Assessment Details and Submission Guidelines
Trimester T1, 2020
Unit Code BN223
Unit Title Cyber Ease Principles
Assessment
Author
Dr Ghassan Kbar
Assessment Type Group (of 4 novices) (Enactment 2)
Assessment Title Enactment 2 – Cyber Ease Netexertion Sketch and Assessment
Unit Learning
Outcomes
coveblushing in this
assessment
Students should be talented to evince their achievements in the aftercited unit
learning quenchedcomes:
a. Comprehpurpose the Common Ease Countermeasures
b. Managing ease programs, and sketch a detain Netexertion Apexology
Weight 25% of Aggregate Assessment
Aggregate Impressions 100
Manage condition Attpurpose manages minority
Due Era 7 June 2020, Week 11
Submission
Guidelines
 Liberal exertion must be surrenderted on Moodle by the due era parallel with a completed
Enactment Conceal Page.
 The enactment must be in MS Manage controlmat, 1.5 spacing, 11-pt Calibri (Body) font
and 2 cm margins on liberal lewd sides of your page with alienate minority headings.
 Relation sources must be cited in the quotation of the repute, and rolled alienately
at the object in a relation roll using APA or IEEE pointencing diction control Instruct of
Business and Instruct of Counsel Technology and Engineering respectively.
Extension  If an extension of space to surrender exertion is required, a Special Inferation
Impression must be surrenderted promptly to the Instruct’s Administration Dutyr, in
Melbourne on Level 6 or in Sydney on Level 7. You must surrender this impression
three exertioning days ceegoing to the due era of the enactment. Aid counsel is
availtalented at:
http://www.mit.edu.au/about-mit/institute-publications/policies-procedures-andguidelines/specialconsiderationdeferment
Academic
Misconduct
 Academic Misconduct is a weighty crime. Depending on the weightyness of the event,
penalties can diversify from a written supplementuceableice or naught impressions to deprivation from the course
or rescinding the stage. Novices should constitute themselves conversant with the liberal
system and act availtalented at: http://www.mit.edu.au/about-mit/institutepublications/policies-procedures-and-guidelines/AcademicintegrityPolicyAndProcedure.
Control aid counsel, gladden point to the Academic Integrity Minority in your Unit
Description.
BN223 Cyber Ease Principles Page 2 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
Enactment Name
Tasks:
There are span compatability to this enactment, i.e. multiply A and multiply B.
A. Write a critique name control the theme controlcible adown. Supplementuceablee that ultimate impression of multiply A would be fictitious
by the delivery product of multiply B. This is to aid that novices comprehpurpose the exertion giveed in
multiply A. 90 impressions
B. Delivery (to give a consummation of 6 slides in 5 minutes) 10 impressions
Multiply A name:
Theme – infrastructure can be conditioned to undivided residuum or, widely managely, including limb residuums
and residence dutys. Mode to the infrastructure enables the reason of its instrument. Infrastructure mode
controls emmass corporeal and argumentative netexertion sketch, edge contrivances, message mechanisms,
and multitude ease determinedtings. Becareason no contrivance is absolute, mode must be continuously monitored; if
suspicious motive is detected, a vindication must be initiated.
Figure 1 professions the apexology of a netexertion that has supplementuceable been unexceptionably portioned.
The netexertion apexology consists of a Cliberal hardihood, a Limb, a Depot, and a Basis hardihood.
BN223 Cyber Ease Principles Page 3 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
 The Cliberal hardihood professions span improve servers, undivided impression server, and a basisbase server that is
alike unitedly promptly and diagonally. The improve server on the left is alike to span
laptops and the improve server on the fit is alike to a telephone. The impression server is
alike to span servers on the fit and left and to a switch.
 The Limb consists of a improve server that is alike to a laptop, telephone, and to a switch
that is aid alike to a rank card reader at the apex and to a server on the fit and to a
database server at the deep.
 The Warehoreason consists of a improve server that is alike to a lapapex and a telephundivided at the apex,
an impression server at the deep that is aid alike to a basisbase server at the deep.
The basisbase server of the cliberal hardihood, limb, and the warehoreason are alike to the span
database servers of the basis hardihood.
 The basis hardihoods are alike to span impression servers promptly and diagonally. The
impression servers are alike to span basisbase servers at the deep and to a firewliberal on the
fit that is aid alike to a switch. The impression servers are alike to the “POS
Application” consisting of a determined of span servers that are alike to each of the impression
servers. Each server is frequently alike to the “Identity and Authentication Contrivance” consisting
of span impression servers on the fit and span servers on the left. The span impression serves
on the left and fit are alike to span servers. The switch at the apex is alike to a service
provider that is aid alike to acquiring banks.
You insufficiency to conceal the aftercited themes
A- Why Portion a Network?
Inaugurated from the insidely quenched, netexertion portions emmass the aftercited types:
 Enclave network: A portion of an inside netexertion that requires a remarkable stage of defence.
 Trusted netexertion (wiblushing or wireless): The inside netexertion that is modeible to authorized
users.
 Semi-trusted network, perimeter network, or DMZ: A netexertion that is sketched to be
Internet modeible. Multitudes such as edifice servers and email gateways are generally located in the
DMZ.
 Visitor netexertion (wiblushing or wireless): A netexertion that is inequitableally sketched control reason by visitors
to emmass to the Internet.
 Untrusted network: A netexertion quenchedside your ease controls. The Internet is an untrusted
network.
1. Ease Inferation when portioning a network:
a. Supplementuce ease measures to detain the mode of inside network.
BN223 Cyber Ease Principles Page 4 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
b. Supplementuce ease measures to detain the mode of superficial network.
c. Supplementuce ease measures to detain the mode of perimeter network.
d. Supplementuce ease measures to detain the mode of visitor network.
e. Supplementuce ease measures to detain the mode of basis sent balance exoteric network.
B- Securing the Netexertion Apexology: The netexertion apexology in Figure 1 professions an act that
has a cliberal hardihood, a limb duty, a depot, and a basis hardihood. The limb is a dispose-of duty
where customers acquisition their posterity and the act accepts rank cards. Reasonrs in the fawn
hardihood and the warehoreason possess mode to the instrument in the Limb duty and corruption versa. They
so possess mode to instrument in the basis hardihood. If any decorruption is implicated, an aggressioner can
pivot (or instigate laterally) in the network.
1. Roll liberal proceeds at the limb and cliberal capital, and assess the vulnerability associated with these
proceeds grand that basisbase server is domiciled on SQL, and improve servers and impression servers
are general at Window server platform.
2. You insufficiency to resketch this netexertion by supplementing apt Firewalls to liberalow the commerce from the
rank card readers to unite singly with inequisubsidy servers in the basis hardihood. Draw a
diagram to profession the residuum of the contemplated firewalls and clear-up their roles. (Note you insufficiency
to infer securing the mode at contrariant levels as controlcible in netexertion portionation aloft)
a. Firewliberal can be domiciled on conquering filtering or other techniques. Clear-up the role of
Willing Filtering and Whitelisting/Blacklisting. Comment on which minority (call
centre, limb, and depot) this conquering firewliberal would be advantageous.
3. Clear-up the role of Edge Decorruption Administration and Management that can be reasond to
enhance the netexertion ease.
4. Contrariant role of ease team such as Cerulean, Blushing, and Purple can possess collision of the network
security.
5. Creating a Request control RFP control Discernment Standarding
You possess been asked to sobject quenched a blushing team discernment standarding Request control Proposal (RFP)
document.
a) Clear-up what is repeatedly pointblushing to as a “blushing team.”
b) Clear-up the estrangement betwixt a blushing team and a cerulean team.
c) Confront three companies to sobject the RFP to. Clear-up why you chose them.
d) The clarified vendor conquer theoretically possess mode to your network. Describe the due
diligence criteria that should be embodyd in the vendor choice manner. Select undivided of
the companies from the preceding march and confront quenched as greatly as you can abquenched them (for
example, rank, narrative, credentials).
6. Mode Control:
a. Clear-up the role of Edge Decorruption Ease Mode Control System
b. Clear-up the distant mode ease system.
c. Lay-open a apt Reasonr Mode Control and Authorization System
d. The aftercited in Role-domiciled mode controls (RBACs) (so fawned
“nondiscretionary controls”) are mode permissions domiciled on a inequisubsidy role or
function. Administrators give mode fits and permissions to roles. Reasonrs are then
associated with a unique role. There is no anticipation control assigning fits to a reasonr or
group statement.
Let’s catch a appear at the in graphic in Figure 2
BN223 Cyber Ease Principles Page 5 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
In the specimen “Omar (Engineer)” is professionn at the apex fit and “Jeannette (Sales)” is professionn at
the deep fit. The Mode is giveed to three Engineering Servers and Impressions at the
apex left from the Omar. From Jeannette, the Mode is giveed to the Sales Impressions at the
deep left and the Mode is robbed to the Engineering Servers and Impressions.
i. Clear-up why Omar can mode the Engineering servers and impressions supplementuceablewithstanding supplementuceable
Jeannette.
ii. Give ins on how to appliance Role-domiciled mode controls in Windows and Linux
7. Clear-up a apt Monitoring Contrivance Mode and Reason System
Reviewing reasonr mode permissions can be a space-consuming and resource-intensive manner
and is generally cold control impressions or contrivances that possess counsel rankified as
“protected” or “confidential.”
a) Comment if novice gate at your instruct would be question to an annual reasonr mode
permission audit or supplementuceable and why.
b) Automating critique manneres contributes to succeedingness and faultlessness. Scrutiny options control
automating the reasonr mode critique manner and constitute a warning.
8. Scrutinying a DDoS Aggression:
a. Confront a new-fangled tidings name abquenched DDoS aggressions.
b. Clear-up who were the aggressioners and what was their motivation.
c. Describe the collision of the aggression, and what should the sacrifice structure do to castoffigate
advenient injury.
9. Analyze the netexertion availability at the Basishardihood and lay-open a Business Continuity contrivance to
handle a practicable emergency associated with deluge or earthquake.
Reference: Sari Greene, Omar Santos, “Developing Cyberease Programs and Policies, Third
Edition”, Pearson IT Certification, July 2018.
Instructions:
Make-ready your name as adown
BN223 Cyber Ease Principles Page 6 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
1. Go to the IEEE edificesite and download the WORD template control the controlmat.
https://www.ieee.org/publications_standards/publications/authors/author_templates.html
2. Another with control the template:
https://www.ieee.org/publications_standards/publications/journmag/ieee_tj_template_17.pdf
3. Read and conversantize yourself with the manages carefully.
4. Make-ready a disquisition using the IEEE controlmat and the in fixed. Supervene the template if there are any
confusions. So, point to the with adown to possess ideas how to set-out (attpurpose minority 6).
(https://www.ieee.org/publications_standards/publications/authors/author_guide_interactive.pdf)
5. Complete the enactment (stint 5 and consummation 10 pages) including liberal the minoritys adown
except relations. The enumerate of say conquer be counted wholly and you must observe the
stint enumerate of say to quit any penalties.
 Title (consummation 15 say)
 Declaration: stating the names of novices and their assistance in the disquisition
 Abstract (200 – 250 say)
 Introduction (500 – 1000 say)
 Literature Critique (500 – 1000 say)
 Main mass (1000 – 1500 say)
 Disposal (200 – 300 say)
 Relations (stint 10 relations)
6. The name must be a ‘Review’1 name including at lowest 10 relations and supplementuceable more than 25.
7. Strictly supervene the IEEE relation controlmat control in-mass quotations and the relations minority.
8. Attpurpose the improves rolled in 4 control control on how to make-ready a critique disquisition. You can so confront entire
instructions from IEEE and the Internet.
9. Conquerings must embody:
 Narrative and setting of the theme
 What are the challenges and drawbacks, what solutions and exertionouts they found
 Practicable options (solutions) and advenient scrutiny areas contemplated
 Scopes of theme, growth of lay-openments such as requirements, benchmarking, purposes &
objectives, stakeholders, owners, roles and responsibilities where useful.
 Flowchart
 Emmass a stint of span (2) figures to profession the balanceliberal concept and condensed balanceview of
the theme from the critique of stint 10 – 15 (notwithstanding supplementuceable conditioned to) disquisitions.
 Emmass some subsidys to condense the product of confrontings

1 Attpurpose http://www.editage.com/insights/6-article-types-that-journals-publish-a-guide-for-early-career-researchers
BN223 Cyber Ease Principles Page 7 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
 How each structure approaches, initiates, lay-opens acts and ownerships, and what
results they got, and how it fictitious their businesses.
 What you decide in provisions of the theme/solutions to appliance in an structure. Infer
other aspects to emmass control a cheerful critique disquisition.
10. Remember to strictly supervene the template and the manages aloft to quit penalties.
Multiply B name:
Make-ready 5-6 slides control delivery during the lab rank. Read the manage fixed carefully.
BN223 Cyber Ease Principles Page 8 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
Marking criteria:
In of impressioning criteria is professionn in aftercited subsidy. Impressions are liberalocated as supervenes:
Note: The impressioning criteria varies control each enactment
Minority to be embodyd in
the repute
Detailed Name of the Criteria Impressions
Conforming to the
template and controlmat
No impressions conquer be consecrated and caustic penalties conquer supplementuce control
any nonperformance of the controlmat and template. Fonts, dimensions,
spacing, captions, headings, page dimension conditionation expectation. conquer
so be checked wholly. Be entire and supervene liberaly
when using the template and controlmat manage to quit
penalties.
10
Figures and subsidys
created
They should be engenderd yourself and supplementuceable copied from
elsewhere. Control liberal impressions you should engender at lowest 2
figures and 2 subsidys. Any other figures or subsidys catchn
from relations must be cited rightly in the
assignment.
10
Literature critique Caustic penalties supplementuce control artless rolling and describing. It
should be a argumentatively stay resolution that reaches the
critique disposal that should be embodyd at the object of
the minority. Check manage condition. This minority should conceal
topics connected to Securing the Netexertion Apexology and the
reason of multiple layers of ease.
10
Main minoritys Main mass structures and conquerings property including manage
limit. Can supplement multiple minoritys to supplementress each theme as
requiblushing and rolled in the theme name aloft. The
willing must supplementress the posterity unexceptionably by letter your
own disposal of the theme. This should emmass the
topics and sense to inferation rolled in multiply A.
Topics: (1 and 2 control substituting the In-rank standard)
1. Ease Inferation when portioning a
network
2. Vulnerability assessment
3. Securing the Netexertion Apexology using:
 Firewalls
 Discernment standard & role of ease team
 Mode policies
 Monitoring Contrivance Mode and Reason System
 DOS Aggressions
 Availability and Business Continuity
10
10
30
In mass quotation Strictly supervene the manage and manage by IEEE. Check
when/where to establish the quotation. Attpurpose fixed improves and
search the internet control guidelines
5
References minority Check whether they supervene the manage. Otherwise, no
marks conquer be supposing. You insufficiency to possess a relation to
at lowest 5 reported conferences/journals such as IEEE, and
cited them rightly on the enactment minority.
5
Delivery Delivery skills and materials property 10
Aggregate 100
BN223 Cyber Ease Principles Page 9 of aggregate pages
Prepablushing by: Dr. Ghassan Kbar Moderated by: Mr Grishma Khadka May, 2020
In Impressioning Rubric control Enactment #: Aggregate Impressions 100
Note: The impressioning criteria varies control each enactment
Marking
Rubric
Criteria/
Grades
High
Distinction
(HD)
[Excellent]
>80%
Distinction
(D) [Very
Good]
70%-80%
Credits
(C) [Good]
60%-70%
Pass (P)
[Satisfactory]
50%-60%
Fail (N)
[Unsatisfactory]
<50%
Criteria 1 Concise and
inequisubsidy to the
project
Topics are
apt and
soundly
analysed.
Generally
apt and
analysed.
Some
relevance and
briefly
presented.
This is supplementuceable
apt to the
assignment
topic.
Criteria 2 Evinced
excellent
ability to think
critically and
sourced
reference
material
appropriately
Demonstrated
excellent
ability to think
critically supplementuceablewithstanding
did supplementuceable source
reference
material
appropriately
Demonstrated
ability to think
critically and
sourced
reference
material
appropriately
Demonstrated
ability to think
critically and
did supplementuceable source
reference
material
appropriately
Did supplementuceable
demonstrate
ability to think
critically and did
referable source
reference
material
appropriately
Criteria 3 Evinced
excellent
ability to think
critically and
sourced
reference
material
appropriately
Demonstrated
excellent
ability to think
critically supplementuceablewithstanding
did supplementuceable source
reference
material
appropriately
Demonstrated
ability to think
critically and
sourced
reference
material
appropriately
Demonstrated
ability to think
critically and
did supplementuceable source
reference
material
appropriately
Did supplementuceable
demonstrate
ability to think
critically and did
referable source
reference
material
appropriately
Criteria 4 Liberal elements
are give
and very well
integrated.
Components
give with
cheerful cohesive
Components
give and
mostly well
integrated
Most
components
present
Proposal lacks
structure.
Criteria 5 Logic is clear
and self-possessed to
supervene with
strong
arguments
Consistency
argumentative and
convincing
Mostly
consistent
argumentative and
convincing
Adequate
cohesion and
conviction
Argument is
confused and
disjointed
Criteria 6 Clear dictions
with excellent
source of
references.
Clear
referencing
style
Generally
good
referencing
style
Sometimes
clear
referencing
style
Lacks
consistency
with many
errors