VLT2 Task 4

billyr2009

hi Everyone,
For those of your in the MS:ISA at WGU or have taken the program before, do you remember for VLT2 task 2, the RMF to do list, did you have problems with your originality report? I am using the same template provided in Taskstream and it gave 93% % for an originality report! Yikes, and to me 93% would mean a straight copy of another persons paper, but I didn't do that at all which leaves me confused.

harshvfx

There should be a high percentage rate as the form is the same. Only the answers should be different. You should be fine to turn it in.

msman89

The course tasks that does not reflect any real world scenarios. The task requirement does not clearly mention what is expected for each task starting from task1 to task4. The description of the scenario is very limited and students have to guess what technologies were to be used in a scenario and what documentations need to be used and referred!!

In 2015 trying to reason MS Access 97 on security course like this?!! Trying explain a dead technology after 18 years?!! Does anyone in WGU really care? Take a deep look at this course or is this just a filler course to make students struggle at the end? Internet blogs are full of bad reviews for this course by many students current and previous.

It looks like there is a deliberate attempt to find as many faults in a VLT2 tasks and trying to discourage students who spend hours, days and months to complete these tasks. WGU it seems are making unethical ways to slow down a student from completing their tasks on time and completing their course!!!

I cannot assume anything other than monetary benefits for sending the tasks back without proper explanations creating unusual delays in evaluations and hindering progress forward. A total of 9-10 days were lost just by waiting to know the results whereas earlier almost all other papers were evaluated within 24 hours. The tasks that were evaluated in 12-24 hours time which now takes 72 hours or more!! It seems like one of the strategies of WGU slowing down a student who is in accelerated the completion path.

Turnitin itself is flawed it was flagging 82% originality score for my own wordings?!! If WGU is so perfect why having a 1997 technology (MS Access) in a course like this, checked by a flawed turnitin system?!!

I really feel, WGU should look at MS ISA VLT2 course and their turnitin.com for originality scores.

srabiee

Very interesting. I would recommend contacting a course mentor as soon as possible regarding this issue. I would also mention it to your student mentor during your weekly assessment phone meeting, and perhaps even a call to Student Resources is in order. It's likely that they are aware of the issue and will advise you to ignore the Turnitin score for that particular assessment.

ratbuddy

I haven't heard a single good thing about that course. Unfortunately, I'll be taking it soon. Oh well.

msman89

Thanks srabiee, ratbuddy. I'm aready in touch with ecare and student mentor. Apparently it seems all the people, even the course mentors know these issues, but WGU it seems is reacting slowly. I hope future students may not have to go thru this.

ajmatson

msman89 wrote: »

Thanks srabiee, ratbuddy. I'm aready in touch with ecare and student mentor. Apparently it seems all the people, even the course mentors know these issues, but WGU it seems is reacting slowly. I hope future students may not have to go thru this.

Hey msman89 I feel your pain, mine is with Task1 for this course which has been sent back 4 times. The reasons each time is the evaluator does not agree with my "selections" for what the top threats are. The course mentor is no help and eCare sent back my paper without changing any of the original evaluators comments. The supervisor for eCare even admitted to me that the evaluators have no knowledge in our subjects they just use their best judgement. That's crap to me. My last revision was sent back because they didn't think that Website Defacement was a threat to a website. REALLY? How can WGU go on like this? It's so frustrating.

srabiee

What did the course mentors and your student mentor say about this? Also, have you contacted student services and asked them to escalate the issue?

TranceSoulBrother

ajmatson wrote: »

Hey msman89 I feel your pain, mine is with Task1 for this course which has been sent back 4 times. The reasons each time is the evaluator does not agree with my "selections" for what the top threats are. The course mentor is no help and eCare sent back my paper without changing any of the original evaluators comments. The supervisor for eCare even admitted to me that the evaluators have no knowledge in our subjects they just use their best judgement. That's crap to me. My last revision was sent back because they didn't think that Website Defacement was a threat to a website. REALLY? How can WGU go on like this? It's so frustrating.

I had the same issues with TFT2 tasks getting kicked back for them not agreeing with my policy choices. I had to engage the course mentor and rewrite my papers 3 times each before passing. Let's see how this course shakes up. Started the reading today

ratbuddy

They don't mean 'threats' as in 'threat actors,' they mean it as in 'attack threats' such as denial of service attack, virus attack, social engineering attack, etc.

TranceSoulBrother

I must be lucky or just plain studious. Completed the first three tasks on first look. Waiting for task 4 to be graded

Rastech29

I am at lost as well just submitted the task 2 waiting for evaluation to be completed. Started task 3 and kind of confused what do they mean by policy. Are they referring blsr sample as the policy. Please can anyone clarify this for me. Thanks
Rosh

TranceSoulBrother

Look at the as-is audit questionnaire and add other question sets per ISO27002 categories to complement it.

Rastech29

Hi Trance thank for your help, I understand the question but not what are they calling a policy? There is BLSR sample in the document are they calling that a policy? because risk assessment does not contain any policies.

Thanks
Rosh

TranceSoulBrother

Task 3 has the as-is questionnaire posted and asks you to develop two new question sets based on ISO27002 that could be potentially added to that questionnaire.
Look up the sections of ISO27002 and develop some questions about Policies, Procedures and Practices.
For example, one of the sections for ISO27002 is Access Control. A policy question would be if such a policy exists, what details does it include, and what SOP is in place for possible breach...Procedures would be how to implement Access Control while Practices questions would be to find out about daily activities for Access Control measures, if and how often are they audited....
Then write a justification for the inclusion of such questions.
Follow the provided question sets to develop similar questions for two new questions sets.
This site shows the various sections in ISO27002: ISO/IEC 27002 code of practice

Rastech29

Thanks Trance you are talking about the part 2 of the question. The part 1 is we need to find out what policies are implaced looking at the risk assessment. I am a bit confused there. Blsr has many policies listed but ogg is not following any of those. I have seen a trend with all the tasks none of them provide any details and a student has to always speculate.

ratbuddy

If you haven't already, make sure to get the **** sheets and extra materials from the course mentors. They are very helpful for this course.

markulous

ratbuddy wrote: »

If you haven't already, make sure to get the **** sheets and extra materials from the course mentors. They are very helpful for this course.

My mentor for my BS would give me these by default. Seems this time around I have to really beat my head against the wall with Taskstream before they give it to me.

Rastech29

spoke to course mentor today, they haven't completed these sheets for vlt2 task 3 & 4. What I am finding is there is no right or wrong answer to any of the tasks, as long you are able to convince the evaluator you are good.

Following are the as-is questions
Does a policy that addresses the need for risk management exist? my answer would be yes because I think it exist according to page 4 & 7 OMB Circular No. A-130

Question
Is there a section in the policy that includes multi-perspectives on risk including the following:
• Threat
• Asset
• Vulnerability space
• Business impact assessment

Well how would we know that if they didn't attach a company's policy along with the risk assessment or a copy OMB Circular. This is what upsets me, they always give half of the information.

I am ready pull my hairs out on this one.

TranceSoulBrother

You are overthinking it.
Look at the risk assessment. If it states that a policy exists, mark it and justify per ISO27002, if not, then say so.
For that question posted, find out from the risk assessment again. If it states that a policy exists, then justify the need for such a section. If not, state it that a policy doesn't exist therefore such a section doesn't exist and post a justification. i.e for Risk Management, it's section 5.2 of ISO 27002.
Look in the course chatter or course tips section. They post the tip sheets for the tasks. Unless recently updated, there are tip sheets for all tasks.

My advice: I found out that it doesn't pay to stress too much with these graders. I did it at first and it depressed me and led to wasted time.
What I do now is read the material to learn, google to understand more, then write enough for the tasks. Don't embellish or create a work of art. No matter how much effort you spend or brain cells you kill, a Pass will net you a 3.0 GPA in the end. So focus on learning and answering the tasks to pass.

abupc

I am having trouble with VLT2 task 3, this course is from the devil! It says to use ISO 27002:2005, but how does that help me answer the questions about procedures? Does the procedure include a breadth of scope? Does the breadth of scope include the following:
• Threat
• Asset
• Vulnerability space
• Business impact assessment

good2go_1970

I totally agree with you. In the real world, you would have a policy to review to answer these questions. I just turned Task 3 in for the first time, I could answer yes and no for almost all the answers depending on how they want to slant it. If it isn't listed in the risk assessment, then they are "assumed" to be compliant right.... Wel the course tips didn't help at all, and the course mentor said to answer every question as a now and provide an ISO link and list the steps needed to become compliant. The problem, ISO doesn't list the steps and you cant find some of what they are asking in the ISO standards. I searched and search but came up with nothing. I just thought of a real world application to the question and answered accordingly. I hope they like my answers. This whole course (VLT2) is completely flawed in so many ways, hopefully the feedback I send them is reviewed and acted upon. Rastech29, did you ever finish the class?

abupc

To my surprise they accepted task 3 on the first try. I answered no to every question, gave examples of what HBWC needs to do, and referenced the standard. Task 4, sent that in last night and it passed too. Glad this course is over!