Professional Documents
Culture Documents
PRACTICAL
ASSESSMENT.
n
Hocine
ou
Introduction to computer work
Sahnoun
function
hn
Sa
e
in
oc
H
Contents
1. Introduction 2
2. OBJECTIVES 2
3. ALLOCATED TIME 2
4. REQUIRED MATERIAL 2
5. ASSESSMENT SPECIFICATIONS INSTRUCTIONS 2
5.1 Enforce Password Settings 2
n
5.1.1 Configure password settings so that the user must: 2
ou
5.1.2 Configure the account lockout policy to: 2
5.2 Subscribe to an RSS Feed 3
5.3 Basic JavaScript 3
5.4 Research Privacy Issues 5
hn
5.5 Research Information Security 5
6. MARKING SCHEME 5
6.2 Assessment components 5
Sa
7. Penalties 6
e
in
oc
H
In this Practical assessment you will perform a number of tasks to demonstrate your
understanding of the module Computing Careers & Disciplines course.
2. OBJECTIVES
- Enforce password settings
n
- Subscribe to RSS Feed
- Basic JavaScript
ou
- Research privacy issues
- Research Information Security
3. ALLOCATED TIME
10 to 15 hours have been allocated for the completion of this assessment.
4. REQUIRED MATERIAL
hn
You need a windows 10 machine to perform these tasks
Sa
5. ASSESSMENT SPECIFICATIONS INSTRUCTIONS
You have been asked to perform administrative tasks for a computer that is not a member of a
in
domain. To increase security and prevent unauthorized access to the computer, you need to
configure specific password and account lockout policies. In this exercise, your task is to use the
Local Security Policy to configure the following password and account lockout policies:
oc
o
o Keep the password for at least 7 days.
o Create a password at least 10 characters long.
o Create a password that meets complexity requirements such as
using uppercase letters, lowercase letters, numbers, or symbols.
n
While RSS feeds are not nearly as popular today as they were several years ago, they can still serve
a valuable purpose. Subscribing to an RSS feed is also a good exercise in learning about internet
ou
technology in general. In this activity, you'll use a feed reader to subscribe to an RSS feed. Do the
following:
1. Install an RSS feed reader of your choice. Free readers include Feedly, The Old Reader, and
hn
many more.
2. Use the feed reader you've installed to subscribe to an RSS feed of your choice. Examples
include news, weather, and government websites that regularly publish new content and
include RSS feeds for that content. For example, you could
use nasa.gov/content/nasa-rss-feeds to select from a number of different NASA feeds.
Sa
Some websites include the orange and white RSS logo to show that a feed is available.
3. After a few hours or perhaps a day or two, open your RSS feed reader again and check for
new content that has been published in the feed to which you've subscribed.
e
in
oc
H
TASK STEPS
n
Open an Online
ou
Open one of the following online JavaScript editors in your browser.
JavaScript Editor
▪ W3Schools
▪ jsfiddle.net
hn
▪ codepen.io
▪ Tutorials Point
Sa
Enter and Run Sample 1. Delete any contents in the left pane of the JavaScript editor.
Code 2. Enter the following code into the left pane.
3. <body>
4. <h1>My JavaScript Button</h1>
5.
6. <script>
e
7. function celebrate() {
8. alert("You are coding with
in
JavaScript!");
9. }
10. </script>
11.
12. <button onclick="celebrate()">Click
oc
me!</button>
13.</body>
14. Click the "Run Code" or "Preview" button at the top of the left
pane.
15. In the right pane, you will see a button that says "Click Here!".
H
Modify the Page Style 1. Enter the following code above the first line (<body>) that you
have previously entered.
2. <style>
3. body {
4. background-color: beige;
5. text-align: center;
Customize the Button 1. Enter the following code just before the line that
n
contains </style>.
2. button {
ou
3. text-align: right;
4. height: 60px;
5. width: 200px;
6. background-color: GoldenRod;
7. border-radius: 10px;
8. border-width: 3px;
hn
9. border-color: SaddleBrown;
10.}
11.
12.button:hover {
13. background-color: DeepPink;
14. cursor: pointer;
Sa
15.}
16. What changes do you see?
17. Try changing the different options to customize your button.
e
in
oc
H
1. Choose these online privacy issues (Anonymity. Merging clickstream data & personal
information. Personal contact information) that interests you. Possibilities include NSA data
collection, social media privacy, and Big Data.
2. Use Google Scholar (scholar.google.com) to identify a scholarly or academic article on your
n
chosen topic.
3. List these articles with the most updated version
ou
● A secure anonymous tracing fog-assisted method for the Internet of Robotic Things
● Mothers’ Perceptions of the Internet and Social Media as Sources of Parenting and Health
Information: Qualitative Study
● TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet
hn
of Drones Environment
years?
RedCross: In January 2022, hackers carried out an attack on servers hosting the personal
in
information of more than 500,000 people receiving services from the Red Cross and Red
Crescent Movement. The hacked servers contained data related to the organization’s
Restoring Family Links services, which works to reconnect people separated by war,
migration, and violence. The Red Cross took servers offline to stop this suspected attack by
oc
▪ Approximately how much money has each institution suffered in damages from each
attack?
RedCross: $4.35 million
Crypto.com: $33 milion
n
GiveSendGo: $7,9 million
ou
RedCross: The hackers made use of considerable resources to access our systems and used tactics
that most detection tools would not have picked up. The following information demonstrates the
sophisticated and targeted nature of the attack:
hn
▪ The attackers used a very specific set of advanced hacking tools designed for offensive
security. These tools are primarily used by advanced persistent threat* groups are not
available publicly and therefore out of reach to other actors.
▪ The attackers used sophisticated obfuscation techniques to hide and protect their malicious
Sa
programs. This requires a high level of skills only available to a limited number of actors.
▪ We determined the attack to be targeted because the attackers created a piece of code
designed purely for execution on the targeted ICRC servers. The tools used by the attacker
explicitly referred to a unique identifier on the targeted servers (its MAC address).
▪ The anti-malware tools we had installed on the targeted servers were active and did detect
and block some of the files used by the attackers. But most of the malicious files deployed
e
were specifically crafted to bypass our anti-malware solutions, and it was only when we
installed advanced endpoint detection and response (EDR) agents as part of our planned
in
Crypto.com: Bad actors are increasingly targeting decentralized finance (DeFi) protocols, which are
oc
uniquely vulnerable to hacking, according to the report. DeFi programs are the underlying blockchain
technology that enable financial transactions to occur outside of traditional banks. These programs
primarily utilize the Ethereum blockchain. DeFi programs are public and use open-source code, which
can be helpful because it typically allows for security issues to be discovered and fixed quickly.
H
However, since open-source code is available for anyone to review, cybercriminals are able to
extensively study the code and find vulnerabilities that can be exploited and used to steal crypto
funds, according to the report.
GiveSendGo: Users who tried to access GiveSendGo.com on Sunday night were immediately rerouted
to the domain GiveSendGone.wtf. There, a video of the Disney movie Frozen began playing, with a
scrolling message addressing "GiveSendGo grifters and hatriots." A link to the hacked donor data
appeared below the video.
n
● Developing cyber security policies.
● Conducting a security risk assessment.
ou
● Hiring a virtual CISO service.
● Performing vulnerability assessments.
● Conducting employee phishing campaigns.
● Implementing security awareness training.
6. MARKING SCHEME
6.1Assessment components hn
Sa
Enforce password settings (20 points)
e
Penalties
Total
n
ou
hn
Sa
e
in
oc
H