Assessment 2 Information
| Subject Code: | TECH2400 | ||
| Subject Name: | Cyber Security | ||
| Assessment Title: | Network Security Configuration & Access Control | ||
| Assessment Type: | Simulation and Artefact Development | ||
| Assessment Length: | 1500 | Words | (+/-10%) |
| Weighting: | 40 % | ||
| Total Marks: | 40 | ||
| Submission: | MyKBS | ||
| Due Date: | Week 9 | ||
Your Task
Demonstrate your understanding of key cyber security concepts aligned with learning outcomes LO2, LO3, and LO4. You will configure a firewall and develop an access control policy document that complies with relevant laws, regulations, and ethical guidelines.
Additionally, this task requires you to leverage open-source cyber security and generative AI tools, simulating industry practice.
| LO2: | Identify vulnerabilities and threats pertaining to the IT infrastructure of organisations. |
| LO3: | Recommend risk mitigation strategies to addresscyber security vulnerabilities and threats. |
| LO4: | Analyse privacy, legal,ethical and security issues and solutions related to theIT infrastructure and use of technologies in organisations. |
This assessment is designed to simulate industry practices for securing and managing networks. You will apply your knowledge and skills to configure firewalls, define access control policies, and evaluate the legal and ethical considerations of your decisions.
Your final deliverable includes two documents:
Kaplan Financial, a midsized Australian company, is experiencing rapid growth, which has introduced critical network security challenges. Recent incidents, including unauthorised access, phishing attempts, and malware infections, have posed significant threats to the company’s operations and the security of sensitive data.
The company is pursuing ISO 27001 certification, reflecting its commitment to implementing best practices for information security management. Additionally, as an Australian organisation, Kaplan Financial must comply with relevant legislation, including the Privacy Act 1988 (Cth) and the Cybersecurity Act 2018, which mandate stringent measures for safeguarding sensitive information and protecting critical systems against cyber threats.
To address these challenges, you are brought in as a consultant tasked with configuring the network firewall and designing robust access controls for the internal IT team. Your solution must secure the network and prevent future attacks as well as align with the company’s certification requirements and legislative obligations.
Kaplan Financial has several departments with distinct responsibilities:
performance.
ensures financial strategies align with customers’ goals.
IT Department: Maintains the IT infrastructure, manages the network, support employees’
technological needs, and ensures security across all systems.
Kaplan Financial’s network infrastructure includes the following components:
Review the context of Kaplan Financial, its security challenges, and compliance obligations. Consider how the organisational structure influences security design.
Choose the most appropriate access control model. Justify your choice considering security concerns and departmental responsibilities. This should form the first part of your report and should be approximately 250 words long.
Use a generative AI tool (e.g., ChatGPT, Gemini) to draft a formal access control policy. Your policy should be approximately 1000 words long and should cover:
Refine your generative AI outputs to create a formal Access Control Policy. Submit your policy as the second part of your report. Include screenshots of your generative AI interaction in the appendices.
Justify your access control policy by explaining how it aligns with Kaplan Financial’s legal obligations, referencing relevant regulations. Your justification should be approximately 250 words long and should be submitted as the third part of your report.
Configure the network firewall using pfSense according to your access control policy. Save the configuration as an XML file for submission.
Academic Integrity and Conduct Policy
https://www.kbs.edu.au/admissions/forms-and-policies
KBS values academic integrity. All students must understand the meaning and consequences of cheating, plagiarism and other academic offences under the Academic Integrity and Conduct Policy.
Please read the policy to learn the answers to these questions:
https://www.kbs.edu.au/admissions/forms-and-policies
 |
Penalties may be applied for assessment submissions that exceed prescribed limits.
Students may seek study assistance from their local Academic Learning Advisor or refer to the resources on the MyKBS Academic Success Centre page. Further details can be accessed at https://elearning.kbs.edu.au/course/view.php?id=1481
All assessments including draft copies must be written and submitted in English. The use of translation tools is not permitted.
Please see the level of Generative AI that this assessment has been designed to accept:
| Traffic Light | Amount of Generative Artificial Intelligence (GenerativeAI) usage |
Evidence Required | This assessment (✓) |
Level 1 | Prohibited:
No GenerativeAI allowed This assessment showcases your individual knowledge, skills and/or personal experiences in the absence of Generative AI support. |
The use of generative AI is prohibited for this assessment and may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. | |
Level 2 |
Optional: You may use GenerativeAI for research and content generation that is appropriately referenced.
See assessment instructions for details
This assessment allows you to engage with Generative AI as a means of expanding your understanding, creativity, and idea generation in the research phaseof your assessment and to produce content that enhances your assessment. I.e., images. You do not have to use it. |
The use of GenAIis optional for this assessment. Your collaboration with GenerativeAI must be clearly referenced just as you would reference any other resource typeused. Click on the linkbelow to learn how to reference GenerativeAI. https://library.kaplan.edu.au/referencing-other- sources/referencing-other-sources-generative-ai
In addition, you must include an appendix that documents your GenerativeAI collaboration including all prompts and responses used for the assessment.
Unapproved use of generative AI as per assessment details during the content generation parts of your assessment may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. Ensure you followthe specific assessment instructions in the section above. | |
Level 3 |
Compulsory: You must use GenerativeAI to complete your assessment
See assessment instruction for details
This assessment fully integrates Generative AI, allowing you to harness the technology's full potential in collaboration with your own expertise. Always check your assessment instructions carefully as there may still be limitations on what constitutes acceptable use, and these may be specific to each assessment. | You will be taught how to use generative AI and assessed on its use.
Your collaboration with GenerativeAI must be clearly referenced just as you would reference any other resourcetype used. Click on the link belowto learn how to reference GenerativeAI. https://library.kaplan.edu.au/referencing-other- sources/referencing-other-sources-generative-ai
In addition, you must include an appendix that documents your GenerativeAI collaboration including all prompts and responses used for the assessment.
Unapproved use of generative AI as per assessment details during the content generation parts of your assessment may potentially result in penalties for academic misconduct, including but not limited to a mark of zero for the assessment. Ensure you followthe specific assessment instructions in the section above. |
✓ |
Get original papers written according to your instructions and save time for what matters most.
