Looking for ICTWEB408 Ensure Basic Website Security – Assessment Answers? We Provide Assignment Answers on ICTWEB408 Ensure Basic Website Security – Assessment, Australian Assignment Help, Assignment Writing Service & Assignment Writers from PhD/MBA Experts at affordable price? Acquire HD Quality research work with 100% Plagiarism free content.
ICTWEB 408 Ensure Basic Website Security
Unit Pre-Assessment Checklist (UPAC)
UAT 1 – Unit Knowledge Test (UKT)
Purpose of the checklist
The pre-assessment checklist helps students determine if they are ready for assessment. The trainer/assessor must review the checklist with the student before the student attempts the assessment task. If any items of the checklist are incomplete or not clear to the student, the trainer/assessor must provide relevant information to the student to ensure they understand the requirements of the assessment task. The student must ensure they are ready for the assessment task before undertaking it.
Section 1: Information for Students
- Please make sure you have completed the necessary prior learning before attempting this assessment.
- Please make sure your trainer/assessor clearly explained the assessment process and tasks to be completed.
- Please make sure you understand what evidence is required to be collected and how.
- Please make sure you know your rights and the Complaints and Appeal process.
- Please make sure you discuss any special needs or reasonable adjustments to be considered during the assessment (refer to the Reasonable Adjustments Strategy Matrix and negotiate these with your trainer/assessor).
- Please make sure that you have access to a computer and the internet (if you prefer to type the answers).
- Please ensure that you have all the required resources needed to complete this Unit Assessment Task (UAT).
- Due date of this assessment task is according to your
- In exceptional (compelling and compassionate) circumstances, an extension to submit an assessment can be granted by the trainer/assessor.
- Evidence of the compelling and compassionate circumstances must be provided together with your request for an extension to submit your assessment work.
- Request for an extension to submit your assessment work must be made before the due date of this assessment task.
Section 2: Reasonable adjustments
- Students with carer responsibilities, cultural or religious obligations, English as an additional language, disability etc. can request for reasonable adjustments.
- Please note, academic standards of the unit/course will not be lowered to accommodate the needs of any student, but there is a requirement to be flexible about the way in which it is delivered or assessed.
- The Disability Standards for Education requires institutions to take reasonable steps to enable the student with a disability to participate in education on the same basis as a student without a disability.
- Trainer/Assessor must complete the section below “Reasonable Adjustment Strategies Matrix”to ensure the explanation and correct strategy have been recorded and implemented.
- Trainer/Assessor must notify the administration/compliance and quality assurance department for any reasonable adjustments made.
- All evidence and supplementary documentation must be submitted with the assessment pack to the administration/compliance and quality assurance department.
Reasonable Adjustment Strategies Matrix (Trainer/Assessor to complete) | ||
Category | Possible Issue | Reasonable Adjustment Strategy
(select as applicable) |
|
|
Use of supporting documents such as word lists |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Unit Assessment Task (UAT)
Assessment Task 1 – Unit Knowledge Test (UKT)
Assessment type:
- Written Questions
Assessment task description:
- This is the first (1) unit assessment task you have to successfully complete to be deemed competent in this unit of competency.
- The Unit Knowledge Test is comprised of fifteen (15) written questions.
- You must respond to all questions and submit them to your Trainer/Assessor.
- You must answer all questions to the required level, e.g. provide the number of points, to be deemed satisfactory in this task.
- You will receive your feedback within two weeks – you will be notified by your Trainer/Assessor when results are available.
Applicable conditions:
- This knowledge test is untimed and are conducted as open book tests (this means you are able to refer to your textbook during the test).
- You must read and respond to all questions.
- You may hand write/use computers to answer the questions.
- You must complete the task independently.
- No marks or grades are allocated for this assessment task. The outcome of the task will be Satisfactory or Not Satisfactory.
- As you complete this assessment task you are predominately demonstrating your written skills and knowledge to your trainer/assessor.
- The trainer/assessor may ask you relevant questions on this assessment task to ensure that this is your own work.
Re-submissions and reattempts:
- Where a student’s answers are deemed not satisfactory after the first attempt, a resubmission attempt will be allowed.
- You must speak to your Trainer/Assessor if you have any difficulty in completing this task and require reasonable adjustments (e.g. can be given as an oral assessment).
- For more information, please refer to your RTO Student Handbook.
Location:
- This assessment task may be completed in a learning management system (i.e. Moodle) or independent learning environment.
- Your trainer/assessor will provide you further information regarding the location for completing this assessment task.
Instructions for answering written questions:
- Complete a written assessment consisting of a series of questions.
- You will be required to correctly answer all the questions.
- Do not start answering questions without understanding what is required from you. Read the questions carefully and critically analyse them for a few seconds, this will help you to identify what is really
- Your answers must demonstrate an understanding and application of relevant concepts, critical thinking, and good writing skills.
- Be concise to the point and write answers according to the given word-limit to each question and do not provide irrelevant information. Be careful, quantity is not quality.
- Be careful to use non-discriminatory language. The language used should not devalue, demean, or exclude individuals or groups on the basis of attributes such as gender, disability, culture, race, religion, sexual preference or age. Gender inclusive language should be used.
- When you quote, paraphrase, summarise or copy information from the sources you are using to write your answers/research your work, you must always acknowledge the source.
How your trainer/assessor will assess your work?
- This assessment task requires the student to answer all the questions.
- Answers must demonstrate the student’s understanding and knowledge of the unit.
- If all assessment tasks are deemed Satisfactory (S), then the unit outcome is Competent (C).
- If at least one of the assessment task is deemed Not Satisfactory (NS), then the unit outcome is Not Yet Competent (NYC).
- Once all assessment tasks allocated to this Unit of Competency have been undertaken, trainer/assessor will complete an Assessment plan to record the unit outcome. The outcome will be either Competent (C) or Not Yet Competent (NYC).
- The “Assessment Plan” is available with the Unit Assessment Pack (UAP) – Cover Sheet.
Purpose of the assessment:
This assessment task is designed to evaluate student’s knowledge essential to implement, monitor and review knowledge management strategies.
- Knowledge of website security
- Knowledge of various protocols that can be applied per business requirement
- Knowledge of internal and external sources of information related to business security
- Knowledge of various level of network security
- Knowledge of legislation/act related to documentation
- Knowledge of security measures that need to be applied on web site
- Knowledge to password protection techniques
- Knowledge of various intrusion detection tools
- Knowledge to implement intrusion detection technique for a website
- Knowledge to check the specification of application after completing the task
- Knowledge to analyse task and come up with appropriate solution
- Knowledge to coach and mentor about network security and intrusion detection techniques
- Knowledge about various hardware and software products that are available on the market
Assessment Task 1 – Unit Knowledge Test (UKT)
Instructions:
- This is an individual assessment.
- The purpose of this assessment task is to assess the students’ knowledge essential to interact with clients at a management level.
- To make full and satisfactory responses you should consult a range of learning resources, other information such as handouts and textbooks, learners’ resources and slides.
- All questions must be answered in order to gain competency for this assessment.
- You may attach a separate sheet if required.
- You must include the following particulars in the footer section of each page of the attached sheets:
- Student ID or Student Name
- Unit ID or Unit Code
- Course ID or Course Code
- Trainer and assessor name
- Page numbers
- You must staple the loose sheets together along with the cover page.
- You must attach the loose sheets chronologically as per the page numbers.
- Correction fluid and tape are not permitted. Please do any corrections by striking through the incorrect words with one or two lines and rewriting the correct words.
Resources required to complete the assessment task:
- Computer
- Internet
- MS Word
- Printer or e-printer
- Adobe acrobat/reader
- Learning management system
Questions:
Question 1: Answer the following questions.
A) Define network security. What is the various foundation of business security requirements?
B) Identify the different level web service security included in any organization. What are Some of The Preliminaries of Web Security?
|
Question 2: Answer the following questions.
A) Write a short note about a client-business domain with reference to organizational structure and business functionality.
B) Why passport protection is required for any website? Write 4 strategies for minimum and maximum password protection solution based of business requirement.
|
Question 3: Answer the following questions.
A) Define web server security. List two (2) industry -accepted hardware and software products for networking respectively.
B) Mention 3 measures that helps to make web server password non-traceable. Describe each.
|
Question 4: Answer the following questions.
A) Define common gateway interface?
B) Describe in brief why interpreter program is not feasible to store inside CGI-bin directory.
|
Question 5: Answer the following questions.
A) What is web form? Differentiate between server side and client-side validation.
B) Describe in brief about firewall and various filtering techniques.
|
Question 6: Answer the following questions.
A) What is disk and executing monitoring tools (daemons)? Give few examples.
B) Define intrusion detection system. Identify some intrusion detection system. Write a brief about any one of them.
|
Question 7: Answer the following questions.
A) Define security patches. Give some examples.
B) Why maintaining user account and permission are important on server? How to Enforce Security in SQL Server?
|
Question 8: Answer the following question
A) What does Bastion Host mean?
B) Describe the working principle of hypertext transfer protocol (HTTP).
|
Question 9: Answer the following questions.
A) Differentiate between HTTP and HTTPs?
B) Write a short description about secure socket layer (SSL). What is the function of Secure Socket layer?
|
Question 10: Answer the following questions.
A) What is internet protocol address? How can you practice safe email protocol?
B) Write a short note about IP sec with its various components.
|
Question 11: Answer the following questions.
A) Write steps to disable NetBIOS over TCP/IP manually via DHCP server.
B) Write a short paragraph about layer 2 tunneling protocol.
|
Question 12: Answer the following questions.
A) Write a short note about web-server operating system.
B) What are the three (3) measures included with keeping shared resources secure from intrusion.
|
Question 13: Answer the following questions.
A) What does it mean by point-to-point tunneling protocol?
B) What is Adware and its symptoms? How does Adware work?
|
Question 14: Write steps to disable TCP/IP for binding of file and sharing printers.
|
Question 15: Write a difference between application software and operating system.
|
UAT 2–Unit Project (UP)
Purpose of the checklist
The pre-assessment checklist helps students determine if they are ready for assessment. The trainer/assessor must review the checklist with the student before the student attempts the assessment task. If any items of the checklist are incomplete or not clear to the student, the trainer/assessor must provide relevant information to the student to ensure they understand the requirements of the assessment task. The student must ensure they are ready for the assessment task before undertaking it.
Section 1: Information for Students
- Please make sure you have completed the necessary prior learning before attempting this assessment.
- Please make sure your trainer/assessor clearly explained the assessment process and tasks to be completed.
- Please make sure you understand what evidence is required to be collected and how.
- Please make sure you know your rights and the Complaints and Appeal process.
- Please make sure you discuss any special needs or reasonable adjustments to be considered during the assessment (refer to the Reasonable Adjustments Strategy Matrix and negotiate these with your trainer/assessor).
- Please make sure that you have access to a computer and the internet (if you prefer to type the answers).
- Please ensure that you have all the required resources needed to complete this Unit Assessment Task (UAT).
- Due date of this assessment task is according to your
- In exceptional (compelling and compassionate) circumstances, an extension to submit an assessment can be granted by the trainer/assessor.
- Evidence of the compelling and compassionate circumstances must be provided together with your request for an extension to submit your assessment work.
- Request for an extension to submit your assessment work must be made before the due date of this assessment task.
Section 2: Reasonable adjustments
- Students with carer responsibilities, cultural or religious obligations, English as an additional language, disability etc. can request for reasonable adjustments.
- Please note, academic standards of the unit/course will not be lowered to accommodate the needs of any student, but there is a requirement to be flexible about the way in which it is delivered or assessed.
- The Disability Standards for Education requires institutions to take reasonable steps to enable the student with a disability to participate in education on the same basis as a student without a disability.
- Trainer/Assessor must complete the section below “Reasonable Adjustment Strategies Matrix” to ensure the explanation and correct strategy have been recorded and implemented.
- Trainer/Assessor must notify the administration/compliance and quality assurance department for any reasonable adjustments made.
- All evidence and supplementary documentation must be submitted with the assessment pack to the administration/compliance and quality assurance department.
Reasonable Adjustment Strategies Matrix (Trainer/Assessor to complete) | ||
Category | Possible Issue | Reasonable Adjustment Strategy
(select as applicable) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Unit Assessment Task (UAT)
Assessment Task 2 – Unit Project (UP)
Assessment type:
- Unit Project (UP)
Assessment task description:
- This is the second (2) assessment task you have to successfully complete to be deemed competent in this unit of competency.
- This assessment task requires you to complete a project to secure the web server and monitor its security using intrusion detection system.
Activity 1: Research about the various intrusion detection system that meet the business requirement.
Activity 2: You need to install the intrusion detection system and step up the software to notify admin.
Activity 3: Create a documentation.
- You are required to set of activities related to secure a website and monitor using intrusion detection system.
- You will receive your feedback within two weeks – you will be notified by your trainer/assessor when results are available.
- You must attempt all activities of the project for your trainer/assessor to assess your competency in this assessment task.
Applicable conditions:
- You must read and respond to all criteria of the project.
- You may hand write/use computers to answer the criteria of the project.
- You must complete the task independently.
- No marks or grades are allocated for this assessment task. The outcome of the task will be Satisfactory or Not Satisfactory.
- As you complete this assessment task you are predominately demonstrating your practical skills, techniques and knowledge to your trainer/assessor.
- The trainer/assessor may ask you relevant questions on this assessment task to ensure that this is your own work.
Re-submissions and reattempts:
- Where a student’s answers are deemed not satisfactory after the first attempt, a re-submission attempt will be allowed.
- You must speak to your Trainer/Assessor if you have any difficulty in completing this task and require reasonable adjustments (e.g. can be given as an oral assessment).
- For more information, please refer to your RTO Student Handbook.
Location:
- This assessment task may be completed in a classroom, learning management system (i.e. Moodle), workplace, or independent learning environment.
- Trainer/Assessor will provide student further information regarding the location of completing this assessment task.
General Instructions for attempting the project:
- You will complete a set of activities related to implementation of knowledge management system and procedure in this assessment task.
- Instructions to complete a set of activities related to implementation of knowledge management system and procedure is provided within the assessment task.
- You will be required to correctly attempt all activities of this assessment task.
How your trainer/assessor will assess your work?
- This assessment task requires the student to complete a set of activities related to implementation of knowledge management system and procedure.
- Answers must demonstrate the student’s understanding and skills of the unit.
- You will be assessed according to the provided performance checklist/ performance criteria.
- Assessment objectives/ measurable learning outcome(s) are attached as performance checklist/ performance criteria with this assessment task to ensure that you have successfully completed and submitted the assessment task.
- If all assessment tasks are deemed Satisfactory (S), then the unit outcome is Competent (C).
- If at least one of the assessment task is deemed Not Satisfactory (NS), then the unit outcome is Not Yet Competent (NYC).
- Once all assessment tasks allocated to this Unit of Competency have been undertaken, trainer/assessor will complete an Assessment plan to record the unit outcome. The outcome will be either Competent (C) or Not Yet Competent (NYC).
- The “Assessment Plan” is available with the Unit Assessment Pack (UAP) – Cover Sheet.
Purpose of the assessment task:
This assessment task is designed to evaluate student’s following skills and abilities:
- Skills to determine various level of security based on business
- Skills to write effective password protection solutions based on business requirement
- Skills to grant and maintain user accounts with permission to access server
- Skills to write security protocols according to business requirement.
- Skills to maintain confidentiality of the password of server
- Skills to write a concise, correct, error free grammatical sentence in the documentation
- Skills to provide reference at appropriate places
- Skills to conduct a coaching and mentoring session with the staff related to
Assessment Task 2 – Unit Project (UP)
Instructions to complete this assessment task:
- Please write your responses in the template provided.
- You may attach a separate sheet if required.
- You must include the following particulars in the footer section of each page of the attached sheets:
- Student ID or Student Name
- Unit ID or Unit Code
- Course ID or Course Code
- Trainer and assessor name
- Page numbers
- You must staple the loose sheets together along with the cover page.
- You must attach the loose sheets chronologically as per the page numbers.
- Correction fluid and tape are not permitted. Please do any corrections by striking through the incorrect words with one or two lines and rewriting the correct
- The premise of the project must be closely related to the previous assessment task.
- This submission must be well presented and follow the guidelines and instructions provided.
- Please follow the format as indicated in the template section below.
- One of the most important steps that you can take: proofread your
- Appropriate citations are required.
- All RTO policies are in effect, including the plagiarism policy.
Resources required to complete the assessment task:
- Computer
- Internet
- MS Word
- Printer or e-printer
- Adobe acrobat/reader
- Appendix 1
Project Task:
This assessment task is divided into following three (3) activities:
Activity 1: You are tired of all the reconnaissance attacks that your server have been the victim of lately, therefore you decide to install intrusion detection system( like tripwire/ Snort), and with the help of this, block all traffic from a destination that have performed such an attack (you can self-decide what specific type of reconnaissance attack you have been the victim of).
Activity 2: You are running a server that is connected to the public network and would like to get notified when this server is a victim of an attack without having to go through the system logs. You will therefore configure intrusion detection system to notify you either using email or by SNMP whenever a potential attack is detected. (You can self-decide what these attacks can be).
As an optional task, you also would like to create statistical data on how often your server is being attacked. The data must be presented in such a way that you can, per attack, see how many times per hour and per day this attack occurs. It should be represented either in a text file that can easily be parsed to a spreadsheet program, or in a format readable to for example MRTG.
Activity 3: Create documentation with all the installation process, including adding and testing of the rules. Give a detailed description on how you solved the scenario, include your rule(s), together with a detailed description of how it (they) works, also a description of how you tested it and the resulting entry in the log file.
Scenario: You are working at Cyber hub as a website admin and recently you server got victimized of reconnaissance attack. Your company director and management were already notified with its severity. So, management have allocated a task to you to solve the problem and install a new and effective intrusion detection system for the website and server so it can notify admin as soon as the problem occurs. You need to research about intrusion detection system and apply necessary network protocol security your organizational requirement.
Activity 1: Research about the various intrusion detection system that meet the business requirement
You need to read and understand the above given scenario and write a brief about it. Design a database model using appropriate models and relations to join tables.
Before you start installing a new intrusion system you should remember to do following task:
- Search the internet about various intrusion detection tools and check its installation prerequisites
- Search about various industry accepted hardware and software products for networking
- Search about various vulnerabilities and which tools are more affective to deal in effective manner
- Verify the installation procedures for intrusion detection system
- Analyze various level of security level required per the business requirement
You need to submit your report with all the output of test case to the assessor/ trainer in a word file. Also, you need to create java file so the assessor can check the program.
Performance checklist criteria
Trainer/ Assessor to complete | |||
Does the candidate meet the following criteria | Yes | No | Trainer/Assessor Comments |
Identified various intrusion detection system
Included:
|
|
||
Documented appropriate intrusion detection system to meet the business requirement. |
|
||
Design an efficient security protocol to make sure the server password is obscure and untraceable | |||
Write a procedure maintain password confidentiality | |||
Description of various industry accepted hardware and software products for networking | |||
Define security patches and firewall functionality | |||
Used clear, logical document structures, relevant terminology and correct grammatical structures |
Activity 2: You need to install the intrusion detection system and step up the software to notify admin.
This activity is continuing from previous activity and you need to follow following steps:
- Install the software and implement security protocols
- design the structure of minimum and maximum password protection solution for the website and server
- make sure the password is obscure and untraceable for server
You need to complete the following test case document and submit to your trainer/assessor
Performance checklist criteria
Trainer/ Assessor to complete | |||
Does the candidate meet the following criteria | Yes | No | Trainer/Assessor Comments |
Identified and documented about intrusion detection system |
|
||
Documented various levels of security protocols as per business requirement |
|
||
Write a procedure to check web form validation | |||
Explanation of the benefits of applied intrusion detection for the company | |||
Used clear, logical document structures, relevant terminology and correct grammatical structures |
Activity 3: Create a documentation
This activity is continuing from previous activity.
You need to cover the following information in the session:
- Introduction about business requirement and various level of security based on the business
- How to install, implement and setup the intrusion detection system
- Write a security protocol to make web server password untraceable
- Description of various network security protocols that can be applied on public network connection
- Create a short presentation about your work and provide information to your classmates about various security measures needed for server
- Correct, concise and error free grammatical sentences
Your trainer will act as director. You will be acting as a network admin and one of your colleagues will work as quality assurance manager, who have to check if all the requirements are met or not.
You need to complete the following test case document and submit to your trainer/assessor
Performance checklist criteria
Trainer/ Assessor to complete | |||
Does the candidate meet the following criteria | Yes | No | Trainer/Assessor Comments |
Identified and documentation about intrusion detection system |
|
||
Documented various levels of security protocols as per business requirement. |
|
||
Design an efficient model for adding new tables and show relationship of database and how data are stored | |||
Write a procedure to decide on minimum and maximum password protection solution | |||
Explanation of the benefits of applied intrusion detection for the company | |||
Demonstrated the use of applied intrusion detection system | |||
Description of various industry accepted hardware and software products for networking | |||
Used clear, logical document structures, relevant terminology and correct grammatical structures | |||
Created a nice and informative presentation |
Unit Assessment Result Sheet (UARS)
Assessment Task 2 – Unit Project (UP)
Student and Trainer/Assessor Details
Unit code | ICTWEB408 | ||
Unit name | Ensure basic website security | ||
Outcome of Unit Assessment Task (UAT) |
Outcome (please make sure to tick the correct checkbox): Satisfactory (S) ☐ or Not Satisfactory (NS) ☐ Date: _______(day)/ _______(month)/ ____________(year)
Outcome (please make sure to tick the correct checkbox): Satisfactory (S) ☐ or Not Satisfactory (NS) ☐ Date: _______(day)/ _______(month)/ ____________(year) |
||
Feedback to Student |
|
||
Student Declaration |
|
||
Student Signature | |||
Date | |||
Trainer/Assessor Name | |||
Trainer/Assessor Declaration | I hold:
I declare that I have conducted an assessment of this candidate’s submission. The assessment tasks were deemed current, sufficient, valid and reliable. I declare that I have conducted a fair, valid, reliable, and flexible assessment. I have provided feedback to the above-named candidate. |
||
Trainer/Assessor Signature | |||
Date | |||
Office Use Only | Outcome of Assessment has been entered onto the Student Management System on _________________ (insert date)
by (insert Name) __________________________________ |
Reference ID: #getanswers2001109