Assessment II - Cyber Security Response

T-1.8.1_v1 Details of Assessment Term and Year Term 4-2023 Time allowed Week 8 Assessment No 2 of 2 Assessment Weighting 50% Assessment Type Knowledge questions Due Date Week 8 Room 102 Details of Subject Qualification ICT40120 Certificate IV in Information Technology   Subject Name Cyber Security Response Details of Unit(s) of competency Unit Code (s) and Names ICTCYS402 - Identify and confirm cyber security incidents ICTSAS214 - Protect devices from spam and destructive software Details of Student Student Name College CBC Student ID 202342267 Student Declaration: I declare that the work submitted is my own and has not been copied or plagiarised from any person or source. I acknowledge that I understand the requirements to complete the assessment tasks. I am also aware of my right to appeal. The feedback session schedule and reassessment procedure were explained to me. Student’s Signature: ________Duong________ Date: ____16/11/2023____ Details of Assessor Assessor’s Name Rudi Assessment Outcome Assessment Result Competent Not Yet Competent Marks /50 Feedback to Student Progressive feedback to students, identifying gaps in competency and comments on positive improvements: ______________________________________________________________________________________ ______________________________________________________________________________________ ______________________________________________________________________________________ ______________________________________________________________________________________ ______________________________________________________________________________________ ______________________________________________________________________________________ Assessor Declaration: I declare that I have conducted a fair, valid, reliable and flexible assessment with this student. Student attended the feedback session. Student did not attend the feedback session. Assessor’s Signature: ___________________ Date: _____/_____/________ Cyber Security Response - Assessment II v.1, Last updated on 16/05/2021 Page 1

T-1.8.1_v1 Purpose of the Assessment The purpose of this assessment is to assess the student in the following learning outcomes: Competent (C) Not Yet Competent (NYC) Knowledge Evidence - ICTCYS402 - Identify and confirm cyber security incidents Knowledge of different types of cyber security incidents and attacks, including:  security vulnerabilities and malware  denial-of-service attack (DDOS)  SQL injection (SQLi)  cross-site scripting (XSS) attacks  scripted attacks  hardware attacks  attacks against Wi Fi Knowledge of cyber security risks Knowledge of methods of testing systems, networks and applications and confirming incidents Knowledge of common procedures in:  following organisational cyber security incident response plans  responding to cyber security incidents Knowledge of legislative requirements applicable to identifying and reporting cyber security incidents Knowledge of organisational policies and procedures applicable to cyber security incidents, including:  documenting established requirements, incidents and work performed  security procedures  obtaining and analysing system, network and application information  cyber security incident response processes and plans  establishing reporting procedures. Knowledge Evidence - ICTSAS214 - Protect devices from spam and destructive software Spam types and destructive software on a range of different devices including:  desktop computers  laptops  tablets  mobile and smartphones  wearables  media players Organisational procedures regarding:  protective measures against spam and destructive software  software updates  software security and spam filter settings  protective procedures for spam and destructive software removal  documenting and reporting outcome of protective Cyber Security Response - Assessment II v.1, Last updated on 16/05/2021 Page 2

T-1.8.1_v1 measures Spam and virus intrusions and remedial actions Types of protective applications used against viruses and spam Operating systems features and components Components of hardware that may be affected by spam Technical records, vendor documentation, enterprise procedures and guidelines. Assessment/evidence gathering conditions Each assessment component is recorded as either Competent (C) or Not Yet Competent (NYC). A student can only achieve competence when all assessment components listed under “Purpose of the assessment” section are recorded as competent. Your trainer will give you feedback after the completion of each assessment . A student who is assessed as NYC (Not Yet Competent) is eligible for re-assessment. Resources required for this Assessment  Computer with relevant software applications and access to internet  Weekly eLearning notes relevant to the tasks/questions Instructions for Students Please read the following instructions carefully  This assessment must be completed In class At home  The assessment is to be completed according to the instructions given by your assessor.  Feedback on each task will be provided to enable you to determine how your work could be improved. You will be provided with feedback on your work within two weeks of the assessment due date. All other feedback will be provided by the end of the term.  Should you not answer the questions correctly, you will be given feedback on the results and your gaps in knowledge. You will be given another opportunity to demonstrate your knowledge and skills to be deemed competent for this unit of competency.  If you are not sure about any aspect of this assessment, please ask for clarification from your assessor.  Please refer to the College re-assessment for more information ( Student handbook ). Cyber Security Response - Assessment II v.1, Last updated on 16/05/2021 Page 3

T-1.8.1_v1 Assessment 2 – Writing Questions Assessment type:  Written Questions Assessment task description:  The Knowledge Test is comprised of 11 written questions.  You must respond to all questions and submit them to your Trainer/Assessor. Applicable conditions:  This knowledge test is untimed and are conducted as open book tests (this means you are able to refer to your textbook during the test).  You must read and respond to all questions.  You may handwrite/use computers to answer the questions.  You must complete the task independently.  As you complete this assessment task you are predominately demonstrating your written skills and knowledge to your trainer/assessor. Instructions for answering written questions:  Complete a written assessment consisting of a series of questions.  You will be required to correctly answer all the questions.  Do not start answering questions without understanding what is required from you. Read the questions carefully and critically analyse them for a few seconds, this will help you to identify what is really needed.  Your answers must demonstrate an understanding and application of relevant concepts, critical thinking, and good writing skills.  Be concise to the point and write answers according to the given word-limit to each question and do not provide irrelevant information. Be careful, quantity is not quality.  When you quote, paraphrase, summaries or copy information from the sources you are using to write your answers/research your work, you must always acknowledge the source. Cyber Security Response - Assessment II v.1, Last updated on 16/05/2021 Page 4

T-1.8.1_v1 Purpose of the assessment The purpose of this assessment task is to identify, confirm and report cyber security incidents in an organisation in a range of contexts and industry settings and reduce the risk of a device’s operation being affected by spam or destructive software by implementing a range of protective cyber security procedures.  Knowledge of different types of cyber security incidents and attacks, including: o security vulnerabilities and malware o denial-of-service attack (DDOS) o SQL injection (SQLi) o cross-site scripting (XSS) attacks o scripted attacks o hardware attacks o attacks against Wi Fi  Knowledge of cyber security risks  Knowledge of methods of testing systems, networks and applications and confirming incidents  Knowledge of common procedures in: o following organisational cyber security incident response plans o responding to cyber security incidents  Knowledge of legislative requirements applicable to identifying and reporting cyber security incidents  Knowledge of organisational policies and procedures applicable to cyber security incidents, including: o documenting established requirements, incidents and work performed o security procedures o obtaining and analysing system, network and application information o cyber security incident response processes and plans o establishing reporting procedures.  Spam types and destructive software on a range of different devices including: o desktop computers o laptops o tablets o mobile and smartphones o wearables o media players  Organisational procedures regarding: o protective measures against spam and destructive software o software updates o software security and spam filter settings o protective procedures for spam and destructive software removal o documenting and reporting outcome of protective measures  Spam and virus intrusions and remedial actions  Types of protective applications used against viruses and spam  Operating systems features and components  Components of hardware that may be affected by spam  Technical records, vendor documentation, enterprise procedures and guidelines. Cyber Security Response - Assessment II v.1, Last updated on 16/05/2021 Page 5