You are a junior network security engineer working for MediSys Technologies, a company that provides IT infrastructure and cloud services to hospitals and healthcare providers

2026-03-04 16:15:16

Assignment Brief

Programme title	NCFE Level 4 Diploma: Cyber Security Engineer
Unit number and title	2	Cyber security architecture (D/651/0934)
Assignment number & title	1 of 1	Cyber security architecture (L4)
Unit Leader
Assessor (s)
Issue Date	28/04/2025
Final assignment submission deadline	14/07/2025
Late submission deadline	The learners are required to follow the strict deadline set by the College for submissions of assignments in accordance with the NCFE level 4 submission guidelines and College policy on submissions. They should also refer to Merit and Distinction criteria that require evidence of meeting agreed timelines and ability to plan and organise time effectively without which the learner may not expect to receive a higher grade. 21/07/2025
Resubmission deadline	15/08/2025
Feedback	Formative feedback will be available in class during the semester after 6 weeks. Final feedback will be available within 2 - 3 weeks of the assignment submission date.
Internal verifier	Amjad Alam
Signature (IV of the brief) *

NCFE Level 4 Diploma: Cyber Security Engineer

Unit 02 Cyber security architecture (D/651/0934) (L4)

Session: April 2025

Coursework

Recommended maximum words 4000

You are strongly advised to read “Preparation guidelines of the Coursework Document” before answering your assignment.

General

Guidelines

●You should write the assignment in your own words. You are required to cite the source of any quotes or illustrations you utilise.

●At the conclusion of your document, include a list of references. You must list all of your informational sources.

●Ensure that the English you use is easily understood and that your work is presented clearly.

●Use a word processor`s "spell-checker" whenever possible.

Unit number, title and learning outcomes (LOs)	Unit 2: Cyber security architecture (D/651/0934) LO1: Explore networking model and protocols. LO2: Apply the characteristics of digital system components, implementing security controls. LO3: Apply the concepts of cryptography
Assignment title	Cyber security architecture
Scenario
You are a junior network security engineer working for MediSys Technologies, a company that provides IT infrastructure and cloud services to hospitals and healthcare providers. MediSys Technologies manages highly sensitive data, including patient medical records, diagnostic imaging, insurance information, and confidential communications between healthcare professionals. Due to recent expansion, MediSys Technologies is experiencing significant challenges: ●Data in Transit: Current encryption methods for communications between clinics, hospitals, and cloud storage are outdated, making them vulnerable to interception and man-in-the-middle attacks. ●Data at Rest: Patient information and backups stored in the cloud lack robust encryption, putting sensitive healthcare data at risk. ●Authentication Mechanisms: The company’s authentication processes are weak, lacking the enforcement of multi-factor authentication (MFA), and making unauthorized access a real threat. ●Key Management: There is no standardized key management system, increasing the risk of key compromise and data exposure. Your task is to strengthen MediSys security architecture to protect healthcare data in compliance with privacy regulations such as HIPAA and GDPR.
Tasks
Task 1: Understanding Networking Structures (LO1) and Apply Characteristics of Digital System Components, Implementing Security Controls (LO2) Scenario Context: MediSys Technologies is expanding its operations and requires a robust and efficient network design. The network must include separate subnets for different hospital departments: Medical Staff, Administrative Staff, Patients` Wi-Fi, and Diagnostics Department. The design must ensure secure communication between subnets while maintaining logical segmentation and efficient routing. Requirements: 1.Describe the structure and layers of the OSI and TCP/IP models, highlighting the key differences and similarities. 2.Outline network issues, such as packet loss and latency, and describe mechanisms like error detection and correction that can mitigate them. 3.Design a network architecture with at least four subnets and assign appropriate IP address ranges. For higher grade, Illustrate the relationship between applications, protocols, ports, services and devices within the OSI and TCP/IP and evaluate the suitability of different networking protocols and models for specific scenarios, taking security considerations Submission Guidelines: Prepare a report (approximately 1500 words) covering the requirements above. Use diagrams and simulation snapshots to illustrate your points. Task 2: Apply Characteristics of Digital System Components, Implementing Security Controls (LO2) For task 2, you should refer to task 1 Scenario Context, Requirements: 1.Identify common network components (e.g., switches, routers, firewalls) and their functions. 2.Plan and implement routing between the subnets (Note: Here you can define your own example of controlled access of traffics) 3.Configure static or dynamic routing to facilitate communication between subnets. 4.Use a simulation tool such as Cisco Packet Tracer or GNS3 to implement and demonstrate the functionality of the network. 5.Apply Access Control Lists (ACLs) to restrict access between subnets according to hospital security policies. 6.Provide a network diagram illustrating the architecture, showing routers, switches, and connections. 7.Include a table of IP address ranges and subnet masks for each subnet. 8.Document the routing configuration and explain your approach to implementing routing protocols (e.g., RIP, OSPF, EIGRP). 9.Test and demonstrate the network design through simulations, ensuring: Successful data transmission between subnets where allowed. Blocked traffic as per ACL rules. For higher grade, you should propose a comprehensive security plan addressing advanced threats, using frameworks like NIST or ISO 27001. Outline mitigation techniques for identified vulnerabilities (e.g., DDoS, man-in-the-middle attacks, etc.). Also justify your choice of components and security controls in the plan. Submission Guidelines: You should provide network diagram and a written report (1,500 words). Include screenshots or evidence of network simulation testing (e.g., in Cisco Packet Tracer). Task 3: Apply the Concepts of Cryptography (LO3) Scenario Context: MediSys must guarantee the confidentiality of patient and hospital data using advanced encryption. Requirements: Describe symmetric and asymmetric encryption principles and hashing. Design a basic encryption scheme using Python or similar, focusing on protecting MediSys sensitive data. Develop a key management plan addressing key rotation, secure storage, and archival. For a higher grade, you should compare encryption algorithms like AES, RSA, and SHA-256, discussing their strengths and weaknesses in task 3.1. Also analyse trade-offs between encryption strength, performance, and usability. Submission Guidelines: Submit your encryption code and a reflective commentary (approximately 1,000 words). Include recommendations for future enhancements to the encryption system.
Evidence Requirements
You must provide a written report covering the tasks indicated above. The work will be submitted to Turnitin for academic integrity check Additional Guidelines: a.All submissions should be properly referenced, and any external sources should be cited in APA format. b.Use professional language and ensure clarity in your explanations. c.Diagrams, charts, and code snippets should be well-labelled and explained within the context of your discussion. d.Font size must be within the range of 10 point to 14 points including the headings and body text (preferred font size is 11) in Arial. Standard and commonly used type face, such as Arial and Times New Roman, should be used. e.Material taken from external sources must be properly referred and cited within the text using Harvard system f.Submit all documents through the designated submission portal by the given deadline.

Appendices

Note: You should attach all the supporting documents as a separate file in the appendix section of your assignment.

Relevant Information

To gain a Pass in a NCFE Level 4 Diploma: Cyber Security Engineer modules, you must meet ALL the Pass criteria; to gain a Merit, you must meet ALL the Merit and Pass criteria; and to gain a Distinction, you must meet ALL the Distinction, Merit and Pass criteria.

Grading criteria

Learning outcomes
(LOs)

Pass

Merit

Distinction

LO1: Explore networking model and protocols

P1: Describe the structure and layers of the OSI and TCP/IP models, including core TCP/IP protocols and IP addressing

P2: Outline common into account network issues and error control

P3: Design and implement a network with multiple subnets and routing

M1: Illustrate the relationship between applications, protocols, ports, services and devices within the OSI and TCP/IP

D1: Evaluate the suitability of different networking protocols and models for specific scenarios, taking security considerations

LO2: Apply the characteristics of digital system components, implementing security controls

P4: Identify common digital system components (switches, routers, firewalls, servers) and their functions

P5: Design and test a system that incorporates appropriate security controls based on a given security case study

M2: Propose a comprehensive security plan for a complex digital system

M3: Outline mitigation techniques for identified vulnerabilities

D2: Justify the selection of components and controls in a security plan

LO3: Apply the concepts of cryptography

P6: Describe the principles of symmetric and asymmetric encryption and hashing

P7: Design a basic encryption scheme to protect data based on specific security requirements

P8: Develop a secure key management plan, including rotation, storage and archival strategies, addressing potential vulnerabilities

M4: Differentiate between various encryption algorithms in terms of strength and use cases

D3: Analyse security trade-offs between different encryption algorithms and key management approaches

Plagiarism and Collusion

Any plagiarism or collusion will be taken very seriously in accordance with the policies of the college. Below are the definitions and parameters of plagiarism and collaboration in this context:
Presenting someone else`s work as your own is plagiarism. It involves turning in collaborative homework as a solo project and copying information verbatim from books or the Internet without citing the source.
Plagiarism refers to the practice of taking another person`s assignments and turning them in as your own. If plagiarism or collusion is suspected, it will be investigated and dealt with in accordance with college policy (please refer to the student handbook for further information on plagiarism and collusion).

Submission

a.Initial submission of coursework to the tutors is compulsory in each unit of the course.

b.The student must check their assignments on Caspian School of Academics (CSA) VLE with plagiarism software Turnitin to make sure the similarity index for their assignment stays within the College approved level. A student can check the similarity index of their assignment up to five times in the Draft Assignment submission point located in the home page of the CSA VLE.

c.All Final coursework must be submitted to the Final submission point into the Unit (not to the Tutor). The student would be allowed to submit only once and that is the final submission.

d.Any computer files generated such as program code (software), graphic files that form part of the coursework must be submitted as an attachment to the assignment with all documentation.

e.Any portfolio for a Unit must be submitted as an attachment in the assignment

Extension and Late Submission

f.You must use an Exceptional Extenuating Circumstances (EEC) form, which is accessible at the Examination Office and CSA VLE, to request an extension if you require one for a legitimate cause. Do not request a coursework extension from the tutors as they do not possess the authority to extend the deadlines for coursework. The completed form must be turned into the Examination Office with supporting documentation, such as a medical certificate if you are ill.

g.Late entries will be accepted and graded in accordance with college policy. Please be aware that late submissions might not receive Merit and Distinction grades.

h.All late coursework must be submitted to the Late submission point into the unit (not to the Tutor) in the CSA VLE. A student is allowed to submit only once and that is also treated as the final submission.

i.If you fail in the Final or Late submission, you can resubmit in the Resubmission window.

Submission deadlines

Formative feedback	After Week 6
Final Submission	14/07/2025

Submit to: Online to the CSA VLE only

Explanation of Terms:

Analyse	Break the subject or complex situations into separate parts and examine each part in detail. Identify the main issues and show how the main ideas are related to practice and why they are important. Reference to current research or theory may support the analysis.
Critically analyse	This is a development of ‘analyse’ which explores limitations as well as positive aspects of the main ideas in order to form a reasoned opinion.
Clarify	Explain the information in a clear, concise way showing depth of understanding.
Classify	Organise accurately according to specific criteria.
Collate	Collect and present information arranged in sequence or logical order that is suitable for purpose.
Compare	Examine the subjects in detail, consider and contrast similarities and differences.
Critically compare	This is a development of ‘compare’ where the learner considers and contrasts the positive aspects and limitations of the subject.
Consider	Think carefully and write about a problem, action or decision showing how views and opinions have been developed.
Demonstrate	Practical application of an element/content to show that you understand theories/concepts in a practical sense.
Describe	Provide a broad range of detailed information about the subject or item in a logical way.
Discuss	Write a detailed account that includes contrasting perspectives.
Draw conclusions (which...)	Make a final decision or judgement based on reasons.
Evaluate	Examine strengths and weaknesses, arguments for and against and/or similarities and differences. Judge the evidence from the different perspectives and make a valid conclusion or reasoned judgement. Apply current research or theories to support the evaluation.
Critically evaluate	This is a development of ‘evaluate’ where the learner debates the validity of claims from the opposing views and produces a convincing argument to support the conclusion or judgement.
Examine	Look closely at something. Think and write about the detail, and question it where appropriate.
Explain	Apply reasoning to account for how something is or to show understanding of underpinning concepts. Responses could include examples to support these reasons.
Explore	Consider an idea or topic broadly, searching out related and/or particularly relevant, interesting or debatable points.
Identify	Apply an in-depth knowledge to give the main points accurately (a description may also be necessary to gain higher marks when using compensatory marking).
Investigate	To inquire into (a situation or problem) to explore solutions.
Justify	Give a detailed explanation of the reasons for actions or decisions.
Perform	Present/enact/demonstrate practically.
Reflect	Learners should consider their actions, experiences or learning and the implications of these in order to suggest significant developments for practice and professional development.
Review and revise	Look back over the subject and make corrections or changes based on additional knowledge or experience.
Summarise	Give the main ideas or facts in a concise way to develop key issues.

100% Plagiarism Free & Custom Written, Tailored to your instructions