List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Plan advanced network server security according to business needs | 1.1 Consult with client and key stakeholders to identify security requirements in an advanced network server environment 1.2 Analyse and review existing client security documentation and predict network service vulnerabilities 1.3 Research network authentication and network service configuration options and implications to produce network security solutions 1.4 Ensure features and capabilities of network service security options meet the business needs 1.5 Produce or update server security design documentation to include new solutions 1.6 Obtain sign-off for the security design from the appropriate person |
2. Prepare for Network server security implementation | 2.1 Prepare for work in line with site-specific safety requirements and enterprise occupational health and safety (OHS) processes and procedures 2.2 Identify safety hazards and implement risk control measures in consultation with appropriate personnel 2.3 Consult appropriate person to ensure the task is coordinated effectively with others involved at the worksite 2.4 Back up server before implementing configuration changes |
3. Configure the advanced network server security according to design | 3.1 Configure update services to provide automatic updates to ensure maximum security and reliability 3.2 Configure network authentication, authorisation and accounting services to log and prevent unauthorised access to the server 3.3 Configure basic service security and access control lists to limit access to authorised users, groups or networks 3.4 Implement encryption as required by the design 3.5 Configure advanced network service security options for services and remote access 3.6 Configure the operating system or third-party firewall to filter traffic in line with security requirements 3.7 Ensure security of server logs and log servers are appropriately implemented for system integrity 3.8 Implement backup and recovery methods to enable restoration capability in the event of a disaster |
4. Monitor and test network server security | 4.1 Test server to assess the effectiveness of network service security according to agreed design plan 4.2 Monitor server logs, network traffic and open ports to detect possible intrusions 4.3 Monitor important files to detect unauthorised modifications 4.4 Investigate and verify alleged violations of server or data security and privacy breaches 4.5 Recover from, report and document security breaches according to security policies and procedures 4.6 Evaluate monitored results and reports to implement and test improvement actions required to maintain the required level of network service security |
Evidence of the ability to:
identify network service security vulnerabilities and appropriate controls
plan, design and configure a secure network authentication service
secure a wide range of network services to ensure server and data security, including:
dynamic name system (DNS)
web and proxy
mail
file transfer protocol (FTP)
firewall
implement cryptographic techniques
monitor the server for security breaches.
Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.
To complete the unit requirements safely and effectively, the individual must:
explain auditing and penetration testing techniques
summarise best practice procedures for implementing backup and restore
outline cryptographic techniques
clarify the procedures for error and event logging and reporting
explain intrusion detection and recovery procedures
outline network service configuration, including:
DNS
dynamic host configuration protocol (DHCP)
web
mail
FTP
server messages block (SMB)
network time protocol (NTP)
proxy
summarise network service security features, options and limitations
outline network service vulnerabilities
summarise operating system help and support utilities
describe planning, configuration, monitoring and troubleshooting techniques
outline security protection mechanisms
summarise security threats and risks
explain server firewall configuration
explain server monitoring and troubleshooting tools and techniques, including network monitoring and diagnostic utilities
summarise user authentication and directory services.
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the networking industry, and include access to:
a site where server installation may be conducted
relevant server specifications
cabling
networked (LAN) computers
server diagnostic software
switch
client requirements
WAN service point of presence
workstations
relevant regulatory documentation that impacts on installation activities.
Assessors must satisfy NVR/AQTF assessor requirements.