NTISthis.com

Evidence Guide: ICTNWK406 - Install, configure and test network security

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTNWK406 - Install, configure and test network security

What evidence can you provide to prove your understanding of each of the following citeria?

Assess network security threats and vulnerabilities to identify risk

  1. Assess and report on current system security, according to required asset security level
  2. Determine additional network, software, hardware and system security threats and vulnerabilities
  3. Use identified threats and vulnerability information to identify security risks
  4. Make recommendations to management to address security deficiencies, according to current and future commercial and business requirements
Assess and report on current system security, according to required asset security level

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine additional network, software, hardware and system security threats and vulnerabilities

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Use identified threats and vulnerability information to identify security risks

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Make recommendations to management to address security deficiencies, according to current and future commercial and business requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement countermeasures for identified vulnerabilities and threats

  1. Implement required level of perimeter security based on current and future business needs
  2. Assess and implement best practice server and network hardening techniques and measures
  3. Implement secure authentication and user account controls
  4. Secure data integrity and transmission
Implement required level of perimeter security based on current and future business needs

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assess and implement best practice server and network hardening techniques and measures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Implement secure authentication and user account controls

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Secure data integrity and transmission

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Test and verify functionality and performance of security system implemented

  1. Design test items to verify key function and performance measures against criteria
  2. Conduct function and performance tests recording results
  3. Modify and debug security system as necessary
  4. Develop documentation on current system settings and file for future reference
Design test items to verify key function and performance measures against criteria

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Conduct function and performance tests recording results

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Modify and debug security system as necessary

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Develop documentation on current system settings and file for future reference

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Provide systems for monitoring and maintaining security

  1. Monitor current network security, including physical aspects, using appropriate third party testing software where applicable
  2. Review logs and audit reports to identify and record security incidents, intrusions or attempts
  3. Carry out spot checks and audits to ensure that procedures are not being bypassed
  4. Document newly discovered security threats, vulnerabilities and risks in a report for presentation to appropriate person to gain approval for changes to be made
Monitor current network security, including physical aspects, using appropriate third party testing software where applicable

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Review logs and audit reports to identify and record security incidents, intrusions or attempts

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Carry out spot checks and audits to ensure that procedures are not being bypassed

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Document newly discovered security threats, vulnerabilities and risks in a report for presentation to appropriate person to gain approval for changes to be made

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Assess network security threats and vulnerabilities to identify risk

1.1 Assess and report on current system security, according to required asset security level

1.2 Determine additional network, software, hardware and system security threats and vulnerabilities

1.3 Use identified threats and vulnerability information to identify security risks

1.4 Make recommendations to management to address security deficiencies, according to current and future commercial and business requirements

2. Implement countermeasures for identified vulnerabilities and threats

2.1 Implement required level of perimeter security based on current and future business needs

2.2 Assess and implement best practice server and network hardening techniques and measures

2.3 Implement secure authentication and user account controls

2.4 Secure data integrity and transmission

3. Test and verify functionality and performance of security system implemented

3.1 Design test items to verify key function and performance measures against criteria

3.2 Conduct function and performance tests recording results

3.3 Modify and debug security system as necessary

3.4 Develop documentation on current system settings and file for future reference

4. Provide systems for monitoring and maintaining security

4.1 Monitor current network security, including physical aspects, using appropriate third party testing software where applicable

4.2 Review logs and audit reports to identify and record security incidents, intrusions or attempts

4.3 Carry out spot checks and audits to ensure that procedures are not being bypassed

4.4 Document newly discovered security threats, vulnerabilities and risks in a report for presentation to appropriate person to gain approval for changes to be made

Required Skills and Knowledge

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Assess network security threats and vulnerabilities to identify risk

1.1 Assess and report on current system security, according to required asset security level

1.2 Determine additional network, software, hardware and system security threats and vulnerabilities

1.3 Use identified threats and vulnerability information to identify security risks

1.4 Make recommendations to management to address security deficiencies, according to current and future commercial and business requirements

2. Implement countermeasures for identified vulnerabilities and threats

2.1 Implement required level of perimeter security based on current and future business needs

2.2 Assess and implement best practice server and network hardening techniques and measures

2.3 Implement secure authentication and user account controls

2.4 Secure data integrity and transmission

3. Test and verify functionality and performance of security system implemented

3.1 Design test items to verify key function and performance measures against criteria

3.2 Conduct function and performance tests recording results

3.3 Modify and debug security system as necessary

3.4 Develop documentation on current system settings and file for future reference

4. Provide systems for monitoring and maintaining security

4.1 Monitor current network security, including physical aspects, using appropriate third party testing software where applicable

4.2 Review logs and audit reports to identify and record security incidents, intrusions or attempts

4.3 Carry out spot checks and audits to ensure that procedures are not being bypassed

4.4 Document newly discovered security threats, vulnerabilities and risks in a report for presentation to appropriate person to gain approval for changes to be made

Evidence of the ability to:

assess and identify security threats, vulnerabilities and risks

determine appropriate countermeasure for threat, vulnerability or risk

implement countermeasure per threat or risk

install, configure and test network elements to ensure perimeter security

test and verify function and performance of selected security measures

monitor network for suspicious activity and take appropriate action where necessary

document newly discovered threats, vulnerabilities and risks, including change recommendations for approval.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

outline authentication issues

summarise the security requirements of the client business domain, including:

organisation structure and business functionality

features and capabilities of networking technologies

privacy issues and privacy legislation

security information sources

risk analysis

outline common virtual private network (VPN) issues, including bandwidth and dynamic security environment

explain how to configure routers and switches

summarise current industry accepted hardware and software security products, including general features and capabilities

outline the function and operation of VPN concepts, including encryption, firewalls, packet tunnelling and authentication

outline network protocols and operating systems

summarise organisational issues surrounding security

outline security perimeters and their functions

describe security protocols, standards and data encryption

summarise security threats, including eavesdropping, data interception, data corruption and data falsification

outline types of VPNs, including site-to-site and user-to-site internet traffic and extranets

summarise the systems and procedures related to:

audit and intrusion detection systems

auditing and penetration testing techniques

cryptography

local area network (LAN), wireless local area network (WLAN) and wide area network (WAN)

screened subnets

transmission control protocols or internet protocols (TCPs/IPs) and applications

use of virus detection software.