Assignment Brief
|
Programme title |
NCFE Level 4 Diploma: Cyber Security Engineer |
|
|
Unit number and title |
2 |
Cyber security architecture (D/651/0934) |
|
Assignment number & title |
1 of 1 |
Cyber security architecture (L4) |
|
Unit Leader |
|
|
|
Assessor (s) |
|
|
|
Issue Date |
28/04/2025 |
|
|
Final assignment submission deadline |
14/07/2025 |
|
|
Late submission deadline |
The learners are required to follow the strict deadline set by the College for submissions of assignments in accordance with the NCFE level 4 submission guidelines and College policy on submissions. They should also refer to Merit and Distinction criteria that require evidence of meeting agreed timelines and ability to plan and organise time effectively without which the learner may not expect to receive a higher grade. 21/07/2025 |
|
|
Resubmission deadline |
15/08/2025 |
|
|
Feedback |
Formative feedback will be available in class during the semester after 6 weeks. Final feedback will be available within 2 – 3 weeks of the assignment submission date. |
|
|
Internal verifier |
Amjad Alam |
|
|
Signature (IV of the brief) * |
||
NCFE Level 4 Diploma: Cyber Security Engineer
Unit 02 Cyber security architecture (D/651/0934) (L4)
Session: April 2025
Coursework
Recommended maximum words 4000
You are strongly advised to read “Preparation guidelines of the Coursework Document” before answering your assignment.
|
General Guidelines |
●You should write the assignment in your own words. You are required to cite the source of any quotes or illustrations you utilise. ●At the conclusion of your document, include a list of references. You must list all of your informational sources. ●Ensure that the English you use is easily understood and that your work is presented clearly. ●Use a word processor`s “spell-checker” whenever possible. |
|
Unit number, title and learning outcomes (LOs) |
Unit 2: Cyber security architecture (D/651/0934) LO1: Explore networking model and protocols. LO2: Apply the characteristics of digital system components, implementing security controls. LO3: Apply the concepts of cryptography |
|
Assignment title |
Cyber security architecture |
|
Scenario |
|
|
You are a junior network security engineer working for MediSys Technologies, a company that provides IT infrastructure and cloud services to hospitals and healthcare providers. MediSys Technologies manages highly sensitive data, including patient medical records, diagnostic imaging, insurance information, and confidential communications between healthcare professionals. Due to recent expansion, MediSys Technologies is experiencing significant challenges: ●Data in Transit: Current encryption methods for communications between clinics, hospitals, and cloud storage are outdated, making them vulnerable to interception and man-in-the-middle attacks. ●Data at Rest: Patient information and backups stored in the cloud lack robust encryption, putting sensitive healthcare data at risk. ●Authentication Mechanisms: The company’s authentication processes are weak, lacking the enforcement of multi-factor authentication (MFA), and making unauthorized access a real threat. ●Key Management: There is no standardized key management system, increasing the risk of key compromise and data exposure. Your task is to strengthen MediSys security architecture to protect healthcare data in compliance with privacy regulations such as HIPAA and GDPR. |
|
|
Tasks |
|
|
Task 1: Understanding Networking Structures (LO1) and Apply Characteristics of Digital System Components, Implementing Security Controls (LO2) Scenario Context: MediSys Technologies is expanding its operations and requires a robust and efficient network design. The network must include separate subnets for different hospital departments: Medical Staff, Administrative Staff, Patients` Wi-Fi, and Diagnostics Department. The design must ensure secure communication between subnets while maintaining logical segmentation and efficient routing. Requirements: 1.Describe the structure and layers of the OSI and TCP/IP models, highlighting the key differences and similarities. 2.Outline network issues, such as packet loss and latency, and describe mechanisms like error detection and correction that can mitigate them. 3.Design a network architecture with at least four subnets and assign appropriate IP address ranges. For higher grade, Illustrate the relationship between applications, protocols, ports, services and devices within the OSI and TCP/IP and evaluate the suitability of different networking protocols and models for specific scenarios, taking security considerations Submission Guidelines: Prepare a report (approximately 1500 words) covering the requirements above. Use diagrams and simulation snapshots to illustrate your points. Task 2: Apply Characteristics of Digital System Components, Implementing Security Controls (LO2) For task 2, you should refer to task 1 Scenario Context, Requirements: 1.Identify common network components (e.g., switches, routers, firewalls) and their functions. 2.Plan and implement routing between the subnets (Note: Here you can define your own example of controlled access of traffics) 3.Configure static or dynamic routing to facilitate communication between subnets. 4.Use a simulation tool such as Cisco Packet Tracer or GNS3 to implement and demonstrate the functionality of the network. 5.Apply Access Control Lists (ACLs) to restrict access between subnets according to hospital security policies. 6.Provide a network diagram illustrating the architecture, showing routers, switches, and connections. 7.Include a table of IP address ranges and subnet masks for each subnet. 8.Document the routing configuration and explain your approach to implementing routing protocols (e.g., RIP, OSPF, EIGRP). 9.Test and demonstrate the network design through simulations, ensuring:
For higher grade, you should propose a comprehensive security plan addressing advanced threats, using frameworks like NIST or ISO 27001. Outline mitigation techniques for identified vulnerabilities (e.g., DDoS, man-in-the-middle attacks, etc.). Also justify your choice of components and security controls in the plan. Submission Guidelines: You should provide network diagram and a written report (1,500 words). Include screenshots or evidence of network simulation testing (e.g., in Cisco Packet Tracer). Task 3: Apply the Concepts of Cryptography (LO3) Scenario Context: MediSys must guarantee the confidentiality of patient and hospital data using advanced encryption. Requirements:
For a higher grade, you should compare encryption algorithms like AES, RSA, and SHA-256, discussing their strengths and weaknesses in task 3.1. Also analyse trade-offs between encryption strength, performance, and usability. Submission Guidelines: Submit your encryption code and a reflective commentary (approximately 1,000 words). Include recommendations for future enhancements to the encryption system. |
|
|
Evidence Requirements |
|
|
You must provide a written report covering the tasks indicated above. The work will be submitted to Turnitin for academic integrity check Additional Guidelines: a.All submissions should be properly referenced, and any external sources should be cited in APA format. b.Use professional language and ensure clarity in your explanations. c.Diagrams, charts, and code snippets should be well-labelled and explained within the context of your discussion. d.Font size must be within the range of 10 point to 14 points including the headings and body text (preferred font size is 11) in Arial. Standard and commonly used type face, such as Arial and Times New Roman, should be used. e.Material taken from external sources must be properly referred and cited within the text using Harvard system f.Submit all documents through the designated submission portal by the given deadline. |
|
Appendices
Note: You should attach all the supporting documents as a separate file in the appendix section of your assignment.
Relevant Information
To gain a Pass in a NCFE Level 4 Diploma: Cyber Security Engineer modules, you must meet ALL the Pass criteria; to gain a Merit, you must meet ALL the Merit and Pass criteria; and to gain a Distinction, you must meet ALL the Distinction, Merit and Pass criteria.
Grading criteria
|
Learning outcomes |
Pass |
Merit |
Distinction |
|
LO1: Explore networking model and protocols
|
P1: Describe the structure and layers of the OSI and TCP/IP models, including core TCP/IP protocols and IP addressing P2: Outline common into account network issues and error control P3: Design and implement a network with multiple subnets and routing
|
M1: Illustrate the relationship between applications, protocols, ports, services and devices within the OSI and TCP/IP
|
D1: Evaluate the suitability of different networking protocols and models for specific scenarios, taking security considerations
|
|
LO2: Apply the characteristics of digital system components, implementing security controls
|
P4: Identify common digital system components (switches, routers, firewalls, servers) and their functions P5: Design and test a system that incorporates appropriate security controls based on a given security case study
|
M2: Propose a comprehensive security plan for a complex digital system
M3: Outline mitigation techniques for identified vulnerabilities
|
D2: Justify the selection of components and controls in a security plan
|
|
LO3: Apply the concepts of cryptography
|
P6: Describe the principles of symmetric and asymmetric encryption and hashing P7: Design a basic encryption scheme to protect data based on specific security requirements P8: Develop a secure key management plan, including rotation, storage and archival strategies, addressing potential vulnerabilities
|
M4: Differentiate between various encryption algorithms in terms of strength and use cases
|
D3: Analyse security trade-offs between different encryption algorithms and key management approaches
|
Plagiarism and Collusion
Any plagiarism or collusion will be taken very seriously in accordance with the policies of the college. Below are the definitions and parameters of plagiarism and collaboration in this context:
Presenting someone else`s work as your own is plagiarism. It involves turning in collaborative homework as a solo project and copying information verbatim from books or the Internet without citing the source.
Plagiarism refers to the practice of taking another person`s assignments and turning them in as your own. If plagiarism or collusion is suspected, it will be investigated and dealt with in accordance with college policy (please refer to the student handbook for further information on plagiarism and collusion).
Submission
a.Initial submission of coursework to the tutors is compulsory in each unit of the course.
b.The student must check their assignments on Caspian School of Academics (CSA) VLE with plagiarism software Turnitin to make sure the similarity index for their assignment stays within the College approved level. A student can check the similarity index of their assignment up to five times in the Draft Assignment submission point located in the home page of the CSA VLE.
c.All Final coursework must be submitted to the Final submission point into the Unit (not to the Tutor). The student would be allowed to submit only once and that is the final submission.
d.Any computer files generated such as program code (software), graphic files that form part of the coursework must be submitted as an attachment to the assignment with all documentation.
e.Any portfolio for a Unit must be submitted as an attachment in the assignment
Extension and Late Submission
f.You must use an Exceptional Extenuating Circumstances (EEC) form, which is accessible at the Examination Office and CSA VLE, to request an extension if you require one for a legitimate cause. Do not request a coursework extension from the tutors as they do not possess the authority to extend the deadlines for coursework. The completed form must be turned into the Examination Office with supporting documentation, such as a medical certificate if you are ill.
g.Late entries will be accepted and graded in accordance with college policy. Please be aware that late submissions might not receive Merit and Distinction grades.
h.All late coursework must be submitted to the Late submission point into the unit (not to the Tutor) in the CSA VLE. A student is allowed to submit only once and that is also treated as the final submission.
i.If you fail in the Final or Late submission, you can resubmit in the Resubmission window.
Submission deadlines
|
Formative feedback |
After Week 6 |
|
Final Submission |
14/07/2025 |
Submit to: Online to the CSA VLE only
Explanation of Terms:
|
Analyse |
Break the subject or complex situations into separate parts and examine |
|
Critically analyse |
This is a development of ‘analyse’ which explores limitations as well as |
|
Clarify |
Explain the information in a clear, concise way showing depth of |
|
Classify |
Organise accurately according to specific criteria. |
|
Collate |
Collect and present information arranged in sequence or logical order that is |
|
Compare |
Examine the subjects in detail, consider and contrast similarities and |
|
Critically compare |
This is a development of ‘compare’ where the learner considers and |
|
Consider |
Think carefully and write about a problem, action or decision showing how |
|
Demonstrate |
Practical application of an element/content to show that you understand |
|
Describe |
Provide a broad range of detailed information about the subject or item in a |
|
Discuss |
Write a detailed account that includes contrasting perspectives. |
|
Draw conclusions |
Make a final decision or judgement based on reasons. |
|
Evaluate |
Examine strengths and weaknesses, arguments for and against and/or |
|
Critically evaluate |
This is a development of ‘evaluate’ where the learner debates the validity of |
|
Examine |
Look closely at something. Think and write about the detail, and question it |
|
Explain |
Apply reasoning to account for how something is or to show understanding |
|
Explore |
Consider an idea or topic broadly, searching out related and/or particularly |
|
Identify |
Apply an in-depth knowledge to give the main points accurately (a |
|
Investigate |
To inquire into (a situation or problem) to explore solutions. |
|
Justify |
Give a detailed explanation of the reasons for actions or decisions. |
|
Perform |
Present/enact/demonstrate practically. |
|
Reflect |
Learners should consider their actions, experiences or learning and the |
|
Review and revise |
Look back over the subject and make corrections or changes based on |
|
Summarise |
Give the main ideas or facts in a concise way to develop key issues. |