Scribd
Upload
60 views

Assignment Brief Unit 05 Security Sep 2022

This document provides an assignment brief for a Pearson BTEC HND in Computing qualification. Students are tasked with creating deliverables for the fictional Pakistan Cyber Security Conference 2022, including: 1) A 15-20 slide presentation on IT security risks for government institutions and how to assess/manage them. 2) An IT security awareness handbook for conference attendees covering data protection regulations, risk assessment methodologies, and how organizational policies can align with IT security. 3) An IT security policy and disaster recovery plan template for government institutions to evaluate their security. The presentation, handbook, and policy must address learning outcomes on IT security risks, solutions, review mechanisms, and organizational security management. References

Uploaded by

ibrahim
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
60 views

Assignment Brief Unit 05 Security Sep 2022

This document provides an assignment brief for a Pearson BTEC HND in Computing qualification. Students are tasked with creating deliverables for the fictional Pakistan Cyber Security Conference 2022, including: 1) A 15-20 slide presentation on IT security risks for government institutions and how to assess/manage them. 2) An IT security awareness handbook for conference attendees covering data protection regulations, risk assessment methodologies, and how organizational policies can align with IT security. 3) An IT security policy and disaster recovery plan template for government institutions to evaluate their security. The presentation, handbook, and policy must address learning outcomes on IT security risks, solutions, review mechanisms, and organizational security management. References

Uploaded by

ibrahim
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

ASSIGNMENT BRIEF

QUALIFICATION UNIT NUMBER AND TITLE


PEARSON BTEC HND IN COMPUTING (RFQ) 05 SECURITY (LEVEL 4)
INTERNAL VERIFIER UNIT TUTOR
ALI SALMAN
DATE ISSUED SUBMISSION DATE RESUBMISSION DATE
12 SEPTEMBER 2022 12 DECEMBER 2022 19 DECEMBER 2022

ASSIGNMENT TITLE PAKISTAN CYBER SECURITY CONFERENCE 2022

LEARNING OUTCOME AND ASSESSMENT CRITERIA


PASS MERIT DISTINCTION
LO1 ASSESS RISKS TO IT SECURITY
P1 IDENTIFY TYPES OF SECURITY RISKS TO
ORGANISATIONS. M1 PROPOSE A METHOD TO ASSESS AND
P2 DESCRIBE ORGANISATIONAL SECURITY TREAT IT SECURITY RISKS
PROCEDURES. LO1 & 2
LO2 DESCRIBE IT SECURITY SOLUTIONS D1 EVALUATE A MINIMUM OF THREE OF
P3 IDENTIFY THE POTENTIAL IMPACT TO IT PHYSICAL AND VIRTUAL SECURITY MEASURES
SECURITY OF INCORRECT CONFIGURATION OF THAT CAN BE EMPLOYED TO ENSURE THE
FIREWALL POLICIES AND THIRD PARTY VPNS. INTEGRITY OF ORGANISATIONAL IT SECURITY.
M2 DISCUSS THREE BENEFITS TO IMPLEMENT
P4 SHOW, USING AN EXAMPLE FOR EACH, NETWORK MONITORING SYSTEMS WITH
HOW IMPLEMENTING A DMZ, STATIC IP AND SUPPORTING REASONS.
NAT IN A NETWORK CAN IMPROVE NETWORK
SECURITY.
LO3 REVIEW MECHANISMS TO CONTROL ORGANIZATIONAL IT SECURITY
M3 SUMMARISE THE ISO 31000 RISK
D2 CONSIDER HOW IT SECURITY CAN BE
P5 DISCUSS RISK ASSESSMENT PROCEDURES. MANAGEMENT METHODOLOGY AND ITS
ALIGNED WITH ORGANISATIONAL POLICY,
P6 EXPLAIN DATA PROTECTION PROCESSES APPLICATION IN IT SECURITY. DETAILING THE SECURITY IMPACT OF ANY
AND REGULATIONS AS APPLICABLE TO AN M4 DISCUSS POSSIBLE IMPACTS TO MISALIGNMENT .
ORGANISATION. ORGANISATIONAL SECURITY RESULTING FROM
AN IT SECURITY AUDIT.
LO4 MANAGE ORGANIZATIONAL SECURITY
P7 DESIGN AND IMPLEMENT A SECURITY
POLICY FOR AN ORGANISATION. M5 DISCUSS THE ROLES OF STAKEHOLDERS IN D3 EVALUATE THE SUITABILITY OF THE TOOLS
P8 LIST THE MAIN COMPONENTS OF AN THE ORGANISATION TO IMPLEMENT SECURITY USED IN AN ORGANISATIONAL POLICY.
ORGANISATIONAL DISASTER RECOVERY PLAN, AUDIT RECOMMENDATIONS
JUSTIFYING THE REASONS FOR INCLUSION

SUBMISSION FORMAT
THE SUBMISSION IS IN THE FORM OF A PRESENTATION, ALONG WITH A SECURITY AWARENESS HANDBOOK AND A DETAILED SECURITY POLICY.

THE SECURITY AWARENESS HANDBOOK, AS WELL AS THE SECURITY POLICY, WILL DISCUSS THE IT SECURITY RISKS, PROCEDURES AND POLICIES WHICH
MUST BE FOLLOWED. THESE DOCUMENTS SHOULD BE WRITTEN IN A CONCISE, FORMAL BUSINESS STYLE USING SINGLE SPACING AND FONT STYLE
TIMES NEW ROMAN AND SIZE 11. YOU ARE REQUIRED TO USE HEADINGS, PARAGRAPHS AND SUBSECTIONS AS APPROPRIATE, AND ALL WORK MUST
BE SUPPORTED WITH RESEARCH AND REFERENCED USING THE HARVARD REFERENCING SYSTEM. PLEASE ALSO PROVIDE A BIBLIOGRAPHY USING THE
HARVARD REFERENCING SYSTEM AT THE END OF THE REPORT AND A POWERPOINT PRESENTATION. YOUR REPORT SHOULD BE DIVIDED INTO
MULTIPLE SECTIONS WITH THE FOLLOWING SUBMISSION FORMATS:
SECTION 1: LO1 & LO2
THE SUBMISSION IS IN THE FORM OF A 15-20 SLIDE PRESENTATION ON THE IT SECURITY RISKS FOR GOVERNMENT INSTITUTES ALONG WITH A COVER
SLIDE AND A CONCLUSION SLIDE. YOU WILL ALSO MAINTAIN THE PRESENTER’S NOTES. YOU ARE REQUIRED TO USE HEADINGS, PARAGRAPHS AND
SUBSECTIONS AS APPROPRIATE, AND ALL WORK MUST BE SUPPORTED WITH RESEARCH AND REFERENCED USING THE HARVARD REFERENCING SYSTEM.
SECTION 2: LO3 & LO4
PRODUCE AN IT SECURITY AWARENESS HANDBOOK, WHICH IS PROVIDED TO ALL ATTENDEES OF PAKISTAN CYBER SECURITY CONFERENCE 2022. THE
BOOKLET SHOULD BE WRITTEN IN A CONCISE, FORMAL BUSINESS STYLE USING SINGLE SPACING AND FONT STYLE TIMES NEW ROMAN AND SIZE 11.
YOU ARE REQUIRED TO USE HEADINGS, PARAGRAPHS AND SUBSECTIONS AS APPROPRIATE, AND ALL WORK MUST BE SUPPORTED WITH RESEARCH AND
REFERENCED USING THE HARVARD REFERENCING SYSTEM.
SECTION 3: LO3 & LO4
THE FINAL COMPONENT OF THE PAKISTAN CYBER SECURITY CONFERENCE 2022 WILL BE THE PRODUCTION OF A SECURITY POLICY, WHICH CAN BE
USED BY GOVERNMENT INSTITUTIONS TO EVALUATE THEIR SECURITY WORK ENVIRONMENT. THESE WILL BE PRODUCED ACCORDING TO THE TEMPLATE
PROVIDED TO THE IT PROFESSIONAL, INCLUDING A DISASTER RECOVERY PLAN.
SECURITY POLICY TEMPLATES TO BE USED BY STUDENTS: HTTPS://WWW.TEMPLATE.NET/BUSINESS/POLICY/SECURITY-POLICY/
THE POLICY SHOULD BE WRITTEN IN A CONCISE, FORMAL BUSINESS STYLE USING SINGLE SPACING AND FONT STYLE TIMES NEW ROMAN AND SIZE 11.
YOU ARE REQUIRED TO USE HEADINGS, PARAGRAPHS AND SUBSECTIONS AS APPROPRIATE, AND ALL WORK MUST BE SUPPORTED WITH RESEARCH AND
REFERENCED USING THE HARVARD REFERENCING SYSTEM.

NOTE: SECTIONS 2 & 3 SHOULD BE 1500 – 2000 WORDS IN LENGTH EACH, HOWEVER, THERE WILL BE NO PENALTY ON EXCEEDING THIS LIMIT.

ASSIGNMENT SCENARIO AND GUIDANCE


SCENARIO
GOVERNMENT DEPARTMENTS ARE INCREASINGLY FACING IT AND CYBER SECURITY RISKS, WHICH CAN LEAD TO DEVASTATING RESULTS. THE HND
COMPUTING STUDENTS HAVE BEEN GIVEN A CHANCE BY THE COLLEGE TO HAVE A HANDS-ON EXPERIENCE BY WORKING AS AN SECURITY CONFERENCE
MANAGER FOR PAKISTAN CYBER SECURITY CONFERENCE 2022. THE EVENT IS AIMING AT THE GOVERNMENT SECTOR OF PAKISTAN AND THE FOCAL
POINT IS TO CREATE AWARENESS ON CURRENT IT SECURITY ISSUES FACED BY OUR GOVERNMENT SECTOR.
YOU WILL BE WORKING WITH AN INDUSTRY PROFESSIONAL AND ARE REQUIRED TO PRODUCE DOCUMENTS AND PRESENTATIONS WITH THE PRESENTER’S
NOTES. TAKING UP THE ROLL OF AN IT PROFESSIONAL YOU ARE REQUIRED TO MAKE A SECURITY AWARENESS BOOKLET AND A SECURITY POLICY WHICH
WILL SUPPORT ONE OF THE WORKSHOPS WHICH WILL BE CONDUCTED IN THE ONE DAY EVENT OF PAKISTAN CYBER SECURITY CONFERENCE 2022.

SECTION 1 – GUIDANCE
THE SUBMISSION IS IN THE FORM OF A 15-20 SLIDE PRESENTATION ON THE IT SECURITY RISKS FOR GOVERNMENT INSTITUTIONS. THIS PRESENTATION
WILL INCLUDE REFERENCES TO THE FOLLOWING:
 THE DIFFERENT TYPES OF SECURITY RISKS WHICH ARE FACED BY GOVERNMENT INSTITUTIONS
 AN OVERVIEW OF HOW IT SECURITY RISKS CAN BE ASSESSED AND MANAGED
 WHAT SECURITY RISKS DO YOU THINK ARE AT POSED AT THE PAKISTAN CYBER SECURITY CONFERENCE 2022 AND HOW CAN THOSE RISKS BE
MITIGATED?
 WAYS IN WHICH CONFIGURATION OF FIREWALL POLICIES AND VIRTUAL PRIVATE NETWORKS CAN BE MANAGED AND IMPACT OF THEM ARE
NOT CONFIGURED ACCORDING TO NEEDS OF GOVERNMENT INSTITUTIONS
 WAYS IN WHICH BACKUP PLANS CAN BE MANAGED TO IMPROVE NETWORK SECURITY BY IMPLEMENTING A STATIC IP, NAT AND A DMZ.
 THREE WAYS IN WHICH NETWORK MONITORING CAN LEAD TO IMPROVEMENTS IN IT SYSTEM .
THIS PRESENTATION SHOULD ALSO ALLOW A NETWORKING OPPORTUNITY FOR YOU TO DISCUSS THE DIFFERENT TYPES OF SECURITY MEASURES WHICH
CAN BE EMPLOYED FOR THE COMPANY TO INCREASE THE INTEGRITY OF THE ORGANIZATIONAL SECURITY WHICH MUST BE FOLLOWED FOR THE COMPANY.
SUGGEST THREE BENEFITS OF MONITORING OF SYSTEMS FOR NETWORKS WITHIN THE PAKISTAN CYBER SECURITY CONFERENCE. THE PRESENTATION WILL
EXAMINE AT LEAST THREE VIRTUAL AND SECURITY MEASURES WHICH CAN BE INTEGRATED FOR THE ORGANIZATION SECURITY WITHIN GOVERNMENT
INSTITUTIONS. YOU WILL ALSO NEED TO PROVIDE ACCOMPANYING NOTES WHICH ARE NEEDED TO EVALUATE THE PHYSICAL AND VIRTUAL SECURITY
MEASURES (KEEPING IN MIND, GOVERNMENT OF PAKISTAN SECURITY POLICIES).
SECTION 2 – GUIDANCE
 PRODUCE AN IT SECURITY AWARENESS HANDBOOK, WHICH IS PROVIDED TO ALL ATTENDEES OF PAKISTAN CYBER SECURITY CONFERENCE
2022. THIS BOOKLET WILL PROVIDE DETAILS ON THE DIFFERENT TYPES OF IT RISKS, AND THE BEST WAY TO MANAGE THESE RISKS.
MOREOVER, THE BOOKLET WILL ALSO DISCUSS THE ORGANIZATIONAL SECURITY ARRANGEMENTS AND POLICIES WHICH ARE BEING FOLLOWED
IN A GOVERNMENT INSTITUTION AND WAYS IN WHICH THESE POLICIES CAN ALIGN. AS PART OF THIS SECURITY AWARENESS HANDBOOK, YOU
WILL BE REQUIRED TO ADDRESS THE FOLLOWING ISSUES:
 DATA PROTECTION: THE MAIN REGULATIONS AND PROCESSES WHICH GOVERNMENT INSTITUTIONS NEED TO FOLLOW. ALSO, APPLY THESE TO
THE PAKISTAN CYBER SECURITY CONFERENCE 2022.
 RISK ASSESSMENTS: OVERVIEW OF THE ISO 31000 RISK MANAGEMENT METHODOLOGY AND WAYS IN WHICH THIS IS APPLIED TO IT
SECURITY WITHIN GOVERNMENT INSTITUTIONS
 IT SECURITY POLICY: WHAT IS THE ROLE OF IT SECURITY AUDIT IN GOVERNMENT INSTITUTIONS? WAYS IN WHICH ORGANIZATIONAL POLICY
(IN GOVERNMENT INSTITUTIONS) CAN BE ALIGNED WITH IT SECURITY POLICY? HOW WELL DO THESE POLICIES CATER TO PAKISTAN CYBER
SECURITY CONFERENCE 2022 AND WHAT FURTHER MEASURES CAN BE INCLUDED TO IMPROVE IT SECURITY IN SUCH VIRTUAL EVENTS IN THE
FUTURE? ALSO, EVALUATE THE SUITABILITY OF VARIOUS TOOLS WHICH CAN BE USED FOR ORGANIZATIONAL IT SECURITY POLICY.
SECTION 3- GUIDANCE
 THE FINAL COMPONENT FOR STUDENTS WILL BE THE PROVISION OF AN IT SECURITY POLICY WHICH WILL BE PRODUCED BY THE IT SECURITY
PROFESSIONAL, INCLUDING A DISASTER RECOVERY PLAN. THIS INITIATE WHICH WILL HELP IN THE DESIGN OF A SECURITY POLICY FOR THE
GOVERNMENT INSTITUTIONS AND EXAMINE WAYS IN WHICH THE IMPLEMENTATION CAN BE CATERED ACCORDING TO THEIR PARTICULAR
NEEDS OF THE MAIN STAKEHOLDERS. YOU WILL BE DESIGNING AND IMPLEMENTING A SECURITY POLICY FOR THE GOVERNMENT INSTITUTION,
WHICH IS RELEVANT TO THE SECURITY WORK ENVIRONMENT FOR GOVERNMENT INSTITUTES. YOU WILL ALSO EVALUATE HOW WELL THE
SECURITY TOOLS USED WITH IN THE POLICY CAN MITIGATE RISKS IN FUTURE VIRTUAL IT CONFERENCES.

EVIDENCE CHECKLIST SUMMARY OF EVIDENCE REQUIRED BY THE STUDENT


SECTION 1 15-20 POWERPOINT SLIDES ALONG WITH PRESENTER’S NOTES
SECTION 2 IT SECURITY AWARENESS BOOKLET, 1500 - 2000 WORDS
SECTION 3 IT SECURITY POLICY; 1500 - 2000 WORDS

You might also like