The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Assess network security threats and vulnerabilities
|
|
Review current system security against organisational asset security requirements to identify security threats and vulnerabilities Completed |
Evidence:
|
Analyse network, software, hardware and system security threats and vulnerabilities to prioritise deficiencies to be addressed Completed |
Evidence:
|
Make recommendations to management to address security deficiencies according to organisational asset security requirements Completed |
Evidence:
|
Implement countermeasures for identified threats and vulnerabilities
|
|
Implement required level of perimeter security to meet organisational asset security requirements and according to identified threats and vulnerabilities Completed |
Evidence:
|
Assess and implement server and network hardening techniques and measures Completed |
Evidence:
|
Implement secure authentication and user account controls to secure data integrity and transmission Completed |
Evidence:
|
Test and verify functionality and performance of countermeasures implemented
|
|
Design function and performance test items to verify key functions and performance of countermeasures Completed |
Evidence:
|
Conduct function and performance tests to modify and debug countermeasures Completed |
Evidence:
|
Develop documentation on the current system settings and file according to organisational guidelines Completed |
Evidence:
|
Maintain and improve network security
|
|
Review logs and audit reports to identify and record security incidents, intrusions and attempts Completed |
Evidence:
|
Carry out spot checks and audits to ensure that procedures are not being bypassed Completed |
Evidence:
|
Document newly discovered security threats vulnerabilities and recommendations in a report for presentation to superior to gain approval recommendations to be implemented Completed |
Evidence:
|