Crown Institute of Business and Technology Pty Ltd ABN 86 116 018 412 National Provider No: 91371

CRICOS Provider Code: 02870D

North Sydney Campus: 116 Pacific Highway North Sydney NSW 2060 P 02 9955 0488 F 02 9955 3888
Sydney CBD Campus: Level 5, 303 Pitt St Sydney NSW 2000 P 02 8959 6340 F 02 9955 3888
Sydney CBD Campus: Level 11, 307 Pitt St Sydney NSW 2000 P 02 8034 6431
Canberra Campus: Suite 1, Level 4, 40 Cameron Avenue, Belconnen, ACT 2617 P 02 6253 5184

Security Plan (300-400 words)

Purpose of the plan

In accordance with the provided security strategy, RTO requirements will be verified, hardware and
software will be gathered, and the internet service provider will examine firewall and site blocking
methods with you. It focuses on making sure the new lab is secure and assessing the student's capacity to
plan and put in place appropriate security measures.

Target audience and scope of the plan

Target Audience: The network support officer (James), IT manager (Ben), and internet service provider
(classmate) are the intended recipients of the security strategy.

Scope of the Plan: Confirming RTO specifications, gathering pertinent hardware and software, and
assessing security precautions like firewall and site blocking are all included in the plan. It seeks to
evaluate the student's capacity to complete the assessment's objectives as well as the security of the new
lab.

Security objectives

1
‘Template 5’ pertaining to Activity 2 in Part B of task 2.
 Crown Institute of Business and Technology Pty Ltd ABN 86 116 018 412 National Provider No: 91371 CRICOS Provider Code: 02870D
North Sydney Campus: 116 Pacific Highway North Sydney NSW 2060 P 02 9955 0488 F 02 9955 3888
Sydney CBD Campus: Level 5, 303 Pitt St Sydney NSW 2000 P 02 8959 6340 F 02 9955 3888
Sydney CBD Campus: Level 11, 307 Pitt St Sydney NSW 2000 P 02 8034 6431
Canberra Campus: Suite 1, Level 4, 40 Cameron Avenue, Belconnen, ACT 2617 P 02 6253 5184

The plan's security goals include securing the new lab setting, safeguarding sensitive information
and resources, preventing unauthorized access and intrusion, guaranteeing the accuracy and
confidentiality of data, and putting in place strong security measures like firewalls and site
blocking.

Internet gateway options.

Utilizing a dedicated hardware firewall, a software-based firewall, or a cloud-based firewall service are all
choices for internet gateways. By keeping an eye on and managing incoming and outgoing traffic,
guarding against threats, and enforcing security policies, each solution offers network security.

Authority and access control policy

According to an individual's tasks and responsibilities, permissions and privileges can be granted to them
in accordance with the authority and access control policy's rules and guidelines. To ensure that only
people with permission can access resources and data, it sets procedures for user identification, password
management, and access limitations.

Operations to be performed

2
‘Template 5’ pertaining to Activity 2 in Part B of task 2.
 Crown Institute of Business and Technology Pty Ltd ABN 86 116 018 412 National Provider No: 91371 CRICOS Provider Code: 02870D
North Sydney Campus: 116 Pacific Highway North Sydney NSW 2060 P 02 9955 0488 F 02 9955 3888
Sydney CBD Campus: Level 5, 303 Pitt St Sydney NSW 2000 P 02 8959 6340 F 02 9955 3888
Sydney CBD Campus: Level 11, 307 Pitt St Sydney NSW 2000 P 02 8034 6431
Canberra Campus: Suite 1, Level 4, 40 Cameron Avenue, Belconnen, ACT 2617 P 02 6253 5184

RTO requirements must be confirmed and validated, hardware and software must be gathered, security
measures must be reviewed, the provided hardware and software must be installed and configured, and
coordination with the internet service provider for firewall and site blocking configurations must be
made.

Security awareness and behavior

Promoting a culture of security inside a company, teaching staff members about potential dangers, best
practices, and their roles in safeguarding sensitive information are all parts of security awareness and
behavior. It highlights how crucial it is to adhere to security procedures, be cautious when handling data,
and instantly report any suspicious behavior or occurrences.

Responsibilities, rights, and duties of personnel

3
‘Template 5’ pertaining to Activity 2 in Part B of task 2.
 Crown Institute of Business and Technology Pty Ltd ABN 86 116 018 412 National Provider No: 91371 CRICOS Provider Code: 02870D
North Sydney Campus: 116 Pacific Highway North Sydney NSW 2060 P 02 9955 0488 F 02 9955 3888
Sydney CBD Campus: Level 5, 303 Pitt St Sydney NSW 2000 P 02 8959 6340 F 02 9955 3888
Sydney CBD Campus: Level 11, 307 Pitt St Sydney NSW 2000 P 02 8034 6431
Canberra Campus: Suite 1, Level 4, 40 Cameron Avenue, Belconnen, ACT 2617 P 02 6253 5184

Respecting security rules and procedures, safeguarding confidential data, disclosing security incidents,
taking part in security awareness and training programs, and using resources responsibly are all part of
personnel's rights, responsibilities, and obligations. They are entitled to use the tools and knowledge they
need to carry out their assigned jobs safely.

4
‘Template 5’ pertaining to Activity 2 in Part B of task 2.