Copy and paste from the following data to produce each assessment task. Write these in plain English and spell out how, when and where the task is to be carried out, under what conditions, and what resources are needed. Include guidelines about how well the candidate has to perform a task for it to be judged satisfactory.
Required skills
analytical skills to:
analyse network information
plan approaches to technical problems or management requirements
communication skills to:
convey and clarify complex information
liaise with clients
literacy skills to interpret and prepare technical documentation, including recording authentication events related to network security design and incident response
planning skills to plan control methods for managing authentication processes
problem-solving skills to:
apply solutions in complex networks, including systems processes
instigate rapid deployment of solutions to problems involving authentication failure and security incidents
technical skills to apply best practice to systems authentication methodologies and technologies.
Required knowledge
overview knowledge of:
problems and challenges dealing with organisational authentication issues
resource accounting through authentication
common virtual private network (VPN) issues, including quality of service (QoS) considerations, bandwidth, dynamic security environment
function and operation of VPN concepts
authentication adaptors
biometric authentication adaptors
digital certificates, such as VeriSign, X.509, and SSL
function and operation of authentication
network authentication services, such as Kerberos and NT LAN Manager (NTLM)
features of common password protocols, such as:
challenge handshake authentication protocol (CHAP)
challenge phrases
password authentication protocol (PAP)
remote authentication dial-in user service (RADIUS) authentication
token cards.
The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.
Server may include: | application or web building environmental assessment (BEA) Weblogic Certificate authority email file and print firewall file transfer protocol (FTP) IAS - RADIUS IBM VisualAge and WebSphere Microsoft domain controllers Novell Directory Services (NDS) proxy or cache routing and remote access, e.g. using virtual private network (RRAS-VPN). |
Users may include: | external client intranet remote. |
Protocols may include: | CHAP and PAP Kerberos lightweight directory access protocol (LDAP) network level authentication NTLM open LDAP simple and protected GSSAPI negotiation mechanism (SPNEGO) security support provider interface (SSPI). |
Methods may include: | certificates challenge response face, voice and unique bio-electric signals fingerprint ID card other biometric identifier pass phrase password PIN retinal pattern security token signature software token. |
Network may include: | data internet large and small local area networks (LANs) national wide area networks (WANs) private lines use of the public switched telephone network (PSTN) for dial-up modems only voice VPNs. |
Copy and paste from the following performance criteria to create an observation checklist for each task. When you have finished writing your assessment tool every one of these must have been addressed, preferably several times in a variety of contexts. To ensure this occurs download the assessment matrix for the unit; enter each assessment task as a column header and place check marks against each performance criteria that task addresses.
Observation Checklist