City & Guilds Level 3 Security for

IT Users (ITS 7574-305)

ITQ
Assignment guide for Assessors
Assignment A www.cityandguilds.com
January 2024
Version 1.1
 About City & Guilds
City & Guilds is the UK’s leading provider of vocational qualifications, offering over 500 awards
across a wide range of industries, and progressing from entry level to the highest levels of
professional achievement. With over 8500 centres in 100 countries, City & Guilds is recognised by
employers worldwide for providing qualifications that offer proof of the skills they need to get the
job done.

City & Guilds Group

The City & Guilds Group includes City & Guilds, ILM (the Institute of Leadership & Management)
which provides management qualifications, learning materials and membership services, NPTC
which offers land-based qualifications and membership services, and HAB (the Hospitality Awarding
Body). City & Guilds also manages the Engineering Council Examinations on behalf of the
Engineering Council.

Equal opportunities
City & Guilds fully supports the principle of equal opportunities and we are committed to satisfying
this principle in all our activities and published material. A copy of our equal opportunities policy
statement is available on the City & Guilds website.

Copyright
The content of this document is, unless otherwise indicated, © The City & Guilds of London Institute
and may not be copied, reproduced or distributed without prior written consent. However,
approved City & Guilds centres and learners studying for City & Guilds qualifications may photocopy
this document free of charge and/or include a PDF version of it on centre intranets on the following
conditions:
• centre staff may copy the material only for the purpose of teaching learners working
towards a City & Guilds qualification, or for internal administration purposes
• learners may copy the material only for their own use when working towards a City & Guilds
qualification.

The Standard Copying Conditions (see the City & Guilds website) also apply.
Contains public sector information licensed under the Open Government Licence v3.0.

Publications
City & Guilds publications are available on the City & Guilds website or from our Publications Sales
department at the address below.

Every effort has been made to ensure that the information contained in this publication is true and
correct at the time of going to press. However, City & Guilds’ products and services are subject to
continuous development and improvement and the right is reserved to change products and
services from time to time. City & Guilds cannot accept liability for loss or damage arising from the
use of information in this publication.

City & Guilds

5-6 Giltspur Street
London EC1A 9DD
www.cityandguilds.com

2 Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305)

Contents

Unit 305 – Security for IT users Level 3

Assignment A

Introduction – Information for Marking Assessors 4

Marking and grading criteria 6
Marking summary 11

Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305) 3

 Level 3 Security for IT Users (ITS 7574-305)
Assignment A
Introduction – Information for Marking Assessors

About this document

This assignment comprises all of the assessment for Level 3 Security for IT Users (ITS 7574-305).

The task information for this assignment is contained in the Candidate Instructions document. The
following notes for guidance are provided to assist assessors in planning the delivery of the
assignment to candidates.

Important information
This document must not be shown to candidates prior to assessment.

Feedback may be given to candidates after the assessment using this document, but they must not
be allowed to keep a copy.

Health and safety

The importance of safe working practices, the demands of the Health and Safety at Work Act 1974
(HASWA) or national and / or local health and safety regulations, associated regulations and Codes
of Practice associated with the particular industry, must always be stressed. This will include
directives from the European Union (EU) where appropriate. Candidates have responsibilities for
maintaining the safety of others as well as their own. Anyone behaving in an unsafe fashion must be
stopped and a suitable warning given. A candidate should never be allowed to continue on an
assignment if they have contravened these requirements. This may seem rather strict but, apart
from the potentially unpleasant consequences, each candidate must acquire the habits required for
the workplace.

Location of assignment
Any suitable environment.

Equipment required for this assignment

It is assumed that candidates will be working on a Network system in which case they will have a
Home directory and read access to an area from which assignment information (files and
directories) can be read. If stand-alone computers are used, the assignment details can be placed
on the fixed disk, and the candidate files stored on removable storage media.

For Task B candidates should be provided with the following:

• A computer system with Internet access and Installed e-mail software

• Assorted security software eg Antivirus, Firewall, Spyware, Adware etc

Evidence and recording

Centres should ensure that all data produced by candidates is kept secure and that assignments
are, once downloaded, kept locked safely away until their use. It is the responsibility of the
centre/assessor to ensure that the candidate taking an assignment /test is the correct person.

4 Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305)

Ideally, centres should produce a written strategy outlining their procedures for ensuring the above
takes place.

Security
Centres should ensure that all data produced by candidates is kept secure and that assignments
are, once downloaded, kept locked safely away until their use. It is the responsibility of the
centre/assessor to ensure that the candidate taking an assignment /test is the correct person.
Ideally, centres should produce a written strategy outlining their procedures for ensuring the above
takes place.

Time considerations
Recommended time allowances have been allocated for each assignment; however they do not
form part of the marking criteria, and are for guidance purposes only. However, if you feel that a
candidate requires extra time to complete the assignment this is at the discretion of the Assessor.

It is recommended that the candidates should complete this assignment within two and a half
hours.

If the assignment is taken over more than one period, all removable media and paperwork must be
returned to the test supervisor at the end of each sitting.

A period of seven days must have elapsed before an unsuccessful candidate can retake this
assignment.

Files to be provided by the centre

For Task File specification Type File name

1 All .doc Answers 305 A

All files and worked examples are available from our website.

Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305) 5

 Level 3 Security for IT Users (ITS 7574-305)
Marking and grading criteria

How to mark this assignment

All candidate instructions are shown for ease of marking. A mark should be given for each task specified in the marking, if the candidate achieves it. At the end of
the marking criteria candidates' marks should be totalled and an overall grade should be given according to the prescribed number of criteria shown. Use all
available evidence to support the awarding of marks including electronic files, printouts etc. The Evidence and Recording column is shown as a suggestion.

Grading criteria
Pass – 26 criteria shown as ( ).

Please note: DO NOT MARK PRINTOUTS WITHOUT A NAME pages which contain handwritten footers may be marked but the marks specified for the footer may
not be awarded.

6 Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305)

 Task Outcome Evidence and Candidate instructions Marking criteria Marking
A Reference recording

1 1.1 Answers 305 A There are several different security issues that can Described all issues and threats in the ( )
threaten system performance. Refer to the scenario, using list
your Answers 305 A document provided by your (one mark for each) ( )
assessor, describe the threats by the following:
( )
• Spam E-mails
• Viruses ( )
• Worms
• Trojans ( )
• Spyware
( )
• Hackers.

2 1.1 Answers 305 A Using your Answers 305 A document provided by your Evaluation of threats by Spam e-mails ( )
assessor, evaluate the security issues threatening system eg inbox congestion, viruses, e-bombs
performance posed by each of the following: (causing multiple windows to open at ( )
once) etc
• Spam E-mails (one mark for each) ( )
• Viruses
( )
• Worms
• Trojans ( )
• Spyware
• Hackers. ( )

Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305) 7

 3 1.3 Answers 305 A There are many different threats to the information stored Described each threat from the list ( )
on IT systems. Using your Answers 305 A document given
provided by your assessor, describe each of the ( )
following:
( )
• Unauthorised access
• Accidental File deletion ( )
• Use of removable storage media
• Phishing ( )
• Unsecured networks
( )
• Default passwords.

4 1.3 Answers 305 A Using your Answers 305 A document provided by your Evaluated each threat from the list ( )
assessor, evaluate the threat to information security and given
integrity from each of the following: ( )

• Unauthorised access ( )
• Accidental File deletion
( )
• Use of removable storage media
• Phishing ( )
• Unsecured networks
• Default passwords. ( )

8 Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305)

 5 1.5 Answers 305 A Using your Answers 305 A document provided by your Has explained how to minimise the ( )
assessor, explain how to minimise security threats to IT security threats from six of the list
systems from six of the following: given ( )
• Spam E-mails
• Viruses ( )
• Worms
• Trojans ( )
• Spyware
• Hackers ( )
• Unauthorised access
• Accidental File deletion ( )
• Use of removable storage media
• Phishing
• Unsecured networks
• Default passwords.

Task B Outcome Evidence and Candidate instructions Marking criteria Marking

Reference recording

1 1.2 Assessor The computer system that you have been given by your Selected appropriate security software ( )
Observation assessor contains an e-mail account that has access to the from the selection given
Internet. There is no security software installed on the
machine, perform the following:
Installed the appropriate software ( )
• Select appropriate security software from the
selection given (a minimum of three software
applications). Updated all security software ( )
• Install appropriate security software packages
that will make the system secure
• Update all of the Installed security software
2 1.2 Answers 305 A Using your Answers 305 A document provided by your Evaluated the effectiveness of the ( )
assessor, evaluate the effectiveness of the installed installed security software
security software.

Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305) 9

 Task C Outcome Evidence and Candidate instructions Marking criteria Marking
Reference recording
1 1.6 Answers 305 A Develop security guidelines for the computer system that Has developed security guidelines that ( )
you used in Task B, the guidelines need to include: contain the following (one mark for
each):
( )
• Disaster recovery plans • Disaster recovery plans
• How to deal with security breaches • How to deal with security
breaches ( )
• Contingency systems
• Contingency systems
• Backup procedures including folders to be
backed up • Backup procedures ( )

2 1.7 Assessor Using the computer system given, create an additional New user account created with a ( )
Observation user account. suitable and secure password
User name: 305_its
Password: a suitable secure password using a minimum of
six characters, alpha numeric and special characters.

Note: record this password in your Answers 305 A

document provided by your assessor.
3 1.7 Assessor Using the new user account, demonstrate to your Initial stages of system back up ( )
Observation assessor how to begin a system back up as identified in demonstrated
your Security Guidelines.

Note: Do not carry out full back up.

10 Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305)

Level 3 Security for IT Users (ITS 7574-305)
Marking summary
Assignment A

About the Candidate

City & Guilds
Candidate
registration
name number

Centre
Centre name
number

About the assessment

Time started
Date of
assessment Time completed

Number of
( ) achieved

Pass – 26 criteria shown as ( ).

Overall grade
achieved

Signatures

Candidate
Date
Signature

Quality
nominee Date
(if sampled)

Assessor
Date
Signature

External
Verifier Date
Signature
(if sampled)

Level 3 Assignment A Version 1.1 Security for IT users (ITS 7574-305) 11

 Published by City & Guilds. City &
Guilds is a trademark of the City &
Guilds of London Institute.

City & Guilds

Giltspur House
5–6 Giltspur Street
London
EC1A 9DE

cityandguilds.com/about-us

12 Level 3 Assignment A Version 1.0 Security for IT users (ITS 7574-305)