NTISthis.com

Evidence Guide: ICTCYS612 - Design and implement virtualised cyber security infrastructure for organisations

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTCYS612 - Design and implement virtualised cyber security infrastructure for organisations

What evidence can you provide to prove your understanding of each of the following citeria?

Prepare to design infrastructure

  1. Analyse organisation’s operations to determine cyber security needs
  2. Research and identify industry standard network security options and security technologies
  3. Determine data types, security levels, mission-critical network servers and secure boundary requirements
Analyse organisation’s operations to determine cyber security needs

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research and identify industry standard network security options and security technologies

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine data types, security levels, mission-critical network servers and secure boundary requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Design and plan infrastructure

  1. Design and document infrastructure requirements according to organisational requirements
  2. Determine and document implementation plan and timeframes
  3. Obtain tools, network access and data according to organisational requirements
  4. Plan and document network security monitoring strategy according to organisational requirements
  5. Distribute documentation to required personnel and seek and respond to feedback
Design and document infrastructure requirements according to organisational requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine and document implementation plan and timeframes

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Obtain tools, network access and data according to organisational requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Plan and document network security monitoring strategy according to organisational requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Distribute documentation to required personnel and seek and respond to feedback

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement infrastructure

  1. Establish and create network boundaries according to infrastructure plan requirements
  2. Implement network and server technologies according to infrastructure plan requirements
  3. Implement user security technologies according to infrastructure plan requirements
  4. Set security levels and user access according to organisational requirements
  5. Establish network security monitoring strategy according to plan requirements
  6. Test deployment of security infrastructure and its components according to technical specifications and infrastructure plan requirements
  7. Obtain and analyse test results, logs and user feedback
  8. Adjust implemented technologies according to organisational requirements and user feedback
Establish and create network boundaries according to infrastructure plan requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement network and server technologies according to infrastructure plan requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement user security technologies according to infrastructure plan requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Set security levels and user access according to organisational requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Establish network security monitoring strategy according to plan requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Test deployment of security infrastructure and its components according to technical specifications and infrastructure plan requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Obtain and analyse test results, logs and user feedback

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Adjust implemented technologies according to organisational requirements and user feedback

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Required Skills and Knowledge

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

design and implement cyber security infrastructure and review results against organisational needs on at least two different occasions.

In the course of the above, the candidate must:

identify an organisation’s vulnerabilities, cyber security needs and data protection requirements

document findings, plan and processes.

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

features and implementation methodologies of cyber security

cyber security infrastructure features including:

application security

business continuity planning

disaster recovery planning

operational security (OPSEC)

threat vectors

organisational business processes and applicable cyber security requirements design and implementation

organisational procedures applicable to designing and implementing cybersecurity infrastructure, including:

documenting established requirements, risks and work performed

establishing requirements and features of cyber security infrastructure

establishing maintenance and alert processes

testing methods and procedures

security risks, and tolerance of risk in an organisation

industry standard cyber security providers

industry standards and regulations applicable to implementing cyber security infrastructure in an organisation

organisation, infrastructure and cyber security requirements.