UNIT NO. & TITLE: NO. 5 Security
QUALIFICATION: BTEC Level 4 Computing
YEAR: 2018-2019
PREPARED BY: SIDDHESH RAJE
REPORT and Presentation
ASSESSOR NAME:
SUBMITTED ON:
1
, Index
Serono Topic Page
No.
1. LO1: Assess risks to IT security
P1: Identify types of security risks to organization.
P2: Describe organizational security procedures.
M1: Propose a method to assess and treat IT security
risks.
2. LO2: Describe IT security solutions
P3: Identify the potential impact of IT security of
incorrect configuration of firewall policies and third-
party VPNs.
P4: Show, using an example for each, how implementing
a DMZ, static IP and NAT in a network security.
M2: Discuss three benefits to implement network
monitoring systems with supporting reasons.
LO1 & LO2 D1: Investigate how a ‘trusted network’ be
part of an IT security solution.
3. LO3: Review mechanisms to control organizational IT
security.
P5: Discuss risk assessment procedures.
P6: Explain data protection processes and regulations as
applicable to an organization.
M3: Summaries the ISO 31000 risk management
methodology and its application in IT security.
M4: Discuss possible impacts to organizational security
resulting from IT security audit.
D2: Consider how IT security can be aligned with
organizational policy, detailing the security impact of
any misalignment.
4. LO4: Manage organizational security.
P7: Design and implement a security policy for an
organization.
P8: List the main components of an organizational
disaster recovery plan, justifying the reason of
inclusions.
M5: Discuss the roles of stakeholders in the organization
to implement security audit recommendations.
D3: Evaluate the suitability of the tools used in an
organizational policy.
5. Reference
2
,3
, 4
QUALIFICATION: BTEC Level 4 Computing
YEAR: 2018-2019
PREPARED BY: SIDDHESH RAJE
REPORT and Presentation
ASSESSOR NAME:
SUBMITTED ON:
1
, Index
Serono Topic Page
No.
1. LO1: Assess risks to IT security
P1: Identify types of security risks to organization.
P2: Describe organizational security procedures.
M1: Propose a method to assess and treat IT security
risks.
2. LO2: Describe IT security solutions
P3: Identify the potential impact of IT security of
incorrect configuration of firewall policies and third-
party VPNs.
P4: Show, using an example for each, how implementing
a DMZ, static IP and NAT in a network security.
M2: Discuss three benefits to implement network
monitoring systems with supporting reasons.
LO1 & LO2 D1: Investigate how a ‘trusted network’ be
part of an IT security solution.
3. LO3: Review mechanisms to control organizational IT
security.
P5: Discuss risk assessment procedures.
P6: Explain data protection processes and regulations as
applicable to an organization.
M3: Summaries the ISO 31000 risk management
methodology and its application in IT security.
M4: Discuss possible impacts to organizational security
resulting from IT security audit.
D2: Consider how IT security can be aligned with
organizational policy, detailing the security impact of
any misalignment.
4. LO4: Manage organizational security.
P7: Design and implement a security policy for an
organization.
P8: List the main components of an organizational
disaster recovery plan, justifying the reason of
inclusions.
M5: Discuss the roles of stakeholders in the organization
to implement security audit recommendations.
D3: Evaluate the suitability of the tools used in an
organizational policy.
5. Reference
2
,3
, 4
