Assessment Details: Ahic Date Source

Australian Harbour International College
RTO ID: 41338 CRICOS Provider Code: 03449J

ABN: 74 603 036 102
T: 02 9268 0085
E: admissions@ahic.edu.au
W: www.ahic.edu.au
A: Level 4, 114-120 Castlereagh Street
Sydney NSW 2000 Australia
Assessment Details
Qualification Code/Title ICT50415 Diploma of Information Technology Networking
Assessment Type Assessment -01 ( Project) Time allowed
Due Date Location AHIC Term / Year
Unit of Competency
National Code/Title ICTNWK503 Install and maintain valid authentication processes
Student Details
Student Name Student ID
Student Declaration: I declare that the work submitted is Signature: ____________________________

my own, and has not been copied or plagiarised from any Date:
person or source.
Assessor Details
Assessor’s Name
RESULTS (Please Circle) SATISFACTORY NOT SATISFACTORY
Feedback to student:
..................................................................................................................................................................................................
..................................................................................................................................................................................................
...............................................................................................................................................................................................
Assessor Declaration: I declare that I have conducted a fair,

Signature: valid, reliable and flexible assessment with this student, and I
_______________________________ have provided appropriate feedback.
Date: Signature:
________________________________________
Date: ______/_______/___________
AHIC Date Version

Source: 491715087.doc 21 Sep 2020 3.0 Page 1 of 18
ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Instructions to the Candidates

 This assessment is to be completed according to the instructions given below in this document.
 Should you not answer the tasks correctly, you will be given feedback on the results and gaps in knowledge.
You will be entitled to one (1) resubmit in showing your competence with this unit.
 If you are not sure about any aspect of this assessment, please ask for clarification from your assessor.
 Please refer to the College re-submission and re-sit policy for more information.
 If you have questions and other concerns that may affect your performance in the Assessment, please
inform the assessor immediately.
 Please read the Tasks carefully then complete all Tasks.
 To be deemed competent for this unit you must achieve a satisfactory result with tasks of this Assessment
along with a satisfactory result for another Assessment.
 This is an Open book assessment which you will do in your own time but complete in the time designated by
your assessor. Remember, that it must be your own work and if you use other sources then you must
reference these appropriately.
 Resources required completing the assessment tasks are Learner guide, PowerPoint presentation, Unit
Assessment Pack (UAP), Access to other learning materials such as textbooks, Access to a computer, the
Internet and word-processing system such as MS Word. In addition, Student Need following software to
perform all Practical Tasks.
 Oracle Virtual Box, Windows Server 2008 and Windows 7, Cisco Packet Tracer / Physical Cisco
Router and Switch
 Submitted document must follow the given criteria. Font must be Times New Roman, Font size need to be
12 and line spacing has to be Single line.
 This is Individual Assessments. Once you have completed the assessment, please upload the softcopy of the
Assessment into AHIC Moodle.
 Plagiarism is copying someone else’s work and submitting it as your own. Any Plagiarism will result in a mark
of Zero.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
PART A (Report Writing)

Nubex Pty Ltd is an Aged care centre located in a St James in a developing community. Nubex has been
established for many years, watching the area grow. The company is constantly looking for innovative ideas to
provide improved service and to increase security performance.
Currently, there are 30 Desktop computers with One Server. All of desktop computers has installed Windows 7
Operating System and Server has installed Windows Server 2008.
Hardware requirements for Server has been given below:
 Processor: 2 GHz (for x64 processors)
 RAM: 32 GB
 DVD-ROM drive
 Super VGA (800 x 600)
 Keyboard and mouse
 Internet access
Hardware requirement for Client machine has been given below:
 Processors: 1.70 GHz (for x64 processors)

 RAM: 8 GB
 DVD-R/W Drive
 Keyboard and mouse
 Intel ® Graphics Family
 Internet access.
The problem with current infrastructure is computer is very slow, No Group policy has not been configured, and
all of the users are using generic password
In this Regards, Nubex has requested you to do the following tasks:
 Identify the security requirements with reference to enterprise security plan

 Identify and analyse authentication options according to user and enterprise requirements
 Determine the required GPO based on Organisation
 Develop or obtain authentication protocols as required
 Develop and Deliver the Presentation Slides
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Identify the security requirements with reference to enterprise security plan
Each entity must have in place a security plan approved by the accountable authority to manage the entity's
security risks. The security plan details the:
a. security goals and strategic objectives of the entity, including how security risk management intersects with
and supports broader business objectives and priorities
b. threats, risks and vulnerabilities that impact the protection of an entity's people, information and assets
c. entity's tolerance to security risks
d. maturity of the entity's capability to manage security risks
e. entity's strategies to implement security risk management, maintain a positive risk culture and deliver against
the PSPF.
Where a single security plan is not practicable due to an entity's size or complexity of business, the accountable
authority may approve a strategic-level overarching security plan that addresses the core requirements.
Security plan
Entities develop a security plan to articulate how their security risks will be managed and how security aligns
with their priorities and objectives. Where a single security plan is not practicable due to the entity's size or
complexity of business, the Attorney-General's Department recommends developing an overarching security
plan supported by more detailed plans (referred to as supporting security plans).
Each entity's security plan will be different. The security plan reflects an entity's protective security
requirements and mitigation strategies appropriate to the levels of threat, risks to its assets and risk tolerances.
Entities are encouraged to use approaches that manage risks for the Australian Government and best meet their
operational environment.
Requirement 1 mandates security plans (and supporting security plans) are reviewed at least every two years. A
security plan is a 'living' document and requires review and adjustment to ensure the goals and management of
security risks keeps pace with changes in the entity and with emerging threats. This could include, for example, a
change in the National Terrorism Threat Level or an emerging threat that alters the entity's business impact
level. It is recommended the security plan also be reviewed when there are significant shifts in the entity's risk
or operating environment.
Entities determine how the review of the security plan (and supporting security plans) is conducted. Security
plans may be reviewed by the CSO or appointed security advisor, an external security consultant or through a
security governance oversight committee for larger or more complex business operations.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Security plans are best developed by a person who also has an understanding of the entity's strategic goals and
objectives and the appropriate level of security risk management knowledge and expertise.
Entities are encouraged to make the security plan (and supporting security plans) available across the entity,
particularly for those with obligations or responsibilities identified in the plan, helps to build a positive security
culture based on a common understanding of security.
Identify and analyse authentication options according to user and enterprise requirements
Authentication Options
Computer/network security hinges on two very simple goals:
1.Keeping unauthorized persons from gaining access to resources

2.Ensuring that authorized persons can access the resources they need
There are a number of components involved in accomplishing these objectives. One way is to assign access
permissions to resources that specify which users can or cannot access those resources and under what
circumstances.
Access permissions, however, work only if you are able to verify the identity of the user who is attempting to
access the resources. That’s where authentication comes in. We will look at the role played by authentication in
a network security plan, popular types of authentication, how authentication works, and the most commonly
used authentication methods and protocols.
Authentication and security

Authentication is an absolutely essential element of a typical security model. It is the process of confirming the
identification of a user (or in some cases, a machine) that is trying to log on or access resources. There are a
number of different authentication mechanisms, but all serve this same purpose.
Every organisations have different core infrastructure, and along with that, different requirements for
authenticating against their IT Systems.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
The following can be effective for the Nubex Ltd.
Active Directory Single Sign-On
Single Sign-On, using your Active Directory credentials, is available for Windows PCs joined to the domain. When
used, users are automatically authenticated to Active Directory and the Passwordstate web site, without the
need for them to specify their username and password.
One-Time Password Tokens
Based on either the TOTP (Time-Based) or HOTP (Counter-Based) algorithms, you can use either hardware or
software tokens for additional two-factor authentication. Can be used with most authentication services which
support TOTP and HOTP, like Microsoft Azure MFA.
Duo Two-Factor Authentication
Make use of the leading cloud-based two-factor authentication solution, and choose Duo Security's
Authentication - either Push, SMS or Phone Call
Google Authenticator
Google provides a free two-factor authentication solution called Google Authenticator, with authentication
software available for most mobile clients
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Determine the required GPO based on Organisation
1. Moderating Access to Control Panel
Setting limits on a computers’ Control Panel creates a safer business environment. Through Control Panel, you
can control all aspects of your computer. So, by moderating who has access to the computer, you can keep data
and other resources safe.
2. Restrict Software Installations
When you give users the freedom to install software, they may install unwanted apps that compromise your
system. System admins will usually have to routinely do maintenance and cleaning of such systems. To be on the
safe side, it’s advisable to prevent software installations through Group Policy,
3. Disallow Removable Media Drives, DVDs, CDs, and Floppy Drives
Removable media drives are very prone to infection, and they may also contain a virus or malware. If a user
plugs an infected drive to a network computer, it can affect the entire network. Similarly, DVDs, CDs and Floppy
Drives are prone to infection.
4. Control Access to Command Prompt
Command Prompts can be used to run commands that give high-level access to users and evade other
restrictions on the system. So, to ensure system resources’ security, it’s wise to disable Command Prompt.
After you have disabled Command Prompt and someone tries to open a command window, the system will
display a message stating that some settings are preventing this action.
5. Disable Forced System Restarts
Forced system restarts are common. For example, you may face a situation where you were working on your
computer and Windows displays a message stating that your system needs to restart because of a security
update.
In many cases, if you fail to notice the message or take some time to respond, the computer restarts
automatically, and you lose important, unsaved work.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Develop or obtain authentication protocols as required
1. Kerberos
Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server
applications by using secret-key cryptography. A free implementation of this protocol is available from the
Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.
2. Oauth 2
OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an
HTTP service, such as Facebook, GitHub, and DigitalOcean.
3. RADIUS
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized
Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a
network service.
Develop and Deliver the Presentation Slides
See AHI00003A0_ASSESSMENT1_POWERPOINT.ppt file
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
PART B (Practical Demonstration)
Required Software:
- Oracle Virtual Box

- Windows Server 2008
- Windows 7
Student must perform the following Tasks in Class:
Task 1:
Make sure that Windows 2008 server and Windows 7 in virtual machine is working in your PC. Logon as
administrator to begin.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 2:
Change the TCP/IP properties of the network card to use a static class C IP address of 192.168.10. xx.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 3:
Install active directory with ahic.com as domain name. Make sure that you add Windows 7 in a domain.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 4:
Set up password policy as password complexity disabled and minimum password length zero in Windows 2008
Server. Update password policy. Which command did you use?
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 5:
Create two new users. One is John Black and the other is Teresa Green using simple password such as ahic1234
User:
John Black
User:
Teresa Green
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Create a network folder called test and allow John full permission and deny access to Teresa.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 6:
AHIC has three Organizational units under domain such as IT and Marketing and Admin. As a Network
administrator you need to format the system for Admin department by this weekend. Make a group
policy that when the users of IT department log on the System they will get the Message that “C Drive
will be formatted soon. Please take a backup in other drive”.
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Task 7:
Make a GPO that user can’t access the Control Panel
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
REFERENCES
1. https://www.protectivesecurity.gov.au/governance/security-planning-risk-
management/Pages/default.aspx
2. https://www.clickstudios.com.au/about/authentication-options.aspx
3. https://www.techrepublic.com/article/understanding-and-selecting-authentication-methods/
4. https://www.lepide.com/blog/top-10-most-important-group-policy-settings-for-preventing-security-
breaches/
5. https://www.getkisi.com/blog/authentication-protocols-overview
AHIC Date Version

ABN: 74 603 036 102
T: 02 9268 0085
W: www.ahic.edu.au
Submission Requirements:
PART A:
 Written Report ( Approximately 800 Words)
 Presentation Slide ( at least 10 slides)
PART B:
Screen Shot of all practical tasks (Task 1 – Task 7) and paste in Microsoft Words
AHIC Date Version


Assessment Details: Ahic Date Source

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Assessment Details: Ahic Date Source

Uploaded by

Copyright:

Available Formats

Australian Harbour International College

RTO ID: 41338 CRICOS Provider Code: 03449J

Student Declaration: I declare that the work submitted is Signature: ____________________________

Assessor Declaration: I declare that I have conducted a fair,

AHIC Date Version

Instructions to the Candidates

AHIC Date Version

PART A (Report Writing)

Hardware requirement for Client machine has been given below:

 Processors: 1.70 GHz (for x64 processors)

 Identify the security requirements with reference to enterprise security plan

AHIC Date Version

Identify the security requirements with reference to enterprise security plan

AHIC Date Version

Computer/network security hinges on two very simple goals:

1.Keeping unauthorized persons from gaining access to resources

Authentication and security

AHIC Date Version

The following can be effective for the Nubex Ltd.

Active Directory Single Sign-On

One-Time Password Tokens

Duo Two-Factor Authentication

AHIC Date Version

Determine the required GPO based on Organisation

1. Moderating Access to Control Panel

2. Restrict Software Installations

3. Disallow Removable Media Drives, DVDs, CDs, and Floppy Drives

4. Control Access to Command Prompt

5. Disable Forced System Restarts

AHIC Date Version

Develop or obtain authentication protocols as required

Develop and Deliver the Presentation Slides

See AHI00003A0_ASSESSMENT1_POWERPOINT.ppt file

AHIC Date Version

PART B (Practical Demonstration)

- Oracle Virtual Box

Student must perform the following Tasks in Class:

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

AHIC Date Version

You might also like