ICTNWK607 Design And Implement Wireless Network Security Assessment 02 Answer

pages Pages: 4word Words: 890

Question :

Assessment Details
Qualification Code/TitleICT50415 Diploma of  Information Technology Networking 
Assessment TypeAssessment -02 ( Project )


Unit of Competency
National Code/TitleICTNWK607  Design and implement wireless network security

Scenario: -

Devon Technical College is a private Registered Training Organisation (RTO) with a campus based in Western Melbourne. It offers over 40 certificate and diploma level qualifications in the Vocational Education and Training (VET) sector for a large number of subject areas including business, community services, education, information technology, health, hospitality, and many others.

Students select from one of two study shifts (morning or afternoons) to undertake study which is self-directed in nature or trainer led, and to undertake assessments. With the self-directed courses, trainers/assessors are on hand to handle student’s queries, while other courses are trainer led. 

There are currently 450 students that attend the institute across a wide range of classrooms. 

The RTO has basic Wi-Fi for the students, staff and visitors. Stakeholders use different devices like phones, tablets and laptops. The current Wi-Fi has the following issues:

  • No security for Wi-Fi 
  • Some areas do have Wi-Fi access 
  • Access point is not setup properly 
  • Slow or no internet 
Organisational and regulatory policies
The wireless network for the RTO must meet the following needs:
1. Complete network coverage with wired and wireless network, providing constant stable network access for students, staff and visitors.
2. Network isolation between students, staff and visitors, ensuring network safety.
3. Access authentication, access permission management, and advertising promotion.
4. Simple network maintenance and management, low cost for devices maintenance.
5. All the data must be store in a safe location and make sure data is backed up every three hours 
6. All the students information including Id’s must be safe and secure 
7. Data system must compile with Australian privacy policy  
Also, the Work Health and Safety Policies for installation of Wireless Network for the RTO states the following:
Ensuring safety in the network installation sector
  • Working with power tools: It is not unusual that a network installation team must drill through walls and even modify buildings to install a network and cables. Does your team have the correct equipment? Is it calibrated and maintained, and does your team have the correct training and protective equipment to use it safely?
  • Knowledge of dangerous areas and substances in buildings: It is possible that your network team may be working in areas of danger within a building. Whether that is down to hazardous gases or substances that may be released if a drilling operation goes wrong, does your team have the knowledge and expertise to respond to that situation and mitigate the risk of accident by taking the correct action?
  • Correct product and electrical knowledge: Working with networks and electrical circuits has an inherent level of danger. Is your team properly qualified, trained, and instructed? Has the correct information been shared with the team, and any anomalies pointed out to allow the risk of an accident to be reduced?
  • Working at height: This is common for network installation teams. Does your team have the correct equipment and training, and have the risks been correctly quantified before the project has begun?
  • General health and safety training: Network installation sites are often buildings that are not fully complete, so the normal hazards of “slips and trips” will usually exist. Training your staff to recognize these situations can remove much of the danger that these hazards bring.
  • Risk assessment: A critical part of the identification of hazards is risk assessment. Does your organization have a process whereby sites are assessed for risks to prevent hazards from becoming reasons for incidents or accidents? Risk assessment is at the core of any WHS policies and procedures, and it should be for any organisation operating in the network installation sector. Effective risk assessment can play a central part in reducing hazards and lowering risk in most predicted workplace circumstances. 
  • First aid training: Has your team had the necessary training to ensure that they can deal with an accident or emergency at what might be a remote site? Does your team carry a basic first aid kit to deal with such situations? Does your team have good methods of communication, such as mobile phones to allow them to communicate in a situation where hazards are present? First aid training can also help in a preventive sense – extra knowledge of how to treat accidents can help to formulate ideas on how to identify hazards and prevent accidents.

The wireless network setup including the Access Points-AP are all handled and managed by the IT department of the RTO. The IT department is responsible for not only providing the Wireless Access to the customers and the staff members but also responsible for the management of the whole IT and the Network infrastructure of the RTO. 

The IT network itself is comprised of the Servers, Computers, Printers, Scanners, Online CCTV camera setup along with the wireless access point. This IT infrastructure is all connected with an efficient and sophisticated Local Area Network. As highlighted earlier while establishing the Access Point the IT department has already segmented into multiple access control parameters ensuring the segregation of customers, staff of different shops and the IT staff of the account.

IT department needs to design and implement a wireless network security solution of the RTO. The IT department is headed by the ICT Manager Steve who is responsible for the management and the administration of the whole IT setup of the RTO while Smith the Network Security Engineer works in coordination with the ICT Manager to manage and setup the network infrastructure of the RTO. The job responsibilities of both the key IT personal along with the Network Diagram of the RTO to illustrate the network infrastructure and Wireless access points are given below:

Job description of the ICT Manager:

  • Analysing information needs and specifying technology to meet those needs
  • Formulating and directing information and communication technology (ICT) strategies, policies and plans
  • Directing the selection and installation of ICT resources and the provision of user training
  • Directing ICT operations and setting priorities between system developments, maintenance and operations
  • Overseeing the security of ICT systems
  • Running regular checks on network and data security
  • Identifying and acting on opportunities to improve and update software and systems
  • Developing and implementing IT policy and best practice guides for the organisation
  • Designing training programs and workshops for staff
  • Conducting regular system audits
  • Running and sharing regular operation system reports with senior staff
  • Overseeing and determining timeframes for major IT projects including system updates, upgrades, migrations and outages
  • Managing and reporting on allocation of IT budget
  • Providing direction for IT team members
  • Identifying opportunities for team training and skills advancement

Job description of the Network Engineer:

  • Planning, engineering, and monitoring the security arrangements for the protection of the network systems.
  • Identifying, monitoring, and defining the requirements of the overall security of the system.
    Creating different ways to solve the existing threats and security issues.
  • Configuring and implementing intrusion detection systems and firewalls.
  • Testing and checking the system for weaknesses in software and hardware.
  • Maintaining firewalls, virtual private networks, web protocols, and email security.
  • Creating virus and threat detection systems.
  •  Configuring and installing security infrastructure devices.
  • Investigating intrusion and hacking incidents, collecting incident responses, and carrying out forensic investigations.
  • Determining latest technologies and processes that improve the overall security of the   system.
  • Using industry-standard analysis criteria to test the security level of the firm.
  • Developing tracking documents to note system vulnerabilities.
  • Reporting the security analysis and monitoring findings.
  • Supervising the configuration and installation of new software and hardware.
  • Implementing regulatory systems in accordance with IT security.
  • Informing the company about the security incidents as soon as possible.
  • Modifying the technical, legal, and regulatory aspects of the system security.
  • Defining and maintaining security policies.
  • Occasionally replacing the security system protocol and architecture.
  • Maintaining switches and servers.

Network diagram of the RTO to give illustration of all the all the computers, printers, scanners, servers, Wi-Fi access points, switches, routers

Network diagram of the RTO

Activity 1: 

Task 1: Wireless Network Security Plan

The IT department is keen to design and implement wireless network security for Devon Technical College to ensure efficient and more secured usage of network resources for the students, staff members and visitors. For the design and the implementation of the wireless network security the IT department needs to draft and document a wireless network security plan. This security plan will help to understand both the requirements of the security parameters and the implementation mechanism to be followed for the wireless network security. 

The student will act as the Network Security Engineer and will prepare the wireless network security plan as per the requirements specified by the ICT Manager and the management of Devon Technical College. The Network Security Engineer will prepare the security plan under the assistance of the ICT Manager and as per the network infrastructure of the RTO. Also, the Network Security Manager needs to ensure that the plan is according to continuous growth of the IT setup and as per the security needs and that can also be used for the future correspondence.

The Wireless Network Security Plan must include the following and also the student needs to complete the template for the security plan given below:

  • Review given organisational and regulatory policies to identify security standards 
  • Review RTO stakeholders issues and requirements against WHS and security compliance requirements 
  • Develop a wireless network security plan including the following
    • Purpose of the plan 
    • Define stakeholder 
    • Issues with the current wireless system 
    • Hardware and software required 
    • Wi-Fi protection (Security)
    • Security threats and risks 
    • Firewall requirements of wireless security

Template for Wireless Network Security Plan

Wireless Network Security Plan 
Issues with the current wireless system
Hardware and software
Wi-Fi protection (Security)
Security threats and risks 
Firewall requirements of wireless security 

Task 2: Analysis of Guest Access Services

For the design and implementation of the guest access services, you need to discuss with the ICT Manager about different architectures of guest access services and need to elaborate each and select one in consultation with the ICT Manager as per your requirements. 

The trainer/assessor will act as the ICT Manager and will discuss and sort out all the queries relating the guest access service. The guest access service will help to define the mechanisms of granting access to the different users including the permanent and the guest users. Also, complete the minutes of meetings given below for the analysis of the guest access services.

You need to complete this task in 10-15 minutes and your trainer may provide you additional time if required.

You are required to complete the following meeting minute’s template and submit to your trainer/assessor.

Minutes of Meeting
Meeting Objective:
NoPoints DiscussedActions SuggestedTarget Date

Signature of attendee 1:                                                Signature of attendee 2:
Signature of attendee 3:                                                Signature of attendee 4:

Activity 2: Design, implement and test a wireless local area network (WLAN) site security plan

Task 1: Design a wireless local area network (WLAN) site security plan

In this task you need to produce a map for wireless network for the RTO. In the map you need to include:

  • Access points 
  • Devices 
  • Guest access 
  • Switch 
  • Router 

You are required to prepare a map in a packet tracer software and provide IP address to the relevant devices.

You need to submit you network map to your trainer and assessor. You need to complete this task in 1-2 hours. Trainer may provide you additional time if required.

Task 2: Implement and test a wireless local area network (WLAN) site security plan

Note: This activity is continuing of a previous activity.

Reference to the wireless network security plan developed in the previous activity, you are being the Network Security Engineer needs to implement the WLAN security plan. You need to implement the plan in coordination with the ICT Manager which will be acted by the trainer/assessor. For the implementation of the network security, you need to perform the tasks in the environment of a Live Network environment provided by the trainer/assessor. 

The trainer/assessor will act as a supervisor and will guide you through the initial process of implementation the network security plan on the network infrastructure.

You need to complete this task in 6-8 hours. Your trainer may provide you additional time if required.

Note: For This activity RTO/Assessor will provide you the following:

  • A site or prototype where network installation may be conducted
  • Hardware and software (Included in the security plan)
  • Organisational guidelines (Scenario)
  • Live network
  • Stand-alone and lightweight WLAN controllers and access points (AP)
  • Hardware and software WLAN site survey tools
  • Hardware and software IDS and IPS.

The student needs to perform the WLAN security implementation including the following:

  • Setup and configure guest access accounts
    • Set the Guest Username Policy
    • Set the Employee Name Policy
    • Create a self-registered portal
    • Manage guests account
    • Manage Employee Accounts
  • Configure WLAN controller authorisation
    • Configure DHCP
    • Configure Virtual Gateway IP
    • Use Broadcast SSID
    • Enable Local Client Profiling
  • Configure the anchor and internal controllers
  • Configuration of the authentication of clients and management frame protection on clients and controllers
    • Restrictions for Management Frame Protection
    • Viewing the Management Frame Protection Settings (GUI)
    • Debugging Management Frame Protection Issues 
  • Configure access control servers for integration with wireless network
  • Configure client- and server-side digital certificate services
  • Test, verify and troubleshoot the following:
    • Guest Access Issues
    • Wireless Connectivity Services
    • IP Connectivity Failure
Show More

Answer :

For solution, connect with our online professionals.