STUDENT COPY- CR Assessment Resources Summary · Students should refer to this unit in Moodle...
Transcript of STUDENT COPY- CR Assessment Resources Summary · Students should refer to this unit in Moodle...
RTO No: 20829 CRICOS Provider Code: 02044E
ABN: 41 085 128 525
STUDENT COPY- CR
Assessment Resources Summary
Unit Details ICTNWK529 – Install and manage complex ICT Networks
This unit requires each student to undergo adequate practice and
preparation prior to undertaking the assessments in a
classroom/simulated environment.
Students are required to complete ALL summative assessments listed
below in order to be deemed “Competent” in this unit of competency.
Assessment
Methods
Written Assessment Assessment 1
Lab
Assessment 2
Questions Assessment 3
Version 1.2.1
Issue Date March 2018
a
Page 2 of 22
Assessment Resources ICTNWK529
Unit Summary
The unit objectives, prerequisites, corequisites and other pertinent information about this unit is described at https://training.gov.au/Training/Details/ICTNWK529
Resources
Students should refer to this unit in Moodle (e-learning.vit.edu.au) to access a list of resources for this unit (see Learner Resources section for relevant articles, links, instructions for labs etc). The labs are based on a scenario where you plan, design and implement a network for a medium
sized business. Read the scenario and then work through the labs as specified, remembering to
save the evidence you have completed the labs as specified.
Reference Textbooks: Craig Zacker, MOAC Installing and Configuring Windows Server® 2012 R2 Patrick Regan, MOAC Administering Windows Server 2012 R2 Microsoft, MOAC Networking Fundamentals (all these books are in the Learner Resources in Moodle) Lab-1 Resources
• Info about Cisco SF300-48PP
http://www.cisco.com/c/en/us/products/switches/small-business-300-series-managed-
switches/models-comparison.html
• Info about Dell X1052P
http://www.dell.com/au/business/p/networking-x-series/pdf
Lab-2 Resources
• Zacker, Chapters 4, 13 and 14
• Setting a static IP address
https://www.youtube.com/watch?annotation_id=annotation_3285061249&feature=iv&src_vid=l4T
73qEU_3w&v=M2HWT3UPRzI
• Installing AD https://www.youtube.com/watch?v=-BqNC3s5-ec
• Set NTFS Permissions https://www.youtube.com/watch?v=XQNYkUwmV5E&t=34s
a
Page 3 of 22
Assessment Resources ICTNWK529
Lab-3 Resources
Zacker, Chapters 11 and 12
• Installing DHCP https://www.youtube.com/watch?v=OhnOwbKpO-w&t=139s
• Configuring DNS (part 1) https://www.youtube.com/watch?v=YyMGwJFUhe0
• Configuring DNS (part 2) https://www.youtube.com/watch?v=PTJkyJheUjU
Lab-4 Resources
Regan Chapter 3
• Monitoring Windows Server 2012 https://www.youtube.com/watch?v=WuMjPnKTRUs
Lab-5 Resources
Regan, Chapter 3
• Monitoring Windows 2012 Server https://www.youtube.com/watch?v=WuMjPnKTRUs
• Set up recovery after service failure https://technet.microsoft.com/en-
us/library/cc753662(v=ws.11).aspx
Lab-6 Resources
• Getting started with Google Hangouts
https://support.google.com/hangouts/answer/2944865?co=GENIE.Platform%3DDesktop&hl=en
Lab-7 Resources
• Windows Update FAQ
https://support.microsoft.com/en-au/help/12373/windows-update-faq
Lab-8 Resources
• Microsoft Security Essentials
https://support.microsoft.com/en-au/help/14210/security-essentials-download
Lab-9 Resources
• Creating a Group Policy Object in Windows 2012
https://www.youtube.com/watch?v=NITNsUepnL8&t=252s
Lab-10 Resources
• Connect to another computer using Remote Desktop Connection
https://support.microsoft.com/en-au/help/17463/windows-7-connect-to-another-computer-remote-
desktop-connection
a
Page 4 of 22
Assessment Resources ICTNWK529
Assessment 1: Written Assessment Student Name: ______________________________________________________________
Student ID No: ______________________________________________________________
Student Instructions:
• This is an open book assessment, and you should consult your Learner Resources and other material as needed. Answer the questions below. Keep your answers short and to the point – unless specified otherwise, your answers should not exceed 100 words for any individual question (and often can be less – use your judgment). Use your own words in your answers – do not copy large amounts of text from the Internet!
• Your answers should be on a separate document using word processing software such as MS Word & or other software (hand written submissions are only acceptable with prior approval from your Trainer) .
• Your document should be professionally formatted and include
o Your Name
o Your Student ID
o Unit Code
o Assessment Number (i.e. ICTNWK529 Assessment 1)
• Please reference to each question number and retype each question with your answers.
• This is an open book assessment, you must answer every question and provide enough information to demonstrate sufficient understanding of what has been asked to achieve competency. Please ask your Trainer/Assessor if you are unsure what is sufficient detail for an answer.
• Ask your trainer/assessor if you do not understand a question. Whist your trainer/assessor cannot tell you the answer, he/she may be able to re-word the question for you or provide further assistance based on the Institute’s “Reasonable Adjustment Policy”.
• Answers should be your own work, in your own words and not plagiarised, nor copied. However, if an answer is cut & pasted (such as a definition), then the source should be referenced
a
Page 5 of 22
Assessment Resources ICTNWK529
Answer all questions below:
1. Describe two typical firewall configurations and how these configurations can be applied to securing
a network.
2. Define the purpose of the following IP-related configuration parameters:
a. IP Address
b. Subnet mask
c. Default gateway
3. Give two examples of types of hardware that would be found in a network infrastructure.
4. Describe how load balancing can be used in the deployment of web applications.
5. Give two examples of security measures that can be taken to improve network security.
6. List two examples of server operating systems commonly used in industry today.
7. Define the purpose of domain name system (DNS) in a network. What is role of (i) AAAA records
and (ii) MX records in DNS?
8. Define the purpose of dynamic host configuration protocol (DHCP) in a network. What is meant by
(i) a DHCP scope and (ii) a DHCP exclusion?
9. Define the purpose of file transfer protocol (FTP) in a network. What are the FTP commands to (i)
list all files in a directory and (ii) get a file from a FTP server onto an FTP client?
10. Define the purpose of network time protocol (NTP) in a network.
11. Define the purpose of server messages block (SMB) in a network. List (i) two resources that can be
shared with SMB and (ii) two operating systems that support the SMB protocol.
12. Define the roles of the following protocols in email systems (i) SMTP (ii) IMAP.
13. Define the purpose of (i) a forward proxy server and (ii) a reverse proxy server in a network.
14. Define the purpose of the following types of HTTP Requests to a web server: (i) GET (ii) POST.
15. Describe what is meant by network service management as it applies to (i) quality of service and (ii)
availability measures in a network.
16. Identify two network diagnostic utilities, and describe how they could be used in troubleshooting a
connectivity problem.
17. Describe the purpose of user authentication and directory services in a network.
18. Describe the purpose of voice over internet protocol (VoIP), and give an example of how it could be
used in a network to lower telephone costs.
19. Describe the basic concept of a site-to-site virtual private network (VPN) and give an example of
how it could be used to securely connect two network locations.
20. Describe the basic concept of a remote access virtual private network, and give an example of how it
could be used to securely connect to a network across the internet.
a
Page 6 of 22
Assessment Resources ICTNWK529
21. You are attempting to integrate two sites (Melbourne and Geelong) by implementing a site-to-site
VPN between the two locations. The protocol you implement between the two sites is IPSec which
requires a shared secret to be configured at each VPN end point, and you configure the shared secret
“MySecret” at the Melbourne VPN end point only. When you try to connect the VPN from Melbourne
to Geelong, the connection fails, with the Geelong VPN end point reporting is is unable to decrypt the
date. What is the problem, and how can you rectify it?
22. You add a new printer to an existing IPv4 network that supports both IPV6 and IPv4 addressing, but
you only configure an IPv6 address for the device. When you power on the printer to test it’s
connectivity to the rest of the network, you get a message “unable to connect to network”. . What is
the problem, and how can you rectify it?
23. List the type of unshielded twisted pair (UTP) cables I would need to install to support the following
types of connections (i) 1 Gb Ethernet (ii) 10Gb Ethernet.
END OF WRITTEN ASSESSMENT
Assessor Use Only
Assessor Comments
Satisfactory (S) Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 7 of 22
Assessment Resources ICTNWK529
ASSESSMENT 2 – LAB
This assessment is to be undertaken in an actual job workplace or a classroom/simulated
environment. Read the scenario below and then work through the lab exercises. At different
points in the lab you will need to write down answers to questions, and/or include screen
prints showing you completed practical tasks on the computer. Make sure you answer
all questions and include all required screen prints.
This assessment is done during the allocated laboratory/tutorial sessions or can be
completed offsite. Once you have finished the workbook, you need to print it out and submit
the hardcopy for assessment.
SCENARIO
Read the scenario below carefully
You have been asked to design and implement a network for DEF, a medium-sized company
who has just began operations in Melbourne. The customer has given you the following
requirements:
• Network to be implemented using industry-standard technologies: e.g. Windows,
Ethernet, TCP/IP
• Main applications are file sharing, email, and database access
• Internet access for all workstations and servers on the network
• PC workstations will need to be provided for 20 employees; with two servers needed
for redundancy
• Secure access to network is required, as is the ability to secure resources on the
network for individual users and groups e.g. person A should not be able to access
Person B’s files
• Network services for automatic IP address assignment, and internet name resolution,
are to be configured.
• Logon services need to be redundant, so that a single server failure does not prevent
users from accessing the network. IP address assignment services and name
resolution services do not need to be redundant
• Data access for file sharing
• Performance of network/server components need to be verified
• Administrator to be notified if any critical network service fails so he/she can attend to
it immediately
• Network security to be provided by implementing firewall
• All network ports to run at 1Gbs
a
Page 8 of 22
Assessment Resources ICTNWK529
Lab 1 Plan the network design and research options available
Comparing similar products from different vendors is an important part of translating business
requirements into a technical design. For this lab you need to complete two tasks:
1. Prepare a network diagram showing the switch, router, servers and your allocation of
required network services to servers
2. Prepare a table comparing the features of two 48 port switches DEF is considering
purchasing.
Lab Instructions
Part 1
For the network diagram, you need to prepare a network diagram that shows the
following features
• Two servers connected to a switch
• A switch connected to a router
• A router connected to the Internet
• A firewall sitting between the switch and the router
• You should also list the network services (such as Active Directory, DNS, DHCP and
file/print sharing) that will be implemented on each server.
To prepare your diagram, use the Network Diagram Shapes document in Learner
Resources. This has images that can be cut and pasted to your diagram.
Part 2
You have been asked to compare two switches, the Cisco SF300-48PP and the Dell
X1052P and make a recommendation on purchase. You have been asked to compare them
on the following features: number of ports, speed of ports, jumbo frame support, switch fabric
capacity, and forwarding rate. Prepare a table comparing the two switches, based on the
product information below.
Prepare your comparison table.
Which switch would you recommend, given that DEF wants to run all network connections at
1Gbps?
Record your switch recommendation.
a
Page 9 of 22
Assessment Resources ICTNWK529
For example
Feature Insert first product name
here
Insert second product name
here
Insert Feature 1 here
Insert Feature 2 here
etc
Write down your switch recommendation here.
a
Page 10 of 22
Assessment Resources ICTNWK529
Lab 2 Design implement and test security features
All networks need security policies, such as authentication, authorization, and network
security services. For this lab you need to:
• Specify what authentication and authorization services you will be implementing on
this network
• Install, configure and test the authentication and authorization services
Lab Instructions:
Answer the following questions:
• What software will you use to authenticate users on DEF’s network?
• How will you implement user authorization e.g. to allow/prevent users from accessing
certain files or other resources on the network?
• Where would you look on the server to check to see if there had been any security
violations?
For the practical part of this lab you can use the Windows 2012 instances in the classroom
on Level 10 room 4. Go into VMWorkstation and load the Windows 2012 virtual machine
instance in c:\labfiles. Power on the virtual machine, and sign on using the username
student and the password abc123
You then need to:
• Assign a static IP address to your Windows 2012 server instance (use 192.168.1.1,
subnet mask 255.255.0.0)
• Install Active Directory, create a domain called DEF.com, create two users
SnnnnnUserA and SnnnnnUserB (use your own Student number instead of Snnnnn,
e.g. if your student number was S54321 you would create users S54321UserA and
S54321UserB)
• Create a folder C;\Data and assign user SnnnnnUserA read permission on the folder
Once you have completed the lab, you need to take the following screenshots
Provide your screenshot of two users set up in Active Directory similar to the image
below:
a
Page 11 of 22
Assessment Resources ICTNWK529
Figure: screenshot showing the two users set up in AD
Provide your screenshot of the shared folder C/data with the required permissions
similar to the image below:
Figure: screenshot showing the permissions set on the C;\data folder
a
Page 12 of 22
Assessment Resources ICTNWK529
Lab 3 Install, configure and test network services
Installing, configuring and testing network services such as IP address allocation (performed
by DHCP) and name resolution (performed by DNS) are an essential part of network support/
For this lab you will need to:
• Install, configure and test DHCP and DNS network services
Lab Instructions
1. Install DHCP and set up and activate a DHCP scope to give out addresses in the
range 192.168.1.100 to 192.168.1.150
2. Create a DNS forward zone called Snnnnn.com (where Snnnnn is your student
number) and create a single host record called myhost that maps to your 192.168.1.1
ip address. You should be able to ping myhost successfully.
Once you have completed the lab, you need to take the following screenshots (see
Workbook for examples)
Provide a screenshot of your DHCP configuration similar to the sample below.
Figure: screenshot showing the scope in DHCP
a
Page 13 of 22
Assessment Resources ICTNWK529
Provide a screenshot of your DNS configuration similar to the sample below.
Figure: screenshot showing the forward zone in DNS
a
Page 14 of 22
Assessment Resources ICTNWK529
Lab 4 Analyse performance
For this lab you will need to:
Analyse the performance of your network server’s hardware resources. Investigating the
performance and/or resource utilisation of elements in a network is critical to the
management of networks. For this lab you will need to:
• Set up a performance monitor to track CPU and memory usage on your Windows
2012 Server instance
• Show disk space usage on your computer
Lab Instructions
Set up a performance monitor to track the counters Processor:Processor Time and
Memory:: Available Mbytes
Check the properties of your C: drive to show the free space available on the server.
Once you have completed the lab, you need to take the following screenshots.
Provide screenshot of CPU and memory performance monitoring similar to the picture
below:
Figure: screenshot showing the performance monitors in real time
a
Page 15 of 22
Assessment Resources ICTNWK529
Provide screenshot of disk apace monitoring similar to the picture below:
Figure: screenshot showing the available disk space on your C: drive
a
Page 16 of 22
Assessment Resources ICTNWK529
Lab 5 Set up monitoring and management facilities
Monitoring and managing network resources is an important part of any network
administrator’s job. This can include tasks such as configuring alerts, so you are notified of
any network service failures, and regularly checking logs to see if there are any warning/error
messages that need attending to.
For this lab you will need to:
• Set up alerts so you get notified of a failure of your DHCP service
• Review the server System log for any errors
Lab Instructions:
You need to configure your DHCP Server service in Windows 2012 so you get notified of any
errors should the service fail to start. For the purposes of this lab, you can assume that there
is a program C:\data\SnnnnnAlert.bat that is able to send you an email message on failure
(we will look at how to create these kinds of programs in a later unit; for this lab you just need
to configure the alert notification on the service.
You also need to review the System event log for your Windows 2012 server instance
Once you have completed the lab, you need to take the following screenshots:
Provide your screenshot of the service configured for alerts similar to the image below:
Figure: screenshot showing the configuration of the alert on the DHCP Service
a
Page 17 of 22
Assessment Resources ICTNWK529
Provide screenshot of the Windows System Error) log similar to the image below:
Lab 6 Communications Server
Scenario: Company XYZ has asked your advice on setting up a communications server
within their organisation for making video calls from their desktops, all of which have sound
cards and cameras. You recommend Google Hangouts as a cloud-based solution they could
use. They ask you to implement and demonstrate the technology, so they can assess its
use.
Instructions
Set yourself up on Google Hangouts and make a call to a friend to verify the technology.
Provide a screenprint similar to that below to prove your completion of the task.
Figure: screenshot showing the System event log on your server
a
Page 18 of 22
Assessment Resources ICTNWK529
Lab 7 Automated updates for security
Scenario: Company XYZ has asked your advice on setting up a more secure Windows
computers. You recommend they use automatic updates to apply the newest security
patches. They ask you to implement
Instructions
Set up automatic updates on a Windows computer. Save a screen print similar to that below
to prove your completion of the task
a
Page 19 of 22
Assessment Resources ICTNWK529
Lab 8 Implement anti-virus checkers
Scenario: Company XYZ has asked your advice on securing their desktop computers from
viruses. You recommend they use Defender in Windows to apply desktop restrictions They
ask you to implement and demonstrate anti-virus software.
Instructions
Configure Defender to run on a Windows computer, update the virus definitions and scan the
computer for viruses. Print your screen (similar to below) to save as evidence for task
completion
Lab 9 Implement Desktop Management
Scenario: Company XYZ has asked your advice on setting up a way to manage their
desktop computers. You recommend they use Group Policy in Windows to apply desktop
restrictions e.g. remove the recycle bin from the desktop. They ask you to implement the
policy change and demonstrate it to them
Instructions
Edit Group Policy Object on a Windows 2012 server. Save a screen print similar to that
below to prove your completion of the task.
a
Page 20 of 22
Assessment Resources ICTNWK529
Figure: Group Policy Object for User Configuration
a
Page 21 of 22
Assessment Resources ICTNWK529
Lab 10 Use Remote Management Tools
Scenario: Company XYZ has asked your advice on how they can remotely support desktop
computers in different office locations. You recommend they use Remote Desktop in
Windows to access remote desktop computers. They ask you to implement the policy change
and demonstrate it to them, accessing the IP address 104.154.73.241
Instructions
Configure Remote Desktop on a Windows computer, and show how to access
104.154.73.241. Take a screen print similar to that below as evidence for task completion.
Assessor Use Only
Assessor Comments
Satisfactory (S) Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________
a
Page 22 of 22
Assessment Resources ICTNWK529
Assessment 3: Questions
This is an open book written assessment that will be delivered through Moodle, the VIT e-
learning platform. You need to logon to Moodle to complete the test. You can make as many
attempts as you like at the test, but you must get all questions correct to be judged competent
in this assessment task (100%).
Note: Once you have got the required score, you need to take a screen print in Moodle
and attach that screen print in your assessment as proof you completed the test. If
you do not include this screen print in your submission, you cannot be marked
Competent for the task. Make sure you include your screen print of your Moodle
result!
Assessor Use Only
Assessor Comments
Satisfactory (S) Not Satisfactory (NS)
Assessor Signature: _______________________________ Date: _____________