Unit 11 Cyber Security and Incident Management Assignment Brief
| Qualification | Pearson BTEC International Level 3 Qualifications in Information Technology |
| Unit Number | 11 |
| Unit Title | Cyber Security and Incident Management |
| GLH | 120 |
| Unit type | Internal set assignment |
Unit in Brief
Learners study cyber security threats and vulnerabilities, the methods used to protect systems against threats and how to plan for and manage security incidents.
Unit introduction
Our increasing reliance on computer systems and the data they contain makes us vulnerable to attacks from cyber criminals, and to the loss of these systems if there is an accident or a natural disaster. As IT system security is improved, more sophisticated methods of attack are developed, and it is important that organisations have robust plans in place to deal with a cyber security incident before it occurs. All IT professionals require a good understanding of the current threats to systems, how to apply appropriate and effective protection methods and how to manage a cyber security incident.
Countries throughout the world are accelerating efforts to address cyber security risks to their public- safety and mission- critical communications networks. In this unit, you will examine the many different types of cyber security attacks, the vulnerabilities that exist in networked systems and the techniques that can be used to defend an organisation’s networked systems. You will investigate the techniques used to assess risks and ways of planning to deal with the results of a cyber security incident and recover systems following an incident. You will examine scenarios, carry out risk assessments and prepare protection plans before protecting networked systems. You will also examine evidence from cyber security incidents and relevant security documentation, using the evidence to make recommendations for improvement.
As IT systems evolve, there is an increasing need for IT professionals to protect networked systems and the information they contain, while providing enhanced features and benefits for organisations, customers and individuals.
Learning Aims
In this unit you will:
A Understand cyber security threats, system vulnerabilities and security protection methods
B Explore the security implications of networked systems
C Develop a cyber security protection plan for a specified organisation
D Examine procedures to collect forensic evidence following a security incident.
Summary of Unit
| Learning aim | Key content areas | Assessment approach |
| A Understand cyber security threats, system vulnerabilities and security protection methods | A1 Cyber security threats
A2 System vulnerabilities A3 Legal responsibilities A4 Physical security measures A5 Software and hardware security measures |
This unit is assessed through a Pearson Set Assignment. |
| B Explore the security implications of networked systems | B1 Network types
B2 Network components B3 Networking infrastructure services and resources |
|
| C Develop a cyber security protection plan for a specified organisation | C1 Assessment of computer system vulnerabilities
C2 Assessment of the risk severity for each threat C3 A cyber security plan for a system C4 Internal policies C5 External service providers |
|
| D Examine procedures to collect forensic evidence following a security incident | D1 Forensic collection of evidence
D2 Systematic forensic analysis of a suspect system |
This unit is assessed through a Pearson Set Assignment. |
Assessment Criteria
| Pass | Merit | Distinction |
| Learning aim A: Understand cyber security threats, system vulnerabilities and security protection methods | AB.D1 Evaluate the effectiveness of the measures used to protect organisations from cyber security threats while taking account of the legal requirements. | |
| A.P1 Explain the different cyber security threats that can affect the IT systems of organisations.
A.P2 Explain the system vulnerabilities that can affect the IT systems of organisations. A.P3 Explain how organisations can use physical, software and hardware security measures to counteract security threats. |
A.M1 Assess the impact that cyber security threats can have on organisations’ IT systems while taking account of the legal requirements. | |
| Learning aim B: Explore the security implications of networked systems | B.P5 Explain how cyber security impacts networking infrastructure and resources. | |
| B.P4 Explain how different network types and components can be secured. | B.M2 Analyse the security implications of different networked systems. | |
| Learning aim C: Develop a cyber security protection plan | CD.D2 Evaluate the cyber security plan, including its impact on internal policies and external service providers. | |
| C.P6 Perform a risk assessment of system vulnerabilities.
C.P7 Produce a cyber security plan for an organisation’s IT system. |
C.M3 Justify the choice of security measures used to defend the IT systems of an organisation. | |
| Learning aim D: Examine procedures to collect forensic evidence following a security incident | D.P8 Explain the forensic procedures for collection of evidence following a security incident. | |
| D.P8 Explain the forensic procedures for collection of evidence following a security incident. | D.M4 Analyse how forensic procedures are implemented on a suspect system. | |
Essential information for Assignments
This unit is assessed using a Pearson Set Assignment Brief. A set assignment must be used to assess learners
Further information for teachers and assessors
Resource requirements
For this unit, learners must have access to IT systems typically found in schools, colleges, and offices such as:
- personal computers
- office productivity applications, e.g. word processing, databases, spreadsheets
- network connectivity
- internet access.
There are no additional specialist resources needed for this unit.
Essential information for assessment decisions
Throughout the unit, learners will show individuality of thought, independent collection, collation and judgement of evidence.
The name and details of the organisation will be given to learners in the set assignment.
Learning aims A and B
For Distinction standard, learners will produce an evaluation on the effectiveness of the measures used to protect organisations from cyber security threats and the implications while taking account of the legal requirements. Learners will apply knowledge and understanding of cyber security in unfamiliar scenarios in order to identify common and uncommon risks, and use an extended range of security protection measures to comprehensively secure an existing networked system.
The evidence will demonstrate high-quality written/oral communication through the use of accurate and fluent technical vocabulary, which supports a well-structured and considered response that clearly connects chains of reasoning.
For Merit standard, learners will assess the impact that cyber security threats can have on organisations’ IT systems, while taking account of the legal requirements.
Learners will present a reasoned and well-explained analysis based on the security implications of different networked systems.
The analysis will explore the impact the identified implications will have on the organisation.
The analysis will be balanced and supported by clear examples.
The evidence must be technically accurate and demonstrate good-quality written or oral communication.
Learners are able to apply knowledge and understanding of cyber security in unfamiliar scenarios in order to identify common and uncommon risks and use a range of security protection measures to comprehensively secure an existing networked system. They can give a valid justification for their design. Learners can design tests for a range of security procedures.
Learners are able to analyse some complex forensic evidence related to security incidents to produce coherent and convincing conclusions, together with alternative possibilities. They are able to identify a range of security weaknesses in a given scenario and make valid, realistic and mainly justified suggestions for improvement.
Learners will mainly use appropriate technical language consistently to communicate their ideas.
For Pass standard, learners will provide explanations on cyber security threats, system vulnerabilities and how to counteract them.
They will also explain how different network types and components can be secured, as well as how cyber security impacts networking infrastructure and resources.
Learners should apply their knowledge and understanding of cyber security in unfamiliar scenarios in order to identify common risks and use familiar security protection measures to improve the security of an existing networked system.
Learners will use some appropriate technical language to communicate their ideas.
Learning aims C and D
For Distinction standard, learners will draw on their knowledge to produce an evaluation of a cyber security plan, including its impact on internal policies and external service providers. Learners will also evaluate the impact forensic investigations can have on an organisation.
The evaluation will be informed by a balanced, wide-ranging review of the security plan and the impact on organisations of undergoing a forensic investigation into their IT systems.
Learners will use appropriate technical language consistently to communicate their ideas.
For Merit standard, learners will provide a clear, accurate and well-balanced analysis of how forensic procedures are implemented on suspect systems. They should consider all forensic procedures in the unit content as a guide. Learners should also provide clear justifications of security measures used to defend the IT systems of a given organisation.
For Pass standard, learners will carry out a risk assessment of the system vulnerabilities of a given organisation. They will create a cyber security plan for the given organisation as well as explore the forensic procedures for collection of evidence during a forensic investigation.
Learners will explore how forensic procedures can be used to collect evidence on a suspect system.
Assessment controls
Time: this assignment has a recommended time period. This is for advice only and can be adjusted depending on the needs of learners.
Supervision: you should be confident of the authenticity of learner’s work. This may mean that learners be supervised.
Resources: all learners should have access to the same types of resources to complete the assignment.
Research: learners should be given the opportunity to carry out research outside of the learning context if required for the assignment.
Links to other units
This unit links to:
- Unit 1: Information Technology Systems – Strategy, Management and Infrastructure
- Unit 2: Creating Systems to Manage Information
- Unit 3: Using Social Media in Business
- Unit 4: Programming
- Unit 9: IT Project Management
- Unit 13: Software Testing
- Unit 15: Cloud Storage and Collaboration Tools
- Unit 20: Business Process Modelling Tools.
Opportunities to develop transferable employability skills
In completing this unit, learners will have the opportunity to develop their IT skills and knowledge, including hardware, software and networks. Learners will also be able to enhance their ability to use logic and reasoning.
Are You Searching Answer of this Question? Request British Writers to Write a plagiarism Free Copy for You.
The post Unit 11 Cyber Security and Incident Management Assignment Brief 2026 appeared first on BTEC Assignment UK.