Unit Number: Unit 8 Security

Assignment Brief
Programme Title Pearson BTEC Higher National Diploma in
Digital Technologies for England (Cyber
Security)
Cohort September 24

Unit Number and Title Unit 8: Security

Academic Year 2025 – 2026

Unit Tutors Rajeev Nath, Wing Hoi Lam, Dan Ali,

Tamasree Halder, Sonjoy Das

Assignment Title Risk assessment of IT security, possible

solutions and mechanisms to control IT
security risk.
Issue Date 10/03/2025

Submission Date 25/05/2025

(Sunday 25th May using Summative
submission link on Moodle).
Submission Format
The submission is in the form of:
1. A report (4500 words) :-
• Part A : Research findings (1500 words)
• Part B : Security awareness handbook (3000 words)
2. A 10-minute recorded demonstration
Assignment Guidelines:
✓ Use a cover page, Title Page, and Contents page for the report.
✓ The main body of the report should be concise and in a formal academic style.
✓ Use at least 1.5 spacing and Times New Roman/ Arial font size 12.
✓ Use headings, paragraphs, and subsections as appropriate.
✓ Support the work with research, in-text citations, as well as statistics when relevant.
✓ Provide introduction, conclusion, evaluation, and recommendations.
✓ Use Appendices (if any).
✓ Use the Harvard Referencing Style for in-text citations and reference lists.
✓ Provide a reference list using the Harvard referencing system.
 ✓ Respect the word limit of 4500 words (+/- 10%), excluding the cover page, contents page,
list of references and appendices, although you will not be penalised for exceeding
the total word limit.

Note: Your submission must be word-processed, written work with a clear indication of the unit
number and title, your name and registration number, and the student declaration.
✓ Attach the front sheet of this assignment brief to your work for assignment submission with
signatures on the statement of authenticity.
✓ Assignments submitted after the deadline will not be accepted unless Extenuating
Circumstances Form is submitted with third-party evidence.

Unit Learning Outcomes

• LO1 Assess risks to IT security.
• LO2 Describe IT security solutions.
• LO3 Review mechanisms to control organisational IT security.
• LO4 Manage organisational security.

Transferable skills and competencies developed

• Articulating and explaining information effectively.
• The ability to research, critically analyse, evaluate, and present the impact of security
breaches.
• Critical thinking and analytical reasoning, and development of communication skills,
critical thinking, analysis, reasoning, and interpretation.
• Problem-solving and scientific writing.
Vocational scenario

Skills Guide Ltd is one of the United Kingdom's (UK) largest training organisations,
offering continued professional development to clients in the UK.

You recently joined Skills Guide Ltd Junior Information Security Analyst, and your line
manager has requested you to critically assess the Skills Guide Ltd system.

As you critically assessed the system, a security breach was discovered in the finance
department. It was revealed that an accountant had received insufficient fund notifications
for regularly recurring bills. Upon further assessment from the finance manager, it was
discovered that the accounting records are exposed to the serious risk of a ransomware
crypto-worm attack.

You further investigated this problem and confirmed that the finance manager had clicked
on a link in an email that she thought was from Johnson Bank. However, it wasn’t. When
they clicked the link, the PC was infected by a ransomware crypto-worm. This resulted
in a demand for more than £2.5 million to restore the business-critical data, and the
management has contacted you to help them mitigate the risk of a repeat attack.

Crypto-worm Ransomware Attack Timeline:

Time Event Description

9 am Initial Infection The Head of Finance at Skills Guide Ltd receives an email via their
personal email account, with the subject " Urgent: Financial Report"
from what appears to be a legitimate sender. The email contains a
link to download a file labelled "FY2023FinancialReport.pdf".
Unaware that the email is a phishing attack, the Head of Finance
clicks on the link, using their work PC.

9:02 am File Download The link downloads a malicious file masquerading as a financial
and Infection report. As soon as the file is downloaded and executed, it infects the
PC with a crypto-worm ransomware virus. The virus begins to
encrypt all files on the PC, including business-critical data.

9:05 am Ransom The malware demands a ransom payment of £2.5 million in Bitcoin
Demand within 48 hours, otherwise all encrypted files will be permanently
deleted. A unique decryption key will be provided, they are told,
which is the only means to restore the encrypted files – assuming
the ransom is paid. The business has no way of knowing if this is
true
9:15 am Initial Response The Head of Finance reports the incident to the IT department, who
immediately isolate the infected PCs from the network and
disconnect it from the internet.

9:30 am - Containment The IT team begins containment efforts by

10:00 am efforts 1. Disabling all network connections to prevent further spread of
the malware.
2. Isolating the affected PC to prevent data exfiltration or further
infection.
3. Running a virus scan and memory dump analysis to understand
the scope of the attack

10:00 am - Notification and The IT team notifies senior management, including the CEO and
11:30 am Incident CFO, about the incident and begins an incident response plan. The
Response
plan includes
1. Activating a crisis management team.
2. Conducting a thorough investigation to determine the root cause
of the attack.
3. Developing a containment strategy to prevent further spread.
 12:00 pm - Data Restoration The IT team begins restoring data from scratch, as there are no
5:00 pm backups available. This process is time-consuming and laborious
due to the outdated operating systems and lack of backup
infrastructure.
Assignment activity and guidance

Scenario:

You examined the subnetwork design and implementation for the finance department at
Skills Guide Ltd as shown below, and identified security flaws.

Produce an academic report that will be presented to the management. It is mandatory

that your explanations closely align with the scenario given above. The inclusion of
references and citations is required to ensure the integrity of the report. Furthermore, it is
important to present a professional document that adheres to a structured format.

Figure 1: Subnetwork design of Skills Guide Ltd (Finance Department and Head Office)

The content of your report should include:

• Introduction of key concepts such as “Vulnerability,” “Threat,” and “Risks,” which are
commonly used in the cybersecurity field. Additionally, clarify the relationship among
these terms.
• Discuss the types of risks relevant to Skills Guide Ltd . Highlight the infrastructure,
network, and other technical misconfigurations, as well as the unorganised internal
company processes and human errors that can contribute to a crisis.
 • Assess the security procedures of Skills Guide Ltd . The company has internal
processes, including risk assessments, disaster recovery plans, and policies.
Evaluate whether these processes are functioning as intended
• Network Monitoring tools play a significant role in providing information in crisis
situations. Management continuously checks the reports generated by the monitoring
tools. Analyse the benefits of implementing network monitoring systems with
supporting reasons.
• To conclude, the first phase of the report provides a comprehensive evaluation of
the various physical and virtual measures that management can implement to
ensure organisational security at Skills Guide Ltd . If multiple similar measures are
available, offer a detailed explanation of the most suitable one for Skills Guide Ltd ,
including your rationale for this choice. Additionally, discuss the importance of the
selected measure and outline how it should be implemented.

Demonstration: IT security solutions

• Network firewalls and VPNs are two major factors contributing to Skills Guide Ltd .’s
security. Discuss the consequence of incorrect or improper configuration of
firewall policies and third-party VPNs.
• Once you outline the consequences, discuss how to implement the components
such as Firewall, Static IP, Network Address Translation (NAT), DMZ and VPN. It
is important that you implement these components using a network simulation tool
for Skills Guide Ltd . Cisco Packet Tracer is recommended for implementation. In
addition to that, discuss how the implementation of the above components secures
Skills Guide Ltd .
• The next stage proposes a method to assess and treat Skills Guide Ltd 's current
risks. Explain how risk assessment can be implemented for Skills Guide Ltd. Feel
free to demonstrate any available documentation, such as a risk map and anything
else, during the demonstration.

In addition, your demonstration should include:

• Evaluation of a range of physical and virtual security measures that can be
employed to ensure the integrity of Skills Guide Ltd ’s system.

Security Awareness Handbook: Mechanisms to control and manage organisational

security.

Due to the negative impact of the security breach, the management has decided to
organise a security awareness day scheduled for the upcoming weeks. You have been
tasked to create a ‘Security Awareness Handbook’ for this program. This document will
address the following key headline topics/themes:

• Risk assessment—Review the risk assessment procedures available at Skills

Guide Ltd . If the organisation does not currently follow a risk assessment process,
release the proposed risk assessment strategy to the employees.
• Like many other organisations, Skills Guide Ltd must adhere to data protection laws,
including the General Data Protection Regulation (GDPR) and various other acts
 designed to safeguard the data of employees and customers. Explain in detail the
processes and regulations Skills Guide Ltd follows to ensure compliance.
• Design an IT security policy such as password and email for Skills Guide Ltd ;
include the policy objectives, aim, who needs to follow the policy, who approved the
policy and steps the employees need to take to apply the policy.
• Justify the security plan you have developed, giving reasons for the elements
selected.
• Design a disaster recovery plan for Skills Guide Ltd and highlight the main
components of an organisational disaster recovery plan. It is recommended to
address components such as backup strategy, communication plan, recovery
objectives and asset inventory.
• Identify the stakeholders at Skills Guide Ltd. Consider discussing their roles and
involvement in implementing security audits. It is recommended that stakeholders
be categorised into three groups: employees/externals responsible for designing and
implementing policies, employees/externals who adhere to these policies, and those
tasked with approving the policies.
• Summarise an appropriate risk-management approach or ISO standard, such as
ISO27001 or 31000, and its application in IT security at Skills Guide Ltd .
• What are the differences between a cybersecurity audit and a risk assessment
process? Security audits offer numerous benefits to organisations. Analyze the
potential positive and negative impacts on organisational security from an IT
security audit at Skills Guide Ltd.
• During the last stages of the handbook, highlight the security misalignments the
organisation had and their impact in the initial phases and provide
recommendations on how the introduction of policies assist in improving the
security of Skills Guide Ltd .
• Evaluate the tools that can be used to develop and maintain organisational policies
that assist in achieving business needs. It's essential to address the pros and cons
of each tool and its functionality. Finally, justify why the tools proposed are important
for policy creation.

Note: The Security Awareness handbook is part of the report. Do not submit two
separate documents during the submission time; instead, attach the handbook to the
report.

*Please access HN Global for additional resources support and reading for this unit.
For further guidance and support on report writing please refer to the Study Skills
Unit on HN Global www.highernationals.com

• Collusion and Plagiarism must be avoided.

• Start each section on a new page, and the pages should be numbered. Highlight each
question clearly.
• Include a Bibliography at the end of the assignment and use the Harvard referencing style.
• All work should be comprehensively referenced, and all sources must be fully acknowledged,
such as books and journals, websites (include the date of visit), etc.
 • To get a pass, you need to address all the LOs and meet all the PASS (Ps) criteria within the
LO.
• To get a merit, you need to address the characteristics of Pass and then M1, M2, M3 and
M4.
• To get a distinction, you need to address the characteristics of Pass, Merit, and then D1 and
D2.

Recommended Resources
Please note that resources listed are examples for you to use as a starting point in
your research – the list is not definitive.

Textbooks
• David Sutton (2022) Cyber Security : The Complete Guide to Cyber Threats and Protection.
Swindon: BCS, The Chartered Institute for IT. Available at:
https://research.ebsco.com/linkprocessor/plink?id=d540314d-cf46-37fc-bf75-ce983397c51c
(Accessed: 4 November 2024).

• Andy Taylor et al. (2020) Information Security Management Principles. Swindon: BCS, The
Chartered Institute for IT. Available at:
https://research.ebsco.com/linkprocessor/plink?id=bfd777e0-4a54-3b3f-b853-
8a54730267ef (Accessed: 19 November 2024).

• Alan Calder and Steve Watkins (2019) Information Security Risk Management for ISO
27001/ISO 27002, Third Edition. Ely, Cambridgeshire, United Kingdom: ITGP. Available at:
https://research.ebsco.com/linkprocessor/plink?id=6f87a03f-290b-3d22-a3d0-
be243a0c8b54 (Accessed: 19 November 2024).

• Lawrence Webber and Michael Wallace (2011) The Disaster Recovery Handbook : A Step-
by-Step Plan to Ensure Business Continuity and Protect Vital Operations, Facilities, and
Assets. New York: AMACOM. Available at:
https://research.ebsco.com/linkprocessor/plink?id=3a98827e-b8ac-3775-b5b5-
a7d442ccac25 (Accessed: 19 November 2024).

Journals, Website

www.bcs.org BCS, The Chartered Institute IT

www.bsa.org Software Alliance
www.fast.org.uk Federation Against Software Theft
www.ico.org.uk Information Commissioners Office
Learning Outcomes and Assessment Criteria
Pass Merit Distinction

LO1 Assess risks to IT security.

P1 Discuss types of security M1 Analyse the benefits of
risks to organisations. implementing network
P2 Assess organisational monitoring systems with
security procedures. supporting reasons.
LO2 Describe IT security solutions.
LO1 & LO2
D1 Evaluate a range of
P3 Discuss the potential M2 Propose a method to
physical and virtual
impact to IT security of assess and treat IT security
security measures that
incorrect configuration of risks.
firewall policies and third-party can be employed to
VPNs. ensure the integrity of
organisational IT security.
P4 Discuss, using an example
for each, how implementing a
DMZ, static IP and NAT in a
network can improve network
security.
LO3 Review mechanisms to control organisational IT security.
P5 Review risk assessment M3 Summarise an D2 Recommend how IT
procedures in an organisation. appropriate risk- security can be aligned
management with an organisational
approach or ISO standard policy, detailing the
and its application in IT security impact of any
security. misalignment.
P6 Explain data protection M4 Analyse possible
processes and regulations as impacts to organisational
applicable to an organisation. security resulting from an IT
security audit.
LO4 Manage organisational security.

M5 Justify the security plan D3 Evaluate the suitability

P7 Design a suitable security
developed giving reasons of the tools used in the
policy for an organisation,
for the elements selected. organisational policy to
including the main
meet business needs.
components of an
organisational disaster
recovery plan.

P8 Discuss the roles of

stakeholders in the
organisation in implementing
security audits.