Introduction To Cyber Security Assignment Brief Qualification ATHE Level 3 Diploma in Information and Digital Technologies (603/6569/9) Unit Reference Number J/618/4175 Unit Title Introduction to Cyber Security RQF Level : 3 Number of Credits 10 Total Qualification Time (TQT) 600 hours Guided Learning Hours (GLH) 60 hours Unit Aims This unit aims to provide an overview of cyber security and the importance of keeping yourself and systems safe when online. Learners will develop an understanding of the basics of security and the appropriate measures to take to reduce security risks.
Assignment Tasks You have gained a work employment within the ICT Security Department of an online clothing store. The organisation has 90 employees across multiple departments. The ICT skill level of employees include non-ICT users, basic ICT users and advanced ICT users.
Your manager has asked you to produce a presentation on the “Introduction to Cyber Security’ to be delivered to new staff joining the department. You must collate the information for the presentation and produce slides.
The organisation has recently been exposed to a cyber security attack and therefore the ICT Manager has also asked you to develop a range of materials to be distributed across the ICT security team and to all staff.
You have also been asked to draft responses to some queries the department have received from internal stakeholders.
You will produce presentation materials, supporting notes and other documentation that can be used by the ICT Security Department.
Task 1 – Create An Induction Presentation You have been asked to produce an introduction to Cyber Security presentation for new staff joining the organisation.
The presentation must:
Explain the importance of understanding cyber security in the organisation Describe how to keep up to date with new security attacks Describe the typical mind-sets of hackers Outline the different types of malware that exist Describe the different types of cyber-attacks that exist Extension activities:
To gain a merit grade you must also include a supporting document:
explaining the advantages of understanding hacker’s mindsets To gain a distinction grade you must also include a supporting document:
evaluating a range of security attacks and identifying typical areas for improvement LO1 AC 1.1, 1.2, 1.3, 1.4, 1.5, 1M1, 1D1
Task 2 – Create A ‘Keep Safe When Working Online’ Guide The ICT Manager has decided that new measures should be introduced to increase staff awareness of ICT Security when working online. The manager has asked you to produce a ‘Keeping yourself and others safe when working online’ guide which will be distributed to staff.
The guide should be engaging, and language used should be suitable for the target audience.
The guide should:
Explain methods of keeping safe when using social networks Describe how social networks create your personal brand Explain how to protect your reputation online Explain methods of keeping safe when working online LO2 AC 2.1, 2.2, 2.3, 2.4
Task 3 – Draft A Response To Queries Your manager has asked you to draft a response to the below queries which have been asked by the Head of Corporate Services.
You must provide answers to the following questions in a document.
Explain the types of cyber-attacks that we should look out for? What are the types of legislation relating to cyber security? What policies could we implement in the organisation to protect staff and customers? Explain what would be considered effective prevention methods to implement to protect the organisation? Describe how we can protect systems, people and processes in the organisation? LO3 AC 3.1, 3.2, 3.3, 3.4, 3.5
Task 4 Create A Disaster Recovery Plan You have also been asked by your manager to assist with developing a disaster recovery plan for the organisation.
The plan should include:
Techniques to use for managing any security risks A cyber security risk register An explanation on how to monitor cyber security risks in the organisation A risk response plan In addition to the plan your manager has asked you to respond to the email below:
Hello, We are considering designing a new system for online sales orders. Can you describe the importance of cyber security when designing this new system?
John Smith e-commerce manager
Extension activities:
To gain a merit grade your plan must also:
explain the benefits of having a risk register To gain a distinction grade your plan must also:
evaluate the impact that a preventive measure would have on a potential risk LO4 AC 4.1, 4.2, 4.3, 4.4, 4.5, 4.6 4M1, 4D1
Task 5 – Implement A Range Of Security Measures The ICT Manager has asked you to implement security measures across a range of devices. You must install and configure the below measures on the devices listed.
You must evidence your installation and configuration using either annotated screenshots within a document or a live video screencast recording with audio commentary on the task you are undertaking.
Devices:
Mobile devices: Two Factor Authentication and Device Management Software Desktop devices: Anti-Virus and Firewall Cloud based systems: Password Policy and Monitor user activity Extension activities:
To gain a merit grade you must produce evidence of:
configuring security policies to be deployed in order to protect devices To gain a distinction grade you must also include within your submission:
an assessment of the benefits of centrally managing and controlling devices for an organisation LO5 AC 5.1, 5.2, 5.3, 5M1, 5D
Learning Outcomes And Assessment Criteria Learning outcomes The learner will: Assessment criteria The learner can: Pass Merit Distinction
- Understand the use of cyber security
1.1 Explain the importance of understanding cyber security 1.2 Describe how to keep up to date with new security attacks
1.3 Describe the typical mindsets of hackers
1.4 Outline the different types of malware that exist
1.5 Describe the different types of cyber-attacks that exist
1M1 Explain the advantages of understanding hacker’s mind-sets
1D1 Evaluate a range of security attacks and
identify areas for improvement
- Understand how to keep yourself and others safe when working online
2.1 Explain methods of keeping safe when using social networks 2.2 Describe how social networks create your personal brand
2.3 Explain how to protect your reputation online
2.4 Explain methods of keeping safe when working online
3. Understand appropriate security measures to implement
3.1 Explain the types of cyberattacks to look out for 3.2 Identify legislation relating to cyber security
3.3 Outline policies that could be implemented in a chosen work environment
3.4 Explain effective prevention methods
3.5 Describe how to protect systems, people and processes
4. Understand how to manage cyber security risks
4.1 Identify risk management techniques 4.2 Create a cyber security risk register
4.3 Explain how to monitor cyber security risks
4.4 Create a risk response plan
4.5 Describe the importance of cyber security when designing a new system
4.6 Create a disaster recovery plan
4M1 Explain the benefits of having a risk register
4D1 Evaluate the impact that a preventive measure would have on a potential risk
5 Be able to Implement security measures on a range of devices 5.1 Install and configure security measures on mobile devices 5.2 Install and configure security measures on desktop based devices
5.3 Install and configure security measures on cloud based systems
5M1 Configure security policies to protect devices