Level 3 Implementing an ICT systems security policy ( / )

Similar documents
Level 3 Install, configure and integrate networked hardware and software ( )

Level 3 ICT systems and network management ( )

Level 2 Install and configure ICT equipment and operating systems ( )

Level 2 Security for IT Users ( )

Level 3 Web fundamentals ( )

Level 2 Install and Configure Equipment and Operating Systems ( )

Level 2 Install, configure and test ICT networks (7266/ / )

Level 1 Dismantle, assemble, install and maintain a desktop computing system (7266/7267/ )

Level 2 Creating a procedural program using COBOL ( )

Level 1 Dismantle, assemble, install and maintain a desktop computing system (7266/7267/ )

Level 2 Security for IT users (ITS ) ITQ (QCF) Assignment guide for Candidates Assignment A. March 2010 Version 1.

Level 2 Select and use IT 2 ( )

Level 2 Creating an event driven computer program using Java ( )

Level 3 Network management and security ( )

Level 3 Network management and security ( )

Level 3 Designing and creating advanced websites ( )

Level 2 Networking Principles ( )

Level 3 Develop software using Java (7266/ )

Level 3 Creating an object oriented computer program using Java ( / )

Level 2 Networking Principles ( )

Level 2 Creating an event driven computer program using Java ( )

Level 2 Install, configure and test ICT networks ( )

Level 3 Website software ( )

Level 2 Set up an IT system (SIS )

Level 2 Create software components using Java (7266/ )

Level 3 Design and maintain ICT networks software components ( )

Level 3 Voice and data communications ( )

Level 3 Software design fundamentals ( / )

Level 1 Multimedia Software (MM )

Level 3 Install, configure and upgrade ICT software ( / )

Level 3 Install, configure and integrate networked hardware and software ( )

Level 2 Networking, telephony and VoIP for the digital home technology integrator ( )

Level 2 FS IT user fundamentals (IUFFS )

Level 1 IT user fundamentals (IUF:FS )

Level 1Using mobile IT devices (UMD )

Level 3 Principles of ICT Systems and Data Security ( / )

Level 2 Control and security systems for the digital home technology integrator ( )

Level 3 Design software ( )

Level 3 Using the Internet (INT )

Level 2 Digital Home Technology Integrator ( )

Level 3 Creating an event driven computer program using Visual Basic.NET ( / )

Level 3 Creating an event driven computer program using Visual Basic ( / )

Level 3 Design and maintain ICT network software components ( )

Level 2 Designing and creating multimedia presentations (7266/ )

Level 2 Audio/video installation for the digital home technology integrator ( )

Level 1 Internet Safety for IT Users ( )

Level 1 IT user fundamentals (IUF:FS )

Level 3 Voice and data communications ( )

January 2010 Version 9.0

Level 3 Develop software using C# (7266/ )

Level 1 Internet Safety for IT Users ( )

Level 3 Develop software using Visual Basic.NET (7266/ )

Level 1 Using the Internet for finding and sending information (7266/ )

Level 1 Using the Internet for finding and sending information (7266/ )

Level 1 Creating simple web pages (7266/ )

Level 2 Creating an event driven computer program using Visual Basic.NET ( )

Level 2 Creating an event driven computer program using VisualBasic.Net ( )

Level 3 Design Software ( )

Level 2 Creating an event driven computer program using Visual Basic ( )

Level 2 Create software components using Visual Basic.NET ( )

Level 2 Data management software (DMS )

Level 2 Designing and creating databases (7266/ )

Level 1 Desktop publishing software (DTP )

Level 3 Database Software ( )

Level 1 Design software (DIS )

Level 3 Multimedia software (MM )

Level 1 Design software (DIS )

Level 3 Desktop publishing software (DTP )

Level 3 Using collaborative technologies (UCT )

Systems and Principles Unit Syllabus

Level 3 Database software ( )

Level 1 Producing simple databases (7266/ )

Level 3 Using (EML )

Level 2 IT software fundamentals (ISF:FS )

Level 3 Data management software (DMS )

Level 2 Creating an event driven computer program using C# ( )

Level 1 Working with desktop publishing applications (7266/ )

Level 2 Creating an event driven computer program using C# ( )

Level 3 Multimedia Software (MM )

Level 2 Create Software Components Using C# (7266/ )

Level 3 Word processing software ( )

Level 3 Word processing software (WP )

Level 2 Designing and creating documents using desktop publishing software (7266/ ) e-quals Assignment guide for Candidates Assignment C

Level 1 Creating simple presentations (7266/ )

Level 2 Website software (WS )

Systems and Principles Unit Syllabus

Systems and Principles Unit Syllabus

Systems and Principles Unit Syllabus

Level 2 Designing and creating multi-page websites (7266/ )

Level 2 Combining word processing, spreadsheet and database applications to present information (7266/ )

Level 1 Producing simple word processed documents (7266/ )

Systems and Principles Unit Syllabus

Systems and Principles Unit Syllabus

Level 1 Creating presentations using word processing, spreadsheet and presentation software (7266/ )

Level 3 Software design fundamentals ( / )

Level 3 Integrating applications to create advanced presentations (7266/ )

Level 2 Designing and creating databases (7266/ )

Level 2 Using word processing software to adapt and merge documents (7266/ )

Systems and Principles Unit Syllabus

Level 2 Desktop publishing software (DTP )

Transcription:

Level 3 Implementing an ICT systems security policy (7540-032/7630-333) Systems and Principles (QCF) Assignment guide for Candidates Assignment A www.cityandguilds.com September 2012 Version 5.0

About City & Guilds City & Guilds is the UK s leading provider of vocational qualifications, offering over 500 awards across a wide range of industries, and progressing from entry level to the highest levels of professional achievement. With over 8500 centres in 100 countries, City & Guilds is recognised by employers worldwide for providing qualifications that offer proof of the skills they need to get the job done. City & Guilds Group The City & Guilds Group includes City & Guilds, ILM (the Institute of Leadership & Management) which provides management qualifications, learning materials and membership services, NPTC which offers land-based qualifications and membership services, and HAB (the Hospitality Awarding Body). City & Guilds also manages the Engineering Council Examinations on behalf of the Engineering Council. Equal opportunities City & Guilds fully supports the principle of equal opportunities and we are committed to satisfying this principle in all our activities and published material. A copy of our equal opportunities policy statement is available on the City & Guilds website. Copyright The content of this document is, unless otherwise indicated, The City and Guilds of London Institute 2010 and may not be copied, reproduced or distributed without prior written consent. However, approved City & Guilds centres and learners studying for City & Guilds qualifications may photocopy this document free of charge and/or include a locked PDF version of it on centre intranets on the following conditions: centre staff may copy the material only for the purpose of teaching learners working towards a City & Guilds qualification, or for internal administration purposes learners may copy the material only for their own use when working towards a City & Guilds qualification The Standard Copying Conditions on the City & Guilds website also apply. Please note: National Occupational Standards are not The City and Guilds of London Institute. Please check the conditions upon which they may be copied with the relevant Sector Skills Council. Publications City & Guilds publications are available on the City & Guilds website or from our Publications Sales department at the address below or by telephoning +44 (0)20 7294 2850 or faxing +44 (0)20 7294 3387. Every effort has been made to ensure that the information contained in this publication is true and correct at the time of going to press. However, City & Guilds products and services are subject to continuous development and improvement and the right is reserved to change products and services from time to time. City & Guilds cannot accept liability for loss or damage arising from the use of information in this publication. City & Guilds 1 Giltspur Street London EC1A 9DD T +44 (0)844 543 0000 (Centres) T +44 (0)844 543 0033 (Learners) F +44 (0)20 7294 2413 www.cityandguilds.com learnersupport@cityandguilds.com

Contents Level 3 Implementing an ICT systems security policy (7540-032/7630-333) Assignment A Introduction Information for Candidates 2 Candidate Instructions 3 Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333) 1

Level 3 Implementing an ICT systems security policy (7540-032/7630-333) Assignment A Introduction Information for Candidates About this document This assignment comprises all of the assessment for Level 3 Implementing an ICT systems security policy (7540-032/7630-333). Health and safety You are asked to consider the importance of safe working practices at all times. You are responsible for maintaining the safety of others as well as your own. Anyone behaving in an unsafe fashion will be stopped and a suitable warning given. You will not be allowed to continue with an assignment if you compromise any of the Health and Safety requirements. This may seem rather strict but, apart from the potentially unpleasant consequences, you must acquire the habits required for the workplace. Time allowance The recommended time allowance for this assignment is 5 hours. 2 Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333)

Level 3 Implementing an ICT systems security policy (7540-032/7630-333) Candidate Instructions Time allowance: 5 hours Assignment set up: This assignment is made up of three tasks: Task A Compile a report detailing the issues revealed by the security risks analysis, together with likely impacts to their business Task B Compile a report with recommendations for a hypothetical company, Rapid Data Services Limited for the design and build of their new data centre Task C Configure personal firewall software on a stand-alone computer and provide evidence of configuration against three types of attack Scenario Rapid Data Services Limited is a successful company with an excellent reputation in the industry. They provide a range of Internet based services that include remote data backup and data storage facilities, web site hosting and remote server location. Their clients can access many of these services over the Internet to administer their accounts etc. Typical customers include banks and other financial institutions, together with well-known companies in the UK and from around the world. Additionally Rapid Data Services Limited is now the world leader in third party payment collection for e-commerce, handling payments and transactions on behalf of companies that are too small to handle credit and debit card payments on their own. In a typical day, Rapid Data Services Limited processes around 750,000 such transactions for customers in the UK and around the world. Rapid Data Services Limited started in an old grain warehouse in London on the banks of the Thames, and their only data centre is still located in that building. After securing the lease on the building, Rapid Data Services Limited moved in within the space of 10 days to install the racks and equipment. Little work was done to upgrade the power supplies, environmental systems or the physical security. The company has grown so rapidly it is now seeking premises in London s Docklands for a new purpose built headquarters and data centre. It has asked you to compile a detailed report on the security considerations of the proposed new site and an analysis of potential risks to their business. Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333) 3

Task A Compile a report detailing the issues revealed by the security risks analysis, together with likely impacts to their business Using the supplied diagram (Attachment 1) and information from the scenario, analyse the building and current security measures and identify areas that may pose security risks to Rapid Data Services Limited. Make written notes of your findings for use in writing reports. 1 Write a report for Rapid Data Services Limited that covers the risks you have identified to their business, the report must include: a) physical security risks b) risks to electronic communications c) other risks to their network, data and associated ICT equipment d) types of data that may be targeted or at risk from hackers and others e) the various motivations of the people who may attempt to attack Rapid Data Services Limited s network or facilities f) the various methods these people may employ to access the data and the ICT networks of Rapid Data Services Limited. Information should be gathered from all available sources. Information obtained should be listed with source references. Task B Compile a report with recommendations for a hypothetical company, Rapid Data Services Limited for the design and build of their new data centre 1 Following on from Task A, you are required to provide Rapid Data Services Limited with a proposal of the measures and actions they should take to minimise the security risks you highlighted in your initial report. The proposal should contain: a) recommendations for physical security of key ICT equipment b) recommendations for the security of electronic communications, with an explanation justifying each recommendation c) recommendations for securing key ICT equipment and data from attack, both internal and external, with an explanation justifying each recommendation d) a list of six key personnel required for a Computer Incident Response Team (CIRT), with a description of each of their likely responsibilities e) likely impacts to the business if the recommendations are not accepted and implemented. 4 Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333)

Task C Configure personal firewall software on a stand-alone computer and provide evidence of configuration against three types of attack 1 On a computer supplied for the purpose, configure personal firewall software to prevent three security related problems on the computer. You may choose the three items. Produce screen prints to show evidence of the configuration. 2 Record on Attachment 2 the elements you have chosen to configure and provide a short explanation for each of your choices. When you have finished working: Sign each document above your name and label all removable storage media with your name. Hand all paperwork and removable storage media to your assessor. If the assignment is taken over more than one period, all paperwork and removable media must be returned to the test supervisor at the end of each sitting. End of assignment Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333) 5

Published by City & Guilds 1 Giltspur Street London EC1A 9DD T +44 (0)844 543 0000 (Centres) T +44 (0)844 543 0033 (Learners) F +44 (0)20 7294 2413 www.cityandguilds.com City & Guilds is a registered charity established to promote education and training 6 Assignment A Level 3 Implementing an ICT systems security policy (7540-032/7630-333)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback