ICTCYS613 Utilise Design Methodologies :
For solution: +610482078788
+61482073403
+61482072848
| Utilise design methodologies for security architecture |
This resource is copyright. Apart from any fair dealing for the purposes of private study, research, criticism or review as permitted under the Copyright Act 1968, no part may be reproduced by any process without written permission as expressed in the RTO Works License Agreement.
The information contained in this resource is, to the best of the project team’s and publisher’s knowledge true and correct. Every effort has been made to ensure its accuracy, but the project team and publisher do not accept responsibility for any loss, injury or damage arising from such information.
While every effort has been made to achieve strict accuracy in this resource, the publisher would welcome notification of any errors and any suggestions for improvement.
IT Works is a series of training and assessment resources developed for qualifications within the Information and Communications Technology Training Package.
CONTENTS
Assessment Task 1: Knowledge Questions 5
Assessment Task 1: Checklist 7
Assessment Task 2: Project Portfolio 8
Assessment Task 2: Checklist 11
The ICTCYS613 Utilise Design Methodologies assessment tasks for ICTCYS613 Utilise design methodologies for security architecture are outlined in the assessment plan below. These tasks have been designed to help you demonstrate the skills and knowledge that you have learnt during your course.
Please ensure that you read the instructions provided with these tasks carefully. You should also follow the advice provided in the IT Works Student User Guide. The Student User Guide provides important information for you relating to completing assessment successfully.
Assessment for this unit
ICTCYS613 Utilise design methodologies for security architecture describes the skills and knowledge required to design security architecture to organisation requirements, utilising specific design methodologies.
For you to be assessed as competent, you must successfully complete two assessment tasks:
- Assessment Task 1: Knowledge questions – You must answer all questions correctly.
- Assessment Task 2: Project – You must work through a range of activities and complete a project portfolio.
Assessment Task 1: Knowledge Questions
Knowledge questions are designed to help you demonstrate the knowledge which you have acquired during the learning phase of this unit. Ensure that you:
- review the advice to students regarding answering knowledge questions in the IT Works Student User Guide
- comply with the due date for assessment which your assessor will provide
- adhere with your RTO’s submission guidelines
- answer all questions completely and correctly
- submit work which is original and, where necessary, properly referenced
- submit a completed cover sheet with your work
- avoid sharing your answers with other students.
| i | Assessment information Information about how you should complete this assessment can be found in Appendix A of the IT Works Student User Guide.Refer to the appendix for information on: where this task should be completedthe maximum time allowed for completing this assessment taskwhether or not this task is open-book. Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix C of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that. |
Questions
Provide answers to all of the questions below:
- List the principles of cyber security.
- The Identify: It helps build an understanding of how to manage cybersecurity risk to systems, people, assets, data, and capabilities within an organization. An organization can focus and prioritize its efforts in accordance with its risk management strategy and business requirements when it understands the context of the business, the resources that support essential functions, and the associated cybersecurity risks.
- The Protect: The ability to limit or contain the impact of a potential cybersecurity event is supported by the Protect Function. It outlines the necessary safeguards to guarantee the delivery of services for critical infrastructure.
- The Detect: Events in cybersecurity can be quickly discovered thanks to the Detect Function. It specifies the appropriate procedures for determining when a cybersecurity incident has occurred.
- The Respond: The ability to limit the impact of a possible cybersecurity incident is supported by the Respond principle. It includes the right actions to take in response to a cybersecurity incident that has been detected.
- The Recover: In order to lessen the impact of a cybersecurity incident, the Recover Function supports prompt recovery to normal operations. It identifies the right actions to take to maintain resilience plans and restore any services or capabilities that were disrupted as a result of a cybersecurity incident.
On the other hand, there are core principles rather than above principles. An information security model with the following three main components is known as the CIA triad: availability, honesty, and confidentiality. Information security’s fundamental goal is represented by each component.
- List the principles of security architecture.
A. Compartmentalization: In a safe network, compartmentalization has two main components. The first is that the network should be divided up within the organization. Once an organization’s network is infiltrated, the attacker can move across the network, potentially stealing data and infecting important assets, if the network is flat and open. The entire network is broken up into smaller sub-networks using network segmentation. Applying a set of rules for communication between hosts and services is a related concept of segregation.
B. The Weakest Link: The network will have points of weakness in every organization. the, um, weakest link in the chain. Sadly, this is also the workforce for the majority of organizations. For instance, despite the robustness of your IT defenses, if an employee falls for a phishing scam, everything could go wrong. Here, specific areas of risk include:
- Access to workplace resources via personal devices
- Ignoring the security of passwords.
C. Assessment of Vulnerability: Once your network security system’s various components are in place, you must verify that they are safeguarding your business’s assets. Vulnerability testing is crucial in this situation; regularly putting your defenses to the test to find where the “holes” are. An organization should use a combination of automated and manual methods. All of the systems that are connected to the network such as servers, desktops, and laptops will be identified by an automated vulnerability scanning tool. After that, it will use a list of known flaws to see if any of them are present.
D. The Significance of Layering: Safeguarding a middle age palace implied laying out a few unique layers of safety. First, the castle was in a location that was protected from invasion by nature: frequently on hills, next to cliffs, and near large water bodies. Second, to stop intruders from getting to the King’s Keep, a series of man-made obstacles heavy gates, moats, and traps were set up. In a similar vein, layering is a crucial part of designing a secure network. Of course, the idea is that another layer of defence will stop the attack if an intrusion or attack gets through one layer of defence. All of the previous components of the network security design that we have discussed are brought together by layering.
- List four cyber security risks that can result in a business developing security architecture.
a. Attacks on passwords: A cyber attacker can access a lot of information if they have the right password. Data Insider defines social engineering as “a strategy cyber attackers use that relies heavily on human interaction and frequently involves tricking people into breaking standard security practices,” which is a type of password attack. Accessing a password database or simply guessing are two additional types of password attacks.
b. Injection of SQL: The server releases information when infected. An Organized Inquiry Language (SQL) infusion is a kind of digital assault that outcomes from embedding malevolent code into a server that utilizes SQL. Entering the malicious code into a vulnerable website search box can be all it takes to submit it.
c. Phishing: According to Cisco, the objective is to install malware on the victim’s machine or steal sensitive data like login and credit card information. Phishing attacks make use of fictitious communication, like an email, to trick the recipient into opening it and following the instructions, like giving their credit card number.
d. The Middle Man: In a man-in-the-middle (MITM) attack, hackers insert themselves into a transaction between two parties. According to Cisco, they can filter and steal data after interrupting the traffic. When a visitor uses an unsecure public Wi-Fi network, MITM attacks frequently occur. The attackers put themselves in between the visitor and the network before installing malware to maliciously use data and install software.
e. Denial of Service: A type of cyberattack known as a denial of service (DoS) causes a computer or network to become overwhelmed and unable to respond to requests. Some cyber attackers use the time a network is disabled to launch additional attacks, while others use a flood attack to disrupt the “handshake” process and carry out a DoS. The same thing happens with a distributed denial of service (DDoS), but the attack comes from a computer network. Other methods may also be used. It is difficult to locate botnets because they are spread out geographically. According to Jeff Melnick of Netwrix, an information technology security software company, a botnet is a type of distributed denial of service (DDoS) in which a hacker can control millions of systems that have been infected with malware. The processing capabilities of a target are targeted and overwhelmed by botnets, also known as zombie systems.
f. Emotet: Emotet is described as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans” by the Cybersecurity and Infrastructure Security Agency (CISA). Emotet is still one of the most destructive and expensive malware.
g. Malware: Spyware, ransomware, viruses, and worms are examples of malicious software. Malware is enacted when a client taps on a malevolent connection or connection, which prompts introducing perilous programming. According to Cisco, once malware is activated, it can:
- Block access to important parts of the network (ransomware).
- Install additional software that is harmful.
- transmit data from the hard drive to secretly obtain information (spyware).
- Disrupt each component, rendering the system inoperable.
- List three types of documents that would form part of security architecture.
a. Watermarking: A watermark might be considered a stamp as text or a picture that has been added statically or powerfully to the first report. In document security, watermarking should be used to encourage safe user behaviour. In the construction industry, putting a watermark on drawings is crucial for letting viewers know who they are, when they accessed the document, and that this version is not the most recent. By dynamically inserting the employee’s name into the original documents, it will help identify the source of the leak and prevent employees from leaking documents if used correctly.
b-Digital Rights Management, also known as DRM: Digital rights management is the process of restricting the use of copyrighted digital assets through the use of technologies and methods. Because the document must be authorized before it can be opened, implementing DRM will increase the security of your documents. DRM software is designed to protect copyright holders’ rights and prevent illegal distribution or modification. This occasion will guarantee that main those with the suitable access privileges might see the substance.
c- Encryption of Files or Documents: It is absolutely necessary for these documents to be encrypted so that no one, even if they have access to the folder, can view them. The employees may begin uploading files to digital solution on-premises or in the cloud. If the content ends up in the wrong hands in this situation, no one will be able to view it. The majority of systems let physical-digital files be encrypted and only seen within their solutions.
| Student’s name: | ||||
| Did the student provide a sufficient and clear answer that addresses the suggested answer for the following? | Completed successfully? | Comments | ||
| Yes | No | |||
| Question 1 | ||||
| Question 2 | ||||
| Question 3 | ||||
| Question 4 | ||||
| Task outcome: | Satisfactory | Not satisfactory | ||
| Assessor signature: | ||||
| Assessor name: | ||||
| Date: | ||||
Assessment Task 2: Project Portfolio
Information for students
In this task, you are required to demonstrate your skills and knowledge by working through a number of activities and completing and submitting a project portfolio.
You will need access to:
- a suitable place to complete activities that replicates an ICT environment including computer and internet access
- ICTCYS613 Simulation Pack or access to information about your own business including its structure, procedures relevant to designing security architecture and relevant data
- your learning resources and other information for reference
- Project Portfolio template.
Ensure that you:
- review the advice to students regarding responding to written tasks in the IT Works Student User Guide
- comply with the due date for assessment which your assessor will provide
- adhere with your RTO’s submission guidelines
- answer all questions completely and correctly
- submit work which is original and, where necessary, properly referenced
- submit a completed cover sheet with your work
- avoid sharing your answers with other students.
| i | Assessment information |
| Information about how you should complete this assessment can be found in Appendix A of the IT Works Student User Guide.Refer to the appendix for information on: where this task should be completedhow your assessment should be submitted. Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix B of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that. |
Activities
Complete the following activities:
- Carefully read the following:
| This assessment task requires you to design security architecture for a business using specific design methodologies. This project can be based on the case study business in the ICTCYS613 Simulation Pack or you may like to base this on your own business, or a business you are currently working for or are familiar with. It is important that you can access information about the business including its structure, procedures relevant to designing security architecture and relevant data. Speak to your assessor to get approval if you want to base this on your own business or one you work for. |
- Planning
| Make sure you are familiar with the business you are basing this assessment on and have read through the necessary background information and policies and procedures. For the case study business, this is all of the documents included in the ICTCYS613 simulation pack. If it’s your own business or a business where you are working or are familiar with, it’s important at this step that you have your business or case study approved by your assessor. Complete Page 4 of your Project Portfolio for this unit. Read through the requirements of Section 1 and 2 of your Project Portfolio. |
- Security architecture planning
| You are now to complete Section 1 of your Project Portfolio. When you complete Section 1, you need to: Analyse and report on the business’ security requirements. Describe the data types that will be included in the security architecture.Discuss industry standard design methodologies that can be used for security architecture. | |
| Complete Section 1 of your Project Portfolio. Submit your Portfolio to your assessor and if approved, you will move to the next step. |
- Security architecture design
| You are now to complete Section 2 of your Project Portfolio. When you complete Section 2, you need to: Design the security architecture to meet the business’ needs using industry standard design methodologies.Demonstrate how your design uses industry standard methodologies and meets requirements.Submit all of your documentation associated with the security architecture design and seek feedback. Complete Section 2 of your Portfolio. |
- Submit your completed Project Portfolio
| Make sure you have completed all sections of your Project Portfolio, answered all questions, provided enough detail as indicated and proofread for spelling and grammar as necessary. Submit to your assessor for marking. |
| Student’s name: | |||
| Did the student: | Completed successfully? | Comments | |
| Yes | No | ||
| Analyse and report on the organisation’s operations and infrastructure to identify and report on their specific security requirements? | |||
| Research and report on industry standard design methodologies that are commonly used in security architecture design? | |||
| Determine and report on the required security level and perimeters, security features and security mode? | |||
| Establish and report on all data types that are to be included in the security architecture? | |||
| Document all security architecture findings and confirm? | |||
| Design and document security solution as per the organisation’s requirements? | |||
| Demonstrate how the security design developed utilises major industry standard design methodologies? | |||
| Demonstrate how the security design developed addresses the organisation’s cyber security requirements? | |||
| Submit documentation for feedback? | |||
| Respond to feedback? | |||
| Task outcome: | Satisfactory | Not satisfactory |
| Assessor signature: | ||
| Assessor name: | ||
| Date: | ||
| Student name: | |
| Assessor name: | |
| Date |
Final assessment results
| Task | Type | Result | ||
| Satisfactory | Unsatisfactory | Did not submit | ||
| Assessment Task 1 | Knowledge questions | S | U | DNS |
| Assessment Task 2 | Project Portfolio | S | U | DNS |
| Overall unit results | C | NYC | ||
Student signature: ___________________________________________ Date: _________________
Assessor signature: _________________________________________ Date: _________________
Visit:https://auspali.info/
Also visit:https://www.notesnepal.com/archives/767
For solution: +610482078788
+61482073403
+61482072848
YOUR COMMENT