Conditions for assessment | My Assignment Tutor

Student Version Section A – Program/Course detailsQualification code:22334VICQualification title:Certificate IV in Cyber SecurityUnit code:VU21988Unit title:Utilise basic network concepts and protocols required in cyber securityDepartment name:CRN number:Enter CRN number Section B – Assessment task detailsAssessment number:1 of 2Semester/Year:1/2021Due date:Duration of assessment:14 weeksAssessment methodAssessment task results☒Ungraded result☐Other: Click here to enter text. Section C – Instructions to studentsTask instructions:Student will have to answer all the questions to be deemed competent.This is an individual task and answers must be in your own words, do not copy and paste from internet.. Section D – Conditions for assessmentConditions: Student to complete and attach Assessment Submission Cover Sheet to the completed Assessment Task.– Assessment to be completed individually.– Discuss with your assessor if you feel you require special consideration or adjustment for this task.– Students must meet all criteria listed in the marking guide to be satisfactory in this task.– Students may resubmit this task if not successful within the enrolment period as per Holmesglen conductingassessment procedure.– This is an open book assessment.– The learner may use the internet for research– This Assessment task must be uploaded to Brightspace along with a complete and signed coversheet.– It is expected all documents will be completed and submitted electronically but if this is not possible, make alternative arrangements for submitting the documents with your assessor.– You will have the opportunity to resubmit if any part of the assessment is deemed unsatisfactory (one resubmit allowed per task).– You can appeal an assessment decision according to the Holmesglen Assessment Complaints and Appeals Procedure.– If you feel you require special allowance or adjustment to this task, please decide with your assessor within one week of commencing this assessment.– The learner may use the internet research answers for this assessmentEquipment/resources students must supply:Equipment/resources to be provided by the RTO:N/AComputerInternet access Section E – Marking Sheet – Student Answer SheetStudent ID:Student name:Unit code:VU21988Unit title:Utilise basic network concepts and protocols required in cyber securityDate: Knowledge task Questions: Provide your responses in the boxes below each question.Question 1:Describe how networking devices such as routers and PCs may be vulnerable to cyber security breaches?Satisfactory responseYes ☐No ☐Answer:A network vulnerability is a weakness or flaw in software, hardware, or organizational processes, which when compromised by a threat, can result in a security breach.Different Types of Network Vulnerabilities?Malware, short for malicious software, such as Trojans, viruses, and worms that are installed on a user’s machine or a host server. The most common types of malware include:Viruses Keyloggers Worms Trojans Social engineering attacks that fool users into giving up personal information such as a username or password. The most common types of social engineering attacks include:Phishing emails Spear phishing Whaling Vishing Smishing Outdated or unpatched software that exposes the systems running the application and potentially the entire network. Misconfigured firewalls / operating systems that allow or have default policies enabled.Comment:Question 2:Discuss the difference between Cyber Security and Network Security?Satisfactory responseYes ☐No ☐Answer: Network Security: Network Security is the measures taken by any enterprise or organisation to secure its computer network and data using both hardware and software systems. This aims at securing the confidentiality and accessibility of the data and network. Every company or organisation that handles large amount of data, has a degree of solutions against many cyber threats.Cyber Security: Cyber Security is the measures to protect our system from cyber-attacks and malicious attacks. It is basically to advance our security of the system so that we can prevent unauthorized access of our system from attacker. It protects the cyberspace from attacks and damages. Cyberspace can be hampered by inherent vulnerabilities that cannot be removed sometimes. Network Security Cyber Security It protects the data flowing over the network. It protects the data residing in the devices and servers. It is a subset of cyber security. It is a subset of information security. It protects anything in the network realm. It protects anything in the cyber realm. It deals with the protection from DOS attacks. It deals with the protection from cyber- attacks. Network Security strikes against trojans. Cyber Security strikes against cyber crimes and cyber frauds. It includes viruses and worms. It includes phishing and pre-texting. Network Security strikes against trojans. Cyber Security strikes against cyber crimes and cyber frauds. It includes viruses and worms. It includes phishing and pre-texting. Network security ensures to protect the Cyber security ensures to protect transit data only. entire digital data. It secures the data travelling across the It deals with the protection of the data network by terminals. resting.Comment:Question 3:List the layers of the OSI model and also of the TCP/IP model?Satisfactory responseYes ☐No ☐Answer: The seven abstraction layers of the OSI model can be defined as follows The physical layer. The data link layer. The network layer. The transport layer. The session layer. The presentation layer. The application layer.The functionality of the TCP IP model is divided into four layers, and each includes specific protocols.TCP/IP is a layered server architecture system in which each layer is defined according to a specific function to perform. All these four TCP/IP layers work collaboratively to transmit the data from one layer to another.Application Layer Transport Layer Internet Layer Network InterfaceComment:Question 4:Compare each layer of the OSI model to the TCP/IP model?Satisfactory responseYes ☐No ☐Answer: OSI Model It is developed by ISO (International Standard Organization) OSI model provides a clear distinction between interfaces, services, and protocols. OSI refers to Open Systems Interconnection. OSI uses the network layer to define routing standards and protocols. OSI follows a vertical approach. OSI layers have seven layers. In the OSI model, the transport layer is only connection oriented. In the OSI model, the data link layer and physical are separate layers. Session and presentation layers are a part of the OSI model. It is defined after the advent of the Internet. The minimum size of the OSI header is 5 bytes.TCP/IP ModelIt is developed by ARPANET (Advanced Research Project Agency Network). TCP/IP doesn’t have any clear distinguishing points between services, interfaces, and protocols. TCP refers to Transmission Control Protocol. TCP/IP uses only the Internet layer. TCP/IP follows a horizontal approach. TCP/IP has four layers. A layer of the TCP/IP model is both connection-oriented and connectionless. In TCP, physical and data link are both combined as a single host-to-network layer. There is no session and presentation layer in the TCP model. It is defined before the advent of the internet. The minimum header size is 20 bytes.Comment:Question 5:Explain what happens at each layer of the TCP/IP model?Satisfactory responseYes ☐No ☐Answer: Application Layer Application layer interacts with an application program, which is the highest level of OSI model. The application layer is the OSI layer, which is closest to the end-user. It means the OSI application layer allows users to interact with other software application. Application layer interacts with software applications to implement a communicating component. The interpretation of data by the application program is always outside the scope of the OSI model. Example of the application layer is an application such as file transfer, email, remote login, etc.Transport Layer Transport layer builds on the network layer in order to provide data transport from a process on a source system machine to a process on a destination system. It is hosted using single or multiple networks, and also maintains the quality of service functions. It determines how much data should be sent where and at what rate. This layer builds on the message which are received from the application layer. It helps ensure that data units are delivered error-free and in sequence. Transport layer helps you to control the reliability of a link through flow control, error control, and segmentation or de-segmentation. The transport layer also offers an acknowledgment of the successful data transmission and sends the next data in case no errors occurred. TCP is the best-known example of the transport layer.Internet Layer An internet layer is a second layer of TCP/IP layes of the TCP/IP model. It is also known as a network layer. The main work of this layer is to send the packets from any network, and any computer still they reach the destination irrespective of the route they take. The Internet layer offers the functional and procedural method for transferring variable length data sequences from one node to another with the help of various networks. Message delivery at the network layer does not give any guaranteed to be reliable network layer protocol. Layer-management protocols that belong to the network layer are:Routing protocols Multicast group management Network-layer address assignment.The Network Interface LayerNetwork Interface Layer is this layer of the four-layer TCP/IP model. This layer is also called a network access layer. It helps you to defines details of how data should be sent using the network. It also includes how bits should optically be signaled by hardware devices which directly interfaces with a network medium, like coaxial, optical, coaxial, fiber, or twisted-pair cables. A network layer is a combination of the data line and defined in the article of OSI reference model. This layer defines how the data should be sent physically through the network. This layer is responsible for the transmission of the data between two devices on the same network.Comment:Question 6:What are the main elements of a security Policy?Satisfactory responseYes ☐No ☐Answer: 8 Elements of an Information Security PolicyPurpose. Audience. Information security objectives. Authority and access control policy. Data classification. Data support and operations. Security awareness and behavior. Responsibilities, rights, and duties of personnel.Comment:Question 7:List and describe four areas of business that can be impacted by cyber security breaches?Satisfactory responseYes ☐No ☐Answer: Top 5 security threats facing businesses, and how organizations can protect themselves against them.1) Phishing Attacks The biggest, most damaging and most widespread threat facing small businesses are phishing attacks. Phishing attacks occur when an attacker pretends to be a trusted contact, and entices a user to click a malicious link, download a malicious file, or give them access to sensitive information, account details or credentials. Phishing attacks have grown much more sophisticated in recent years, with attackers becoming more convincing in pretending to be legitimate business contacts. There has also been a rise in Business Email Compromise, which involves bad actors using phishing campagins to steal business email account passwords from high level executives, and then using these accounts to fraudulently request payments from employees.2) Malware Attacks Malware is the second big threat facing small businesses. It encompasses a variety of cyber threats such as trojans and viruses. It’s a varied term for malicious code that hackers create to gain access to networks, steal data, or destroy data on computers. Malware usually comes from malicious website downloads, spam emails or from connecting to other infected machines or devices.These attacks are particularly damaging for small businesses because they can cripple devices, which requires expensive repairs or replacements to fix. They can also give attackers a back door to access data, which can put customers and employees at risk. Small businesses are more likely to employ people who use their own devices for work, as it helps to save time and cost. This, however, increases their likelihood of suffering from a malware attack, as personal devices are much more likely to be at risk from malicious downloads.3) Ransomware Ransomware is one of the most common cyber-attacks, hitting thousands of businesses every year. They’ve grown more common recently, as they are one of the most lucrative forms of attacks. Ransomware involves encrypting company data so that it cannot be used or accessed, and then forcing the company to pay a ransom to unlock the data. This leaves businesses with a tough choice – to pay the ransom and potentially lose huge sums of money, or cripple their services with a loss of data4) Weak Passwords Another big threat facing small businesses is employees using weak or easily guessed passwords. Many small businesses use multiple cloud based services, that require different accounts. These services often can contain sensitive data and financial information. Using easily guessed passwords, or using the same passwords for multiple accounts, can cause this data to become compromised.5) Insider ThreatsThe final major threat facing small businesses is the insider threat. An insider threat is a risk to an organization that is caused by the actions of employees, former employees, business contractors or associates. These actors can access critical data about your company, and they can case harmful effects through greed or malice, or simply through ignorance and carelessness.Comment:Question 8:What is the difference between binary, decimal, and hexadecimal numbers?Satisfactory responseYes ☐No ☐Answer: Binary numbers make use of only 2 symbols (0, 1) to represent any number and it becomes a tedious job to express large numbers. The radix for binary numbers is 2 and also termed as base 2 numbers. Large numbers represented in binary system are not in a human readable form. Example of Binary number : 11111111 (Equivalent to Two hundred and fifty five in decimal) All the digital circuits use binary numbers at the lowest level of interaction and to perform logical operations.Decimal numbers are made up of 10 distinct symbols or digits ranging from 0 to 9 (0, 1, 2, 3, 4, 5, 6, 7, 8, 9). The radix for decimal number is 10 i.e all the digits or values in a decimal number are expressed as of powers of 10. Example of Decimal number : 4095 ( Four thousand ninety five) Decimal numbers are used in all financial institutions and most commonly used in our day to day activities.Hexadecimal numbers make use of 16 symbols 0 to 9 and additional symbols (A, B, C, D, E, F). Hexadecimal numbers were introduced with the purpose to represent binary numbers in a more human readable form. The radix or base for hexadecimal number is 16 and each symbol in a hexadecimal number is expressed as power of 16. It is easy and more human readable to represent number in hexadecimal system. Example of Hexadecimal number : FF (Equivalent to Two hundred and fifty five in decimal) Used for representing addresses of memory locations in microprocessors and assembly language programming.Comment:Question 9:Convert the number 234 to binary and to hexadecimal. Explain the steps you followedSatisfactory responseYes ☐No ☐Answer: 234 to binary (234)10 = (11101010)2Step 1: Divide (234)10 successively by 2 until the quotient is 0:234/2 = 117, remainder is 0 117/2 = 58, remainder is 1 58/2 = 29, remainder is 0 29/2 = 14, remainder is 1 14/2 = 7, remainder is 0 7/2 = 3, remainder is 1 3/2 = 1, remainder is 1 1/2 = 0, remainder is 1Step 2: Read from the bottom (MSB) to top (LSB) as 11101010.234 to hexadecimal (234)10 = (EA)16Step by step solution Step 1: Divide (234)10 successively by 16 until the quotient is 0:234/16 = 14, remainder is 1014/16 = 0, remainder is 14Step 2: Read from the bottom (MSB) to top (LSB) as EA.Comment:Question 10:Convert to binary format and explain the steps you followedSatisfactory responseYes ☐No ☐Answer: 11000000.10101000.00011110.01011001Comment:Question 11:List two connector types and two topologies found at layer one of the OSI modelSatisfactory responseYes ☐No ☐Answer: The Physical layer’s connectors (RJ-45, BNC) and different physical topologies (Bus, Star, Hybrid networks) are defined by the OSI as standards, allowing different systems to communicate.Comment:Question 12:Find the MAC address of your Computer and identify the vendor (Attach screenshots)Satisfactory responseYes ☐No ☐Answer:MAC Address – 90-32-4B-10-18-83Vendor details-Comment:Question 13:Describe the OUI and BIA parts of a MAC address?Satisfactory responseYes ☐No ☐Answer:Comment:Question 14:How does a switch learn MAC addresses?Satisfactory responseYes ☐No ☐Answer:Comment:Question 15:Describe two protocols found at layer 2 of the OSI modelSatisfactory responseYes ☐No ☐Answer:Comment:Question 16:Explain why WAN serial interfaces do not have a MAC address?Satisfactory responseYes ☐No ☐Answer:Comment:Question 17:Describe what a Routed protocol is and describe what a Routing protocol is?Satisfactory responseYes ☐No ☐Answer:Comment:Question 18:Describe two protocols found at layer 4 of the OSI modelSatisfactory responseYes ☐No ☐Answer:Comment:Question 19:Briefly define the Real-Time Transport ProtocolSatisfactory responseYes ☐No ☐Answer:Comment:Question 20:List three security vulnerabilities found in the Real-Time Transport Protocol?Satisfactory responseYes ☐No ☐Answer:Comment:Question 21:Capture HTTP communication using the Wireshark tool. List four protocols seen and list one example of activity occurring at each OSI layer from 2 through to 7. Attach sufficient screenshots with highlighting to demonstrate your answer.Satisfactory responseYes ☐No ☐Answer:Comment:Question 22:What protocols exist at the application layer? How does the application layer differ between the OSI and TCP models?Satisfactory responseYes ☐No ☐Answer:Comment:Question 23:Describe the purpose and function of two protocols found at the application layer?Satisfactory responseYes ☐No ☐Answer:Comment:Question 24:What is a flat network as opposed to a hierarchical network, and how does a switch helps to segment such a network?Satisfactory responseYes ☐No ☐Answer:Comment:Question 25:What is the purpose of a network router?Satisfactory responseYes ☐No ☐Answer:Comment:Question 26:How does a router perform packet forwarding?Satisfactory responseYes ☐No ☐Answer:Comment:Question 27:List three specific functions of a firewall and explain how a firewall protects a network?Satisfactory responseYes ☐No ☐Answer:Comment:Question 28:Using the built-in software firewall on a Windows PC, block the traditional Remote Desktop Protocol port and change it to TCP/50501? Attach your configuration screenshotSatisfactory responseYes ☐No ☐Answer: ActivityComment:Question 29:How does a WAP (wireless access point) operate and list the main vulnerabilities on a wireless LAN?Satisfactory responseYes ☐No ☐Answer:Comment:Question 30:List four network troubleshooting/testing tools and explore their use. Attach the screenshots for each tools.Satisfactory responseYes ☐No ☐Answer:,Comment: Section F – Feedback to StudentHas the student successfully completed this assessment task?YesNo☐☐Additional Assessor comments (as appropriate):Resubmission allowed:Yes ☐No ☐Resubmission due date:Assessor name:Assessor signature:Student signature:Date assessed: Supporting document Assessment Submission Cover Sheet (VET) Student to complete relevant sections and attach this cover sheet to each assessment task for submission. Student informationTo be completed by StudentStudent name:Student ID: Program/Course detailsQualification code:22334VICQualification title:Certificate IV in Cyber SecurityUnit code:VU21988Unit title:Utilise basic network concepts and protocols required in cyber securityDepartment name:CRN number:Enter CRN number Assessment informationTo be completed by StudentTeacher name:Due date:Date submitted:Re-submission:☐Student declarationBy submitting this assessment task and signing the below, I acknowledge and agree that: This completed assessment task is my own work. I understand the serious nature of plagiarism and I am aware of the penalties that exist for breaching this. I have kept a copy of this assessment task. The assessor may provide a copy of this assessment task to another member of the Institute for validation and/or benchmarking purposes. Student signature For electronic submissions: By typing your name in the student signature field, you are accepting the above declaration. Note: Assessor to attach a photocopy of the completed Marking Guide (Section E) from the Student version of the Assessment Task. Final result of the subject/unit will be entered on Banner by the teacher/assessor once all assessment tasks have been assessed.


Leave a Reply

Your email address will not be published. Required fields are marked *