22603VIC: Certificate IV in Cyber Security

Assignment Overview

Part 1 Task 1 - Undertake research and write a draft research report 

After the students read through the scenario comes Part 1 Task 1. Students will complete Part A of the Report Template. Students need to go through all the documents mentioned above:

• Gelos’ information and security policies and the three policies outlined above

• The Initial Data Report

• Results of the employee survey. (Which is part of the Initial Data Report)
  This initial draft report does not deep dive into the policies. In Part 3 Task1, student will need to do more thorough research into Gelos’ policies and procedures.

Part 1 Task 2 

Students are then to email Gelos Enterprises stakeholder/s requesting their review and feedback on the draft research report. Students will use the Gelos email template for submission.

Part 1 Task 3

The feedback from the Gelos stakeholders is positive, and the students are now tasked with developing a project plan.
Something important to note: At this point, students may not be clear about the objectives of the project. However, as we continue reading the document, in Part 3, we see that students are to develop and evaluate an Incident Response Plan by running a blue/red teaming exercise.
Therefore, you will find out that the Project Plan includes sections where students are required to:

• form red and blue teams

• write a list of tasks to be completed which will then be used to form a Gantt chart.

• make a list of project deliverables, which are tangible outputs of their work, such as the red team playbook, blue team observation checklists, incident response plan, end of project report, etc.
  This task comes with a detailed description of what is required for the project along with a map of the document. Bear in mind that the findings of this exercise will be used to improve Gelos’ cyber security procedures and protocols, which is why DataTrust was hired in the first place.

Part 2: Distribute project plan to stakeholders 

Students are then to email Gelos Enterprises stakeholders requesting their review and feedback on the project plan. Students will use the same Gelos email template that was used in Part 1 Task 2.

Part 3 Task 1: Undertake detailed research into Gelos cyber security systems 

Students will complete Part B of the Report Template and finalise the document that they worked on in Part 1 Task1. This section of the report will be an evaluation of Gelos’ internal policies, procedures, and systems. Students have been provided with a detailed list of entries to include in this section along with a network diagram of Gelos’ network.

Part 3 Task 2: Develop an Incident Response Plan (IRP) 

In this part of the project, students are to produce a Red Team Playbook and an Incident Response Plan (IRP). There are instructions on what needs to go into the IRP. The template has a well-defined structure that students should follow when writing the response plan. In the project document, there is a reference to all the labs students did as part of their Network and Pentesting training. These labs can be used as range of attacks when students are developing their red team playbooks. The task description also mentions about a blue team playbook and purple teaming activities however these documents do not exist. These should be included in the IRP.

Part 3 Task 3: Execute the Incident Response Team exercise

This is the red/blue teaming exercise that will be performed by the students. There are detailed instructions in the project document on how to run the exercise and what information to capture during the exercise. Student will rely on the red team playbook and the Incident Response Plan that they have created in the previous tasks. Each team will get a chance to do both red and blue teaming. At the end of the exercise, students will submit a blue team observation checklist.

Part 4: Evaluate the Incident Response Plan exercise 

Students are now to write an end of project report to evaluate the IRTx and identify areas in which Gelos can improve its cyber-security systems. The document template contains guidance on what information to put into each section of the report.

Part 5 Task 1: Develop and present Cyber-Security Implementation Plan 

The purpose of this exercise is to write an implementation plan based on the findings of the previous report. Once the report is finalised it will then be presented to the Gelos stakeholders. The report template contains guidance on what to write for each section.

Part 5 Task 2: Present research findings, recommendations and lessons learnt 

In this final task, students will present the implementation plan developed in the previous task to Gelos stakeholders. The instructions in the project document outline the topics of discussion students should cover including recommendations from the implementation plan developed in the previous task, and advice on best cyber security hygiene practices. Students should submit the PowerPoint file after the presentation along with an email requesting final project sign-off from sponsor and key stakeholders.

Case Study 1

Cybersecurity issues are continuing to grow at an alarming rate. With so many accessing the internet daily, the risk of online crime, stolen information, and exploitation is rising.
Gelos Enterprises, a leading Australian organisation that offers services to Australian businesses, has engaged with DataTrust, a cyber security specialist company, to undertake security testing and audit their cyber security procedures and protocols. They have also been asked to research and report the nature of any cyber security issues impacting their organisation.
In addition to the cybersecurity audit to be performed, Gelos Enterprises suspects a data breach through a publicly exposed system or service. This breach may have allowed attackers to access sensitive customer information. Gelos Enterprises is particularly concerned that a subset of customers’ data, including home addresses and government IDs (such as passports and driver’s licence numbers), may have been stolen. For these customers, the risk is significant, as hackers can use these documents to apply for loans or other financial services. Identity theft can have severe and ongoing consequences for a person’s finances and credit score.
Gelos Enterprises estimates that, in the worst-case scenario, up to 3.4 million customers may have had their data compromised due to the attack, with 1.38 million severely impacted. Gelos is also concerned that 15,000 valid driver’s licence numbers may have been exposed. Additionally, 10,000 customers with highly sensitive personal information, such as passport numbers, could be at risk.

Details of the cyber security incident:
Working from home after a long weekend, Fernando Remi, a senior consultant with the Gelos Enterprises Operations Team, could not access the Gelos network. After multiple attempts, he could finally log on; however, the system was very slow and eventually shut down. This raised concerns for Fernando, who mentioned it to his manager, Chris Smith, who suggested he report the issue to the organisation's Security Administrator, Lee Dowling. Lee was prompt to respond and wasted no time investigating the issues Fernando described.
After his initial enquires and review, Lee discovered that there’s a high probability that Gelos Enterprises may have experienced a data breach. Lee’s concern is further elevated because highly sensitive customer information may have been compromised.
Upon further investigation, Lee also found out that the security controls failed to meet the required organisational standards as most of the software was outdated. Furthermore, he identified that the security patches also need updating. From his findings, Lee concluded that the likelihood of an infected malware was extremely high.
Using his administrator privileges, Lee attempted to rectify the issues himself, to no avail. He then discussed the issues with his colleague Lucas Isaaks from the ICT department, who advised him to report the issue to the IT Security team as soon as possible.
The IT Security Team were immediately alerted, and it was decided that Gelos Enterprises would engage with DataTrust to audit their cyber security procedures and protocols and run thorough security testing.

Summary of Assessment Requirements

The assessment is structured into multiple parts, each designed to progressively build the student’s competency in cyber-security research, analysis, planning, execution, and reporting. Key requirements include:

Part 1

• Task 1: Conduct preliminary research into Gelos’ policies, procedures, and cyber-security posture. Complete Part A of the Research Report Template using information such as:

  • Gelos’ internal security policies

  • Initial Data Report

  • Employee survey results

• Task 2: Email stakeholders using the Gelos template to request review and feedback on the draft report.

• Task 3: Develop a Project Plan, including:

  • Formation of red and blue teams

  • List of tasks → Gantt chart

  • Project deliverables (playbooks, checklists, IRP, end project report)

Part 2

• Distribute the project plan to Gelos stakeholders for review and feedback.

Part 3

• Task 1: Conduct detailed research and complete Part B of the Research Report Template.

• Task 2: Develop:

  • Red Team Playbook

  • Incident Response Plan (IRP)

  • Include blue team playbook & purple teaming sections within the IRP.

• Task 3: Execute a Red/Blue Team exercise and submit a blue team observation checklist.

Part 4

• Evaluate the IRP exercise and write the End of Project Report, identifying improvements for Gelos’ cyber-security systems.

Part 5

• Task 1: Develop and present the final Cyber-Security Implementation Plan.

• Task 2: Present findings to stakeholders, submit PowerPoint slides, and send an email seeking final project sign-off.

Case Study

The scenario centres on a major potential data breach at Gelos Enterprises affecting up to 3.4 million customers, with risks involving:

• Identity theft

• Exposure of driver’s licences, addresses, and passports

• Possible malware infection

• Outdated software and missing security patches

• Internal detection by Gelos staff followed by escalation to DataTrust

How the Academic Mentor Guided the Student 

1. Understanding the Scenario and Requirements

The mentor first helped the student thoroughly read the case study and understand the cybersecurity incident involving Gelos Enterprises.
Focus areas emphasised:

• Nature and scale of the breach

• Importance of organisational policies

• Role of DataTrust in auditing the system

• Purpose of red/blue teaming in strengthening cyber security

This set the foundation for completing the tasks logically.

2. Part 1 – Building the Initial Research and Communication

Task 1 – Draft Research Report

The mentor guided the student to:

• Extract key information from the Initial Data Report, employee survey, and Gelos security policies.

• Summarise observations rather than deep-dive, because deeper analysis comes in Part 3.

• Fill out Part A of the Report Template clearly and factually.

Task 2 – Stakeholder Email

The mentor demonstrated:

• How to apply the correct email format from the Gelos template.

• Concise communication: request feedback, attach draft, clarify purpose.

• Maintaining professional tone.

Task 3 – Project Plan Development

The mentor broke down the project plan requirements:

• Identify tasks for the Gantt chart

• Form the red and blue teams

• List deliverables such as:

  • Red team playbook

  • Observation checklists

  • IRP

  • End of project report

• Align project plan with objectives revealed later in Part 3 (developing and evaluating an IRP).

3. Part 2 – Submitting the Project Plan

The mentor reinforced the importance of:

• Professional communication

• Stakeholder engagement

• Requesting feedback and maintaining iterative improvement

Students reused the same template to ensure consistency.

4. Part 3 – Technical Deep Dive and Security Planning

Task 1 – Detailed Research

The mentor supported the student in:

• Completing Part B of the Research Report Template

• Evaluating Gelos' cyber-security systems

• Analysing the network diagram

• Reviewing internal security controls, patching issues, outdated software, and potential entry points

Task 2 – Developing the IRP & Playbooks

The guidance included:

• Structuring the IRP using the provided template

• Designing realistic attack scenarios inspired by their lab exercises

• Writing:

  • Red team playbook

  • Blue team and purple team components

• Ensuring the IRP is actionable and realistic

Task 3 – Running and Documenting the IRT Exercise

The mentor walked the student through:

• How to simulate attacks (red team)

• How to respond, detect, and contain incidents (blue team)

• How to document findings in the observation checklist

5. Part 4 – End of Project Evaluation

The mentor instructed how to:

• Analyse the results of the IRT exercise

• Identify gaps in Gelos’ cyber security posture

• Recommend improvements in the End Project Report, aligned with industry standards

6. Part 5 – Implementation Plan & Final Presentation

Task 1 – Implementation Plan

The mentor helped the student:

• Convert the evaluation findings into actionable cybersecurity improvements

• Present timelines, responsibilities, and priority levels

• Include governance, resources, and communication strategies

Task 2 – Final Presentation

Students were guided on:

• Structuring a professional PowerPoint

• Summarising findings and recommendations

• Delivering best-practice cyber-hygiene advice

• Sending a final sign-off request email

Final Outcome and Learning Objectives Achieved

By following the step-by-step guidance, the student successfully:

Completed all required documents

• Part A & B Research Reports

• Stakeholder emails

• Project Plan & Gantt chart

• Red Team Playbook

• Safety & Observation Checklists

• Incident Response Plan

• End of Project Report

• Cyber-Security Implementation Plan

• Final Presentation Slides

Developed Core Cyber-Security Skills

• Cyber-security analysis and auditing

• Identification of vulnerabilities

• Incident response planning

• Red and blue team strategies

• Technical documentation

• Risk assessment and mitigation

• Professional reporting and communication

Demonstrated Critical Learning Objectives

• Understanding of organisational cyber-security frameworks

• Ability to analyse real-world cyber incidents

• Designing and executing incident response exercises

• Evaluating and improving policies and systems

• Presenting complex cyber-security concepts to stakeholders

Get Your Reference Sample – Use It Wisely and Boost Your Academic Confidence

Before you move on, make sure to download the sample assignment solution provided on this page. It’s a helpful reference designed to guide your understanding of structure, formatting, and academic expectations. Please remember: this sample is strictly for reference and learning purposes only. Submitting it as your own work may lead to plagiarism penalties.

If you need a fresh, original, and plagiarism-free assignment tailored to your specific requirements, our team of professional academic writers is ready to help. We deliver custom-written solutions that follow your guidelines closely, ensuring high-quality content and complete academic integrity.

Why Order a Fresh Assignment Solution?

• 100 percent original and plagiarism-free content

• Written by qualified academic experts

• Tailored to your topic, instructions, and university guidelines

• Delivered on time with guaranteed confidentiality

• Helps you learn, understand, and score better

Take the next step with confidence. Use the sample as a guide, and choose a customised solution when you need guaranteed originality and support.

Call-to-Action

Download Sample Solution      Order Fresh Assignment