Reference no: EM132311247
Assessment Task – Portfolio of Evidence
The Case Study
Company Name: Anzac Airport
Anzac Airport is a small private airport which provides passenger and freight services for local clients and businesses. Anzac Airport must be compliant with all commonwealth and state laws and regulations regarding airport facilities and operations.
The organizational structure of Anzac Airport consists of three departments which support five areas of operational activity: Administration, Information and Technology, Security, Finance, and Airport Operations.
The Information Technology team is under the Information and Technology department. They currently spend 80% to 90% of their time dealing with a constant stream of desktop support issues.
2017 IT Budget
Staff salaries and professional development $200,000
Hardware purchases $120,000
Software Purchases $100,000
Responsibilities of the Information Technology department
Internet access
Wi-Fi
Voice over IP
Local Area Networks
Desktop computers in administration offices
video conference facilities
corporate information systems: Payroll, Email, Personnel, Records management
Current Configuration:
There are no servers, only peer-to-peer networks
Wired LAN is 10/100 Ethernet with an ad-hoc topology
The storage of files on staff computers is unstable and unreliable
The desktop computers in the admin areas have several different operating systems installed
The company pays an Internet service provider to host web services
Staff members use email rarely; all mailboxes are at internet sites such as gmail
The internet works for admin staff only. WiFi is used by IT staff only
One member of the IT team has been experimenting with VOIP but no implementation yet
Assessment 1 Task 1 –
Build a prototype server in a server configurator, research a selected resource from the vendor web site, draw and label top and back view of a server.
In preparation for task 1, you will need to:
Research physical servers
Examine physical servers in the networking lab
Practice building a server on a vendor server configuration web site
For this task students are required to complete and document the following activities:
1. Produce a report from a vendor configurator with specifications for a server that meets requirements for the case study company. Your server design should be for the primary Administration server for the case study network. The specifications should align to the business requirements. The report specifications must address:
a. Processor type
b. Disk capacity
c. Memory
d. Network interfaces
2. Review an article from the vendor configurator web site:
a. Name the article
b. Provide a brief description
c. Discuss how this article is helpful in designing a server
3. Design and draw a server (top and back) showing all of the required components
a. Motherboard
b. Disk drives
c. Memory
d. SCSI
e. Power supply
f. Fans
g. I/O ports
h. Network interface
Assessment 1 task 2 - Final draft of an action plan based on the business requirements for the case study company
In preparation for task 2 students will need to:
Analyse the case study document with your team and discuss how you will design and deploy servers in the new network.
Prepare a gap analysis between the existing condition of the case study company (Current IT Infrastructure) and the future specifications (Business Needs, and Technical Requirements).
Review a range of task scheduling utilities for this activity
For task 2 students are required to complete the following activities:
1. Produce a gap analysis document for the case study company
2. Use a task scheduling utility (MS Project or Excel) to produce an action plan which can be used in preparation for a server network design. The checklist must address the following questions:
a. How many servers and workstations?
b. What types of servers and which servers will do which tasks?
c. What installation media will be used?
d. What operating systems will they use?
e. How will you patch the operating system?
f. How will you configure update services?
g. How will you configure security?
3. For each of the following services and applications, indicate how they will be activated, and
a. which server will be used:
b. Network services
DHCP
DNS
Active Directory
c. File services
File sharing
File and folder protection
d. Applications
Email server
Web server
FTP
e. Security
Authentication
file permissions
firewall
Assessment 1 task 3 - Installation of server operating systems
Your teacher will allocate access to physical and/or virtual technology to complete the remaining practical tasks. You will be directed as to how virtual servers will be created and maintained.
If you are an on-line student you will need to arrange access to technology to complete this assessment.
Some suggestions:
1. Download free – Oracle Virtual Box and install on your PC
2. Create virtual machines to complete the operating system requirements
3. Download free - trial of Windows Server OS
4. Use “scenario descriptions” to complete some activities i.e. describe in text what you would expect to occur
In preparation for task 3 students will need to:
Review design action plan from task 2 for creating servers in a virtual environment
Your checklist should specify how many servers you need and what operating systems should be installed on them.
Access the virtual environment (Virtual Box or VMWare or Citrix Xen)
For task 3 students are required to complete the following activities:
1. Compose a procedure to show how you will back up system files and data prior to new server installation
2. Create the virtual servers
3. Install the operating systems
4. Logon to each server to confirm installation and test admin accounts
When you encounter problems with installation you may need to use various tools including the operating system rescue environment, help and support utilities, performance monitoring tools, and tuning options. Take the time to understand how these tools should be used, and use them to solve installation and start-up problems, and to optimise the operating system for practical use in the case study company.
This is a practical activity therefore there are no documents to submit. The completed work must be observed by your teacher or tutor to show that the following requirements have been met:
a. A backup plan has been devised to show how existing system files and data will be secured
b. Create multi-platform virtual servers in a hypervisor
c. Install incompatible operating systems into a virtual server
d. Logon to servers to confirm installation and test admin accounts
e. install and configure the server according to the produced design
f. Install an integrated server solution according to the produced design
Assessment 1 task 4 - Configuration of server applications and processes
In preparation for task 4 students will need to:
Review design action plan from task 2 for creating servers in a virtual environment
Your action plan will specify how the servers should be configured
For task 4 students are required to complete the following activities:
Configure the following services according to your action plan. :
1. Network services
a. DHCP
b. DNS
c. Active Directory
2. File services
a. File sharing
b. File and folder protection
3. Applications
a. Email server (third party email server)
b. Web server
c. FTP
4. Security
a. Authentication
b. file permissions
c. firewall
This is a practical activity therefore there are no documents to submit. The completed work must be observed by your teacher or tutor to show that the following requirements have been met:
a. Configure DHCP services to deploy IP address is the extended network
b. Configure DNS services to resolve IP addresses in the extended network
c. Configure directory services to manage network resources and authentication across the extended network
d. Configure file services to provide access and security across the extended network
e. Configure email and web services for access from multi-platform devices
f. Activate and configure authentication, file permissions and firewall protection across the extended network
g. Configure single sign-on authentication across the extended network
Assessment 1 task 5 - Testing of integrated servers and services
In preparation for task 5 students will need to:
Review design action plan from task 2 to determine testing requirements
Access and login to both servers
For task 5 students are required to complete the following activities:
1. Develop a test plan to address the following: (this should be based on the template in the Learner Guide)
a. Connectivity
b. Performance
c. availability
2. Test connectivity of integrated servers
a. Ping configured network destinations
b. Access files and folders
c. Access other devices
3. Test performance for each server
a. Test connection times
b. Test upload and download times
c. Test with multiple users
4. Test system and data availability
a. Users and groups
b. Test integrated authentication
c. Test permissions on users and groups
d. Can data be accessed as expected?
e. Test integrated data access
f. Can connections be made as expected?
This is a practical activity therefore there are no documents to submit. The completed work must be observed by your teacher or tutor to show that the following requirements have been met:
1. Test connectivity of integrated servers
2. Test performance indicators for each server in the extended network
3. Test availability for users and groups based on file permissions
4. Test file data access across the integrated network
5. Test web page access across the integrated network
6. Test single sign-on authentication across the extended network
Assessment 1 task 6 – Troubleshooting and site related issues
Task 6 is the final stage of the server deployment. This is essentially an extension of task 5 (testing), and is intended to familiarize you with the process of testing and troubleshooting followed by more testing and troubleshooting until all tests consistently produce the expected results without anomalies. Task 6 also addresses site related issues such as OHS, consultation, and site access.
In preparation for task 6 students will need to:
Refer to action plan from task 2 to confirm that your test plan addresses the original business requirements
Refer to the test plan from task 5 to make sure that all necessary tests are done until all problems have been resolved.
For task 6 students are required to complete the following activities:
1. Apply troubleshooting tools and techniques including network diagnostic utilities, and problem solving methods:
a. Examine the evidence
b. Use a process of elimination
c. Use known good components
d. Consider the usual suspects
e. Beware of problems with multiple causes
2. Test each component multiple times under different conditions to identify hidden anomalies. For example:
a. Does your DHCP service deploy dynamic address to hosts and static addresses to the Servers?
b. Are file resources accessible to allowed users but inaccessible to disallowed users?
c. Does your firewall scan email attachments as well as files in the file system?
d. Does Active Directory have user objects for all users and groups, and computer objects for computers?
e. Is there a secondary DNS service running for redundancy?
f. Have you tested it?
g. Have you assumed the role of a hacker when testing security settings?
h. Update the test plan to reflect configuration changes and additional tests that have been made.
i. Formalize the test plan into a report that shows:
a. server configuration
b. operational changes
c. current server status
3. Address site conditions and consultation requirements.
4. Draft an email to key stakeholders requesting feedback on requirements for the server and requesting signoff to proceed with server installation.
5. Compose a risk assessment focusing on OHS considerations
a. Electricity hazards
b. Lifting hazards
c. Cabling and furniture hazards
6. Draft an email which addresses the following issues
a. to assure access to the site
b. to notify key stakeholders of the downtime
c. to ensure the task is coordinated effectively with others involved at the worksite
d. clean-up and restoration of worksite to client’s satisfaction
e. Prepare an agenda and conduct a meeting to address the following issues (each of these items must be on your agenda). Notify your teacher or tutor when the meeting begins as they will attend.
Each student must participate in the meeting discussion to demonstrate an understanding of the subject matter. You will be expect to participate in the discussion by listening, observing, and questioning to clarify and revise your understanding. You should be able to communicate clearly using appropriate technical language.
i. business problems and opportunities
ii. scope, objectives and budget
iii. confirming details with appropriate person
iv. how the project should be managed i.e. formal project management software etc.
v. assessment of project risks
vi. ergonomic and OHS assessment with risk assessment
This is a practical activity therefore there are no documents to submit. The completed work must be observed by your teacher or tutor to show that all testing and troubleshooting tasks are completed.
a. Apply troubleshooting tools and techniques including network diagnostic utilities, and problem solving methods
b. Test each component multiple times under different conditions to identify hidden anomalies
c. Update the test plan to reflect configuration changes and additional tests that have been made.
Assessment 1 Task 7 Research and Presentation
The Case Study
Anzac Airport Expansion
The CEO of Anzac Airport Corporation, Eddie Wallace has called a meeting with the IT department to discuss the planned expansion to the airport services.
He has been informed by the board of directors that they will be leasing half of the airport to AussieAir and they will be requiring major changes to the IT infrastructure over the next few months for when AussieAir moves in.
AussieAir will have its own booking systems but will be paying for access to our maintenance schedules, baggage handling systems and flight timetabling.
Eddie: I told the board this posed a huge security risk both with granting physical access to areas that house sensitive information and also as we would need to give access to our new servers and data bases.
We will need to set up a lot of security with authentication separating off areas of the servers that they can and cant access. Plus have some type of physical security on areas that are out of bounds. At present all the information we would have to share resides in a subdomain of Anzac Airport called services.Anzac.local and that I wouldn’t sign off on anything until I had our IT department give me all the options.
Part 1 – Write a report (using the template supplied)
Mapping K1- K9
In preparation for task 1, you will need to research the following:
Identify and analyse authentication options and recommend
In general terms please explain the function and operation of VPN and why it is used.
Describe authentication adaptors Adapters (Adapters are like chunks of code) and explain how they are used.
Summarise biometric authentication adaptors
Summarise in two paragraphs digital certificates, such as VeriSign, X.509, and SSL
In 200 words or less per bullet point explain the function and operation of authentication controls including:
Explain how passwords work in Linux (Shadow File)
How are personal identification numbers (PINs) used?
Define smart cards
Outline some uses for biometric devices
List three authentication protocols
Outline network authentication services, such as Kerberos and NT LAN Manager (NTLM)
In 200 words or less per bullet point summarise the features of common password protocols, such as:
Research challenge handshake authentication protocol (CHAP)
What are challenge phrases?
Define password authentication protocol (PAP)
How is remote authentication dial-in user service (RADIUS) authentication used?
Describe the principles of security tokens.
Summarise the problems and challenges dealing with organisational authentication issues
Determine user and enterprise security requirements
Describe user attributes and user attribute set-up
Part 2: Presentation
Now that you have completed your report its time to create the presentation for Eddie so he can address the board and senior staff.
This presentation will discuss the Linux logon authentication system.
Include in this an explanation of the folder security policies (as shown below) and a form for feedback so that staff and administration so we can use this for monitoring and adjustment if required.
Assessment 1 Task 8 Server Integration and Testing
Scenario: Anzac Airport
Anzac Airport is a small private airport which provides passenger and freight services for local clients and businesses. Anzac Airport must be compliant with all commonwealth and state laws and regulations regarding airport facilities and operations.
The organizational structure of Anzac Airport consists of three departments which support five areas of operational activity: Administration, Information and Technology, Security, Finance, and Airport Operations.
The Information Technology team is under the Information and Technology department. They currently spend 80% to 90% of their time dealing with a constant stream of desktop support issues.
2017 IT Budget
Staff salaries and professional development……………………………$200,000
Hardware purchases ………………………………………………………$120,000
Software Purchases……………………………………………………… $100,000
Responsibilities of the Information Technology department
• Internet access
• Wi-Fi
• Voice over IP
• Local Area Networks
• Desktop computers in administration offices
• video conference facilities
• corporate information systems: Payroll, Email, Personnel, Records management
Current Configuration
• There are no servers, only peer-to-peer networks
• Wired LAN is 10/100 Ethernet with an ad-hoc topology
• The storage of files on staff computers is unstable and unreliable
• The desktop computers in the admin areas have several different operating systems installed
• All server and desktop operating systems are Microsoft distributions of various versions
• The company pays an Internet service provider to host web services
• Staff members use email rarely; all mailboxes are at internet sites such as gmail
• The internet works for admin staff only. WiFi is used by IT staff only
• One member of the IT team has been experimenting with VOIP but no implementation yet
Business Needs:
• The CEO is concerned that the old technology is costing them money and has decided that it is time to upgrade
• The IT Manager has stated that the company wants to introduce a Microsoft LAN for administration staff and customers
• Full wireless integration
• On-site web and email services
• Web services and network administration to run on a Intel/Linux server
• Directory services and email to run on an Intel/Microsoft server
• An additional $20,000 has been allocated for network improvements
• The IT team has been asked to devise a strategic plan for growth of the IT infrastructure
• The new IT infrastructure must be based on clearly defined business requirements
• The company wants to integrate Linux server technology into the new network
Technical Requirements:
• The clients are currently using a peer-to-peer network design which needs to be replaced by an up-to-date Ethernet client/server network
• Many staff members complain that the peer-to-peer network is too slow, the network needs to be more reliable
• The CEO has stated that she wants ‘State-of-the-art’ technology on every desk
• The company has purchased a new software package for running accounts receivable and accounts payable which needs to be made available to members of the Administration and Finance departments
• Error messages on desktop workstations suggest that memory and disk upgrades are needed
• All Microsoft operating systems on both servers and workstations need to be upgraded to current versions
• Linux servers are to be introduced into the network and fully integrated so that Microsoft and Linux systems can share disk resources
• Single-sign on authentication must be configured so that anyone logging on to the network will be able to access both Microsoft and Linux resources
Company Policies:
1. Anzac Airport’s commitment to professionalism, ethical practices, equity and social accountability implies a duty of care in relation to the use of information resources. Finite resources are applied to information facilities, and their use for business purposes must not be diminished by use for other purposes. Anzac Airport also values its reputation, including that which is conveyed on information networks.
Therefore we are committed to procedures which:
a. monitor the quality of information on computer networks
b. make users aware of company policy on the use of information resources
c. lead to action arising from such monitoring through as appropriate. Misuse is dealt with through performance management and/or staff misconduct processes, depending on the nature of the breach in question.
d. routinely logs network activity and may use this information to investigate faults, security breaches and unlawful activity
2. Members of the Information Technology team are responsible for:
a. data quality - accuracy, integrity, cleanliness, correctness, completeness, consistency and timeliness
b. data security - control of access to data sets to known individuals, and monitoring of the data's subsequent exposure as it flows through corporate systems and records
c. data standards - ensuring compliance with relevant laws, government and regulatory standards and any policies and standards imposed internally;
d. data management - definition of the authoritative source of data and of the data to be provided from that source, and ensuring that duplication of data is kept to a minimum.
3. Members of the Information Technology team are to monitor and evaluate business processes to ensure that these are consistent with best practice principles for data management, and are responsible for approval of the 'rules' which are used to determine user access to information resources and services (though this approval can be delegated to another officer in the business area).
4. The company will endeavour to align IT operations with specific business goals and objectives, company vision, and long term strategies.
5. The company will apply standards in their use of technology to assure ease of support and the effective application of hardware and software to core systems.
6. The procurement of technology will be based on a comprehensive assessment of vendor offerings. All purchases in excess of $2000 must have at least 3 separate vendor quotes.
Practical Task:
Please implement this security plan in your current Physical Server or Virtual environment.
Part 1: Using Linux and Samba, (or Turnkey file server) create a file server which supports the permissions as stated below.
The permissions can be modified by using Webmin (if needed)
(All required file permissions and groups information is in the PDF document called (Linux System Administrators Guide)
Part 2: Now that your system is fully configured you can start the testing and monitoring, if you should find something that isn’t quite working correctly or you think it could be better adjust the configuration accordingly.