assignment brief qcf btecwiki.hct.ac.uk/_media/computing/btec/level3/2018... · assignment brief...

Assignment brief – QCF BTEC

Assignment front sheet

Qualification Unit number and title

Edexcel BTEC Level 3 Extended Diploma in

Information Technology (2010) 7 - Organisational Systems Security

Learner name Assessor name

Terry Prosser

Date issued Hand in deadline Submitted on

03/05/19 17/03/19 See Turnitin

Assignment title Assignment 2 – Secure Your Threats

Start date

of 7

In this assessment, you will have opportunities to provide evidence against the following criteria. Indicate the page numbers where the evidence can be found.

P2 Describe how physical security measures can

help keep systems secure.

1

P3 Describe how software and network security

can keep systems and data secure.

2

M2

Explain the operation and use of an

encryption technique in ensuring security of

transmitted information.

3

D1 Discuss different ways of recovering from a

disaster.

4

Learner declaration

By submitting this work through Turnitin, I certify that the work submitted for this assignment is my

own and research sources are fully acknowledged. I understand that false declaration is a form of

malpractice.







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Scenario

You are employed as a junior at ‘LockedDownData’, an IT security consultancy.

LockedDownData have been approached by a local estate agent for security

advice. They deal in large value financial transactions and hold a large amount of

confidential customer data (including financial information such as status of

mortgage applications) on their database. They are part of a nationwide group of

over 300 agents and they are linked through this group to all parts of the UK.

The following is an extract from their web-site: “Wisdom and Truth are Hereford Estate Agents, Chartered Surveyors and Letting Agents specialising

in the Sale of residential property in Hereford city and Herefordshire.

As well as Property Sales, we have departments dedicated to both Property Lettings & Management

and Professional Services offering RICS Homebuyer Surveys; Professional Valuations and Sales &

Lettings of Commercial Property.

Our progressive, personal and experienced approach achieves the best results and business partners

Derek Wisdom FRICS and Serena Truth FNAEA are involved with every property transaction.” You are to prepare a presentation for this organisation describing how to keep

their systems and data secure.







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Task 1

Your presentation should describe the physical measures that can be used to keep systems secure.

As well as the measures that you think most appropriate for ‘Wisdom & Truth’ you should give

‘suggestions’ for other methods that could be deployed but that you might not recommend for this

customer. You should prepare at least one slide for each of the following: Lock and key (This should refer to a variety of different implementations such as barrel locks, Kensington

locks and digital key-pads)

Visitor passes

Sign-in/sign-out systems

Biometrics o (this must include at least three different types of biometric security, one slide for each)

Others e.g. security guards or cable shielding..

This provides evidence for [P2]







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Task 2

You should add to your presentation to describe features for software and network security. Hints: You should cover (as a minimum – with at least one slide for each):

Call back

Handshaking

Diskless networks

Use of back-ups

Audit log

Firewall configurations

Virus checking software

VPNs

Intrusion detection systems

Passwords

Levels of access to data

Software updating

This provides evidence for [P3]







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Task 3 Task 3 requires an explanation of the operation and use of a selected encryption technique to

ensure the security of transmitted information. You will have the opportunity to present this

part of your assignment to the rest of your class. Your presentation should clearly explain

both the encryption and decryption techniques as well as highlighting the relative strength of

the security offered.

This is best done by explain a ‘paper and pen method’ showing how both encryption and

decryption work, good subjects are:

Playfair cipher

Vignere cipher

The one-time pad This provides evidence for [M2]







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Task 4 (D1) You should conclude your presentation with an investigation of disaster recovery options and

discuss how and when they would be used. Having a disaster recovery plan will be critical for this

company.

You should prepare this element as a report to leave with the company. It should be at least two

sides of A4 in length and make recommendations to the company of suitable options for their

recovery plan. The company must be able to use your plan to recover from a potential disaster. You do not need to describe the disaster – the nature of this is unknown, it is any event that will incapacitate most or all of the organisation’s systems- you must describe the recovery process!

You should investigate the following issues:

Back-up systems (What schedules would you set, where would you back-up to etc)

Whole system replacement (Is this a requirement for this company, what are the implications?)

Tiers of recovery (Describe the different tiers and recommend which tier this company should be operating at).







Terry Prosser


03/05/19 17/03/19 See Turnitin


Start date

of 7

Evidence checklist

Submit to http://www.turnitinuk.com/en_gb/home in the following format: L3-U18_A1-FullName-2018.

[tick boxes]

A presentation 1 1

An extension to the presentation 2

A separate presentation 3

A written, professional report 4

Sources of information:

Wiki, unit 7 (http://wiki.computing.hct.ac.uk/computing/btec/level3/organisational_systems_security)

Who are you and why are here?

E-books from LRC:

Information security management principles (Andy Taylor) Information security and employee behaviour (Angus McIlwraith) How to cheat at managing information security (Osborne & Summitt)

Publications:

Beekman G and Quinn M J – Computer Confluence Complete: and Student CD – 1st international edition (Pearson Education, 2005) ISBN-10 1405835796, ISBN-13 978-1405835794

Heathcote P – A Level ICT – revised edition (Payne Gallway, 2004) ISBN-10 0953249085, ISBN-13 978-0953249084

Conklin, White et. al. - Principles of Computer Security: CompTIA Security+ and Beyond - 3rd Edition (McGraw Hill, 2012) ISBN: (Book) 978-0-07-178616-4, (CD)978-0-07-178617-1, (set) 978-0-07-178619-5

http://www.turnitinuk.com/en_gb/home

http://wiki.computing.hct.ac.uk/computing/btec/level3/organisational_systems_security

assignment brief qcf btecwiki.hct.ac.uk/_media/computing/btec/level3/2018... · assignment brief...

Documents