Answer Booklet & Marking Guide

ICTNWK502 Implement Secure Encryption

Technologies

Student Must Fill this Section

Signature: Date: 25-04-2021

Privacy Release “I give my permission for my assessment material to be used in the

Clause: auditing, assessment validation & moderation Process”.
“I declare that:
Authenticity  The material I have submitted is my own work;
Declaration:  I have given references for all sources of information that are not
my own, including the words, ideas and images of others”.

Information for Student:

 All work is to be entirely of the student.

General Information for this assessment:

 Read the instructions for each question very carefully.

 Be sure to PRINT your FIRST name & LAST name in every place that is provided.
 Short questions must be answered in the spaces provided.
 For those activities requesting extra evidence such as: research reports, essay reports, etc. The student must
attach its own work formatted in double space, Arial 12 pts.
 All activities must be addressed correctly in order to obtain a competence for the unit of competency.
 If the student doesn’t understand the assessment, they can request help from the assessor to interpret the
assessment.
 Re-submission of assessment after the term will incur additional fees.

WSC-ABMGICTICT418-V1.5-20032019 Page | 1

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
Re-assessment of Result & Academic Appeal procedures:

If a student is not happy with his/ her results, that student may appeal against their grade via a written letter, clearly
stating the grounds of appeal to the Chief Executive Officer. This should be submitted after completion of the subject
and within fourteen days of commencement of the new term.

Re-assessment Process:
 An appeal in writing is made to the Director of Studies (DOS) providing reasons for re-assessment /appeal.
 DOS will delegate another faculty member to review the assessment.
 The student will be advised of the review result done by another assessor.
 If the student is still not satisfied and further challenges the decision, then a review panel is formed comprising
the lecturer/trainer in charge and the DOS OR if need be an external assessor.
 The Institute will advise the student within 14 days from the submission date of the appeal. The decision of
the panel will be deemed to be final.
 If the student is still not satisfied with the result, the he / she has the right to seek independent advice or follow
external mediation option with nominated mediation agency.
 Any student who fails a compulsory subject or appeals unsuccessfully will be required to re-enrol in that
subject.

The cost of reassessment will be borne by the Institute. The external assessor will base his/her judgement based on
principles of assessment. These principles require assessment to be reliable, fair, practical and valid.

Academic Appeals:
 If you are dissatisfied with the outcome of the re-evaluation process, you have a right to appeal through
academic appeals handling protocol.
 To appeal a decision, the person is required to complete the WSC- Request for Appeal of a Decision form
with all other supporting documents, if any. This form is available via our website. The completed Request for
Appeal form is to be submitted to the Student Support Officer either in hard copy or electronically via the
following contact details:
Student Support Officer, Western Sydney College (WSC), 55 High St, Parramatta NSW 2150, Email:
support@[Link]
 The notice of appeal should be in writing addressed to the Chief Executive Officer and submitted within seven
days of notification of the outcome of the re-evaluation process.
 If the appeal is not lodged in the specified time, the result will stand and you must re-enrol in the unit.
 In emergency circumstances, such as in cases of serious illness or injury, you must forward a medical
certificate in support of a deferred appeal. The notice of appeal must be made within three working days of
the concluding date shown on the medical certificate.
 The decision of Chief Executive Officer will be final.
 Student would then have the right to pursue the claim through an independent external body as detailed in the
students’ complaint / grievance policy.

Assessment Task 1 – Marking Guide

Assessor Name

WSC-ABMGICTICT418-V1.5-20032019 Page | 2

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
Assessment Date/s

Outcomes
Satisfactory
Did the student submit the following? Yes No

Completed written questionnaire.

Performance indicators
Satisfactory
Did the student submit evidences for the following? Yes No
Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Comments/Feedback to Student

WSC-ABMGICTICT418-V1.5-20032019 Page | 3

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 Outcome: Successful Unsuccessful

Student Signature:

Assessor Name:

Assessor Signature:

Resubmission Comments/Feedback to Student

Outcome: Successful Unsuccessful

Student Signature:

Assessor Name:

Assessor Signature:

WSC-ABMGICTICT418-V1.5-20032019 Page | 4

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 Assessment Task 1

1. Explain certificate related infrastructure (certificate authorities, registration authorities,

repository services).

Public Key Infrastructure (PKI) is a technology for authenticating users and devices in the

digital world. The purpose of a PKI is to securely associate a key with an entity. The
trusted party signing the document associating the key with the device is called
a certificate authority (CA).

A public-key infrastructure is a set of roles, policies, hardware, software, and procedures

needed to create, manage, distribute, use, store and revoke digital certificates and
manage public-key encryption.

A PKI certificate involves the use of mathematically related key pairs, known as the public
key and private key, which are generated and assigned to verify the identities of the
endpoints. These keys are also used for encrypting and decrypting the data.

To secure the data that is then shared on the public domain, via websites and file sharing
platforms, certificates and endorsements have been introduced to flag site, system and
other points of safety. When you register new websites, create logins, use web interfaces
and data repositories to transmit information, the certificate infrastructure secures your
data to ensure that real people are sending real data and to the expected recipient. You
will learn more about the Public Key Infrastructure that underpins certificate of sites,
databases, and networks later in this topic. For the system to work, a certificate authority
(CA) is given a key which enables them to authorise sites, databases users, site
registrations and more to share information across a closed network. The certificate tags
the entity as safe or trusted to share information. In general, this happens automatically
but is overseen and reviewed by a person based on logs and upon the request of a user.
Those certificates are then validated and authenticated by a registration authority (RA)
who authenticates both the sender and receiver and authorises the encryption and
decryption processes.

WSC-ABMGICTICT418-V1.5-20032019 Page | 5

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 2. Summarise common asymmetric key algorithms and their usage.

The distinguishing technique used in public key cryptography is the use

of asymmetric key algorithms, where the key used to encrypt a message is not the same
as the key used to decrypt it. Popular asymmetric encryption algorithms are RSA, Diffie-
Hellman, ElGamal, and ECC.
Asymmetric cryptography is a branch of cryptography where a secret key can be divided
into two parts, a public key and a private key. The public key can be given to anyone,
trusted or not, while the private key must be kept secret (just like the key in symmetric
cryptography).
Examples of well-regarded asymmetric key techniques for varied purposes include:
 Diffie–Hellman key exchange protocol.
 DSS (Digital Signature Standard), which incorporates the Digital
Signature Algorithm.
 ElGamal.
 Elliptic-curve cryptography. ...
 Various password-authenticated key agreement techniques.
 Paillier cryptosystem.

3. Explain common symmetric key algorithms and their usage, such as:
a) advanced encryption standard (AES)
b) data encryption standard (DES)
c) triple data encryption algorithm (triple DES)

WSC-ABMGICTICT418-V1.5-20032019 Page | 6

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 d) Blowfish

a) Advanced Encryption Standard (AES)

AES has been adopted by the U.S. government. It supersedes the Data Encryption
Standard (DES), which was published in 1977. The algorithm described by AES is a
symmetric-key algorithm, meaning the same key is used for both encrypting and
decrypting the data.
Key sizes: 128, 192 or 256 bits

Certification: AES winner, CRYPTREC, NESSIE, NSA

Block sizes: 128 bits

Rounds: 10, 12 or 14 (depending on key size)

Usage

The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S.
government to protect classified information. AES is implemented in software and
hardware throughout the world to encrypt sensitive data. It is essential for government
computer security, cybersecurity and electronic data protection.
b) Data Encryption Standard (DES 
The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of
digital data. Although its short key length of 56 bits makes it too insecure for applications, it
has been highly influential in the advancement of cryptography.
Key sizes: 56 bits (+8 parity bits)

Successions : Triple DES, G-DES, DES-X, LOKI...

Block sizes: 64 bits

Rounds: 16

Usage:

The DES was a data security standard used to encrypt and decrypt non-classified

computer data generated by the United States government and any commercial
organization. It was a 64-bit encryption algorithm made up of a 56-bit key with 8 bits used
to determine parity.

c) triple data encryption algorithm (triple DES) :

In cryptography, Triple DES (3DES or TDES), officially the Triple Data Encryption

Algorithm (TDEA or Triple DEA), is a symmetric-key block cipher, which applies
the DES cipher algorithm three times to each data block.
Key sizes: 168, 112 or 56 bits (keying option 1, ...

WSC-ABMGICTICT418-V1.5-20032019 Page | 7

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
Rounds: 48 DES-equivalent rounds

Block sizes: 64 bits

Structure: Feistel network

Usage:

Rather than using a single key as in DES, 3DES runs the DES algorithm three times,

with three 56-bit keys:
 Key one is used to encrypt the plaintext.
 Key two is used to decrypt the text that had been encrypted by key one.
 Key three is used to encrypt the text that was decrypted by key two.

d) Blowfish
The Blowfish algorithm Blowfish is a symmetric encryption algorithm, meaning that it uses
the same secret key to both encrypt and decrypt messages. It works for key size of 256
and 448 bits also. It is related to AES (Advanced Encryption Standard) and an earlier
block cipher called Blowfish.

Usage
Blowfish is a symmetric block cipher that can be used as a drop-in replacement for DES or
IDEA. It takes a variable-length key, from 32 bits to 448 bits, making it ideal for both
domestic and exportable use. Blowfish was designed in 1993 by Bruce Schneier as a fast,
free alternative to existing encryption algorithms.

4. Explain encryption strength.

Encryption is critically important to any sort of security because a file that only has a
password on it and is not encrypted can be opened and read by anyone with the right
skills. That is worse than no security at all, because it gives a false impression of security. 
When you apply a password to an attachment in the Assemblage Emailer tool, the
contents of the file are actually encrypted.  Without the password, the decryption keys are
not known, so the content cannot be recovered by an attacker.

The size of the encryption key is usually measured in 'bits'.  Most encrypted traffic that
goes over the Internet uses 128-bit encryption.  Generally speaking, the larger the key, the
stronger the encryption - but you have to be a bit careful with this.  A modern computer
would require many, many thousands of years to try every combination of a 128-bit
encryption key (this is called a 'brute force' attack).  By going to 256-bit encryption, you
can change that to millions and millions of years.  But the *effective* security is the same. 
128-bit key lengths have been found by the security community to provide a nice balance
of encryption that would take a really, really long time to crack with brute force techniques,
without the key becoming ridiculously long.

When you password protect email attachments in the Assemblage Emailer Tool, the
software takes the password and turns it into a 128 (or 256) bit key using an algorithm

WSC-ABMGICTICT418-V1.5-20032019 Page | 8

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
called a one-way hashing algorithm.  If you input the same password, you get the same
128 or 256-bits of effectively random data.  But it is not possible to start with the 128-bits
of data and obtain the password.
 
The files generated by Assemblage are actually not password protected.  In fact, the
password isn't part of the file at all.  Instead, the contents are encrypted using a symmetric
algorithm.  The key for the symmetric algorithm is obtained by taking the password and
processing it with a one-way hashing algorithm.
 
When a user opens the attachment, they are prompted for a password.  The password is
not compared against any value in the attachment.  The password is used to
mathematically obtain the decryption key.

Assemblage offers 4 different levels of Encryption.  See PDF Compatibility Levels for more

information on the level of encryption for each version of Adobe.

The higher the level of encryption you use, the more secure the attachments will be from
attackers.  That being said, certain versions of Adobe are required to decrypt the
attachments as well.

In Assemblage versions 2.02 and higher the default setting is to apply AES 128 bit
encryption, if you wish to use a different level of encryption, please notify your Trumpet
Consultant.

5. Summarise various encryption types, including public key, secret key, hash key.

There are two types of encryption in widespread use today: symmetric and asymmetric

encryption. The name derives from whether or not the same key is used for encryption and
decryption.
In technical terms, your shared data is encoded; it is converted into an unreadable

WSC-ABMGICTICT418-V1.5-20032019 Page | 9

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
format. When it reaches to the person at the receiving end, the unreadable data is
decoded and becomes readable to the specified recipient only. This entire process
of encoding/decoding is only possible with the help of a digital “key”
There are two encryption keys based on which different types of encryption work:

1) Symmetric:  It works on a single private key; therefore, it is faster than

asymmetric encryption (explained in detail in the next bullet). In this encryption
method, the sender must share the private key with the receiver to access the data
or information.

2) Asymmetric: This encryption method works with two keys: one public key and
one private key. The public key is shared with anyone. However, the private key
must remain as a secret key because you will encrypt your data or message using a
public key and decrypt using a private key.

 
Since this encryption technique works on two keys, therefore any algorithm based
on it will be considered the strongest encryption type because it ensures high levels
of security. Until now, no one has been able to hack asymmetric key encryption.

Hashes

Once you have chosen your desired encryption type, you need to further make sure
that your data is not altered and is authentic and verified. For that, you need to use
hashes. They are a one-way function that takes a large set of data and convert
them into a small standard size data.  You create a unique fingerprint that is proof

WSC-ABMGICTICT418-V1.5-20032019 Page | 10

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
that your data has not been altered during different encryption levels. The outcome
of hashing is called hash value or hash digest.

6. Summarise the functions and features of:

a) access control permissions
b) digital signatures
c) symmetric encryption, asymmetric encryption and one-way encryption
d) timestamps

 access control permissions

In the fields of physical security and information security, access control (AC) is the
selective restriction of access to a place or other resource while access
management describes the process. The act of accessing may mean consuming, entering,
or using. Permission to access a resource is called authorization. Access control systems
come in three variations: Discretionary Access Control (DAC), Managed Access
Control (MAC), and Role-Based Access Control (RBAC).
 digital signatures
A digital signature is a mathematical scheme for verifying the authenticity of digital messages
or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient
very strong reason to believe that the message was created by a known sender

WSC-ABMGICTICT418-V1.5-20032019 Page | 11

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
(authentication), and that the message was not altered in transit (integrity).
 symmetric encryption, asymmetric encryption and one-way encryption
 Symmetric encryption is a type of encryption where only one key (a
secret key) is used to both encrypt and decrypt electronic information. The
entities communicating via symmetric encryption must exchange the key so
that it can be used in the decryption process.
 Asymmetric encryption is a type of encryption that uses two separates yet
mathematically related keys to encrypt and decrypt data. The public
key encrypts data while its corresponding private key decrypts it. This is why it's
also known as public key encryption, public key cryptography, and asymmetric
key encryption.
 A "one-way hash function," the one-way means that it is extremely difficult to
turn the digest back into the original message. It is also exceedingly rare that
two different message inputs can result in the same digest output. Not the
Same as Hash Tables. Cryptographic hashes differ from hash tables.
 A timestamp is a sequence of characters or encoded information identifying when
a certain event occurred, usually giving date and time of day, sometimes accurate
to a small fraction of a second.

7. Explain one-way message digests, such as message digest algorithm 5 (MD5) and
secure hash algorithm (SHA).

Secure Hash Algorithm (SHA) and Message Digest (MD5) are the standard cryptographic
hash functions to provide data security for multimedia authentication. It is a major enabling
technology for network security used to achieve specific security objectives. SHA and
MD5 are the two well recognized hash functions.
A message digest (or hash) function is a cryptographic primitive used for digital signatures
and password protection. It maps a message of arbitrary length to a fixed-length hash
value or "message digest". The same input (message) will always result in the same
output.

WSC-ABMGICTICT418-V1.5-20032019 Page | 12

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
A message digest algorithm or a hash function, is a procedure that maps input data of an
arbitrary length to an output of fixed length. Output is often known
as hash values, hash codes, hash sums, checksums, message digest, digital fingerprint or
simply hashes.
In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographic hash function which
takes an input and produces a 160-bit (20-byte) hash value known as a message digest –
typically rendered as a hexadecimal number, 40 digits long.
First published: 1993 (SHA-0), 1995 (SHA-1)

Series: (SHA-0), SHA-1, SHA-2, SHA-3

Digest sizes: 160 bits

Certification: FIPS PUB 180-4, CRYPTREC

8. Explain public key infrastructure (PKI), pretty good privacy (PGP) and GNU Privacy
Guard (GnuPG).

 A public-key infrastructure (PKI) is a set of roles, policies, hardware, software

and procedures needed to create, manage, distribute, use, store and revoke digital
certificates and manage public-key encryption. Public Key Infrastructure (PKI) is a
technology for authenticating users and devices in the digital world. The basic idea
is to have one or more trusted parties digitally sign documents certifying that a
particular cryptographic key belongs to a particular user or device.
 Pretty Good Privacy is an encryption program that provides cryptographic privacy
and authentication for data communication. PGP is used for signing, encrypting,
and decrypting texts, e-mails, files, directories, and whole disk partitions and to
increase the security of e-mail communications.
PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.

WSC-ABMGICTICT418-V1.5-20032019 Page | 13

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 PGP uses a digital signature (a combination of hashing and public key encryption)
to provide integrity, authentication, and non-repudiation. PGP uses a combination
of secret key encryption and public key encryption to provide privacy. Pretty Good
Privacy (PGP) is an encryption system used for both sending encrypted emails and
encrypting sensitive files. Since its invention back in 1991, PGP has become the
de facto standard for email security.
 GNU Privacy Guard is a free-software replacement for Symantec's PGP
cryptographic software suite. It is compliant with RFC 4880, the IETF standards-
track specification of OpenPGP. Modern versions of PGP are interoperable with
GnuPG and other OpenPGP-compliant systems.
GnuPG is a hybrid-encryption software program because it uses a combination of
conventional symmetric-key cryptography for speed, and public-key cryptography
for ease of secure key exchange, typically by using the recipient's public key to
encrypt a session key which is used only once.

9. Outline replay security.

A replay attack is a form of network attack in which valid data transmission is maliciously
or fraudulently repeated or delayed. This is carried out either by the originator or by an
adversary who intercepts the data and re-transmits it, possibly as part of a spoofing attack
by IP packet substitution. 
A replay attack is a category of network attack in which an attacker detects a data
transmission and fraudulently has it delayed or repeated. The delay or repeat of the data
transmission is carried out by the sender or by the malicious entity, who intercepts the
data and retransmits it.
Replay attacks can be prevented by tagging each encrypted component with a session ID
and a component number. This combination of solutions does not use anything that is
interdependent on one another. Due to the fact that there is no interdependency, there are
fewer vulnerabilities.

WSC-ABMGICTICT418-V1.5-20032019 Page | 14

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
10. Outline possible sources of security threats, including eavesdropping, data interception,
data corruption, data falsification and authentication issues.

Primary sources of threats are employees/insiders, malicious hackers, natural disasters,

foreign adversaries, and hostile attacks. In several cases, the areas
for sources of threats may overlap. For example, hostile attacks may be performed by
foreign adversaries or a disgruntled employee.
A security threat is a challenge to the integrity of information systems that arises from
one of three sources: human errors and mistakes, computer crime, and natural events
and disasters.
 Phishing attacks are a type of information security threat that employs social
engineering to trick users into breaking normal security practices and giving up
confidential information, including names, addresses, login credentials,
Social Security numbers, credit card information and other financial information.
 Eavesdropping is the act of secretly or stealthily listening to the private
conversation or communications of others without their consent in order to gather
information. Eavesdropping is considered a crime in many states when one party
secretly records, overhears, or shares the private communications of another
person without their consent or a court order, or when an enhanced listening
device is used. This is so even if the communication occurs in a public setting.
It is also possible to be sued by a “victim” of eavesdropping in a civil suit if he or
she claims to have suffered economic damages as a result. A plaintiff may sue for
$5,000 or three times the amount of the economic damages, whichever is greater.
 One way data can be intercepted is if someone uses some hijacking software
and pretends to be the destination for communications across a network. Another
way is for a user to use 'packet sniffing' software and hardware to monitor network
traffic and intercept those packets it is interested in. Interception attacks allow
unauthorized users to access our data, applications, or environments, and are
primarily an attack against confidentiality. Common Hacking Techniques
a) Bait and Switch. ...

b) Cookie Theft. ...

c) Denial of Service/Distributed Denial of Service (DoS/DDoS) ...

d) Eavesdropping. ...

WSC-ABMGICTICT418-V1.5-20032019 Page | 15

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 e) Keylogging. ...

 Data corruption during transmission has a variety of causes. ... Hardware and

software failure are the two main causes for data loss. Background radiation, head
crashes, and aging or wear of the storage device fall into the former category,
while software failure typically occurs due to bugs in the code. Any file, document
and application data can be protected by using passwords, data encryption, and
physical security. Any hardware and software can be protected using password.
You can keep Power on Password to your computer (stored in your computer's
CMOS) before anyone start your computer. The following are possible causes
of data corruption:

a) Bad program exits.

b) Malware/virus infections.

c) Sudden loss of power--shutdown.

d) Voltage spikes.

 Data falsification: Manipulating research data with the intention of giving a false

impression. This includes manipulating images (e.g. micrographs, gels, radiological
images), removing outliers or “inconvenient” results, changing, adding or
omitting data points, etc.

Examples of falsification include: Presenting false transcripts or references in

application for a program. Submitting work which is not your own or was written by
someone else. Lying about a personal issue or illness in order to extend a
deadline.

 In security, authentication is the process of verifying whether someone (or

something) is, in fact, who (or what) it is declared to be. Authentication: Verifying
the identity of a user, process, or device, often as a prerequisite to allowing access
to resources in an information system. 4 User Authentication Issues Developers
and Admins Struggle With (Solved)

Getting Users to Set Strong Passwords. The passwords of nine out of every ten
employees can be hacked within six hours. ...

1) Encouraging Users to Implement 2FA for Their Accounts. ...

2) Preventing SMS Spoofing.

3) The Social Sign-in Puzzle.

WSC-ABMGICTICT418-V1.5-20032019 Page | 16

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
11. Explain transmission control protocol or internet protocol (TCP/IP) protocols and
applications.

TCP/IP, or Transmission Control Protocol/Internet Protocol, is a suite of

communication protocols used to interconnect network devices on the internet. TCP/IP
can also be used as a communications protocol in a private computer network (an intranet
or extranet).

TCP/IP specifies how data is exchanged over the internet by providing end-to-end
communications that identify how it should be broken into packets, addressed, transmitted,
routed and received at the destination. TCP/IP requires little central management and is
designed to make networks reliable with the ability to recover automatically from the failure
of any device on the network.

Common TCP/IP protocols include the following:

 HTTP (Hypertext Transfer Protocol), which handles the communication

between a web server and a web browser.

 HTTPS (HTTP Secure), which handles secure communication between a web

server and a web browser; and

 FTP (File Transfer Protocol), which handles transmission of files between

computers.

The 4 layers of TCP/IP

TCP/IP functionality is divided into four layers, each of which includes specific protocols:

1. The application layer provides applications with standardized data exchange.

Its protocols include HTTP, FTP, Post Office Protocol 3 (POP3), Simple Mail
Transfer Protocol (SMTP) and Simple Network Management Protocol (SNMP).

WSC-ABMGICTICT418-V1.5-20032019 Page | 17

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
 At the application layer, the payload is the actual application data.

2. The transport layer is responsible for maintaining end-to-end communications

across the network. TCP handles communications between hosts and provides
flow control, multiplexing and reliability. The transport protocols include TCP
and User Datagram Protocol (UDP), which is sometimes used instead of TCP
for special purposes.

3. The network layer, also called the internet layer, deals with packets and
connects independent networks to transport the packets across network
boundaries. The network layer protocols are IP and Internet Control Message
Protocol (ICMP), which is used for error reporting.

4. The physical layer, also known as the network interface layer or data link layer,

consists of protocols that operate only on a link -- the network component that
interconnects nodes or hosts in the network. The protocols in this lowest layer
include Ethernet for local area networks (LANs) and Address Resolution
Protocol (ARP).

12. Summarise security problems and challenges that arise from organisational issues.

The top security problems organizations are facing.

Spam

The No.1 enemy to all email users has got to be spam. Having your inbox fill up with
useless messages that promote fake designer goods, bogus get-rich quick schemes
and insinuate that you need to improve your love skills is not fun and is definitely not the
reason for which you signed up for an email account. Unfortunately spam is a growing
problem with research claiming that up to 94% of all emails that are sent are actually
spam! That is a huge number when you consider just how prevalent email usage is
nowadays.

WSC-ABMGICTICT418-V1.5-20032019 Page | 18

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
Viruses

If a virus hits it’s always bad news. A virus can copy itself and infect other machines
without the user even knowing that the machine has been infected until disaster strikes.
If a virus hits the network then it’s likely to propagate to files on other machines that are
connected to the network. Viruses can also spread via email, instant messaging, an
intranet and other shared networks causing networks and machines to overload or
crash.  Implementing an anti-virus solution can save your network and all your files and
emails that could easily be lost and corrupted.

Malware

Malware comprises a variety of malicious software types such as Trojans, worms and
spyware which will infiltrate your machine without you even realizing. Once your
machine is infected it could easily spread to executable files on other machines that are
connected to the network thus causing an IT epidemic. Whilst some malware is created
simply to disrupt a system, other malware is used for financial gain. Spyware, botnets
and keystroke loggers all have malicious intentions as they take control of infected
machines and use them to continue proliferating the attack; they also track user’s login
details for the sites that they use thus violating their privacy, as well as taking note of
credit card details if the user buys something over the Internet.

Keeping your anti-virus up to date is key to keeping your machine clean and malware-
free; failure to do so will leave you open to attack.

Network monitoring

Networks, servers, workstations – they all need to work seamlessly together for an
organization to run its day-to-day tasks. If a server crashes, then the workstations are
affected, and people can’t carry on with their work. If the network fails the repercussions
will affect the entire organization, and in turn affect production levels. So monitoring the
network and servers regularly is a main task for any IT administrator; using network and
server monitoring software this task can be automated with reports being generated on
a regular basis. Server downtime equals business downtime which leads to a loss of
profits – which all organizations want to avoid.

CHALLENGE #1: THE RECOGNIZED IMPACT OF A SECURITY BREACH

The seemingly endless news cycle of data breaches has alerted organizations, including
executive and board management, to the importance of security and the fear they might
be next.

Cyber-crime continues to escalate in frequency, impact and sophistication and threatens

enterprises regardless of size and sector. A data breach or intrusion can cause an
organization to lose customers, revenue, and reputational value, experience loss of
operational continuity and question the integrity of its data. For some businesses, those
losses would range from costly to downright irreversible.

CHALLENGE #2: THE SKILLS GAP

WSC-ABMGICTICT418-V1.5-20032019 Page | 19

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
One of the contributing and elevating factors to rising breach costs is the ongoing
InfoSec skills gap.

In the ISACA/RSA study I mentioned above, 52.44 percent of respondents felt that less
than a quarter of their organizations’ employees are qualified for their positions. Those
respondents also identified security practitioners’ ability to understand the business as the
largest skills gap.

CHALLENGE #3: THE EXPLOSIVE GROWTH IN ENDPOINTS

Long ago network designers pondered the prospect of toasters on Ethernet. As

entertaining as that notion was at the time, technology has now demonstrated that just
about everything is now, or shortly will be, connected, accessible, serviced and controlled
from the network. This explosion of connected devices and assets introduces an
incremental scaling problem that dwarfs most of our earlier security and compliance
models and predictions, toasters notwithstanding. Now more than ever, it’s imperative that
we have educated, skilled security personnel who can safeguard the modern IT
environment’s diverse array of endpoints at the scale we see now, and will see in the
future.

13. Outline wired equivalent privacy (WEP), Wi-Fi protected access (WPA) and Wi-Fi
protected access 2 (WPA2).

 Wired Equivalent Privacy (also known as the WEP) is a security algorithm

introduced to provide data confidentiality for wireless networks. ... Wired Equivalent
Privacy aims to add a layer of security to the wireless network through offering a
strong encryption to the data. Wired Equivalent Privacy (WEP) is
a security algorithm for wireless networks. WEP encrypts all traffic using a 64
or 128 bit key in hexadecimal. This is a static key, which means all traffic, no
matter the device, is encrypted using the single key.

Encryption scrambles the network connection so that no one can “listen in” to it and
look at which web pages you are viewing, for example. WEP stands
for Wired Equivalent Privacy, and WPA stands for Wireless Protected Access.

WSC-ABMGICTICT418-V1.5-20032019 Page | 20

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M
  Stands for "Wi-Fi Protected Access." WPA is a security protocol designed to
create secure wireless (Wi-Fi) networks. It is similar to the WEP protocol but offers
improvements in the way it handles security keys and the way users are
authorized.

For an encrypted data transfer to work, both systems on the beginning and end of
a data transfer must use the same encryption/decryption key. While WEP provides
each authorized system with the same key, WPA uses the temporal key integrity
protocol (TKIP), which dynamically changes the key that the systems use. This
prevents intruders from creating their own encryption key to match the one used by
the secure network.

 Wi-Fi Protected Access 2 (WPA2) is the final version of WPA agreed on by the
Wi-Fi Alliance; it implements all aspects of the ratified 802.11i security standard
and is mandatory in the Wi-Fi certification process. WPA2 is backward-compatible
with WPA and can be implemented in two versions — WPA2 personal and WPA2
enterprise.

Wi-Fi Protected Access 2, WPA2 is the security method added to WPA for

wireless networks that provides stronger data protection and network access
control. It provides enterprise and consumer Wi-Fi users with a high level of
assurance that only authorized users can access their wireless networks. Based on
the IEEE 802.11i standard, WPA2 provides government grade security by
implementing the National Institute of Standards and Technology (NIST) FIPS 140-
2 compliant AES encryption algorithm and 802.1x-based authentication.

There are two versions of WPA2: WPA2-Personal, and WPA2-Enterprise. WPA2-

Personal protects unauthorized network access by utilizing a set-up password.
WPA2-Enterprise verifies network users through a server. WPA2 is backward
compatible with WPA.

WSC-ABMGICTICT418-V1.5-20032019 Page | 21

International College of Australia Pty Ltd T/A Western Sydney College

RTO: 45360 | CRICOS: 03690M