Project report, knowledge test, scenarios, professional discussion.

Assessment 01

Project Report Reminder



Project Report Checklist



Pathways

Security Engineer Pathway

This 6 week project is to design, build, test, troubleshoot a network.

You can use packet tracer to develop the network or any other virtual network tool to complete this.

Headings to be used within project report:

For Cyber Security Engineer Option, the Project report must cover the following additional headings:

• design of the network

• evidence that the network works to meet the requirement

• network optimisation metrics against performance requirements

• requirements analysis and its link to the eventual system, including security features

• schematics to show the build of a system to the design from provided components

• configuration metrics to show how the system to meet the security requirements

• demonstration of how the security features are effective

Criteria to meet:

S10

PASS

Designs, builds tests and troubleshoots a network incorporating:

more than one subnet

with static and dynamic routes

that includes

and user devices to a given design requirement without supervision.

DISTINCTON

Evaluates network performance with reference to the design requirements and identifies using troubleshooting techniques ways to implement improvements

S11

PASS

Analyses functional and non-functional security requirements presented in a security case against other design requirements identifying conflicts and justifying a solution based on valid trade-offs.

S12

PASS

Designs and builds, within broad but generally well-defined parameters, a system in accordance with a security case.

Including selection and configuration of typical security hardware and software components.

For example:

A system at the enterprise, network or application layer ensuring that the system has properly implemented security controls as required by the security case.

DISTINCTION

Analyse the rationale and consequences of the selection of typical security components for the business

S14

PASS

Designs a system employing encryption to meet defined security objectives and develops and implements a plan for managing the associated encryption keys for the given system.

DISTINCTION

Critically evaluate the use of encryption and the plan for the management of encryption keys in terms of the usability, costs and benefits for relevant stakeholders

Risk Analyst Pathway

This 6 week project is covering multiple different criteria within a Risk Analyst job role such as:

Headings to be used within the project report:

For Cyber Risk Analyst Option, the Project Report must cover the following additional headings:

description of the role taken in a cyber security risk assessment and audit

• a report explaining the conduct of the risk assessment & audit

• a report considering the cyber policies and cyber awareness campaign

Criteria to meet:

S16

PASS

Conducts a cyber-risk assessment against an externally (market) recognised cyber security standard using a recognised risk assessment methodology.

S18

PASS

Develops an information security policy or process to address identified risks for example from security audit recommendations

S19

PASS

Develops an information security policy within a defined scope to take account of relevant cyber security legislation and regulation

DISTINCTION

Analyses the rationale and consequences of the design of a typical information security policy for the business

S20

PASS

Implements part of a security audit against a recognised cyber security standard, undertake a gap analysis and makes recommendations for remediation

S22

PASS

Develops a local business continuity plan for approval within an organisations’ governance arrangements for business continuity

DISTINCTION

Analyses the rationale and consequences of the design of a typical business continuity plan for the business

S23

PASS

Assesses security culture using a recognised approach

S24

PASS

Designs and implements a simple ‘security awareness’ campaign to address a specific aspect of a security culture

DISTINCTION

Evaluates with evidence the outcomes from a security awareness campaign and propose improvements

Risk Analyst Pathway Help

Gap analysis

https://securityscorecard.com/blog/how-to-perform-an-information-security-gap-analysis/

Risk Assessment: Standards/Methodology/Examples/Risk Matrix

https://www.itgovernance.co.uk/iso27001/iso27001-risk-assessment

https://www.itgovernance.co.uk/iso27005

https://secureframe.com/blog/risk-management-methodologies

Risk Assessment Example

Risk Matrix Example

Policy

https://www.sans.org/information-security-policy/

Process

https://www.pipefy.com/blog/process-mapping/

Business Continuity Plan

https://www.itgovernance.co.uk/blog/how-to-create-a-business-continuity-plan-with-free-template

Security Awareness Campaign

https://www.hutsix.io/cyber-awareness-month-campaign-ideas-2023/

Assessing Security Culture – Survey Monkey, Microsoft Forms, Phishing Campaign.

Defend & Respond Pathway

This 6 week project is the investigation & analysing information from an array of information including SIEM Tools, Log Files etc to produce & incident response plan & configure a monitoring tool in relation to the investigation/threat/vulnerability intelligence.

Headings to be used within the project report:

For Cyber Security Defender and Responder Option the Project Report must cover the following additional headings:

• incident manager report of an incident response

• incident response plan submitted for approval

detection of a security incident and action taken

analysis of a security incident and action taken

evidence of the implementation of tool configuration in response to threat intelligence

Criteria to meet

S21

PASS

Develops an incident response plan for approval within an organisations’ governance arrangements for incident response

DISTINCTION

Analyses the rationale and consequences of the design of a typical incident response plan for the employer, business, or organisation

S25

PASS

Integrates and correlates information from various sources (including log files from different sources, digital system monitoring tools, Secure Information and Event Management (SIEM) tools, access control systems, physical security systems) and compares organisational data to known threat and vulnerability data to form a judgement based on evidence with reasoning that the anomaly represents a digital system security breach

S26

PASS

Recognises anomalies in observed digital system data structures (including by inspection of network packet data structures) and digital system behaviours (including by inspection of protocol behaviours) and by inspection of log files and by investigation of alerts raised by automated tools including SIEM tools

S25 and S26

DISTINCTION

Evaluates how the recognised incidents demonstrate the threat actors’ approach i.e. what is going on that causes the observed anomalies and what the motive could be

S28

PASS

Configures digital system monitoring and analysis tools (e.g. SIEM tools), taking account of threat & vulnerability intelligence, indicators of compromise

DISTINCTION

Analyses the rationale and consequences of selecting and configuring digital system monitoring tools for the employer, business, or organisation

S29

PASS

Undertakes root cause analysis of events and makes recommendations to reduce false positives and false negatives.

S30

PASS

Manages local response to non-major incidents in accordance with a defined procedure

Defend & Respond Pathway Help

SIEM https://www.ibm.com/topics/siem#:~:text=SIEM%20solutions%20allow%20organizations%20to,implement%20more%20effective%20security%20processes.

Anomaly Detection Explained

https://www.xenonstack.com/insights/cyber-network-security

Incident response plan

https://www.bluevoyant.com/knowledge-center/top-8-incident-response-plan-templates