List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Determine encryption methods | 1.1 Analyse enterprise data security requirements 1.2 Create a new or review an existing security plan to determine appropriate encryption methods 1.3 Review a range of encryption technologies and rank the most appropriate options 1.4 Assess the costs associated with each encryption option 1.5 Document encryption options and costs, and forward to appropriate person for decision |
2. Implement encryption | 2.1 Apply encryption technologies to the enterprise system 2.2 Analyse effect of encryption technologies on user roles and responsibilities 2.3 Inform user of new encryption technologies and the effect it has on their responsibilities |
3. Monitor encryption | 3.1 Analyse implementation of the encryption technologies, confirming function and performance 3.2 Review help desk records for problems concerning implementation and take appropriate action 3.3 Review system logs for encryption issues and compromises 3.4 Document encryption issues and compromises, and notify appropriate person |
Evidence of the ability to:
analyse enterprise data security requirements
create or review existing security plan to determine the appropriate encryption methods
rank and document appropriate encryption methods
implement encryption systems and inform users of any impacts
monitor and document encryption issues and compromises, and notify appropriate person.
Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.
To complete the unit requirements safely and effectively, the individual must:
explain certificate related infrastructure (certificate authorities, registration authorities, repository services)
summarise common asymmetric key algorithms and their usage
explain common symmetric key algorithms and their usage, such as:
advanced encryption standard (AES)
data encryption standard (DES)
triple data encryption algorithm (triple DES)
Blowfish
explain encryption strength
summarise various encryption types, including public key, secret key, hash key
summarise the functions and features of:
access control permissions
digital signatures
symmetric encryption, asymmetric encryption and one-way encryption
timestamps
explain one-way message digests, such as message digest algorithm 5 (MD5) and secure hash algorithm (SHA)
explain public key infrastructure (PKI), pretty good privacy (PGP) and GNU Privacy Guard (GnuPG)
outline replay security
outline possible sources of security threats, including eavesdropping, data interception, data corruption, data falsification and authentication issues
explain transmission control protocol or internet protocol (TCP/IP) protocols and applications
summarise security problems and challenges that arise from organisational issues
outline wired equivalent privacy (WEP), Wi-Fi protected access (WPA) and Wi-Fi protected access 2 (WPA2).
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the network industry, and include access to:
a site where encryption installation may be conducted
a live network
servers
encryption software
encryption tools.
Assessors must satisfy NVR/AQTF assessor requirements.