BSBXCS402_AE_CS2of2_StudentName

docx

School

TAFE NSW - Sydney Institute *

*We aren’t endorsed by this school

Course

BSBXCS402

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

38

Uploaded by CoachBoarMaster1025

Report
Case study assessment 2 of 2 Criteria Unit code and name BSBXCS402 - Promote workplace cyber security awareness and best practices Qualification/Course code and name Student details Student number STUDENT ID Student name STUDENT NAME Assessment declaration Note: If you are an online student, you will be required to complete this declaration on the TAFE NSW online learning platform when you upload your assessment. This assessment is my original work and has not been: plagiarised or copied from any source without providing due acknowledgement. written for me by any other person except where such collaboration has been authorised by the Teacher/Assessor concerned. Student signature and date Document title: BSBXCS402_ AE_CS_2of2 Page 1 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Version: 20220516 Date created: 06/04/2021 Date modified: 11/8/2021 For queries, please contact: SkillsPoint Technology and Business Services Location Ultimo NSW © 2021 TAFE NSW RTO Provider Number 90003 | CRICOS Provider Code: 00591E This assessment can be found in the: Learning Bank The contents in this document is copyright © TAFE NSW 2021 and should not be reproduced without the permission of TAFE NSW. Information contained in this document is correct at the time of printing: 1 January 2024. For current information please refer to our website or your Teacher/Assessor as appropriate. Document title: BSBXCS402_ AE_CS_2of2 Page 2 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Assessment instructions Table 1 Assessment instructions Assessment details Instructions Assessment overview The aim of this assessment is to assess your knowledge and performance required to promote cyber security in a work area. Assessment event number 2 of 2 Instructions for this assessment This is a case study assessment that assesses your knowledge and performance of skills required by the unit. This assessment is in 3 parts: 1. Develop cyber security awareness 2. Support effective cyber security practices (includes a Role Play with the observation Checklist) 3. Review cyber security awareness And is supported by: Assessment feedback Note : This assessment may contain links to external resources. If a link does not work, copy and paste the URL directly into your browser. Submission instructions On completion of this assessment, you are required to submit it to your teacher/assessor for marking. Where possible, submission and upload of all required assessment files should be via the TAFE NSW online learning platform. Ensure you have included your name at the bottom of each page of documents you submit. It is important that you keep a copy of all electronic and hardcopy assessments submitted to TAFE and complete the assessment declaration when submitting the assessment. Document title: BSBXCS402_ AE_CS_2of2 Page 3 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
What do I need to do to achieve a satisfactory result? To achieve a satisfactory result for this assessment you must answer all the questions correctly. If a resit is required to achieve a satisfactory result it will be conducted at an agreed time after a suitable revision period. What do I need to provide? TAFE NSW student account username and password. If you do not know your username and password, contact your campus or service centre on 131601. Computer or other device with word processing software and internet access What the Teacher/Assesso r will provide Access to this assessment and learning resources, including the student workbook (only for campus online students) if applicable. For TAFE Digital students all their learning material is to be accessed online via TDC only as applicable and any supporting documents or links. Computer with word processing software, MS PowerPoint and internet access if completing in the classroom. Resource file BSBXCS402_AE_Appx_SR1.zip (Long URL: https://share.tafensw.edu.au/share/items/5b170e5b-b7c4-4943-bb13- 87eb23049cd0/0/?attachment.uuid=78ed227b-d1f3-4625-a9ec-b9b13274a1f3 ) which includes files that are referenced throughout the assessment: o Gelos Enterprises Cyber Security Awareness Survey results (Gelos_Cyber_Security_Awareness_Survey_Results.xlsx) o Gelos Enterprises Cyber Security Practices Survey results (Gelos_Cyber_Security_Practices_Survey_Results.xlsx) o Gelos Enterprises Cyber Security Training Staff Attendance Sheets (Gelos_Cyber_Security_Training_Staff_Attendance_Sheets.xls) Gelos Enterprises Policies and procedures relating to cyber security awareness and practices BSBXCS402_TL_PoliciesProcedures.docx (Long URL: https://share.tafensw.edu.au/share/items/7955d503-2f54-4537-a55c- 8d285823f1a7/0/?attachment.uuid=b8e1e03e-6e0d-481d-88c3-193589c63a7a ) Due date Refer to Unit Assessment Guide/Training Plan for due dates Document title: BSBXCS402_ AE_CS_2of2 Page 4 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Time allowed Location Three (3) hours (indicative only) Assessment to be completed both inside and outside of class. TAFE Digital students will complete and submit their assessment online. Assessment feedback, review or appeals In accordance with the TAFE NSW policy Manage Assessment Appeals, all students have the right to appeal an assessment decision in relation to how the assessment was conducted and the outcome of the assessment. Appeals must be lodged within 14 working days of the formal notification of the result of the assessment. If you would like to request a review of your results or if you have any concerns about your results, contact your teacher/assessor or Head Teacher. If they are unavailable, contact the Student Administration Officer. Contact your Head Teacher for the assessment appeals procedures at your college/campus. Specific task instructions The instructions and the criteria in the case study will be used by the teacher/assessor to determine whether you have satisfactorily completed the Case Study Scenario. Use these instructions and criteria to ensure you demonstrate the required knowledge. Written Answers In this assessment you must word-process all your answers. Ensure that your answers are tidy and accurate with correct spelling and grammar. It is important that you always enter your name on the bottom of each page of the assessment including any additional pages. Resources Throughout this assessment there are explicit references to a range of resources including software applications, hardware, tools and website links. At the time of writing this assessment, the versions and links of these resources were correct. It is expected that over time this may change. Document title: BSBXCS402_ AE_CS_2of2 Page 5 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
In addition, your teacher/assessor may prefer a suitable alternative resource. They will let you know if there are any alterations to prescribed resources. Contact your teacher/assessor if there are any issues associated with a resource. Document title: BSBXCS402_ AE_CS_2of2 Page 6 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Bibliography & References In some parts of this assessment you will be conducting research. To support your answer, you will need to provide a Bibliography listing of all your references. For more information on how to prepare a Bibliography go to the TAFE Library Services – Researching and Referencing: Referencing Skills . ( Long URL: https://tafensw.libguides.com/research/referencing ) You should use either a Harvard or APA reference style. An example of a webpage reference, using Harvard reference style is: Barracuda Cloud-to-Cloud Backup, viewed 1 December 2020, https://www.barracuda.com/products/cloudtocloudbackup TAFE library staff are available to provide help if needed. Task directions To complete this assessment, first read the Cyber security awareness and best practice for Gelos Enterprise staff scenario below. Once you have read the information, complete your responses to tasks as directed. Ensure that you take note of the volume of response requirement where indicated. All responses must: Address all parts of each task with examples as appropriate. Use clear and concise language to ensure the intended meaning is understood. Once completed, submit this assessment to the teacher/assessor for marking. Document title: BSBXCS402_ AE_CS_2of2 Page 7 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Scenario – Cyber security awareness and best practice for Gelos Enterprise staff Gelos Enterprises are very aware of possible cyber security threats to the business and are committed to maintaining cyber security best practice. This applies to not only the ICT staff but to all Gelos Enterprises staff. Two surveys have been conducted of all staff in selected departments: Gelos Enterprises Cyber Security Awareness Survey – to determine the overall level of cyber security awareness in the organisation. Gelos Enterprises Cyber Security Practices Survey – to determine the overall level of adherence to required cyber security practice in the organisation. The questions in these surveys are associated with Gelos Enterprises’ existing policies and procedures relating to cyber security awareness and practices. You will notice in the survey that results have been listed by department. To promote cyber security awareness and best practice a program needs to be created and arranged. This program will include a range of activities and practices. Your role You are working as an ICT Trainee for Gelos Enterprises. You have been asked to contribute to the creation of a program to promote workplace cyber security awareness and best practices. Your supervisor is Amanda Bowker and the ICT Security Senior Manager is Terrence Stewart Gelos Enterprises cyber security survey results Gelos Enterprises has conducted a survey of all staff, in selected departments, of their current level of cyber security awareness and adherence to required practices. These results have been provided in the files Gelos_Cyber_Security_Awareness_Survey_Results.xlsx and Gelos_Cyber_Security_Practices_Survey_Results.xlsx . In these spreadsheets are a list of questions and responses organised by department. Graphs have been included to summarise results by question, department, and overall organisational results. You will need to review Gelos Enterprises Policies and procedures to determine the "correct" answer to each question. Document title: BSBXCS402_ AE_CS_2of2 Page 8 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Part 1: Develop cyber security awareness In this part of the assessment you will develop cyber security awareness in the work area by establishing the current level of awareness, creating a cyber security awareness program and contributing to cyber security related policies and procedures. Task 1.1 – Establish current level of cyber security awareness a) Interpret the results of the Gelos Enterprises Cyber Security Awareness Survey to establish the current level of cyber security awareness in the work area, as required by Gelos Enterprises’ Policies and Procedures. Determine the correct answers to the questions, and how many from each department provided the correct answer to each question. Include this data on the Overall Results sheet in the Gelos Enterprises Cyber Security Awareness Survey . The remaining data and graph will populate automatically. Save this file as Gelos_Cyber_Security_Awareness_Survey_Results_ yourname .xlsx and include this in your submitted assessment. Check your answer with your teacher/assessor before progressing with this assessment. b) Reflect on the questions' results by department and the overall organisation making reference to the relevant Gelos Enterprises Policies and Procedures. Indicate if overall each department, and the organisation as a whole, has a strong , needs some improvement , or weak level of cyber security awareness by selecting from the dropdown menu. Use the following table for your answer. You may use point form in your answer. (50 words each row) Document title: BSBXCS402_ AE_CS_2of2 Page 9 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Table 2 Current awareness answer table Department Rating Reflection on results IT Department CS awareness is not 100% among the surveyed ICT staff across the different queries. It is important for all staff, especially the IT department to be knowledgeable about cyber security risk since IT specializes in the field and can educate other staff. Human Resources CS awareness is not above 25% among the surveyed HR staff and on occasion is 0%. Highly likely to contribute to cyber security breach. Marketing CS awareness is less than 15% among the surveyed Marketing staff. Highly likely to contribute to cyber security breach. Sales CS awareness is mostly 0% about the survey questions among the Sales staff who were surveyed. Will definitely contribute to cyber security breach. Executive CS awareness is less than 30% among the surveyed Executives. Highly likely to contribute to cyber security breach. Overall Weak Most departments have minimal and on occasion near non- existent awareness about cyber security. A program is imperative to raise the awareness among all staff. Document title: BSBXCS402_ AE_CS_2of2 Page 10 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Task 1.2 - Create and maintain Cyber Security Awareness Program a) Create a program to promote cyber security awareness. This Cyber Security Awareness Program must reflect Gelos Enterprises’ organisation-wide best practice and policies and procedures. In your program you need to include different activities which will satisfy the following criteria: Gains support from executives. Launches the program to the entire organisation. Gains engagement from each department staff member. Provides for remote workers or workers who only attend the office one or two days a week. Makes use of a range of different technology platforms including remote working technology, such as MS Teams or Learning Managements Systems, for example Moodle. Provides continual reminders to be cyber security aware. Provides updates on cyber security matters. Provides scheduled training activities within the normal business day. Provides anytime training activities. Relates to at least two different cyber security matters. One activity in your program may satisfy two or more of these criteria. Include at least five activities in Cyber Security Awareness Program. You do not need to be limited to structured training activities in your program. You may choose from a range of different communication means suitable for a work environment such as emails, online meetings, promotional material, newsletters, intranet etc. Use the following table, Cyber Security Awareness Program , for your answer adding additional table rows as needed. A sample answer has been included for reference. (Approx. 100 words) Document title: BSBXCS402_ AE_CS_2of2 Page 11 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Table 3 Cyber Security Awareness Program Title Description Purpose Target Audience Frequency Availability Communicati on Means Technology Platform Cyber threats arising from USB flash drive use Explains how USB flash drives can create cyber threats if not used correctly Ensure staff are using USB Flash drives in a cyber safe manner Phishing emails Explains what to look out for in e- mails that. Ensure staff are vigilant when receiving unexpected emails Weekly department meeting In person or online meeting Using Wi-fi Explains the risk of using anything other than Gelos network. Ensure that the staff understand the risks possessed by free or unregulated wi-fi Weekly department meeting In person or online meeting Whaling Explains whaling to executives and Ensure that the executives are Document title: BSBXCS402_ AE_CS_2of2 Page 12 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
make them aware of being targeted. more vigilant in their online communication and don’t fall for targeted traps Presentation for Executives Use of Personal Device Explains the risks of using personal devices for work and the vulnerabilities associated. Ensure that staff perform company work only on company devices as given through Gelos IT Department Presentation when a device is handed to a staff Cyber security policies for third parties Explains key concepts of cyber security policy at Gelos to third parties via video/slideshow. Part of orientation package that every third party needs to complete Secure website presentation that needs to be completed by third party individuals What to do when you suspect cyber security breach. Goes over the steps to be followed when a Informs staff what to do when there has been a Weekly department meeting In person or online meeting Document title: BSBXCS402_ AE_CS_2of2 Page 13 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
cyber security breach has occurred. cyber security breach. *Legend: F2F – Face to face, MS - Microsoft Document title: BSBXCS402_ AE_CS_2of2 Page 14 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Scenario – Updates to Cyber Security Awareness Program Gelos Enterprises’ CEO Catherine Dunn, has mandated that cyber security awareness should be a standing agenda item in each department's weekly meeting. This must be reflected in the Cyber Security Awareness Program. b) Maintain your existing Cyber Security Awareness Program (See Task 1.2 a above) to satisfy the above requirement. To show that you have updated your program, highlight this entry by making the entire row text blue. Document title: BSBXCS402_ AE_CS_2of2 Page 15 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Task 1.3 – Develop cyber security policies and procedures Scenario – Use of USB flash drives at Gelos Enterprises A cyber security breach incident recently took place at Gelos Enterprises. A Gelos Enterprises employee used a personal USB flash drive that had been infected with malware, in a Gelos Enterprises staff computer. This USB flash drive had been infected when used on a "free" Wi- Fi network at a local hamburger restaurant. Although current Gelos Enterprises anti-malware software detected the malware this time, ICT staff are concerned that this may occur again and lead to a full malware infection and a possible ransomware attack. For this reason, the following decisions have been made: Personal USB flash drives are banned from use on Gelos Enterprises computers or worker's personal computers which remotely connect to the Gelos Enterprises network. MS OneDrive cloud storage is the preferred method of sharing documents both internally on the Gelos Enterprises in-house network and externally through remote access. USB flash drive use is to be kept to an absolute minimum for an unavoidable business need, only with the emailed approval of an employee's manager and only on Gelos Enterprises supplied laptops. Files and data stored on USB Flash drive should be kept to a minimum to meet the immediate unavoidable business need. All USB flash drives are to be sourced from ICT Service Desk personnel who will provide an encrypted USB flash drive that is password protected. A recovery key will need to be set. Appropriate labelling will be used. A register of USB flash drives will be kept and maintained by ICT Service Desk personnel. All staff are to be informed of this requirement, however, feedback must first be gained from the Gelos Enterprises heads of department. This policy and procedure will be stored on Gelos Enterprises’ intranet. a) Develop a policy and procedure that promote cyber security awareness and practices relating to use of USB flash drives in the Gelos Enterprises workplace. To do this: Identify a suitable policy title . Summarise the policy statement to reflect Gelos Enterprises’ stance on USB flash drives. Document title: BSBXCS402_ AE_CS_2of2 Page 16 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Identify the scope of the procedure including to whom this policy/procedure applies and when the policy/procedure must be followed. Outline the procedure staff must follow to gain access to a USB drive. Identify any related policies and procedures which an employee must also refer to when viewing this policy & procedure. use the Gelos Enterprises Policy and Procedure Template in the following table to document your answer. Document title: BSBXCS402_ AE_CS_2of2 Page 17 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Hint: Before you start this task, you should review the existing relevant Gelos Enterprises Policies and Procedures. Use the following table for your answer. You may use point form in your answer. (Approx. 250 words in total) Table 4 Gelos Enterprises Policy and Procedure Template Item Summary Policy title Use of USB Flash Drive Policy and Procedure Policy statement To ensure minimizing malware infection leading to ransomware attacks, usage of USB flash drives are broadly banned at Gelos Enterprises except for special circumstances as stated by this policy. Procedure scope For all staff who are accessing Gelos Enterprises computers or worker’s who remotely connect their personal computer to Gelos Enterprises computers. Document title: BSBXCS402_ AE_CS_2of2 Page 18 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Procedure Usage of USB flash drives should be kept at minimum; preferred method of sharing documents will be MS OneDrive cloud storage. For unavoidable business needs, usage is permitted with emailed approval of manager outlining the purpose and the duration of use, and only on Gelos Enterprises supplied laptops. The USB flash drive used for the business need must be sourced from the ICT Service Desk which needs to be encrypted and password protected. A recovery key will also be set for the USB flash drive and the USB flash drive will have appropriate labelling. Files and data stored in the USB flash drive must be kept at minimum for the unavoidable business needs. Device should be returned once the business has concluded. The USB flash drive will have the data wiped out after return. ICT Service Desk will keep and maintain a register of all supplied USB flash drive. Related policies & procedures Information and system security policy Personal devices policy and procedure b) Prepare an email to be sent to the ICT manager, requesting feedback on the new cyber security related policy and procedure for use of USB flash drives. In this communication you need to: outline the reasons for the new policy and procedure summary of the overall policy and procedure CC your supervisor. Follow the Gelos Enterprises Policy and Procedure Template for emails in the following table to prepare your email. Document title: BSBXCS402_ AE_CS_2of2 Page 19 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Ensure that you write your email in a business-like manner that would be appropriate when communicating with other staff members. Hint: Write this email as if you were communicating with an executive, who has limited time to read emails and attached forms, but still needs to be aware of what is happening in the organisation. Use the area below for your answer. (Approx. 50 words) Table 5 Gelos Enterprises Policy and Procedure Template for emails Email field Details From To Terrence Stewart CC Amanda Bowker Subject Policy and procedure changes for USB flash drive usage Body Dear Terrence, We have developed a new cyber security policy after the recent cyber security breach incident. Following is the gist of it. The USB devices to be used must be sourced from the ICT Service Desk Devices will have encryption and password protection with appropriate labelling. The information stored must be the minimum required for the business. ICT Service Desk will maintain a register of all USB devices supplied. Regards, Document title: BSBXCS402_ AE_CS_2of2 Page 20 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Part 2: Support effective cyber security practices In this part of the assessment you will support effective cyber security practices in the work area by reviewing the cyber security practices in the organisation, arranging training and updates for the areas of immediate concern and then reporting insights on this to the required personnel. Task 2.1 – Review cyber security practices a) Interpret the results of the Gelos Enterprises Cyber Security Practices Survey to review the current level of adherence to cyber security practice, as required by Gelos Enterprises Policies and Procedures. Determine the correct answers to the questions and how many from each department provided the correct answer to each question. Include this data on the Overall Results sheet in the Gelos Enterprises Cyber Security Practices Survey . The remaining data and graph will populate automatically. Save this file as Gelos_Cyber_Security_Practices_Survey_Results_ yourname .xlsx and include this in your submitted assessment. Check your answer with your teacher/assessor before progressing with this assessment. b) Reflect on the questions results by department and the overall organisation making reference to the relevant Gelos Enterprises Policies and Procedures. Indicate overall if each department, and the organisation as a whole, has a strong , needs some improvement , or weak level of adherence to the required cyber security practice by selecting from the dropdown menu. c) Identify the areas of cyber security practices which are an immediate concern for the organisation. Use the following table for your answer. You may use point form in your answer. (Approx. 50 words each row) Table 6 Cyber security practices answer table Department Rating Reflection Information Technology IT needs awareness and practice of sharing information with third parties. Document title: BSBXCS402_ AE_CS_2of2 Page 21 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Human Resources HR team needs attention towards all areas of cyber security focusing on use of strong password, suspicious communication, using free wi-fi, and information sharing. Marketing Marketing needs attention towards all areas of cyber security practice. Sales Sales team needs extra attention towards all areas of cyber security practice. Additional training should be provided. Executive Executive team needs attention towards all areas cyber security focusing on use of strong password, suspicious communication, using free wi-fi, and information sharing. Overall All staff need to be made aware and improve practice in all areas of cyber security Areas of immediate concern Sales and Marketing Sales and Marketing have the lowest scores in awareness and practice. Document title: BSBXCS402_ AE_CS_2of2 Page 22 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Task 2.2 – Arrange training and provide updates a) Create a schedule to arrange training to colleagues that will support cyber security practices or awareness. In your Cyber Security Training Schedule , you need to include different activities which will satisfy the following criteria: Provides scheduled training activities within the normal business day. Scheduled activities must occur within the next two weeks. Provides anytime training activities Relates to two different cyber security matters that were identified as areas of immediate concern in either the Gelos Enterprises Cyber Security Practices Survey. (See Task 2.1) Makes use of a range of different technology platforms including remote working technology i.e. MS Teams or Learning Managements System i.e. Moodle. One activity in your schedule may satisfy two or more of these criteria. No activity should take more than two hours to complete. Include four different activities in Cyber Security Training Schedule. Use the following table, Cyber Security Training Schedule , for your answer adding additional table rows as needed. A sample answer has been included for reference. (Approx. 100 words) Document title: BSBXCS402_ AE_CS_2of2 Page 23 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Table 7 Cyber Security Training Schedule Title Description Purpose Target Audience Date/Time or Anytime Duration Technology Platform How to be cyber safe with your USB flash drive Explains how USB flash drives can create cyber threats if not used correctly Ensure staff are using USB flash drives in a cyber safe manner Tuesday 2nd April 10:30am Using free wi-fi for work related matters Explain risks associated with using free wi-fi Ensure staff do not connect work devices to free wi-fi that can lead to malware infection How to respond to suspicious e-mails Explains how suspicious e-mails might be phishing and pose significant threat Ensure staff know how to respond to such e-mails and report them for investigation Using stronger passwords Explain the need of stronger passwords Ensure all staff have strong Document title: BSBXCS402_ AE_CS_2of2 Page 24 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
and the risks of having accounts hacked password protection in all aspects of cyber presence, not just work How to respond to suspicious e- mails/Whaling Executives need to be aware of higher risk of being targeted for phishing Ensure that the executive staff have a safety check for transferring funds and sharing sensitive information Sharing data/information Explain secure ways of sharing sensitive and or confidential information with third parties Ensure all staff understand the vulnerabilities associated with improper methods of data sharing All staff Scheduled date/time 1 hour 30 minutes MS - Teams Document title: BSBXCS402_ AE_CS_2of2 Page 25 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Scenario – Training numbers All scheduled training activities have now been completed. Many staff have also completed online anytime training activities. You have been supplied with the Gelos Enterprises Cyber Security Training Staff Attendance Sheets for each activity. These attendance sheets include Gelos Enterprises employee's name and department. You have been asked by your supervisor to update the training records to include a summary of the attendance details by department and overall. This will later be presented to the Executive. The total number of staff in each Department has been included for reference in Task 2.3. b) Maintain the training records to reflect the employee's attendance at the Cyber Security training. To do this calculate the attendance counts for each activity and department . Include this data on the Overall Results sheet in the Gelos Enterprises Cyber Security Training Attendance . Include your activity titles with your results. The remaining data and graph will populate automatically. Save this file as Gelos_Cyber_Security_Training_Staff_Attendance_Sheets_ yourname .xlsx and include this in your submitted assessment. Check your answer with your teacher/assessor before progressing with this assessment. Document title: BSBXCS402_ AE_CS_2of2 Page 26 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Scenario – Cyber awareness training for Executive staff Gelos Enterprises’ ICT Security Manager has requested a cyber security awareness training session, to be provided to the executive staff, immediately following their weekly meeting. This weekly meeting takes place in the boardroom on Monday 10:00am to 12:00pm. The training must only take 30 minutes. This will be communicated to all Heads of Departments through your manager. c) Prepare an email, to be sent to your manager, informing them of the update to the Cyber Security Training Schedule. In this communication you need to identify the changes to the Cyber Security Training Schedule. You do not need to update your Cyber Security Training Schedule at this time. Ensure that you write your email in a business-like manner that would be appropriate when communicating with other staff members. Use the table below for your answer. (Approx. 30 words) Table 8 Cyber awareness email Email field Details From To Terrence Stewart CC Amanda Bowker Subject Scheduled CSA training for executive staff Body Dear Terrence, We have fixed the schedule for Cyber Security Awareness training for the executive staff to Monday 11:00. All points of concern will be highlighted during the training. Regards, Document title: BSBXCS402_ AE_CS_2of2 Page 27 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Task 2.3 – Present insights from review and training To complete this part of the assessment, you must participate in a role play to demonstrate your ability to complete skills-based tasks to industry standards. The role play will be observed by your teacher/assessor. Your responses will be used as part of the overall evidence requirements of the units. You should refer to the list of criteria provided in Observation Checklist 1 to understand what skills you need to demonstrate in this section of the assessment. This checklist outlines the assessment criteria used to assess your performance. Scenario – Presenting insights to Gelos Enterprises Executive Your supervisor, Amanda Bowker has asked you to present your findings from the Gelos Enterprises Cyber Security Practices Survey and your Cyber Security Training Schedule to the Gelos Enterprises executive including your manager, Terrence Stewart. The executives are particularly concerned about the level of adherence to cyber security practices in the organisation and would like to discuss what their next steps might be to address this issue. This presentation will be delivered to the executive online, using MS Teams and MS PowerPoint. The executive will later need to refer back to this presentation and will therefore need speaker's notes as a form of documentation. Gelos Enterprises ICT Security Senior Manager, Terrence Stewart role Terrence is a stakeholder in this presentation and asking you questions about the content, such as: Overall, how did the organisation go in the Cyber Security Practices Survey? Which department overall had the greatest need for improvement? What areas have you specifically targeted in the training program? Why? What would have been the potential impacts on the organisation if this continued? How well was the training attended? Did all departments participate? What are the next areas training should be provided in? Document title: BSBXCS402_ AE_CS_2of2 Page 28 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Gelos Enterprises Human Resources Director, Frankie Mitchell role Frankie is another stakeholder in this presentation and asking you questions about the content, such as: How did the HR department perform in the Cyber Security Practices Survey? Are there any questions that HR staff performed badly on? Was this included in the training program? Did HR staff have good attendance at the training? What are the next areas training should be provided? Your role You must demonstrate the following in this role play: Present insights from the Cyber Security Practices Survey review including identifying the cyber security practices areas of immediate concern. Explain the potential impact on the workplace if this area was not addressed. Provide an overview of the Cyber Security Training Schedule that you developed. Present insights on the provided training, based on attendance levels. Consult with the stakeholders so that they can decide on the next areas of training. Your presentation must be created in MS PowerPoint and should be well structured and professional in appearance, including: suitable design layout/template for the target audience and topic title slide table of contents slide speakers notes on each slide one slide per topic tables, graphs or diagrams with supporting data Document title: BSBXCS402_ AE_CS_2of2 Page 29 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
closing slide to trigger discussion no more than ten slides in total. Document title: BSBXCS402_ AE_CS_2of2 Page 30 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Location This presentation is to be implemented as a tele-conference (MS Teams teleconference) with the student, “Terrence Stewart”, “Frankie Mitchell” and teacher/assessor participating. Resources None required. Time allowed This role play will take approximately 10 to 15 minutes. Evidence You will need to submit your presentation as Gelos_Insights_Presentation_ yourname .ppt. Document title: BSBXCS402_ AE_CS_2of2 Page 31 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Observation Checklist 1 The Observation Checklist 1 will be used by your teacher/assessor to mark your performance in the Part 2 Task 2.3 . Use this checklist to understand what skills you need to demonstrate in the role play scenario. The checklist lists the assessment criteria used to determine whether you have successfully completed this assessment event. All the criteria must be met. Your demonstration will be used as part of the overall evidence requirements of the unit. The teacher/assessor may ask questions while the demonstration is taking place or if appropriate directly after the task/activity has been completed . Date of Observation: Click or tap to enter a date. Table 9 Observation checklist Tas k # Task/Activity Performed S U/ S Assessor Comments (Describe the student’s ability in demonstrating the required skills and knowledge) OC 1 Present insights from review and training and potential related impacts on the workplace to the required personnel Document title: BSBXCS402_ AE_CS_2of2 Page 32 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Part 3: Review cyber security awareness In this part of the assessment you will review the cyber security awareness in the work area by reviewing, documenting and communicating researched information on the latest cyber threats and trends that could impact the organisation. Scenario – Cyber security best practice You have been asked by your supervisor to research the latest cyber security threats and trends to determine if Gelos Enterprises is maintaining best business practice. Your manager is keen to hear your suggestions for improvement to Gelos Enterprises’ business practice, however, these ideas must be supported with relevant reliable information sources. When you have completed your work, you will review this with your supervisor and then communicate this with the ICT Security Senior Manager, copying in your supervisor. Task 3.1 - Review latest cyber security threats and trends Review the latest cyber security threats and trends impacting organisations and make suggestions for improvements. To do this: Research online to find two cyber security threats and two cyber security trends. Document your review by including a topic and a summary for each threat/trend. Include your references for your research. Identify a suggested improvement to the business practices of the organisation in response to the threat / trend. Follow the relevant Gelos Enterprises’ policy and procedure. Use the following Gelos Enterprises Suggestion Form to document the outcomes of your review. Use the following tables for your answer. You may use point form for your answer. (Approx. 20 to 40 words each) Document title: BSBXCS402_ AE_CS_2of2 Page 33 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Threat 1 Table 10 Gelos Enterprises Suggestion for Business Improvement Form – Threat 1 Topic Cybersecurity threats associated with third party Summary Third party access into the network my lead to compromises since the practices may not be on par with company regulations. References Moore, M. (2023) Top Cybersecurity Threats in 2023. Available at : https://onlinedegrees.sandiego.edu/top-cyber-security-threats/ (Accessed : 23 August 2023) Suggestion Restricted access for third party Mandatory cybersecurity training Threat 2 Table 11 Gelos Enterprises Suggestion for Business Improvement Form – Threat 2 Topic Cloud security Summary While cloud services are highly secure, many of them can have vulnerabilities that can be used against the user. References Moore, M. (2023) Top Cybersecurity Threats in 2023. Available at : https://onlinedegrees.sandiego.edu/top-cyber-security-threats/ (Accessed : 23 August 2023) Suggestion Training about using Cloud storage. Using renowned and trustworthy services with added layers of protection such as Multi Factor Authentication. Document title: BSBXCS402_ AE_CS_2of2 Page 34 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Trend 1 Table 12 Gelos Enterprises Suggestion for Business Improvement Form – Trend 1 Topic Cybersecurity risk with remote working Summary Home office settings might be less secure such as information sent over home network might be accessed by unknown parties when there is sufficient protection lacking. References Kapersky (2023) Top Ten Cybersecurity Trends. Available at : https://www.kaspersky.com/resource-center/preemptive-safety/cyber- security-trends (Accessed : 23/08/2023) Suggestion Training about using appropriate devices for anything related to work. Having enough security in home network. Trend 2 Table 13 Gelos Enterprises Suggestion for Business Improvement Form – Trend 2 Topic Ransomware-as-a-Service (Raas) Summary Ransomware getting into network or devices and corrupting or stealing data. Further using this vulnerability to extort money. References Houghton, M. (2023) 13 Top Strategic Cyber Security Trends to Watch Out for in 2023. Available at : https://www.aztechit.co.uk/blog/cyber-security- trends (Accessed : 23 August 2023) Suggestion Being vigilant of phishing not only through e-mails, but texts or fake websites. Training to recognize the phishing and informing IT so all staff can be notified. Document title: BSBXCS402_ AE_CS_2of2 Page 35 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Task 3.2 - Communicate review outcomes and suggested improvements Based on the findings of your review of cyber security threats and trends, prepare an email to be sent to required personnel for their consideration. In this email you will communicate your review outcomes and suggested cyber security improvement requirements. This must be done according to Gelos Enterprises’ policies and procedures. In this email you need to: Outline the overall outcomes of your review . Identify your suggested improvements requirements for the organisation. You can assume that your improvement forms are attached to the email. Ensure that you write your email in a business-like manner that would be appropriate when communicating with other staff members. Hint: write this email as if you were communicating with an executive, who has limited time to read emails and attached forms but still needs to be aware of what is happening in the organisation. Use the following table for your answer. (Approx. 50 words) Document title: BSBXCS402_ AE_CS_2of2 Page 36 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Table 14 Outcome and improvement email Email field Details From To Terrence Stewart CC Amanda Bowker Subject Recent Cybersecurity Threats and Trends and suggested actions Body Dear Terrence, Looking into cybersecurity threats and trends it can be seen that a major vulnerability is allowing access to attackers to our network or accounts. We can improve with increasing awareness by providing more interactive trainings by looking at case studies. Regards, Document title: BSBXCS402_ AE_CS_2of2 Page 37 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Assessment feedback NOTE: This section must have the Teacher/Assessor and student signature to complete the feedback. If you are submitting through the TAFE NSW online learning platform, your Teacher/Assessor will give you feedback via the platform. Assessment outcome Satisfactory Unsatisfactory Assessor feedback Has the Assessment declaration for this assessment event been signed and dated by the student? Are you assured that the evidence presented for assessment is the student’s own work? Was reasonable adjustment in place for this assessment event? If yes, ensure it is detailed on the assessment document. Comments : Assessor name, signature and date: Student acknowledgement of assessment outcome Would you like to make any comments about this assessment? Student name, signature and date Document title: BSBXCS402_ AE_CS_2of2 Page 38 of 38 Resource ID: Enter TBS_21_008_BSBXCS402_AE_CS_2of2 STUDENT NAME:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Discussion Grading Rubric.docx
CIS305 2.3.docx
McCurley-Shimer_Assignment #8.docx
McCurley-Shimer_ResearchPaper.docx
Elijah droz Week 1 assignment.docx
ANTH_Vacsaw)Transcript.docx
220-1001.pdf
ISSC231_Assignment 1.docx
Mihluedo_Assignment#7.docx
George_Mario_Lipton.psd.docx
MidTerm Project Template.docx
MidTerm Project .docx
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781305627482
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
Text book image
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Enhanced Discovering Computers 2017 (Shelly Cashm...
Computer Science
ISBN:9781305657458
Author:Misty E. Vermaat, Susan L. Sebok, Steven M. Freund, Mark Frydenberg, Jennifer T. Campbell
Publisher:Cengage Learning
Text book image
Database Systems: Design, Implementation, & Manag...
Computer Science
ISBN:9781305627482
Author:Carlos Coronel, Steven Morris
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
Text book image
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
SEE MORE TEXTBOOKS