Breakdown of Task 2
Section 1 — Introduction
Briefly set the context. Reference the findings from Task 1 specifically, the Trojan in Email 2, the phishing attempts in Emails 1 and 3, and the credential breach background. Explain the purpose of this report. This signals to the examiner that your maintenance recommendations are grounded in the actual investigation rather than being generic.
Section 2 — Vulnerability Identification Table
This should be a structured table covering the key vulnerabilities identified, their type, countermeasures, and justification. The distinction exemplar used exactly this format, and the examiner praised it. Cover both digital and physical vulnerabilities — the exemplar went beyond digital, and the examiner credited it.
Suggested rows to include:
- Malware/Trojan via email attachment
- Phishing and credential harvesting
- Unpatched software/OS vulnerabilities
- Insider threat and privilege misuse (directly relevant, given Linkchain's previous breach)
- Lack of network visibility/monitoring
- Weak authentication/password policies
- Physical security (clear desk, document disposal, visitor access)
For each row, you need: vulnerability name, type (physical/digital), countermeasure(s), and a justification that explains why it matters and what happens if it isn't addressed.
Section 3 — Proposed Remediation and System Upgrades Table
This is where you address the "system upgrades" requirement. Each row should cover a specific tool or measure, a plain-English explanation of what it does, and crucially, how it will be managed. The "how it will be managed" column is what the examiner specifically looks for to distinguish Band 3 from Band 4.
Suggested rows:
- Scheduled antivirus deep scans → managed via Microsoft Intune
- Windows Server Update Services (WSUS) → centralised patch management
- Microsoft Intune (RMM) → remote monitoring of all endpoints, including remote workers
- Cloud email security gateway → quarantine malicious attachments before delivery
- Multi-Factor Authentication (MFA) → enforced via Azure Active Directory
- Nessus/Acunetix vulnerability scanning → weekly scans with remediation plan
- Penetration testing → annual third-party testing
- Cyber awareness training (e.g. iHasco) → mandatory with tracked completion
- Privileged Access Management (PAM) → time-limited admin access with manager sign-off
Section 4 — Evaluation of the Maintenance Programme
This is the section most students miss or underdevelop, and it's what the word "evaluative report" in the brief is specifically asking for. You need to:
- Assess the programme as a whole — does it address all the attack vectors from Task 1?
- Acknowledge trade-offs or limitations (cost, resource, time)
- Prioritise — what should Linkchain Gaming implement first and why?
- Conclude with the consequences of not implementing these measures, referencing GDPR, reputational damage, and financial penalties
Section 5 — Conclusion
Short but important. Tie the entire report back to Task 1, confirm that the programme addresses the root causes found, and end with a forward-looking statement about Cyber Essentials or NCSC guidance as a framework for ongoing improvement.
Checklist Before You Write
- Every measure is justified with a "because" and linked to Task 1 where possible
- Every measure has a "how it will be managed" explanation
- System upgrades are named specifically (WSUS, Intune, Nessus, etc.)
- You evaluate the programme — not just list it
- You acknowledge limitations and prioritise
- GDPR is referenced in the conclusion
- Tables are used to present vulnerability and remediation information clearly
Comments
Post a Comment