|
The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included. |
Business requirements may include but is not limited to: | people and technology interactionstorage and recovery of dataaccess to internal networkpasswords/logonsaccess control listsfirewallsblack-hat hacking/crackingconfidentialityintegrityavailabilitythe perceived value of information to competitors and the malicious nature of internet crackersan increase in internet usage |
Client may include but is not limited to: | internal departmentsexternal organisationsindividual peopleinternal employees |
Securitythreats may include: | eavesdroppingmanipulationimpersonationpenetrationdenial of service and by-passhackersviruses using loggingspoofingassociations |
Firewall may include: | hardware appliancesproxy serversindividual PC solutionvarying functionality including network address translation (NAT)/IP masquerading, routing to specific machines |
System may include but is not limited to: | databasesapplicationsserversoperating systemsgatewaysapplication service providerISP |
Security plan may include: | theftvirusesstandards (including archival, back-up, network)privacyauditsalertsusually relates directly to the security objectives of the organisation |
Secureelectroniccommunicationinfrastructure (SECI) may include: | strong authenticationWPAAAAstrong encryptionremote access integrationsecure tunnellingIP routingfirewallsscalabilityredundancy |
Network may include but is not limited to: | large and small LANsWLANsnational WANsVPNsthe internetthe use of the PSTN for dial-up modems onlyDSL connectionsprivate linesdatavoice |
Hardware may include but is not limited to: | workstationspersonal computersmodems and other connectivity devicesnetworksremote sitesserversDSL modems |
Software may include but is not limited to: | commercial software applicationsorganisation-specific software, packaged software, in-house or customised software |
Policies may include: | incident response proceduresnetwork intrusion detection systemsforensic procedurestrainingawareness raising policy |
Server may include: | Application/web serversBEA Weblogic serversIBM VisualAge and WebSphereNovell NDS serversEmail serversVoice serversFile and print serversFTP serversFirewall serversProxy/cache servers |
| May include but are not limited to commercial software applications; organisation-specific software; word processing, spreadsheet, database, graphic, communication packages and presentation functionalities.May include presentation applications contained in Microsoft Office, Lotus Suite, Claris Works, Star Office or other similar applications. |
Security perimeter | physical security perimetersystem security perimeterwireless security perimeterapplication security perimeterdata and voice security perimeter |