Analyse and interpret threat datacontents ictcys gather

Student
Assessment Guide: ICTCYS407 Gather, analyse and interpret

Disclaimer:
The Australian College of Business Intelligence does not invite reliance upon, nor accept responsibility for, the information it provides. The Australian College of Business Intelligence makes every effort to provide a high-quality service. However, neither the Australian College of Business Intelligence, nor the providers of data, gives any guarantees, undertakings or warranties concerning the accuracy, completeness or up-to-date nature of the information provided. Users should confirm information from another source if it is of sufficient importance for them to do so.

1. Assessment Information

A. Purpose of assessment

All tasks of this assessment require you to use the provided case study information relating to the college Sydney Institute.

C. Competencies being assessed

	ICT50220 Diploma of Information Technology – Front end web development Student Assessment Guide: ICTCYS407 Gather, analyse and interpret threat data

Performance Evidence

o firewall info

o systems

Knowledge Evidence

You must be able to demonstrate knowledge of the following:

o access control systems

o security and event management systems (SIEM)

o SQL injection (SQLi)

o cross-site scripting (XSS) attacks

• common cyber security threats and their impacts on business functions

• organisational policies and procedures applicable to gathering, analysing and interpreting threat

 processes in obtaining and analysing results.

To complete this assessment, please refer to the following resources provided on Moodle:

 ICTCYS407 learner guide
 ICTCYS407 Marking Guide
 ICTCYS407 Case study folder
 Additional student assessment information

G. Instructions for completing this assessment

Answer the questions below using the spaces provided:

	ICT50220 Diploma of Information Technology – Front end web development Student Assessment Guide: ICTCYS407 Gather, analyse and interpret threat data

Please refer to the “Instructions for Submitting Your Assessment” found within the unit course page on Moodle.

2. Assessment Coversheet

Candidate Name:

Qualification: ICT50220 Diploma of Information Technology = Front end web development

Units of Competency: ICTCYS407 Gather, analyse and interpret threat data

Due Date: 09 May 2021 Date Submitted: 04 May 2021

Declaration: I have read and understood the following information at the beginning of

I declare this assessment is my own work and where the work is of others, I

have fully referenced that material.

Student Assessment Guide: ICTCYS407	Version: v21.0
			Review: April 2022

Anti-malware software tools usually have a database of malware signatures. Active or passive scans of the system can help recognise the signature and take preventative action such as deleting or quarantining infected files. Therefore it’s important to keep the software updated - as new malware programs appear, their specific signatures are added to the signature database.

Commonly used anti-malware tools include Windows Defender, MalwareBytes, Avast, Kaspersky and others.


Developed by: ACBI	Approved by: DoS

A5. For each of the following types of cyber security attacks, list the objective of the attack and its potential impact on a business.

	ICT50220 Diploma of Information Technology – Front end web development Student Assessment Guide: ICTCYS407 Gather, analyse and interpret threat data

B. Task B – Prepare to gather threat data


	Approved by: DoS	Issued: April 2021

Firewall in place: Cisco Firepower 1010 (https://www.cisco.com/c/en/us/products/collateral/security/firepower-1000-series/datasheet-c78-742469.html) Max throughput: 650 Mbps, IPS throughput: 650 Mbps, Interfaces: 8 x RJ45, maximum concurrent sessions with AVC: 100k

B2. Legislative requirements and policies and procedures
1. List at least two legislation that apply to gathering, interpreting and analysing threat data.

Explain the relevance of this legislation to gathering, interpreting and analysing threat data.

1. Privacy Act 1988 (Privacy Act) is the principal legislation for data protection in Australia. It lists requirements for protecting your customers’ personal information from:
 theft
 misuse
 interference
 loss
 unauthorised access
 modification
 disclosure

If a business has an annual turnover of over $3 million, it must comply with the Privacy Act. Certain categories of businesses may be required to comply with the act even if their annual turnover is lower than $3m and they are listed in the act. The act also includes Australian Privacy Principles (APPs), a set of guidelines and principles that help understand the responsibilities as well as handling, use and managing of personal information.

B3. Gathering data Discuss the data that you will collect and rationale for this. Also include a description of your strategy for gathering, analysing and interpreting this data. This should include how you will log the data and the analytic platform you will used to analyse the data.


Developed by: ACBI	Approved by: DoS

C. Task C - Analyse threat data

C1 Data analysis Describe the analytic platform you have used for the data. Refer to Learner guide ICTCYS407 Topic 2: Analysing threat data NOTE: Answer in 100-200 words


	Approved by: DoS	Issued: April 2021


Only one set of data was analysed. There was no other comparable set of data available to be compared side by side, which therefore produced no discrepancies.