons.
firewall policies and third-
party VPNs.

P4 Show, using an example


for each, how implementing a
DMZ, static IP and NAT in a
network can improve Network
Security.
LO3 Review mechanisms to control organisational IT security

P5 Discuss risk assessment M3 Summarise the ISO 31000 risk D2 Consider how IT security can be
procedures. management methodology and its aligned with organisational policy,
application in IT security. detailing the security impact of any
misalignment.
P6 Explain data protection
processes and regulations as M4 Discuss possible impacts to
applicable to an organisation.
organisational security resulting
from an IT security audit.
LO4 Manage organisational security

P7 Design and implement a M5 Discuss the roles of D3 Evaluate the suitability of the tools
security policy for an stakeholders in the organisation to used in an organisational policy.
organisation. implement security audit
recommendations.
P8 List the main components
of an organisational disaster
recovery plan, justifying the
reasons for inclusion

Form\KIT\020

You might also like