CRS180_22334VIC-VU21995-VU21996_AT1of2_LEARNER_V2

.docx

School

National Business Institute Inc. *

*We aren’t endorsed by this school

Course

MISC

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

Uploaded by MinisterGoldfish177

CRS180 Revision 101 May 2018 Page 1 Assessment Task 1: Incident Response Report Student Version Section A – Program/Course details Qualification code: 22334VIC Qualification title: Certificate IV in Cyber Security Unit code: VU21995 VU21996 Unit title: Manage network infrastructure for the organisation Evaluate and test an incident response plan for an enterprise Department name: Enter CRN number Section B – Assessment task details Assessment number: 1 of 2 Semester/Year: 1 and 2/2023 Due date: Ongoing Duration of assessment: Ongoing Assessment method Assessment task results ☒ Ungraded result ☐ Other: Click here to enter text. Section C – Instructions to students Task instructions: T HIS A SSESSMENT H AS T WO P ARTS P ART A – I NCIDENT R ESPONSE R EPORT P ART B – K NOWLEDGE T ASK NOTE: I F ANY STUDENT WISHES TO WORK INDIVIDUALLY FOR P ART A, THEY MUST OBTAIN PRIOR PERMISSION FROM THE A SSESSOR AND FOLLOW THE GUIDELINES PROVIDED BY THEM . I N SUCH CASES , THE STUDENT MAY COLLABORATE WITH A FRIEND , PARTNER OR COLLEAGUE WITH THE APPROVAL OF THE ASSESSOR . P ART A: I NCIDENT R ESPONSE R EPORT T HIS I S A G ROUP T ASK . G ROUPS A RE T O B E B ETWEEN 3 – 5 M EMBERS A ND S UBMITTED T O T HE I NSTRUCTOR . E ACH M EMBER W ILL S UBMIT A C OPY O F T HE ASSESSMENT TASKS . BY UPLOADING THE COMPLETED TASK TO B RIGHTSPACE WITH THEIR ATTACHED COVER SHEET . G ROUP ’ S W ORK . Y OUR W ORK I S T O B E S UBMITTED I N R EPORT F ORMAT R EFER T O T HE S CENARIO I N S UPPORTING D OCUMENTS U NDER S ECTION F ORM Y OUR I NCIDENT R ESPONSE T EAM (I RT ) B ASED O N T HE S CENARIO E STABLISH Y OUR O WN I NCIDENT R ESPONSE T EAM (I RT ). D ETERMINE T HE P OSITIONS O F T HE I NCIDENT R ESPONSE T EAM –Y OU M AY I NCLUDE T HE F OLLOWING P OSITIONS : • I NCIDENT A NALYSTS (T IER 1) • I NCIDENT R ESPONDERS (T IER 2) – M INIMUM O F 2 P ER T EAM • I RT M ANAGER (S) • C OMMUNICATION L IAISONS (O PTIONAL ) D EVELOP A G ENERALIZED I NCIDENT R ESPONSE P LAN (IRP) B ASED O N T HE S CENARIO . E.G. D ENIAL OF S ERVICE A TTACK , M ALWARE , P HISHING E TC . T HE N UMBER O F I NCIDENTS Y OU C HOOSE I S D IRECTLY P ROPORTIONAL T O T HE N UMBER I N Y OUR G ROUP . OFFICIAL Holmesglen: PN/CAIT 7-Mar-2022 L:\CAIT\Teaching\T&L\202210\22334VIC-Re Registration pre\Registration Prep 2022\PN\VU21995-VU21996\Oncampus\CRS180_22334VIC-VU21995-VU21996_AT1of2_MASTER_ v1.1.docx

CRS180 Revision 101 May 2018 Page 2 Assessment Task 1: Incident Response Report Section C – Instructions to students Y OUR R EPORT S HOULD C ONSIST O F A LL R ELEVANT I NCIDENT R ESPONSE F ORMS . Y OU W ILL B E P ROVIDED WITH S OME OF T HE F ORMS . E ACH I NDIVIDUAL W ILL T HEN D EVELOP AN IRP B ASED O N T HE I NCIDENT A SSIGNED T O Y OU B Y T HE G ROUP . B ELOW I S A D ETAILED R EPORT S TRUCTURE D IALOGUE . Y OUR T EAMS ’ R EPORT I S R EQUIRED TO A DDRESS A LL A REAS D ETAILED I N T HE S TRUCTURE D IALOGUE B ELOW . M AKE S URE Y OU R EFERENCE A NY W ORK (I N R EFERENCES S ECTION ) T HAT Y OU U SE I N Y OUR R EPORT . 1. I NTRODUCTION 1.1 C ONTEXT 1.2 P URPOSE 1.3 A UTHORITY 1.4 R EVIEW 2. C OMMON C YBER I NCIDENTS AND R ESPONSES 2.1 P OTENTIAL T HREAT V ECTORS 3. R OLES A ND R ESPONSIBILITIES 3.1 I NCIDENT M ANAGEMENT T EAM 4. I NCIDENT R ESPONSE P ROCESS 4.1 I NCIDENT 1 S TEP 1: D ETECTION AND A NALYSIS S TEP 2: C ONTAINMENT A ND E RADICATION S TEP 3: C OMMUNICATIONS A ND E NGAGEMENT S TEP 4: R ECOVER S TEP 5: L EARN A ND I MPROVE 5. IRP S UPPORT F ORMS A PPENDIX A. S ITUATION U PDATE (T EMPLATE ) A PPENDIX B. I NCIDENT L OG (T EMPLATE ) A PPENDIX C. R ESOLUTION A CTION P LAN (T EMPLATE ) A PPENDIX D. E VIDENCE R EGISTER (T EMPLATE ) A PPENDIX E. A SSETS AND K EY C ONTACTS (T EMPLATE ) [U PDATE AS A PPROPRIATE ] A PPENDIX F. I NCIDENT C ONTACTS L IST A PPENDIX G. I NCIDENT C OMMUNICATIONS L OG A PPENDIX H. I NCIDENT R ECOVERY C HECKLIST A PPENDIX I. I NCIDENT H ANDLING C HECKLIST Y OU M UST I MPLEMENT V ERSION C ONTROL ON T HE R EPORT T O S HOW W HO H AS W ORKED O N W HICH P ARTS O F T HE P ROJECT . PART B – KNOWLEDGE TASK T HIS IS AN INDIVIDUAL TASK . A LL ANSWERS MUST BE IN YOUR OWN WORDS , YOU CAN RESEARCH INFORMATION FROM THE INTERNET , BUT YOU MUST NOT COPY AND PASTE DIRECTLY FROM INTERNET . -S OME OF THESE QUESTIONS ARE MORE TECHNICAL AND ASK LEARNERS TO DISCUSS OR EXPLAIN TECHNOLOGIES OR TERMINOLOGIES WHILE OTHER QUESTIONS ARE MORE HOLISTIC OR BIGGER PICTURE FOCUSED . -P ROVIDE A LIST OF REFERENCES YOU HAVE SOURCED IN THE R EFERENCE URL LINK SECTION -O NCE LEARNER HAS COMPLETED ALL THE QUESTIONS , THE ASSESSMENT MUST BE UPLOADED AND SUBMITTED ALONG WITH THE SIGNED ASSESSMENT COVERSHEET VIA B RIGHTSPACE . -I F A SUPPLIED ANSWER IS INCORRECT OR REQUIRES FURTHER INFORMATION , THE LEARNER WILL BE REQUESTED TO CORRECT THE ISSUES AND RESUBMIT THE WHOLE ASSESSMENT VIA B RIGHTSPACE WITHIN 7 DAYS OF RECEIVING FEEDBACK . -O NCE COMPLETED YOU MUST CONTRIBUTE TO AND ABIDE BY ORGANIZATIONAL STANDARDS INCLUDING INTELLECTUAL PROPERTY AND PRIVACY LAWS . OFFICIAL Holmesglen: PN/CAIT 7-Mar-2022 L:\CAIT\Teaching\T&L\202210\22334VIC-Re Registration pre\Registration Prep 2022\PN\VU21995-VU21996\Oncampus\CRS180_22334VIC-VU21995-VU21996_AT1of2_MASTER_ v1.1.docx

CRS180 Revision 101 May 2018 Page 3 Assessment Task 1: Incident Response Report Section C – Instructions to students -A LL ANSWERS SHOULD BE TO THE POINT , IN COMPLETE SENTENCES AND AT LEAST TWO TO THREE SENTENCES LONG . T HE ANSWER SHOULD MAKE DIRECT REFERENCE TO THE QUESTION . -T HE LENGTH OF YOUR ANSWER SHOULD NOT EXCEED HALF AN A4. H OWEVER , THIS IS AVERAGE ONLY , - SINCE SOME QUESTIONS WILL REQUIRE LONGER RESPONSES , SOME SHORTER . E XPLANATION OF COMMON COMMAND WORDS USED IN THIS ASSESSMENT TASK -I F YOU ARE ASKED TO L IST , YOU SHOULD ANSWER IN BULLETED , NUMBERED OR PARAGRAPH FORM , PROVIDE SEVERAL CONSECUTIVE ITEMS – IF PARAGRAPH FORM , USE COMMAS (,) TO SEPARATE ITEMS . -I F YOU ARE ASKED TO D ESCRIBE , YOU SHOULD ANSWER IN PARAGRAPH FORM , GIVE A FULL ACCOUNT OF AN EVENT , IDEA OR CONCEPT – INCLUDE ALL RELEVANT CIRCUMSTANCES AND DETAILS . -I F YOU ARE ASKED TO E XPLAIN , YOU SHOULD ANSWER IN PARAGRAPH FORM , DESCRIBE , IN ENOUGH DETAIL TO CLARIFY OR JUSTIFY , AN IDEA , CONCEPT , SITUATION , ACTION TAKEN , INSIGHT OR CHALLENGE . -I F YOU ARE ASKED TO D EFINE , YOU SHOULD ANSWER IN PARAGRAPH FORM , EXPLAIN THE MEANING OF A TERM OR CONCEPT . -I F YOU ARE ASKED TO S UMMARIZE , YOU SHOULD ANSWER PARAGRAPH OR LIST FORM , EXPLAIN THE KEY POINTS OR INSIGHTS DERIVED FROM A TEXT , EVENT , OR SITUATION . -I F YOU ARE ASKED TO C OMPARE , YOU SHOULD L IST , DESCRIBE , OR EXPLAIN THE SIMILARITIES AND DIFFERENCES BETWEEN TWO ( OR MORE ) IDEAS , CONCEPTS , EVENTS , SITUATIONS , CHALLENGES , OR INSIGHTS W HAT T O S UBMIT ? 1. T HIS C OMPLETED C OVERSHEET 2. A C OPY OF Y OUR T EAM ’ S I RP & F ORMS , I NCLUDING A C ONTACTS L IST W ITH Y OUR T EAM M EMBERS P OSITION D ETAILS 3. A NSWERS TO THE KNOWLEDGE QUESTIONS . Section D – Conditions for assessment Conditions: • Learner to complete and attach Assessment Submission Cover Sheet to the completed Assessment Task. • This assessment is to be completed by your Incident Response Team. You are required to collaborate in this group assessment to contribute, support each other and share knowledge. You are required to submit the individual system incidents and recommendation to Brightspace. • Even though this is a group task you are required to submit the final assessment individually to bright space • You must meet all criteria listed in the marking guide to be satisfactory in this task. You may resubmit this task if not successful within the enrolment period as per Holmesglen conducting assessment procedure. • Part B is an individual task; however, you are required to get information, feedback and ideas from your assessor, peers and industry to help complete the assessment planning guide. • It is expected all documents will be completed and submitted electronically but if this is not possible, make alternative arrangements for submitting the documents with your assessor. • You will have the opportunity to resubmit if any part of the assessment is deemed unsatisfactory You can have one resubmit per task. • You can appeal an assessment decision according to the Holmesglen Assessment Complaints and Appeals Procedure. • If you feel you require special allowance or adjustment to this task, please decide with your assessor within one week of commencing this assessment, • The learner may use the internet research answers for this assessment. OFFICIAL Holmesglen: PN/CAIT 7-Mar-2022 L:\CAIT\Teaching\T&L\202210\22334VIC-Re Registration pre\Registration Prep 2022\PN\VU21995-VU21996\Oncampus\CRS180_22334VIC-VU21995-VU21996_AT1of2_MASTER_ v1.1.docx

CRS180 Revision 101 May 2018 Page 4 Assessment Task 1: Incident Response Report Section D – Conditions for assessment • The learner is required to access information and ideas from the assessor, industry, the Holmesglen Learning Centre, and other reliable sources and technologies located on the internet, such as Packet Tracer,Netlab,NetAcad,VMware workstataion pro,Kali Linux. • To be deemed competent and compliant for this assessment task, the learner must demonstrate all of the tasks, skills or knowledge outlined • If not successful within the enrolment period as per Holmesglen assessment procedure, you will be requested to resubmit within seven days of receiving feedback. You are permitted two resubmissions per assessment task. Equipment/resources students must supply: Equipment/resources to be provided by the RTO: PC computer or laptop with the following minimum specification: -Quad-Core CPU,16GB of RAM, 250GB of Storage, 2 GHz or faster processor -Access to an internet connection (ADSL or cable connection desirable) -PC Monitor 24" (dual monitor optional but preferred) -Headset/earphone with microphone (webcam optional but preferred) -Windows 10 - available free from https://developer.microsoft.com/en-us/windows/downloads/v irtual-machines/ or https://www.microsoft.com/enus/ evalcenter/evaluate-windows-10-enterprise -Packet Tracer - free to download -NETLab - free, accessed via web Holmesglen url -NetAcad - free, Register through Cisco learning academy -VMware workstation Pro - available free through Holmesglen OnTheHub -Kali Linux - free to download -LinkedIn Learning - free access via Holmesglen url -Microsoft Office Suite - free access through Holmesglen MyHorizon -WebEx - free to download -Storage - free via Holmesglen OneDrive or student can access free storage offered by google drive or dropbox, alternatively, a student can purchase an external SSD hard disk with a minimum of 250GB (prices vary). -7Zip or an equivalent compression utility - free to download -Google Chrome – recommended web browser PC computer or laptop with the following minimum specification: -Quad-Core CPU,16GB of RAM, 250GB of Storage, 2 GHz or faster processor -Access to an internet connection (ADSL or cable connection desirable) -PC Monitor 24" (dual monitor optional but preferred) -Headset/earphone with microphone (webcam optional but preferred) -Windows 10 - available free from https://developer.microsoft.com/en-us/windows/down loads/virtual-machines/ or https://www.microsoft.com/enus/ evalcenter/evaluate-windows-10-enterprise -Packet Tracer - free to download -NETLab - free, accessed via web Holmesglen url -NetAcad - free, Register through Cisco learning academy -VMware workstation Pro - available free through Holmesglen OnTheHub -Kali Linux - free to download -LinkedIn Learning - free access via Holmesglen url -Microsoft Office Suite - free access through Holmesglen MyHorizon -WebEx - free to download -Storage - free via Holmesglen OneDrive or student can access free storage offered by google drive or dropbox, alternatively, a student can purchase an external SSD hard disk with a minimum of 250GB (prices vary). -7Zip or an equivalent compression utility - free to download -Google Chrome – recommended web browser. OFFICIAL Holmesglen: PN/CAIT 7-Mar-2022 L:\CAIT\Teaching\T&L\202210\22334VIC-Re Registration pre\Registration Prep 2022\PN\VU21995-VU21996\Oncampus\CRS180_22334VIC-VU21995-VU21996_AT1of2_MASTER_ v1.1.docx

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version