task brief

 

Scenario

You are a junior cyber security technician who has been hired by Shooting Star Drones Ltd to address some of the issues that it has recently experienced with its network and suspected unauthorised external access to its systems.

Shooting Star Drones Ltd has been operating for 3 years and has a reputation for innovative and spectacular drone displays. The company aims to provide cheaper, more environmentally friendly drone displays to replace traditional fireworks. Displays can be of different sizes with displays often using up to 1000 drones.

The company has 220 employees in its single office and is expecting to grow rapidly in the next 5 years.

 

 

Brief

As part of your role, you are involved in a large security management project to identify and remediate the possible security breach. You have also been asked to support members of staff who require network support. You should identify the cause of the problems raised by users and help them resolve their issues.

Task 1: 2 hours 30 minutes

 

You must read the information on all pages provided for this task before starting your response.

[22 marks]

 

Scenario

The helpdesk manager has asked you to investigate the problems that the users are having. You have been provided with the following documents:

·       Control Document A: network set-up

·       Control Document A: network topology diagram

·       Control Document B: problems reported by users

·       Control Document C: virtual private network (VPN) management system

Your line manager has asked you to find and review the cause of the problems and undertake a fault-finding investigation to help resolve the issues. This investigation should analyse the initial issues and consider ways to resolve the problems. They have also asked you to create a test plan which can be used by other team members to assist other users who encounter the same problem.

 

Instructions for students

Using the information provided above and in Control Documents A and C, you should investigate and identify the root cause of any problems reported by users identified in Control Document B.

You should produce:

·       your fault-finding investigation report which will include any recommended changes [6 marks]

·       a test plan for use when troubleshooting network connectivity issues [16 marks]

Your test plan should include:

·       user details

·       test dates

·       computer specification and software

·       proposed tests

·       expected / actual outcomes of tests

·       ability to record changes based on test outcomes

·       record of your investigation leading to a solution

·       user acceptance of completed work.

Evidence required for submission to NCFE

A document that contains:

·       your fault-finding investigation report

·       your test plan document

When you have completed this task, you must save in PDF and name your file:

·       Surname_Initial_unique learner number_evidence reference (for example: Smith_J_123456789_Task1_investigation report.pdf)

 

Additional guidance

For this task you will be issued with Control Documents A, B and C.

You will have access to a word processing application or other suitable software to enable you to complete this task.

Access to the internet is permitted.

Access to any online cloud storage is not permitted. Use of online chat or emails is not permitted.

Access to previous class notes / teaching materials is not permitted.

Control Document A: network set-up (task 1)

 

Servers

Currently, Shooting Star Drones Ltd has 3 servers in its office. The first is a file and print server, providing file storage and printer management services to users. The second is the virtual private network (VPN) management system server that enables the Drone Display teams to communicate with the office network. The third server is the display information server that hosts a database of all the drone displays that have taken place or are going to happen.

The network has grown with the company, with new components being added without any review of their impact on the overall system. Consequently, there are performance issues throughout the network.

Device specifications

Server Name: file and print server Operating system: Windows Server 2008 Roles:

·       file services

·       print services

·       domain name system (DNS) services

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

Server Name: virtual private network (VPN) management system server

Operating system: Windows Server 2019

Roles:

·       VPN access

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

Server Name: display information server Operating system: Windows Server 2019 Roles:

·       database server

The display information server hosts the database for every display, enabling staff to select appropriate, pre- defined and tested displays for different display venues.

The Drone Display team uses this server to create and update the drone displays. Display teams can access the database remotely to download new and updated displays.

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

Personal Computers (PCs)

All PCs are allocated dynamic internet protocol (IP) addresses by the router from its private IP address space. Dynamic host configuration protocol (DHCP) scope is 192.168.1.2-192.168.1.201.

All PCs run Windows 10 Professional and are installed with Office 365.

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

WiFi

A wireless access point (WAP) has recently been installed in the office to provide internet connections to visitors and for personal use by staff during breaks (for example, shopping). There is no connection to the company network. The WiFi does not have a password and is allocated an IP address of 192.168.2.1.

----------------------------------------------------------------------------------------------------------------------------- ----------------------------

Control Document A: network topology diagram (task 1)

 

Devices

Shooting Star Drones Ltd has 220 employees in its single office and is expecting to grow rapidly in the next 5 years. There are currently 15 Drone Display teams.

The network of company devices has grown as the number of employees has increased. There has not been a proper review of the design of the network since it was created.

Office-based employees use desktop PCs to access network resources.

The majority of personal computers (PCs) and servers are assigned internet protocol (IP) addresses by dynamic host configuration protocol (DHCP). However, as the network has expanded in an unplanned manner as the company has grown, there may be some devices with static internet protocol (IP) addresses. The network router, which connects all the PCs and servers to each other and to the internet, is an old domestic internet service provider (ISP) router that is struggling with the increasing number of clients that are on the network. It was designed for use in a domestic household, not in a company this size.

The Drone Display teams and Display Creation team primarily use the display information server for their daily work.

The human resources (HR) and other support teams primarily use the file and printer server for their daily work.

Remote Access

Only the Drone Display teams should be able to access the network remotely. However, over the years, details for remotely accessing the network have been shared with other employees who have used them to allow informal home working.

The Drone Display teams use laptops with mobile phones to connect to the VPN management system server which allows them to download the configurations of displays from the display information server without needing to return to the office.

Staff Induction and training

There is no formal staff induction and no security awareness training for employees. New employees learn their jobs from their predecessor, if there is a handover period, or from their line manager and colleagues, though these are often very busy and therefore limited in the amount of time that they can spend with new employees.

Control Document B: problems reported by users (task 1)

User A – Drone Display team 1 team leader

User A – works remotely, running drone displays

User A – reports trouble remotely accessing the company network when all the teams are deployed running displays

 

 

User B – sales manager

User B – works in the office

User B – reports being unable to access a presentation that was stored on the file and print server using the WiFi

 

 

User C – HR assistant

User C – works in the office

User C – reports that the file and print server can often be unavailable to users, especially following a restart (after a power outage or software update) and when there are a lot of people in the office. The problem often fixes itself when the number of people in the office reduces for example, at lunch times and at the end of the day.

Control Document C: virtual private network (VPN) management system (task 1)

Virtual private network (VPN) policy for Shooting Star Drones Ltd

This VPN management system provides encrypted secure connections to the company network for employees working remotely at displays.

The system should provide the following features:

·       encrypted connections for all traffic

·       dedicated logins for remote users to ensure users have full access to network resources

·       authenticated access to the network using trusted (corporate) devices

Table 1: VPN management system allocations

 

Administrator Login	Admin	Allow shared administrator login	Enabled
Administrator Password	12345678	Requires encryption	Disabled
Current active user connections: 12/12 (0% licenses available)
Device	User	Authenticated	Encryption
Unknown	Admin	No	None
DronePhone71	Drone_Team_7	Yes	Yes
Becky’s iPhone	Admin	No	None
DronePhone141	Drone_Team_14	Yes	Yes
Unknown	Admin	No	None
DronePhone31	Drone_Team_3	Yes	Yes
Tom’s iPhone	Admin	No	None
DronePhone21	Drone_Team_2	Yes	Yes
DronePhone151	Drone_Team_15	Yes	Yes
AMS-213	Admin	No	None
Unknown	Admin	No	None
Unknown	Admin	No	None

1 This is a corporate (company-owned) mobile device.

Document information

Copyright in this document belongs to, and is used under licence from, the Institute for Apprenticeships and Technical Education, © 2025.

‘T-LEVELS’ is a registered trade mark of the Department for Education.

‘T Level’ is a registered trade mark of the Institute for Apprenticeships and Technical Education.

‘Institute for Apprenticeships & Technical Education’ and logo are registered trade marks of the Institute for Apprenticeships and Technical Education.

The T Level Technical Qualification is a qualification approved and managed by the Institute for Apprenticeships and Technical Education.

NCFE is authorised by the Institute for Apprenticeships and Technical Education to develop and deliver this Technical Qualification.

Owner: Head of Assessment Solutions.