Information Technology

ICTPRG537 Implement Security For Applications

18 April 2023 12:22 PM | UPDATED 12 months ago

ICTPRG537 Implement Security For Applications :

For solution: +610482078788

+61482073403

+61482072848

ICTPRG537  Implement Security For  Applications
ICTPRG537 Implement Security For Applications
ICTPRG537 Implement security for applications

student assessment tasks
Implement security for applications

This resource is copyright. Apart from any fair dealing for the purposes of private study, research, criticism or review as permitted under the Copyright Act 1968, no part may be reproduced by any process without written permission as expressed in the RTO Works License Agreement.

The information contained in this resource is, to the best of the project team’s and publisher’s knowledge true and correct. Every effort has been made to ensure its accuracy, but the project team and publisher do not accept responsibility for any loss, injury or damage arising from such information.

While every effort has been made to achieve strict accuracy in this resource, the publisher would welcome notification of any errors and any suggestions for improvement.

IT Works is a series of training and assessment resources developed for qualifications within the Information and Communications Technology Training Package.

CONTENTS

Introduction  4

Assessment Task 1: Knowledge Questions  5

Assessment Task 1: Checklist 7

Assessment Task 2: Project Portfolio  8

Assessment Task 2: Checklist 12

Final Results Record  14

Introduction

The assessment tasks for ICTPRG537 Implement security for applications are outlined in the assessment plan below. These tasks have been designed to help you demonstrate the skills and knowledge that you have learnt during your course.

Please ensure that you read the instructions provided with these tasks carefully. You should also follow the advice provided in the IT Works Student User Guide. The Student User Guide provides important information for you relating to completing assessment successfully.

Assessment for this unit

ICTPRG537 Implement security for applications describes the skills and knowledge required to implement security for software applications, including code access security, security access control, cryptographic and secure, input and output handling.

For you to be assessed as competent, you must successfully complete two assessment tasks:

  • Assessment Task 1: Knowledge questions – You must answer all questions correctly.
  • Assessment Task 2: Project – You must work through a range of activities and complete a project portfolio.

Assessment Task 1: Knowledge Questions

Information for students

Knowledge questions are designed to help you demonstrate the knowledge which you have acquired during the learning phase of this unit. Ensure that you:

  • review the advice to students regarding answering knowledge questions in the IT Works Student User Guide
  • comply with the due date for assessment which your assessor will provide
  • adhere with your RTO’s submission guidelines
  • answer all questions completely and correctly
  • submit work which is original and, where necessary, properly referenced
  • submit a completed cover sheet with your work
  • avoid sharing your answers with other students.
iAssessment information Information about how you should complete this assessment can be found in Appendix A of the IT Works Student User Guide.Refer to the appendix for information on: where this task should be completedthe maximum time allowed for completing this assessment taskwhether or not this task is open-book. Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix C of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that.

Questions

Provide answers to all of the questions below:

  1. Explain the purpose of hardware as part of security measures and list two types of hardware relevant to implementing security for applications.
  2. Explain the purpose of network security and list two types of network security methods.
  3. Identify the three categories of cryptographic algorithms that are the most secure.
  4. Explain how Object-oriented programming can be used to implement applications security.
  5. Describe two mathematics topics that it would be important for a programmer to understand in relation to algorithms.

Assessment Task 1: Checklist

Student’s name:
Did the student provide a sufficient and clear answer that addresses the suggested answer for the following?Completed successfully?Comments
YesNo 
Question 1   
Question 2   
Question 3   
Question 4   
Question 5   
Task outcome:SatisfactoryNot satisfactory
Assessor signature: 
Assessor name: 
Date: 


Assessment Task 2: Project Portfolio

Information for students

In this task, you are required to demonstrate your skills and knowledge by working through a number of activities and completing and submitting a project portfolio.

You will need access to:

  • a suitable place to complete activities that replicates an ICT development environment including computer and internet access and relevant hardware and software
  • security configuration tools
  • testing and debugging tools
  • your learning resources and other information for reference
  • Project Portfolio template.

Ensure that you:

  • review the advice to students regarding responding to written tasks in the IT Works Student User Guide
  • comply with the due date for assessment which your assessor will provide
  • adhere with your RTO’s submission guidelines
  • answer all questions completely and correctly
  • submit work which is original and, where necessary, properly referenced
  • submit a completed cover sheet with your work
  • avoid sharing your answers with other students.
iAssessment information
Information about how you should complete this assessment can be found in Appendix A of the IT Works Student User Guide.Refer to the appendix for information on: where this task should be completedhow your assessment should be submitted. Note: You must complete and submit an assessment cover sheet with your work. A template is provided in Appendix B of the Student User Guide. However, if your RTO has provided you with an assessment cover sheet, please ensure that you use that.

Activities

Complete the following activities:

  1. Carefully read the following:
This project requires you to implement security for two software applications. This will mean building a software application and implementing security as part of the build. The software application you choose to build and implement security for can be any two software applications of your choice. For example: An app to keep notesA To Do appA chat appA survey appA form that can be used to collect data from users through a web site. Whichever application you choose, it must be capable of storing and retrieving information. You can also use any programming language of your choice. Vocational education and training is all about gaining and developing practical skills that are industry relevant and that can help you to succeed in your chosen career. For this reason, basing your project on real applications will mean that you are applying your knowledge and skills in a relevant, practical and meaningful way! Speak to your assessor to get approval for the applications you want to develop and implement security for. You will be collecting evidence for this unit in a Project Portfolio. The steps you need to take are outlined below.
  • Preparation
Complete Page 4 of your Project Portfolio for this unit. Read through the requirements of Section 1 and 2 of your Project Portfolio which include detailed guidance relevant to all the assessment activities.
  • Planning security implementation
You are now to complete Section 1 of your Project Portfolio. This involves: Describing the applications you have chosen to develop.Documenting the programming language you will use, as well as the reason for your choice of programming language. Explaining why application security is required in software development.Planning and describing the approach you will take to security (your security strategy) for each application. This should be integrated into your software development process and should also include:your authentication and authorisation strategydefining access permissionstandard cryptographic algorithms that you will usehow you will protect the application against injections. 
Complete Section 1 of your Project Portfolio. Submit your Portfolio to your assessor.
  • Develop applications and implement security
Following this you are to develop and implement security for the two applications. Remember that during the development of the applications you are to configure the files according to the platform you are using so that the files are secure. For each software application you are to: Develop the application following the software development process and incorporating security controls.Implementing restricted access to protect the applicationsEncrypt and decrypt data used in your application using the standard cryptographic algorithms you determined as part of your planning.Develop the code using secure input and output handling. Once you have completed all of the above, run the applications you have developed for the purposes of testing and debugging.
Complete Section 2 of your Project Portfolio. Submit your Portfolio.
  • Present applications
The final part of this activity requires you to present the two applications you have developed to your student group. The purpose of the presentation is to assess your oral communication skills.  The group you present to will be a small group of students or the whole group. Your assessor will advise you of this plus the date and time of the presentation. At the presentation you are to briefly describe the applications you developed and how you implemented security. Your presentation will be for approximately 5 minutes. Your assessor will be looking to see that you can: demonstrate effective communication skills including:speaking clearly and concisely using non-verbal communication to assist with understanding asking questions to identify required information responding to questions as required using active listening techniques to confirm understandinguse suitable industry standard technical language in describing your work.
iThis can either be viewed in person by your assessor or you may like to video record the session for your assessor to watch later. Your assessor can provide you with more details at this step. Make sure you follow the instructions above and meet the timeframes allocated.
  • Submit your completed Project Portfolio 
Make sure you have completed all sections of your Project Portfolio, answered all questions, provided enough detail as indicated and proofread for spelling and grammar as necessary. Submit to your assessor for marking.

Assessment Task 2: Checklist

Student’s name:
Did the student:Completed successfully?Comments
YesNo 
Implement security for two different applications?   
Identifying the purpose of application security as part of software development?    
Planning a security strategy including: the authentication and authorisation strategydefining access permissionidentifying standard cryptographic algorithms identifying how the applications will be protected against injections?   
Determine and document required standard cryptographic algorithms?   
Encrypt, and decrypt, data using standard cryptographic algorithms?   
Using secure input and output handling for each application?   
Preventing security attacks by implementing security on each application?   
Document all processes and outcomes relevant to security implementation?   
Use effective communication skills to present applications developed?   
Use industry standard technical language to describe applications developed?   
Task outcome:SatisfactoryNot satisfactory
Assessor signature: 
Assessor name: 
Date: 

Final Results Record

Student name: 
Assessor name: 
Date 

Final assessment results

TaskTypeResult
SatisfactoryUnsatisfactoryDid not submit
Assessment Task 1Knowledge questionsSUDNS
Assessment Task 2Project PortfolioSUDNS
Overall unit results CNYC 

Feedback

Student signature: ___________________________________________   Date: _________________

Assessor signature:   _________________________________________   Date:  _________________

Visit:https://auspali.info/

Also visit:https://www.notesnepal.com/archives/767

For solution: +610482078788

+61482073403

+61482072848