Project assessment: Cyber security service proposal
Unit code, name and release number
VU21990 Recognise the need for cyber security in an organisation
Qualification/Course code, name and release number
901-00011V01 State of Attainment in Digital Security Basics
• This assessment is my original work and no part of it has been copied from any other source except where due acknowledgement is made.
• No part of this assessment has been written for me by any other person except where such collaboration has been authorised by the assessor concerned.
• I understand that plagiarism is the presentation of the work, idea or creation of another person as though it is your own. Plagiarism occurs when the origin of the material used is not appropriately cited. No part of this assessment is plagiarised.
Student signature and Date
Date created: 18 December 2018
Date modified: 29 April 2020
For queries, please contact:
Technology and Business Services SkillsPoint
© 2020 TAFE NSW, Sydney
RTO Provider Number 90003 | CRICOS Provider Code: 00591E
This assessment can be found in the: Learning Bank
The contents in this document is copyright © TAFE NSW 2020, and should not be reproduced without the permission of the TAFE NSW. Information contained in this document is correct at time of printing: 8 May 2020. For current information please refer to our website or your teacher as appropriate.
Table 1 Assessment instructions
Assessment details Instructions
Assessment overview The objective of this assessment is to assess your knowledge and performance to define a cyber security framework for an organisation and identify the need for cyber security.
Assessment Event number 1 of 3
Instructions for this assessment This is a project-based assessment and will be assessing you on your knowledge and performance of the unit.
This assessment is in two parts and includes an Assessment feedback form:
1. Service proposal report
2. Assessment checklist.
3. Assessment feedback
Submission instructions On completion of this assessment, you are required to upload it for marking.
Ensure you have added your name in the footer of each file. Save your files with the event name and your own name, for example: Event1_john_smith.
Submit the following documents for each part:
• Part 1
o Cyber security service proposal report.
It is important that you keep a copy of all electronic and hardcopy assessments submitted to TAFE and complete the assessment declaration when submitting the assessment.
Check Assessment checklist to ensure that you’ve covered all the required tasks.
What do I need to do to achieve a satisfactory result? To achieve a satisfactory result for this assessment all questions must be answered correctly.
What do I need to provide? • USB drive or other storage method to save work to
• A personal computer with internet access
What will the assessor provide? Access to this assessment and relevant online documents will be provided in the online learning platform.
Due date and time allowed Part 1: 2 hours
Assessment feedback, review or appeals Appeals are addressed in accordance with Every Student’s Guide to Assessment.
Specific task instructions
You are required to write a cyber security service proposal based on this scenario.
Part 1: Service proposal report
Using the DataTrust report template, write a cyber security service proposal based on the scenario (less than 50 words).
Your report must address the following headings and content:
Outline the concept of information security and why it’s important to care about it, by addressing the following:
1. Definition: Write a definition of information security.
2. Protecting identity and data: Explain the importance of protecting your personal online identity and data.
3. Protecting organisational data: Explain the importance of protecting the organisation's data.
4. Cyber security professionals: Explain why cyber security professionals are necessary.
Explain what cyber threats are and list potential threat sources, as follows:
1. Cyber threats: Define the concept of cyber threat.
2. Organisational threats: List and describe at least three potential threat sources for an organisation.
Explain the concept of risk, as follows:
1. Relationships, risks, and strategies: Identify and discuss:
o the relationship between data, networks, users and applications within an organisation.
o meaning of risk and risk mitigation
2. Physical security: Describe the security of physical infrastructure, such as computers in an office building or at your workplace if any: (if you can’t get information about any office building or workplace then consider general physical security)
o the threats and risks to these resources
o the mitigation strategies that could be implemented
3. Identity and access management: Describe:
o identity and access management (IAM) systems
o how these systems work, for example, lock and key analogy
o why it's important to have these in place
Part 2: Assessment checklist
The following checklist will be used by an assessor to mark your performance against the assessment criteria of your submitted project. Use this checklist to understand what skills and/or knowledge you need to demonstrate in your submission. All the criteria described in the Assessment Checklist must be met. The assessor may ask questions if appropriate directly after the task/activity has been submitted/completed.
TASK/STEP # Instructions S U/S Assessor Comments
Part 1.1 Report is submitted as a typed document in the supplied DataTrust report template.
Writes a definition of information security.
Gives appropriate reasons to protect personal online identity and data.
Gives appropriate reasons to protect an organisation’s data.
Gives appropriate reasons for the need of cyber security professionals.
Part 1.2 Writes a definition of the concept of cyber threat.
Describes three potential threat sources for an organisation.
Part 1.3 Describes the risks and relationship between data, networks, users and applications within an organisation.
Identifies and evaluates the security of an organisation’s physical infrastructure.
Writes an overview of identity and access management (IAM) systems, including their importance and how they work.
NOTE: Your assessor will give you feedback via the online learning platform. For manual feedback, this section must have the assessor’s signature and the student’s signature
? Was the assessment event successfully completed?
? If no, was the resubmission/re-assessment successfully completed?
? Was reasonable adjustment in place for this assessment event?
If yes, ensure it is detailed on the assessment document.
Assessor name, signature and date:
Student acknowledgement of assessment outcome
Would you like to make any comments about this assessment?
Student name, signature and date
NOTE: Make sure you have written your name in the footer so it appears at the bottom of each page of your submission before attaching the cover sheet and submitting for marking.