ICANWK503A – Install and Maintain Valid Authentication Processes RTO No: 20829 CRICOS Provider Code: 02044E ABN: XXXXXXXXXX STUDENT COPY- CR Assessment Resources Summary Unit Details ICTNWK503 -...

assessment 1 -1500wordsassessment 2-1500wordsand assessment 3 labs



ICANWK503A – Install and Maintain Valid Authentication Processes RTO No: 20829 CRICOS Provider Code: 02044E ABN: 41 085 128 525 STUDENT COPY- CR Assessment Resources Summary Unit Details ICTNWK503 - Install and maintain valid authentication processes Students are required to complete ALL summative assessments listed below in order to be deemed “Competent” in this unit of competency. Assessment Methods Written Assessment Assessment 1 Case Study Assessment 2 Lab Assessment 3 Questions Assessment 4 Issue Date January 2018 Version 1.2 a Page 2 of 17 Assessment Resources ICTNWK503 Unit Summary The unit objectives, prerequisites, co-requisites and other pertinent information about this unit is described at https://training.gov.au/Training/Details/ICTNWK503 Resources Students should refer to this unit in Moodle (e-learning.vit.edu.a) to access a list of resources for this unit (see Learner Resources section for relevant articles, links, videos, etc). Lab-1 resources: “How to set up two-factor authentication in Gmail” https://www.youtube.com/watch?v=Xhmae4_fG2o Lab-2 resources: “70-410 Lesson 3: Installing and Configuring Active Directory Domain Services” https://www.youtube.com/watch?v=IFkwRgmEjbU “70-410 Lesson 4: Configuring User Account Management” https://www.youtube.com/watch?v=EVDIPEqhAPM Read “Lesson 3 Installing Domain Controllers” and “Lesson 4 Managing users and computers” in Installing and Configuring Windows 2012 Server book (in Learner Resources) https://www.youtube.com/watch?v=5mKPhIYMfX8 How to Install Windows 2012 Server R2 on VMWorkstation https://www.youtube.com/watch?v=5mKPhIYMfX8 a Page 3 of 17 Assessment Resources ICTNWK503 Assessment 1: Written Assessment Student Name: ______________________________________________________________ Student ID No: ______________________________________________________________ Student Instructions: • Your answers should be on a separate document using word processing software such as MS Word & or other software (hand written submissions are only acceptable with prior approval from your Trainer) • Your document should be professionally formatted and include o Your Name o Your Student ID o Unit Code o Assessment Number (i.e. ICTNWK503 Assessment 1) • Please reference to each question number and retype each question with your answers • This is an open book assessment, you must answer every question and provide enough information to demonstrate sufficient understanding of what has been asked to achieve competency. Please ask your Trainer/Assessor if you are unsure what is sufficient detail for an answer • Ask your trainer/assessor if you do not understand a question. Whist your trainer/assessor cannot tell you the answer, he/she may be able to re-word the question for you or provide further assistance based on the Institute’s “Reasonable Adjustment Policy” • Answers should be your own work, in your own words and not plagiarised, nor copied. However, if an answer is cut & pasted (such as a definition), then the source should be referenced a Page 4 of 17 Assessment Resources ICTNWK503 Written Assessment Questions 1. In your own words briefly describe the problems and challenges dealing with resource accounting through authentication. (Not more than 300 words). 2. Briefly discuss your understanding of the followings virtual private network (VPN) issues (Not more than 300 words for each items): • Quality of service (QOS) considerations • Bandwidth • Dynamic security environment • Function and operation of VPN concepts 3. What are two common authentication adaptors? Discuss in your own words. (Not more than 300 words). 4. Briefly describe two biometric authentication adaptors. (Not more than 300 words). 5. Briefly describe your understanding of the followings (Not more than 300 words for each items): • Digital certificates • Verisign • X.509 • SSL 6. Explain the function and operation of the following authentication controls: (Not more than 300 words for each items) • Passwords • Personal identification numbers (pins) • Smart cards • Biometric devices • Authentication protocols 7. Briefly discuss the following network authentication services (Not more than 300 words for each items): • Kerberos and • NT LAN Manager (NTLM) a Page 5 of 17 Assessment Resources ICTNWK503 8. List at least 2 features of the following password protocols (Not more than 300 words for each items): • Challenge handshake authentication protocol (CHAP) • Challenge phrases • Password authentication protocol (PAP) • Remote authentication dial-in user service (RADIUS) authentication 9. Describe the principles of security tokens. (Not more than 300 words). Assessor Use Only Assessor Comments  Satisfactory (S)  Not Satisfactory (NS) Assessor Signature: _______________________________ Date: _____________ a Page 6 of 17 Assessment Resources ICTNWK503 Assessment 2: Case Study Information for students Read the case study below and prepare a report addressing the requirements below. Note that you can optionally do this as a group assignment, (your group can have no more than three members), and the members of your group should be listed in the report introduction. All students in the group need to hand in a copy of the assignment when they submit their student workbooks for marking. Scenario You are working as an IT/Network security Engineer at NetSecurity Pty Ltd. NetSecurity is an outsourced security specialists and work with multiple companies to provide secure authentication services and develop Security Policies for companies. Recently Company has got a new client EducationFirst Pty Ltd, and they want to secure the network due to recent virus and security threats. EducationFirst is an institute and having more than 6 campuses around Melbourne. Each campus has got two admin PC and 2 PCs for Teachers to access internet and online Moodle. Currently all the computers are in workgroup. EducationFirst’s organisational policy is to for all users to have password access, and for no user accounts to be shared between users. The head office in Dandenong and they have got around 10 teachers and two admin staffs. Since the number of students increased they must get more teachers to each campus. They also want to provide VPN access to their employees so that they can work securely from home. The management is concern about their materials and they don’t want any others to access their online and stored materials. They have approached your company to provide a secure authentication method to their computers, online Moodle and, they want to make sure no virus and security threats on their systems. As a part of the security team you have been asked to prepare a report document for Ms. Keegan, the IT Manager of Education First. a Page 7 of 17 Assessment Resources ICTNWK503 Your report must include the following: 1. Describe the enterprise security plan. 2. Identify the enterprise security requirements. 3. Identify different authentication and authorization methods for users 4. Identify different authentication and authorization methods for enterprise requirement 5. Select and explain the suitable authentication and authorization method. 6. Describe the user attributes and user attributes setup. 7. Brief the user on the authentication system and the user’s responsibilities in the authentication system. (For this information, you should write this down in your report and be prepared to do an oral briefing to a user of the system in response to a trainer request in class or when your present the assignment). 8. Describe the Secure location to store the permission and configuration information. 9. Review the authentication system, and keep the system current 10. Prepare the ongoing monitoring plan using incident management and reporting processes 11. Prepare incident management and reporting document. 12. Process to do the Adjustment on requirements if required a Page 8 of 17 Assessment Resources ICTNWK503 ASSESSMENT 2 – CASE STUDY ASSESSOR CHECKLIST This assessor checklist is to be used when assessing the students in the associated task. The checklist below must be completed for each student. Please refer to separate mapping document for specific details relating to alignment of this task to the unit requirements. Student Name: Assessor Name: The student must satisfactorily complete Written Report tasks to the standards outlined below. ASSESSOR CHECKLIST S NS Has the student? 1. Described the enterprise security plan   2. Identified the enterprise security requirements   3. Identified different authentication methods for users   4. Identified different authorization methods for users   5. Identified different authentication and authorization methods for enterprise requirement   6. Selected the suitable authentication and authorization method   7. Explained the suitable authentication and authorization method.   8. Listed the user attributes.   9. Provided details of the user permissions and responsibilities on the authentication system.   10. Described the Secure location to store the permission and configuration information.   11. Reviewed the authentication system.   a Page 9 of 17 Assessment Resources ICTNWK503 12. Prepared the ongoing monitoring plan   13. Prepared incident management and reporting document.   14. Created Process to do the Adjustment on requirements if required.   Assessor Use Only Assessor Comments  Satisfactory (S)  Not Satisfactory (NS) Assessor Signature: _______________________________ Date: _____________ a Page 10 of 17 Assessment Resources ICTNWK503 ASSESSMENT 3 – LAB Information for students: This assessment is to be undertaken in a classroom/simulated environment. The student is to complete the following Labs: • Two factor