Higher National Certificate/Diploma in
I I I I
Computing
Assessment Brief I
Student IName/ID INumber Nawoda IDeshan IBalasooriya
M19941109004
Unit INumber Iand ITitle 5: ISecurity I
Academic IYear 2020
Unit ITutor Mr. IDhishan I IDammearachchi
Assignment ITitle Proposal Ito Ibuild Ia Inetwork Isecurity Isolution
Issue IDate 18/3/2020
Submission IDate 30/4/2020
IV IName I& IDate Mr. INimesh IPolwaththage
Submission IFormat
Submission Ifor Ithis Iassignment Ishould Ibe Iin Ithe Iform Iof I
A Iformal Ireport
Other Inecessary Idesigns I Irequested Iin Ithe Iassignment
You Iare Iexpected Ito Imake Iuse Iof Iappropriate Istructure I– Iincluding Iheadings, Iparagraphs,
Isubsections Iand Iillustrations. IAll Iwork Imust Ibe Isupported Iwith Iresearch Iand Ireferenced Iusing Ithe
IHarvard IReferencing ISystem.
Unit ILearning IOutcomes
LO1. Assess Irisks Ito IIT Isecurity.
LO2. Describe IIT Isecurity Isolutions..
LO3. Review Imechanisms Ito Icontrol Iorganisational IIT Isecurity.. I
LO4. Manage Iorganisational Isecurity
Assignment IBrief Iand IGuidance
XYZ I(Pvt) ILtd Iis Ia Ibank Iwhich Ihas Iten I(10) Ibranches. IOut Iof Iit Isix I(06) Iare Ilocated Iin ISri ILanka
Iand Ithe Irest Iin IIndia, IPakistan, INepal, Iand IBangladesh. IThe Ibank Ihas Ibeen Iformed Ifor Ifive I(05)
,Iyears Iand Iis Ilooking Iforward Ito Iapply Iand Igetting Iapproved Iwith Ithe IISO IStandard. I
You Iare Ibeen Irecruited Ito Icater Ithe Ineeds Iin Iproducing Ia Iproposal Ito Iimprove Ithe Iexisting
Inetwork Ito Ia Isecure Inetwork Ifrom Ithe IInformation ITechnology Idepartment. I
NOTE I– IThe Istudent Ican Icreate Itheir Iown Ivulnerable Inetwork Ias Ithe Iexisting Inetwork Iand Iwork
Ion Iachieving Ithe Itasks Iindicated Ibelow
Task I1 I(Covers ILO I1)
1.1 IProvide Ia Ireport Ito Ithe Imanagement Iwhich Ihighlights Ithe Iimportance Ito Isecured Inetwork Iof
Ithe Ibank
IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
1.2 IIndicate Ithe Iexisting Inetwork Iand Ithe Irisks Iassociated
1.3 IExplain Iwith Ia Idiagram Ithe Iproposed Inetwork
I
1.4 IExplain Iwith Ireasons Ithe Iareas Ithat Iwill Ibe Iimproved Iwith Inetwork Isecurity
Task I2 I I I(Covers ILO I2)
2.1 IDesign Ithe Iproject Iusing Iappropriate INetwork ISecurity IInfrastructure
2.2 IConsider Iusing INetwork IPerformance Iand IData ISecurity Iin Ithe IData ICentre Iand IData IRecovery
ICentre Ienvironments
Task I3 I I(Covers ILO I3)
3.1 IUse Iappropriate IISO IStandard Iwhen Ipreparing Ithe Idocumentation
3.2 IDiscuss Irisk Imanagement Iand Iintegrated Ienterprise Irisk Imanagement
3.3 IPropose Inew Icompany Iregulations Ithrough Isite Ior Isystem Iaccess Icriteria Ifor Ipersonnel Iand
Iphysical Isecurity
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 3
M19941109004
,Task I4 I I(Covers ILO I4)
4.1 IEvidence Iof Imanaging Iorganizational ISecurity Ithrough Ipolicies Iin Idifferent Ilayers
I(Strategic, Tactical, and Operational)
I I I
IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
4.2 Indicate reliable services over the service provider environment
I I I I I I I I
4.3 Evaluate the functionalities of the project
I I I I I I I
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 4
M19941109004
, Learning IOutcomes Iand IAssessment ICriteria
Pass Merit Distinction
LO1 IAssess Irisks Ito IIT Isecurity
P1 IIdentify Itypes Iof Isecurity Irisks M1 IPropose Ia Imethod Ito Iassess LO1 I& I2
Ito Iorganisations. Iand Itreat IIT Isecurity Irisks. D1 IInvestigate Ihow Ia I‘trusted
Inetwork’ Imay Ibe Ipart Iof Ian IIT
Isecurity Isolution.
P2 IDescribe Iorganisational Isecurity
Iprocedures.
LO2 IDescribe IIT Isecurity Isolutions
P3 IIdentify Ithe Ipotential Iimpact Ito M2 IDiscuss Ithree Ibenefits Ito
IIT Isecurity Iof Iincorrect Iimplement Inetwork Imonitoring
Iconfiguration Iof Ifirewall Ipolicies Isystems Iwith Isupporting
Iand Ithird-party IVPNs. Ireasons.
P4 IShow, Iusing Ian Iexample Ifor
Ieach, Ihow Iimplementing Ia IDMZ,
Istatic IIP Iand INAT Iin Ia Inetwork Ican
Iimprove INetwork ISecurity.
Learning IOutcomes Iand IAssessment ICriteria
Pass Merit Distinction
LO3 IReview Imechanisms Ito Icontrol Iorganisational IIT Isecurity
P5 IDiscuss Irisk Iassessment M3 ISummarise Ithe IISO I31000 D2 IConsider Ihow IIT Isecurity Ican
Iprocedures. Irisk Imanagement Imethodology Ibe Ialigned Iwith Iorganisational
Iand Iits Iapplication Iin IIT Isecurity. Ipolicy, Idetailing Ithe Isecurity
P6 IExplain Idata Iprotection Iimpact Iof Iany Imisalignment.
Iprocesses Iand Iregulations Ias M4 IDiscuss Ipossible Iimpacts Ito
Iapplicable Ito Ian Iorganisation. I Iorganisational Isecurity Iresulting
Ifrom Ian IIT Isecurity Iaudit.
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 5
M19941109004
I I I I
Computing
Assessment Brief I
Student IName/ID INumber Nawoda IDeshan IBalasooriya
M19941109004
Unit INumber Iand ITitle 5: ISecurity I
Academic IYear 2020
Unit ITutor Mr. IDhishan I IDammearachchi
Assignment ITitle Proposal Ito Ibuild Ia Inetwork Isecurity Isolution
Issue IDate 18/3/2020
Submission IDate 30/4/2020
IV IName I& IDate Mr. INimesh IPolwaththage
Submission IFormat
Submission Ifor Ithis Iassignment Ishould Ibe Iin Ithe Iform Iof I
A Iformal Ireport
Other Inecessary Idesigns I Irequested Iin Ithe Iassignment
You Iare Iexpected Ito Imake Iuse Iof Iappropriate Istructure I– Iincluding Iheadings, Iparagraphs,
Isubsections Iand Iillustrations. IAll Iwork Imust Ibe Isupported Iwith Iresearch Iand Ireferenced Iusing Ithe
IHarvard IReferencing ISystem.
Unit ILearning IOutcomes
LO1. Assess Irisks Ito IIT Isecurity.
LO2. Describe IIT Isecurity Isolutions..
LO3. Review Imechanisms Ito Icontrol Iorganisational IIT Isecurity.. I
LO4. Manage Iorganisational Isecurity
Assignment IBrief Iand IGuidance
XYZ I(Pvt) ILtd Iis Ia Ibank Iwhich Ihas Iten I(10) Ibranches. IOut Iof Iit Isix I(06) Iare Ilocated Iin ISri ILanka
Iand Ithe Irest Iin IIndia, IPakistan, INepal, Iand IBangladesh. IThe Ibank Ihas Ibeen Iformed Ifor Ifive I(05)
,Iyears Iand Iis Ilooking Iforward Ito Iapply Iand Igetting Iapproved Iwith Ithe IISO IStandard. I
You Iare Ibeen Irecruited Ito Icater Ithe Ineeds Iin Iproducing Ia Iproposal Ito Iimprove Ithe Iexisting
Inetwork Ito Ia Isecure Inetwork Ifrom Ithe IInformation ITechnology Idepartment. I
NOTE I– IThe Istudent Ican Icreate Itheir Iown Ivulnerable Inetwork Ias Ithe Iexisting Inetwork Iand Iwork
Ion Iachieving Ithe Itasks Iindicated Ibelow
Task I1 I(Covers ILO I1)
1.1 IProvide Ia Ireport Ito Ithe Imanagement Iwhich Ihighlights Ithe Iimportance Ito Isecured Inetwork Iof
Ithe Ibank
IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
1.2 IIndicate Ithe Iexisting Inetwork Iand Ithe Irisks Iassociated
1.3 IExplain Iwith Ia Idiagram Ithe Iproposed Inetwork
I
1.4 IExplain Iwith Ireasons Ithe Iareas Ithat Iwill Ibe Iimproved Iwith Inetwork Isecurity
Task I2 I I I(Covers ILO I2)
2.1 IDesign Ithe Iproject Iusing Iappropriate INetwork ISecurity IInfrastructure
2.2 IConsider Iusing INetwork IPerformance Iand IData ISecurity Iin Ithe IData ICentre Iand IData IRecovery
ICentre Ienvironments
Task I3 I I(Covers ILO I3)
3.1 IUse Iappropriate IISO IStandard Iwhen Ipreparing Ithe Idocumentation
3.2 IDiscuss Irisk Imanagement Iand Iintegrated Ienterprise Irisk Imanagement
3.3 IPropose Inew Icompany Iregulations Ithrough Isite Ior Isystem Iaccess Icriteria Ifor Ipersonnel Iand
Iphysical Isecurity
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 3
M19941109004
,Task I4 I I(Covers ILO I4)
4.1 IEvidence Iof Imanaging Iorganizational ISecurity Ithrough Ipolicies Iin Idifferent Ilayers
I(Strategic, Tactical, and Operational)
I I I
IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
4.2 Indicate reliable services over the service provider environment
I I I I I I I I
4.3 Evaluate the functionalities of the project
I I I I I I I
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 4
M19941109004
, Learning IOutcomes Iand IAssessment ICriteria
Pass Merit Distinction
LO1 IAssess Irisks Ito IIT Isecurity
P1 IIdentify Itypes Iof Isecurity Irisks M1 IPropose Ia Imethod Ito Iassess LO1 I& I2
Ito Iorganisations. Iand Itreat IIT Isecurity Irisks. D1 IInvestigate Ihow Ia I‘trusted
Inetwork’ Imay Ibe Ipart Iof Ian IIT
Isecurity Isolution.
P2 IDescribe Iorganisational Isecurity
Iprocedures.
LO2 IDescribe IIT Isecurity Isolutions
P3 IIdentify Ithe Ipotential Iimpact Ito M2 IDiscuss Ithree Ibenefits Ito
IIT Isecurity Iof Iincorrect Iimplement Inetwork Imonitoring
Iconfiguration Iof Ifirewall Ipolicies Isystems Iwith Isupporting
Iand Ithird-party IVPNs. Ireasons.
P4 IShow, Iusing Ian Iexample Ifor
Ieach, Ihow Iimplementing Ia IDMZ,
Istatic IIP Iand INAT Iin Ia Inetwork Ican
Iimprove INetwork ISecurity.
Learning IOutcomes Iand IAssessment ICriteria
Pass Merit Distinction
LO3 IReview Imechanisms Ito Icontrol Iorganisational IIT Isecurity
P5 IDiscuss Irisk Iassessment M3 ISummarise Ithe IISO I31000 D2 IConsider Ihow IIT Isecurity Ican
Iprocedures. Irisk Imanagement Imethodology Ibe Ialigned Iwith Iorganisational
Iand Iits Iapplication Iin IIT Isecurity. Ipolicy, Idetailing Ithe Isecurity
P6 IExplain Idata Iprotection Iimpact Iof Iany Imisalignment.
Iprocesses Iand Iregulations Ias M4 IDiscuss Ipossible Iimpacts Ito
Iapplicable Ito Ian Iorganisation. I Iorganisational Isecurity Iresulting
Ifrom Ian IIT Isecurity Iaudit.
HNC/HND IComputing
Nawoda IDeshan IBalasooriya 5
M19941109004
