Best online Nursing Writing Service agency

Assessment Resources ICTNWK511

RTO No: 20829
CRICOS Provider Code: 02044E
ABN: 41 085 128 525
STUDENT COPY- CR

Version 1.2
Assessment Resources SummaryUnit Details ICTNWK511 – Manage network securityThis unit requires each student to undergo adequate practice and
preparation prior to undertaking the assessments in a
classroom/simulated environment.
Students are required to complete ALL summative assessments listed
below in order to be deemed “Competent” in this unit of competency.Assessment
MethodsWritten Assessment Assessment 1Case Study Assessment 2Lab Assessment 3Questions Assessment 4Issue Date January 2018

a
Page 2 of 21
Assessment Resources ICTNWK511

WE WRITE ESSAYS FOR STUDENTS

Tell us about your assignment and we will find the best writer for your project

Write My Essay For Me
Unit Summary
The unit objectives, prerequisites, co-requisites and other pertinent information about this unit
is described at https://training.gov.au/Training/Details/ICTNWK511
Resources
Students should refer to this unit in Moodle (e-learning.vit.edu.au) to access a list of
resources for this unit (see Learner Resources section for relevant articles, links,
instructions for labs etc).
Lab Resources
1. Topic – Security Scanners (in Learner Resources, use for Lab 1)
2. Topc – Network Protocol Analyzers (for Lab 2)
3. Topic – Logging and security reporting (for Lab 3)
For labs 1 and 2, you have the option of using the virtual machine ICTNWK511 that has been set up
in the C:lab-files folder on the machines in the Level 10, Room 4 lab. If you prefer, you can also
install the required software on your own computer.
For lab 3, you need to set up a trial account at
https://www.splunk.com/page/sign_up/es_sandbox?redirecturl=%2Fgetsplunk%2Fes_sandbox
This will give you access to a trial account with realistic security reporting such as you would
encounter in a medium or large enterprise network. Note you only get the account for seven days,
so you should aim to complete the lab as soon as you can after setting up the account.

a
Page 3 of 21
Assessment Resources ICTNWK511
Assessment 1: Written Assessment
Student Name: ______________________________________________________________
Student ID No: ______________________________________________________________
Student Instructions:
• This is an open book assessment, and you should consult your Learner Resources and other
material as needed.
• Your answers should be on a separate document using word processing software such as
MS Word & or other software (hand written submissions are only acceptable with prior approval
from your Trainer) .
• Your document should be professionally formatted and include
o Your Name
o Your Student ID
o Unit Code
o Assessment Number (i.e. ICTNWK511 Assessment 1)
• Please reference to each question number and retype each question with your answers.
• This is an open book assessment, you must answer every question and provide enough
information to demonstrate sufficient understanding of what has been asked to achieve
competency. Please ask your Trainer/Assessor if you are unsure what is sufficient detail for an
answer.
• Ask your trainer/assessor if you do not understand a question. Whist your trainer/assessor
cannot tell you the answer, he/she may be able to re-word the question for you or provide further
assistance based on the Institute’s “Reasonable Adjustment Policy”.
• Answers should be your own work, in your own words and not plagiarised, nor copied.
However, if an answer is cut & pasted (such as a definition), then the source should be
referenced
a
Page 4 of 21
Assessment Resources ICTNWK511
Student information:
Answer the questions below. Keep your answers short and to the point – unless specified otherwise,
your answers should not exceed 300 words for any individual question (and often can be less – use
your judgment). Use your own words in your answers – do not copy large amounts of text from the
Internet!
1. Identify the purpose and describe at least one activity performed in each of the following three
phases in implementing a network security design: (i) the planning phase; (ii) building phase
(iii) managing phase.
2. Describe the purpose of the main elements of risk management, such as (i) risk identification
and (ii) risk treatment. Identify at least one activity that is performed in each element.
3. Identify two types of network attacks that could be made on an e-commerce site selling books,
and storing credit card information about customers. For each attack, describe the
vulnerabilities/weaknesses of network infrastructure that attackers seek to exploit.
4. Give two examples of emerging security threats that have emerged as a result of the
popularity of mobile phones. List one example of a countermeasure that can be used to
mitigate the threats.
5. Briefly define the purpose of auditing, as it applies to network security.
6. Briefly define the purpose of penetration testing, as it applies to network security.
7. Briefly define how logging analysis can be used to enhance network security
8. List two security measures that can be applied to protect an organisation’s infrastructure of
servers and switches.
9. List two capabilities of (i) a hardware firewall and (ii) a software intrusion detection system
(IDS)
10. Define what is meant by “defence in depth” in security planning. Describe how could the
defence in depth principle be applied to the deployment of hardware and software firewalls in
a corporate network
a
Page 5 of 21
Assessment Resources ICTNWK511
11. Give two examples of network management and security process controls that could be
applied to manage the risk represented by BYOD (Bring Your Own Device) to corporate
networks.
12. Risk management plans and procedures need to be applied to all stages of network security,
including security planning, implementation and budgeting. Give one example of how an
understanding of risk can be applied to each of the following phases of a network security
implementation (i) the planning phase (ii) the implementation or building phase (iii) the
managing or budgeting phase
13. Identify three types of ICT networks (or zones) typically considered in network security
planning. Briefly define each of these network zones, and, for each of the three types of
network zone, give one example of a configuration I would expect to see in that type of
network zone.
Assessor Use Only

Assessor Comments

 Satisfactory (S)  Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 6 of 21
Assessment Resources ICTNWK511
Assessment 2: Case Study
Information for Students
This is a project/report assessment task. You have the option of doing the task as a group (3
students maximum per group). You should use the Case Study Report Template (see Learner
Resources for the unit) to help you structure your assignment. Write your report, making sure to list
all the students who are in your group in the Introduction to the report. All students need to hand in a
copy of the report as part of their assessment submission.
Read through the scenario below, and write your report addressing the requirements described below
Scenario
You have been asked to design a comprehensive network security plan for a small e-commerce web
site run by the BuyThisShoe company. The website will be hosted on the company’s internal network
(as the site needs to access internal databases for prices etc). The company is a bit nervous about
hackers, but it also wants a cost-effective solution, so you need to come up with a plan that is both
effective and economical.
Interviewing the owners of the business, you have uncovered the following facts:
• The company will be taking credit card payments, so needs to comply with any relevant
legislation
• The company is open to taking out insurance, where required, against reputational damage
resulting from hacker events
• The company is concerned about conforming with privacy legislation, and wants to know how
network security measures can keep the required information confidential, and report on any
unauthorised access
• The company would also like to know how a procedure could be designed for employees to
report any privacy/ethics violations in a secure manner. They want the employee to be able to
send anonymous email about the violation, without having to use the corporate email system
• The company wants to know what testing/ongoing auditing of the plan will be done to ensure
the plan remains relevant and up-to-date
• The company wants you to suggest an incident response procedure for reporting of security
violations. They are very concerned that, if any security breach does occur, that they are
notified immediately. They are suggesting that every Friday the owner of the company meet
with the IT manager to review any security breaches that have occurred, and what has been
done in response to those breaches
• The company wants to know what countermeasures can be employed against threats to the
physical security of their server storing the customer’s credit card information
a
Page 7 of 21
Assessment Resources ICTNWK511
• The company is most worried about hackers who may want to gain the credit card details of its
customers. They want to ensure that the database server that will be storing the credit card
details is on the most secure part of the network.
• The company is also worried about ‘for play’ hackers who may want to compromise their
website for ‘fun’, so your network security needs to cater for this.
• The company has employed an information auditor as a consultant, who has prepared the
following table showing the asset, threat, single loss occurrence (SLO), and annual rate of
occurrence (ARO)

Asset Threat SLO ($) ARO
1. Network server Fun hackers 400 5
2. Credit card
details on
database
server
For profit hackers 20,000 .5
3. Router Fun hackers 1000 .25
4. Web server both 2000 3
5. Malware/trojans both 1000 15

• The company wants to allow web site traffic (HTTP and HTTPS), email traffic (SMTP), remote
desktop traffic (RDP), and network support (via SSH) into its network from the internet. The
only traffic it wants to allow out of the network is HTTP/HTTPS and SMTP.
• The company has set up an InfoSec working committee, who is overseeing all plans, policies
and projects to do with network security in the company. The members of that committee are
Mr. Black, the company CEO, Ms. White the IT manager, and Mr. Green the external
information auditor consultant.
• The company has also calculated that any downtime on the shared server in use for
filesharing and email will, due to the lost productivity, cost the company around $1000 per
hour downtime. The company has also been advised by the information auditor that the loss
of customer credit card information includes both the ALO figure and reputational damage to
the business, would result in lost business of around $5,000 per annum. As such, the
company is very concerned to defend itself against these kinds of attacks.
.
a
Page 8 of 21
Assessment Resources ICTNWK511
Report Requirements
Prepare a report for the company outlining your proposed network security plan that addresses these
requirements. At a minimum, your report should include the following:
1. Identify the threats BuyThisShoe faces.
• You should document the threat, likely motivations, and what kind of vulnerabilities each
kind of attacker targets, and how the attacks occur.
• You should also assign a threat level of high, medium or low to each of your identified
threats.
• You should create a table showing the threat type, the motivations, the vulnerabilities
exploited/how attacks occur, and the threat level.
2. Analyse security risks.
• Here you will identify the assets that require their protection, calculate their value to the
organisation and create a risk management plan for managing the risks.
• You should create a table showing the asset name, the asset value/outage cost, and the
main elements of the risk treatment plan for managing the risk.
3. Create a security design.
• Identify attacker scenarios and threats, and specify security measures to counter those
threats.
• You should also describe security policies that can be put in place to counter these
threats.
• Also describe who in buythisshoe would review your proposed policies, and thus provide
any needed feedback on your proposals.
• You should also be prepared to role play obtaining feedback about your security design
where the trainer plays the role of the client who will question you about your plan. This
role play could take place in class or when you present your assignment for assessment
4. Design and implement responses to security incidents.
• Describe what information you are proposing to log about any security incidents.
• Describe also what configurations/technologies and policies would need to be deployed to
support your proposed incident response system.
• How such a plan should be tested, and who would need to review and sign off on the
incident response proposals.
5. Design network controls.
• Describe at least two network controls you would put in place to support your proposed
security plan. (These can be technical, administrative or physical controls – you can
choose any type, as long as you provide at least two examples of a control to support your
plan).
a
Page 9 of 21
Assessment Resources ICTNWK511

ASSESSMENT 2 – CASE STUDY
ASSESSOR CHECKLIST
This assessor checklist is to be used when assessing the students in the associated task. The checklist
below must be completed for each student. Please refer to separate mapping document for specific details
relating to alignment of this task to the unit requirements.
Student Name:
Assessor Name:

The student must satisfactorily complete Project/Report tasks to the standards outlined below.

ASSESSOR CHECKLIST S NS
Has the student?
1. Identified the reason for network and security attacks
2. Identified the most common sources of network and security attacks
3. Analyzed the common types of network vulnerabilities
4. Documented the common types of network vulnerabilities
5. Explained the complete process of attacks on network
6. Prepared a threat model for given network
7. Categorized the threats in the designed threat model
8. Identified the network assets to be protected from attacks
9. Calculated the value of client network assets and categorized them
based on their value
10. Prepared a risk management plan for the client network
11. Prepared security measures for client’s network components

a
Page 10 of 21
Assessment Resources ICTNWK511

12. Created a list of security policies for the network and use of devices
13. Tested security policies and vulnerabilities in the network
14. Got feedback from the client
15. Got client sign off

Assessor Use Only

Assessor Comments

 Satisfactory (S)  Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 11 of 21
Assessment Resources ICTNWK511
ASSESSMENT 3 – LAB
Instructions to student:
Complete following the labs as described, Save the evidence of lab completion screen print in a
separate document, clearly labelling the evidence e.g. lab 1 evidence, lab 2 evidence etc. Make sure
that document has your name and student id, Print and attach it to your assessment resources
summary .
Consult the resources in page-2 if you need more contextual information about particular labs.
Lab 1. Security Scanners
Scenario/Context. A network security plan should have a port scanner as one of the required
elements to identify vulnearabilities. BuyThisShoe have asked you to implement a port scanner so
they can assess vulnerabilities as part of their incident response process.
Port scanners are software that scan specified servers for network vulnerabilities e.g. open ports that
are not required, such as Telnet. NMap is an open source port scanner and is widely used in the
industry (see Learner Resources for more information)
Lab Instructions You should refer to the tutorials on NMap (see Resources above) to help you
perform this lab. The videos show how to install and operate NMap
1. Install NMap on a computer (skip this step if your computer already has Nmap installed)
2. Use NMap to scan a computer on the network (you can provide your own IP address, or even
the loopback address of 127.0.0.1)
3. Take a screen print of the output of your scan and attach it to your assessment
resources summary. It should look similar to that below
4. List three well known ports that are shown to be in use by the scan, and the application level
protocols that use those ports (e.g. 80, HTTP etc). You may need to look up well known ports
to do this. Don’t’ forget to record those three application protocols and the ports they
are using in your assessment resources summary
a
Page 12 of 21
Assessment Resources ICTNWK511
Lab 2 Network Protocol Analyzers
Scenario/Context. A risk management plan for network security should also have made provision for
deploying a packet capture utility. Packet capture allows you to trace network traffic of a particular
type, and/or from/to particular devices, for troubleshooting or other investigatory purposes.
BuyThisShoe have asked you to test a packet capture utility so they can investigate network traffic as
part of their incident response process.
Wireshark is an open source packet capture and is widely used in the industry (see Learner
Resources for more information). In this lab, we are going to use Microsoft Message Analyzer, a free
protocol analyzer used on the Windows platform.
Lab overview. You are going to start up a packet capture session in Message Analyzer (MA),
generate some network activity, and find the information in the packet capture file.
1. Install Message Analyzer on a computer (or use a lab computer that has it already installed).
2. Start Message Analyzer as Administrator (you have to run the program with administrator
privileges), and start up a session so MA is capturing packets going across your network
interface
3. Once you start the session running, packets should begin to be captured by MA. Take a
screen shot to show you have successfully captured packets and attach it to your assessment
resources summary . (See screenshot 1 below)
4. Note that when you highlight a packet you can get more details about the structure of the
packet, e.g. the values of each individual field. This enables you to inspect individual packets if
needed. Take a screenshot of a highlighted packet to show how you can inspect individual
packets (see screenshot 2 below) and attach it to your assessment resources summary
5. Leave the session running, and note how packets are continually added to the trace. You can
also sort the trace, e.g. by clicking on the ‘Module’ field on the display, to reorder the packets
for your convenience
6. Once you have viewed a few example packets for protocols, close the session.
Lab Instructions You should refer to the tutorials on Message Analyzer (see Resources in page-2)
a
Page 13 of 21
Assessment Resources ICTNWK511
Screen 1 example
Screen 2 example
a
Page 14 of 21
Assessment Resources ICTNWK511
Lab 3 Logging and security reporting
Scenario/Context. Managing network security requires reviewing many events, incidents, trends and
so on from across multiple systems and devices. BuyThisShoe have asked you to investigate
security reporting systems so they can conduct investigations as part of their incident response
process.
A number of tools have been developed to pull this information together in a convenient form for the
network security manager. Splunk is one of the most well known of these systems, and in this lab you
are going to access a demo Splunk system to experience the range of security data and reporting
typical of medium and large enterprises
Lab Instructions
1. Go to the link below at the Splunk website to set up a free trial account
https://www.splunk.com/page/sign_up/es_sandbox?redirecturl=%2Fgetsplunk%2Fes_sandbox
2. Logon to your demo account
3. Go to the list of reports to see the wide range of reports that are available. Take a
screenshot of your account showing the list of reports and your username, and keep
that as evidence in your assessment resources summary you have performed the lab.
Your sceenshot should look similar to that of image 1 below.
4. Find and run the Change- Account Management by Source User Report. (This shows the
users who have been engaged in account management change activity e.g. changing a user’s
password, privilege levels etc. over the previous reporting period. Take a screen shot of the
report and save it as evidence in your assessment resources summary . See image 2
below.
5. Spend a bit of time looking at other available reports and other security reporting information
within the Sandbox environment.
6. Logoff your account
a
Page 15 of 21
Assessment Resources ICTNWK511
Screenshot image 1
Screenshot image 2
a
Page 16 of 21
Assessment Resources ICTNWK511
Lab 4 Firewalls
Scenario/Context. Your risk management plan for network security should also have firewalls as
one of the required elements. Firewalls can be deployed at the edge of a network (usually as a
hardware device), but host-based firewalls on servers running Windows and Linux can also be
deployed to supplement the hardware firewall (this is an example of the ‘defence in depth’ principle) .
Windows Firewall is free on Windows and is widely used in the industry to supplement hardware
based firewall strategies (see Learner Resources for more information).
Lab overview. In this lab, you are going to set up some simple rules in a Windows firewall. You can
use whatever version of Windows you wish e.g. Windows 7, 8 or 10,
Note: if you are doing this on your own computer, do not keep the rules – just configure the rules,
take a screen shot for lab verification purposes, then delete the rules you created to keep your original
configuration. You should only permanently change your firewall rules if you are sure you want those
changes!
1. Set up an inbound firewall rule to deny incoming Telnet traffic (Telnet uses port 23 over TCP).
Call the rule Lab4Snnnnn (where Snnnnn is your student Id). Once the rule is configured,
take a screenshot of the inbound rule and save it in your Student assessment
resources summary (see example below)
2. Set up an outbound firewall rule to permit outgoing Telnet and SMTP traffic (SMTP uses port
25). Call the rule Lab4Outboundsnnnnn (where Snnnnn is your student Id). Once the rule is
configured, take a screenshot of the outbound rule and save it in your Student
assessment resources summary (see example below)
Make sure you save screenshots of both your inbound and outbound rules.
Make sure you include your student number in the name of your rules, (to prove it is your
work)
Lab Instructions You should refer to the tutorials on firewalls (see Resource 4 above), especially the
video about how to install and configure firewalls on Windows 7.
a
Page 17 of 21
Assessment Resources ICTNWK511
Inbound rule screenshot example
Outbound rule screenshot example
Information for Students
a
Page 18 of 21
Assessment Resources ICTNWK511

ASSESSMENT 3 – LAB
ASSESSOR CHECKLIST
This assessor checklist is to be used when assessing the students in the associated task. The checklist
below must be completed for each student. Please refer to separate mapping document for specific details
relating to alignment of this task to the unit requirements.
Student Name:
Assessor Name:

The student must satisfactorily complete Lab tasks to the standards outlined below.

Lab 1 – Using NMap
ASSESSOR CHECKLIST S NS
Has the student?
1. Explained the uses of port scanner software in providing network
security
2. Downloaded an open source port scanner software from Internet
(For e.g. NMap)
3. Installed port scanner software on the given computer in a network
4. Performed scanning on the given computer in the network using
port scanner software
5. Analyzed the output after the scan finished
6. Identified vulnerabilities in the network based on recorded output
7. Documented the common types of network vulnerabilities
8. Analyzed and plan solutions to compromised networks

a
Page 19 of 21
Assessment Resources ICTNWK511

Lab 2 – Using Network Protocol Analyser
ASSESSOR CHECKLIST S NS
Has the student?
1. Downloaded a network analyzer software from Internet (For e.g.
Wireshark, Microsoft Message Analyzer)
2. Installed Network Analyzer software on the given computer in a
network
3. Run Network Packet Analyzer software with administrative
privileges
4. Performed network activity while software is running
5. Captured packets using network packet analyzer software
6. Analyzed captured packets to identify the flow of traffic in the
network
Lab 3 – Logging and Security Reporting
ASSESSOR CHECKLIST S NS
Has the student?
1. Explained the uses of logging and security reporting for different
organizations
2. Created a demo account on the given website using your own
credentials
3. Logged on to your demo account
4. Accessed different types of report available to understand network
security needs of an organization
5. Identified different logging analysis techniques

a
Page 20 of 21
Assessment Resources ICTNWK511
Assessor Use Only

Assessor Comments

 Satisfactory (S)  Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 21 of 21
Assessment Resources ICTNWK511
Assessment 4: Questions
Information for students:
This is an open book assessment that will be delivered through Moodle, the VIT e-learning platform.
You need to logon to Moodle to complete the test. You can make as many attempts at the test, and
you need to get all questions correct to be judged Satisfactory in this assessment task.
Note: Once you have got the required score, you need to take a screen print in Moodle and
include that screen print below as evidence.
Assessor Use Only

Assessor Comments

 Satisfactory (S)  Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________

[Button id=”1″]

If you are seeking for fast and reliable essay help, you got on the right page. You can order essays, discussion, article critique, coursework, projects, case study, term papers, research papers, reaction paper, movie review, research proposal, capstone project, speech/presentation, book report/review, annotated bibliography, and more. From now on, you can stop worry and forget about writing assignments: your college papers are safe with our expert writers

STUCK with your assignments? Hire Someone to Write Your papers. 100% plagiarism-free work Guarantee!

PLACE YOUR ORDER