Reference no: EM132354187
PRACTICAL ACTIVITY
These instructions must be followed when assessing the student in this unit. The checklist on the following page is to be completed for each student. Please refer to separate mapping document for specific details relating to the alignment of this task to the unit requirements.
This competency is to be assessed using standard and authorized work practices, safety requirements and environmental constraints. Assessment of essential underpinning knowledge will usually be conducted in an off-site context. Assessment is to comply with relevant regulatory or Australian standards' requirements.
Resource implications for assessment include:
• an induction procedure and requirement
• realistic tasks or simulated tasks covering the mandatory task requirements
• relevant specifications and work instructions
• tools and equipment appropriate for applying safe work practices
• support materials appropriate to the activity
• workplace instructions relating to safe work practices and addressing hazards and emergencies
• material safety data sheets
• research resources, including industry-related systems information.
Reasonable adjustments for people with disabilities must be made to assessment processes where required. This could include access to modified equipment and other physical resources, and the provision of appropriate assessment support.
This assessment task requires the student to:
• Configure security in the routers
• Implement authentication, authorisation and accounting
• Configure IP ACL to mitigate threats and to Ip address spoofing
• Secure management of router by implementing SSH
• Configuring routers to send log messages to a log server
• Configuring the switch to mitigate layer 2 attacks.
• Implementation of zone-based firewall
• Configuration of IDPS
• Configuration of IPSec site to site VPN with PSK authentication
This project should be completed with reference to a simulated ICT/Business environment. For the practice environment, noise levels, production flow, interruptions and time variances must be typical of those experienced in the ICT project management field of work and include access to:
• relevant computer software packages
• suitable hardware
• codes, standards and legislation relevant to the jurisdiction and the project
• project documentation
• research resources, including product information and data, theoretical texts and other information.
Please refer to the assessment document for the specifications. Note that this is an individual task.
Throughout the assessment task, ensure that you refer to and apply the Australian Computer Society Code of Ethics.
Develop Specifications and Terms of Reference for the project that includes:
Within your practice environment, complete each of the following parts (Note: Parts of this assessment task, such as project execution, will be simulated in your practice environment):
Practical Activity
Australian Institute of Business and Technology College provides opportunity to students to acquire a technical education and offers variety of courses. The AIBT network is used by all the staff and students. Recently there has been a breach of data and has raised serious issues. AIBT now has got very serious and want to implement the extensive security system. AIBT has two sites currently in Sydney one in Ultimo and one in Blacktown. You have been asked to secure all the network devices.
Objectives:
You are to write a report and include your practical lab activity outcomes in your report as evidence of achievement of objectives.
Your trainer will provide you the configuration related information and network diagrams.
1. Evaluate network security system threats and requirements
2. Propose a methodical concept of defending the network architecture
3. Get client sign off
4. Implement the system
a. Secure the routers
b. Implement AAA
c. Implement ACL (Access Control List) mitigate threats
d. Configure SSH
e. Send log messages to the log server; configure syslog.
f. Mitigate common layer 2 attacks
g. Implement Zone based firewall
h. Implement Intrusion detection and Prevention in the routers
i. Implement site to site VPN between two sites
Throughout the assessment task, ensure that you refer to and apply the Australian Computer Society Code of Ethics.
Note to the Trainer: Please use the sample solution to provide configuration information and network diagrams to the students during lab activities.