document clone task1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

T Level Technical Qualification in Digital Support Services

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Employer set project (ESP)

 

Core skills

 

Cyber Security

 

Project Brief – Task 1

 

v1.0

SAMPLE ESP

 

Autumn 2025


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

T Level Technical Qualification in Digital Support Services Employer set project (ESP)

 

 

Core skills

 

Project Brief – Task 1

 

Cyber Security – fault-finding investigation

 

 

 

 

 

 

 

Contents

 

Student instructions......................................................................................................................................... 3

 

Student information.......................................................................................................................................... 3

 

Plagiarism....................................................................................................................................................... 3

 

Presentation of work........................................................................................................................................ 4

 

Scenario......................................................................................................................................................... 5

 

Brief................................................................................................................................................................ 5

 

Task 1: 2 hours 30 minutes............................................................................................................................ 6

 

Scenario.......................................................................................................................................................... 6

 

Instructions for students................................................................................................................................... 6

 

Evidence required for submission to NCFE........................................................................................................ 7

 

Additional guidance.......................................................................................................................................... 7

 

Control document A: network set-up and topology (task 1)................................................................................. 8

 

Control document A: network topology (task 1).................................................................................................. 9

 

Control document B: problems reported by users (task 1)................................................................................. 11

 

Control document C: virtual private network (VPN) management system (task 1)............................................... 12

 

Document information.................................................................................................................................. 13


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           2 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Student instructions

 

     read the project brief carefully before starting your work

 

     you must work independently and make your own decisions as to how to approach the tasks within the employer set project (ESP)

 

     you must clearly name and date all of the work that you produce during each supervised session

 

     you must hand over all of your work to your tutor at the end of each supervised session

 

     you must not work on the assessment in between supervised sessions

 

 

Student information

 

     the employer set project (ESP) will assess your knowledge, understanding and skills from across the core content of the qualification

 

     in order to achieve a grade for the core component, you must attempt both of the external examinations and the employer set project

 

     the combined marks from these assessments will be aggregated to form the overall core component grade (A* to E and U) – if you do not attempt one of the assessments, or fail to reach the minimum standard across all assessments, you will receive a U grade

 

     the maximum time you will have to complete all tasks for the ESP is 12 hours 10 minutes

 

o your tutor will explain how this time is broken down per task and will confirm with you if individual tasks need to be completed across multiple sessions

 

o at the end of each supervised session, your tutor will collect all ESP assessment materials before you leave the room

 

o you must not take any assessment material outside of the room (for example, via a physical memory device)

 

o you must not upload any work produced to any platform that will allow you to access materials outside of the supervised sessions (including email)

 

     you can fail to achieve marks if you do not fully meet the requirements of the task, or equally if you are not able to efficiently meet the requirements of the task

 

     the project is assessed out of a total of 76 marks (this includes 2 marks for your use of maths in task 3, and 4 marks for your use of English throughout tasks 2, 3 and 4) – the individual task marks are also shown throughout the project brief booklet at the start of each task

 

 

Plagiarism

 

Plagiarism may result in the external assessment task being awarded a U grade.

 

For further guidance refer to the plagiarism guidance, and maladministration and malpractice policy located on the NCFE website.


 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           3 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Presentation of work

 

     all of your work should be completed electronically using black font, Arial size 12pt unless otherwise specified

 

     any work not produced electronically must be agreed with your tutor, in which case the evidence you produce should be scanned and submitted electronically

 

     all your work should be clearly labelled with the relevant task number and your student details and be legible (for example, front page and headers)

 

     electronic files should be named using the following format – Surname_Initial_student number_evidence reference for example: Smith_J_123456789_Task1 for identification purposes – where evidence reference is shown, this should be replaced with the task number for which the work reflects and saved as a .pdf format

 

     all pages of your work should be numbered in the format page X of Y, where X is the page number and Y is the total number of pages

 

     you must complete and sign the External assessment cover sheet (EACS) – declaration of authenticity form and include it at the front of your assessment task evidence

 

     you must submit your evidence to the supervisor at the end of each session


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           4 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Scenario

 

SkyLink Financial Systems Ltd has been operating for three years and has developed a strong reputation for providing innovative cloud-based financial technology solutions for banks and insurance providers. The company specialises in real-time payment processing, fraud detection analytics, and automated compliance systems designed to help clients manage financial transactions securely and efficiently.

 

Recently, the company has suffered a series of cyber security incidents, including unauthorised access to client financial records and internal systems. The internal IT team suspects an insider threat, as investigations revealed weak internal access controls, poor segregation of duties, and insufficient security measures on the main network server.

 

SkyLink currently employs 220 staff at its main UK office but plans to expand rapidly over the next five years. Its growth strategy includes opening new offices in Europe, hiring additional development and compliance teams, and launching new financial advisory services to meet the needs of its growing client base.

 

As a cyber security consultant, you have been commissioned to:

  • Investigate the recent cybersecurity issues experienced by SkyLink Financial Systems Ltd.
  • Identify and assess existing vulnerabilities, with particular focus on insider threat risks.
  • Provide expert guidance on designing a secure and scalable network infrastructure for the company’s expanding operations.
  • Recommend appropriate security policies, technologies, and monitoring mechanisms to protect sensitive financial and customer data while supporting future business growth.

 

 

Brief

 

You are required to undertake several tasks to ensure SkyLink Financial Systems Ltd identify potential sources of its cybersecurity incident and then support in planning a secure network infrastructure.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           5 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Task 1: 2 hours 30 minutes

 

You must read the information on all pages provided for this task before starting your response.

 

(22 marks)

 

 

Scenario

 

Your line manager at SkyLink Financial Systems Ltd has asked you to investigate the recent cybersecurity and network performance issues the company has experienced. You have been provided with the following documents to support your investigation:

 

  • Control Document A: Current network set-up and topology

 

  • Control Document B: Problems and security incidents reported by users

 

  • Control Document C: Virtual Private Network (VPN) configuration and management system

 

You have been informed that the reported problems do not affect all users, suggesting potential inconsistencies in network configuration or access permissions.

 

Your line manager has instructed you to review and identify the root causes of these issues and to undertake a structured fault-finding investigation to help resolve them. This investigation should include a detailed analysis of the initial issues, potential security vulnerabilities, and recommended solutions.

 

Additionally, you are required to create a comprehensive test plan document that can be used by other IT team members to troubleshoot and assist users who experience similar network or VPN-related problems in the future.

 

Instructions for students

 

Using the information provided above and in control documents A and C, you should investigate and identify the root cause of any problems reported by users identified in control document B.

 

You should produce:

 

     your fault-finding investigation report (6 marks) which will include any recommended changes

 

     a test plan (16 marks) for use when troubleshooting network connectivity issues

 

Your test plan should include the following:

 

     user details

 

     test dates

 

     computer specification and software

 

     proposed tests

 

     expected/actual outcomes of tests

 

     ability to record changes based on test outcomes

 

     record of your investigation leading to solution

 

     user acceptance of completed work


 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           6 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Evidence required for submission to NCFE

 

One document consisting of:

 

     your fault-finding investigation report

 

     your test plan document

 

 

When you have completed this task, you should save in a .pdf format and name your file:

 

     Surname_Initial_student number_evidence reference (for example, Smith_J_123456789_Task1)

 

 

Additional guidance

 

For this task you will be issued with control documents A, B and C.

 

You will have access to a word processing application or other suitable software to enable you to complete this task.

 

Access to the internet is permitted.

 

Access to any online cloud storage is not permitted.

 

Use of online chat or emails is not permitted.

 

Access to previous class notes/teaching materials is not permitted.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           7 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Control document A: network set-up and topology (task 1)

 

Network set-up

 

Servers

 

Currently, SkyLink Financial Systems Ltd has 3 servers that are in its office. The first is a file and print server, providing file storage and printer management services to users. The second is the virtual private network (VPN) management system server that enables the Drone Display teams to communicate with the office network. The third server is the display information server that hosts a database of all the drone displays that have taken place or are going to happen.

 

The network has grown with the company, with new components being added without any review of their impact on the overall system. Consequently, there are performance issues throughout the network.

 

Device specifications

 

Server Name: file and print server

 

Operating system: Windows Server 2008

 

Roles:

 

o    file services

 

p    print services

 

q    domain name system (DNS) services

 

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

 

Server Name: virtual private network (VPN) management system server Operating system: Windows Server 2019 Roles:

 

     VPN access

 

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

 

Server Name: display information server

 

Operating system: Windows Server 2019

 

Roles:

 

     database server

 

The display information server hosts the database for every display, enabling staff to select appropriate, pre-defined and tested displays for different display venues.

 

The Drone Display team uses this server to create and update the drone displays.

 

Display teams can access the database remotely to download new and updated displays.

 

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

 

Personal Computers (PCs)

 

All PCs are allocated dynamic internet protocol (IP) addresses by the router from its private IP address space.

 

Dynamic host configuration protocol (DHCP) scope is 192.168.1.2-192.168.1.201.

 

All PCs run Windows 10 Professional and are installed with Office 365.

 


 

 

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

 

WiFi

 

A wireless access point (WAP) has recently been installed in the office to provide internet connections to visitors and for staff to use for personal use during breaks (for example, shopping). There is no connection to the company network. The WiFi does not have a password and is allocated an IP address of 192.168.2.1.

 

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           8 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Network topology diagram

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Devices

 

SkyLink Financial Systems Ltd has 220 employees in its single office and is expecting to grow rapidly in the next 5 years. There are currently 15 Drone Display teams.

 

The network of company devices has grown as the number of employees has increased. There has not been a proper review of the design of the network since it was created.

 

Office-based employees use desktop PCs to access network resources.

 

The majority of personal computers (PCs) and servers are assigned internet protocol (IP) addresses by dynamic host configuration protocol (DHCP). However, as the network has expanded in an unplanned manner as the company has grown, there may be some devices with static IP addresses. The network router, which connects all the PCs and servers to each other and to the internet, is an old domestic internet service provider (ISP) router that is struggling with the increasing number of clients that are on the network. It was designed for use in a domestic household, not in a company this size.

 

There are currently 15 Drone Display teams which travel the country setting up and hosting drone displays for the public using the display configurations that are created by the Display Creation team.

 

The Drone Display teams and Display Creation team primarily use the display information server for their daily work.

 

The human resources (HR) and other support teams primarily use the file and printer server for their daily work.


 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                           9 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Remote Access

 

Only the Drone Display teams should be able to access the network remotely. However, over the years, details for remotely accessing the network have been shared with other employees who have used them to allow informal home working.

 

The Drone Display teams use laptops with mobile phones to connect to the VPN management system server which allows them to download the configurations of displays from the display information server without needing to return to the office.

 

Staff Induction and training

 

There is no formal staff induction and no security awareness training for employees. New employees learn their jobs from their predecessor, if there is a handover period, or from their line manager and colleagues. However, line managers and colleagues are often very busy, and therefore limited in the amount of time they can spend with new employees.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                         10 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Control document B: problems reported by users (task 1)

 

 

User A – Financial Analyst
User A works in the office on a desktop computer running Windows 7 and Office 2010.
User A reports that they are unable to access certain financial databases and encounter frequent “connection timed out” messages when retrieving transaction reports.

 

User B – Compliance Manager
User B works both remotely and in the office.
User B reports that when working remotely, the VPN frequently disconnects and often displays an alert stating “Maximum concurrent connections reached.”
This prevents them from uploading compliance audit files on time.

 

User C – IT Security Officer
User C works in the head office.
User C reports that server access permissions appear to change unexpectedly, and that new administrator accounts occasionally appear without formal approval.
This raises concerns about possible unauthorised privilege escalation or insider misuse of credentials.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                         11 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Control Document C: virtual private network (VPN) management system

 

Virtual private network (VPN) policy for SkyLink Financial Systems Ltd

 

This VPN management system provides encrypted secure connections to the company network for employees working remotely at displays.

 

The system should provide the following features:

 

     encrypted connections for all traffic

 

     dedicated logins for remote users to ensure users have full access to network resources

 

     authenticated access to the network using trusted (corporate) devices.

 

Table 1: VPN management system allocations

 

Administrator Login

Admin

Allow shared

Enabled

 

 

administrator login

 

 

 

 

 

 

 

Administrator

12345678

Requires encryption

Disabled

Password

 

 

 

 

 

 

 

 

 

Current active user connections: 12/12 (0% licenses available)

 

 

 

 

 

 

 

Device

User

Authenticated

Encryption

 

 

 

 

 

 

Unknown

Admin

No

None

 

 

 

 

DronePhone71

Drone_Team_7

Yes

Yes

 

 

 

 

Becky’s iPhone

Admin

No

None

 

 

 

 

DronePhone141

Drone_Team_14

Yes

Yes

 

 

 

 

Unknown

Admin

No

None

 

 

 

 

DronePhone31

Drone_Team_3

Yes

Yes

 

 

 

 

Tom’s iPhone

Admin

No

None

 

 

 

 

DronePhone21

Drone_Team_2

Yes

Yes

 

 

 

 

DronePhone151

Drone_Team_15

Yes

Yes

 

 

 

 

AMS-213

Admin

No

None

 

 

 

 

Unknown

Admin

No

None

 

 

 

 

Unknown

Admin

No

None

 

 

 

 

 

 

1  This is a corporate (company-owned) mobile device.

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                         12 of 13


T Level Technical Qualification in Digital Support Services

 

Core skills, Cyber Security

Project brief – Task 1

 

 

Document information

 

All the material in this document is © NCFE.

 

‘T-LEVELS’ is a registered trademark of the Department for Education.

 

‘T Level’ is a registered trademark of the Institute for Apprenticeships and Technical Education.

 

‘Institute for Apprenticeships & Technical Education’ and logo are registered trademarks of the Institute for Apprenticeships and Technical Education.

 

Owner: Head of Assessment Solutions.


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Version: 1.0 October 2025 |                                                                                                                                                                         13 of 13

Comments

Post a Comment

Popular posts from this blog

TASK 1 MINE FULL

Image
      Introduction   I am a consultant who is working with TeachTechNow and I have been asked to make recommendations to secure the network and to resolve some specific issues that have been brought to my attention to the office there are currently a range of different issues and I will talk about them specifically what they are and what to do and how to mitigate these risks. I have been also told that that several organisations within the same sector have experienced successful cyber attacks and the board of directors are concerned with the management of the it systems at TeachTechNow and the impact it could have on their reputations so it is my job to ensure this does not happen and is prevented.         Overview of current issues:   Outdated operating systems One of the many factors that are making TeachTechNow have a insecure network is that they have old os systems and this is a major flaw and due to t...
Read more

Eveything TASK format

 You're in excellent shape — and yes, based on what you've now completed and plan to finish, you are in a strong position to earn full marks (6/6) for both parts of Task 4 , if you follow through properly . ✅ Let’s go over it clearly: 🧾 Part 1: Satisfaction Survey (6 marks) You already: ✔ Wrote thoughtful, varied questions ✔ Covered all required topics (ease of use, security, VPN/cloud access, confidence, secure work) ✔ Included different question types (tick boxes, yes/no, open, ranking, Likert scale) ✔ Aimed it at non-technical users ✔ Planned to add in formatting later (which is fine — it's expected) ➡️ As long as you add in the actual tick boxes, scales, and fix spelling/grammar , you’ll get full marks . 📄 Part 2: Project Summary (6 marks) You now have: ✔ A detailed overview of the original network weaknesses ✔ A clear list of solutions you implemented (cloud storage, VPN, hardware) ✔ A breakdown of security issues mitigated ✔ ...
Read more

Full format what i done at home questions

 Perfect — to help you achieve full marks (6 marks) on the sample satisfaction survey for Task 4, here's a fully expanded and professionally formatted version with a wide variety of question types , including: ✅ Yes/No ✅ Tick boxes ✅ Open-ended ✅ Ranking (1–10) ✅ Likert scale (Strongly Agree → Strongly Disagree) This version is clearly laid out, accessible for non-technical users , and specifically covers: Ease of use Network security Ability to connect to resources (especially via cloud/VPN) Confidence in security Ability to work securely and efficiently 📋 NexaTech IT Solutions – User Satisfaction Survey Thank you for taking part in this short survey. Your feedback helps us evaluate the effectiveness of our recent system upgrades, including new cloud storage and cloud-based VPN access. Section 1: General Usage and Frequency 1.1 Which department are you in? ☐ Finance  ☐ HR  ☐ Sales  ☐ IT  ☐ Operations  ☐ Other: ___________ 1.2 How often do you use...
Read more