Implement secure encryption technologies

502task2.pdf

Home >Engineering homework help >Telecommunications Engineering homework help >Implement secure encryption technologies

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Unit Assessment Task (UAT) Assessment Task 2 – Unit Project (UP)

Assessment type:

Unit Project (UP)

Assessment task description:

 This is the second (2) assessment task you have to successfully complete to be deemed competent in this unit of competency.

 This assessment task requires you to complete a project.

 You will receive your feedback within two weeks - you will be notified by your trainer/assessor when results are available.

 You must attempt all activities of the project for your trainer/assessor to assess your competency in this assessment task.

Applicable conditions:

 This project is untimed and are conducted as open book tests (this means you are able to refer to your textbook).

 You must read and respond to all criteria of the project.

 You may handwrite/use computers to answer the criteria of the project.

 You must complete the task independently.

 No marks or grades are allocated for this assessment task. The outcome of the task will be Satisfactory or Not Satisfactory.

 As you complete this assessment task you are predominately demonstrating your practical skills, techniques and knowledge to your trainer/assessor.

 The trainer/assessor may ask you relevant questions on this assessment task to ensure that this is your own work.

Resubmissions and reattempts:

 Where a student’s answers are deemed not satisfactory after the first attempt, a resubmission attempt will be allowed.

 You must speak to your Trainer/Assessor if you have any difficulty in completing this task and require reasonable adjustments (e.g. can be given as an oral assessment).

 For more information, please refer to your RTO Student Handbook. Location:

 This assessment task may be completed in an independent learning environment or learning management system.

 Your trainer/assessor will provide you further information regarding the location of completing this assessment task.

General Instructions for attempting the project:

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

 You will be analyse enterprise data security requirements create new plan, review encryption technologies and their respective costs in this assessment task.

 Instructions analyse the existing security plan, create new plan, encrypt the data, and check the system log to check for data compromises are provided within the assessment task.

 You will be required to correctly attempt all activities of this assessment task.

How your trainer/assessor will assess your work?

 This assessment task requires the student to successfully complete and submit a project.

 Answers must demonstrate the student’s understanding and skills of the unit.

 You will be assessed according to the provided performance checklist/ performance criteria.

 Assessment objectives/ measurable learning outcome(s) are attached as performance checklist/ performance criteria with this assessment task to ensure that you have successfully completed and submitted the assessment task.

 If all assessment tasks are deemed Satisfactory (S), then the unit outcome is Competent (C).

 If at least one of the assessment task is deemed Not Satisfactory (NS), then the unit outcome is Not Yet Competent (NYC).

 Once all assessment tasks allocated to this Unit of Competency have been undertaken, trainer/assessor will complete an Assessment plan to record the unit outcome. The outcome will be either Competent (C) or Not Yet Competent (NYC).

 The “Assessment Plan” is available with the Unit Assessment Pack (UAP) – Cover Sheet.

Purpose of the assessment task:

This assessment task is designed to evaluate your following skills and abilities:

 Skill to analyse enterprise data security requirements

 Ability create or review existing security plan to determine the appropriate encryption methods

 Skill to rank and document appropriate encryption methods

 Skill to summarise various encryption types, including public key, secret key, hash key

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Assessment Task 2 - Unit Project (UP)

Instructions to complete this assessment task:

 Please write your responses in the template provided.

 You may attach a separate sheet if required.

 You must include the following particulars in the footer section of each page of the attached sheets:

o Student ID or Student Name o Unit ID or Unit Code o Course ID or Course Code o Trainer and assessor name o Page numbers

 You must staple the loose sheets together along with the cover page.

 You must attach the loose sheets chronologically as per the page numbers.

 Correction fluid and tape are not permitted. Please do any corrections by striking through the incorrect words with one or two lines and rewriting the correct words.

 The premise of the project must be closely related to the previous assessment task.

 This submission must be well presented and follow the guidelines and instructions provided.

 Please follow the format as indicated in the template section below.

 One of the most important steps that you can take: proofread your project.

 Project must be of 500-800 words in length, using 11-point font, double-spaced, and must include a cover page, table of contents, introduction, body, summary or conclusion, and works cited.

 Appropriate citations are required.

 All RTO policies are in effect, including the plagiarism policy. Resources required to complete the assessment task:

 Computer

 Internet

 MS Word

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Scenario: -

“Southern Star” company is providing public, private, hybrid and community cloud services to many

companies across the world and offering following services:

 IaaS (Infrastructure-as-a-Service)

 PaaS (Platform-as-a-Service)

 SaaS (Software-as-a-Service)  Storage, Database, Information, Process, Application, Integration, Security, Management,

Testing-as-a-service

To provide above mentioned cloud services, “Southern Star” company has following infrastructure in

their data centre.

 Eight (8) Servers out of these Six (6) are connected to network and Two (2) are kept as backup

 Twelve (12) Network switches with 24 port support (Nine (9) Switches are connected to network

are three (3) are kept as back up)

 Six (6) Routers (4 Routers are hosing NBN connection and two (2) of them are kept as back up)

 Five (5) wireless access point connected to network to provide Wi-Fi connectivity throughout

data centre.

 Twenty (20) SAN (Storage area network) storage area devices to store client’s data

 Fifty (50) desktop computers

“Shan Publications” is a premium client of “Southern Star”. “Shan publication” use cloud services

offered by “Southern Star” to store the drafts of unpublished poems, books and blueprints of printed

books. One day as they were downloading the drafts of some books to publish, they found that some

of their data is missing from the server and raised the complaint about missing data to “Southern

Star”. As per the agreement “Southern Star” is liable for client data security and company do not want

to lose their client base.

Southern Star is now investigating the problem, and one of the senior consultant (Lee) is allocated to

this project. Lee is working in the company from last 10 years and has an extensive amount of

experience in network, cloud and data security.

David is a general manager of the Southern star and looking after all the operation of the organisation.

http://www.wikinvest.com/concept/Cloud_Computing

http://en.wikipedia.org/wiki/Platform_as_a_service

http://www.wikinvest.com/concept/Software_as_a_Service

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Roles and responsibilities of Lee:

 Planning, implementing and upgrading security measures and controls  Establishing plans and protocols to protect digital files and information systems against

unauthorized access, modification and/or destruction  Maintaining data and monitor security access  Performing vulnerability testing, risk analyses and security assessments  Conducting internal and external security audits  Anticipating security alerts, incidents and disasters and reduce their likelihood  Managing network, intrusion detection and prevention systems  Analysing security breaches to determine their root cause  Recommending and install appropriate tools and countermeasures  Defining, implementing and maintaining corporate security policies  Training fellow employees in security awareness and procedures  Coordinating security plans with outside vendors

After an initial investigation of the data loss problem, Lee has found below concerns in the southern

star network infrastructure:

 No data encryption service

 Data security concerns

 Data permission not planned

 Additional hardware to manage the data

Activity 1: (Analysing and documenting data security requirement)

After reviewing the scenario, you need to analyse the data loss problem and need to prepare a security

plan including

 Background of the security plan

 Issues identified in the network

 How to resolve each issue

 What hardware and software required

 How identified software and hardware aligned with the solutions

 How and when data backup will be prepared

 Transmission security

 Network database security

You may need to research related to security plan on the internet. You must complete below security

plan as a part of the activity.

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Security Plan Template

Background-

Issues identified in the network

How to resolve each issue

What hardware and software required

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

How identified software and hardware aligned with the solutions

Transmission Security

File Transfer:

Name

Version

Vendor

 Encryption Software Used:

 Network Monitoring tools

 Virus Scanning software

 Data Transfer authentication method

 Network Based DLP

Email:

 Service Provider

 Password Strength Criteria



 Domain reputation



Network Database Security Access Control

Authentication

Encryption method

Backups

Version Number: 1 (Review date: 01/10/2021) Unit Code: ICTNWK502 Name of the RTO: Harward International College RTO No: 22332 | CRICOS No: 03234B

Activity 2: (Review encryption technologies and costs)

Note: This activity is in continuation of activity 1.

After completing the security plan, you are required to review a range of encryption software on the

internet and complete below Technology cost template.

After completing the template, you are required to send email to David(Trainer/assessor) including

technology cost document for approval. Email must include:

 Subject

 Body

 Explain that which option is the best and why we should use it.

Technology Cost Template

S. No

Encryption Software

Vendor Encryption Applicability (Network/ Database)

Price

Rank (from 1 -5)

Remarks