NTISthis.com

Evidence Guide: ICTNWK503 - Install and maintain valid authentication processes

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTNWK503 - Install and maintain valid authentication processes

What evidence can you provide to prove your understanding of each of the following citeria?

Determine authentication requirements

  1. Determine user and enterprise security requirements with reference to enterprise security plan
  2. Identify and analyse authentication options according to user and enterprise requirements
  3. Select the most appropriate authentication and authorisation processes
Determine user and enterprise security requirements with reference to enterprise security plan

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Identify and analyse authentication options according to user and enterprise requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Select the most appropriate authentication and authorisation processes

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Configure authentication software or tools

  1. Create an authentication realm and reuse as required to protect different areas of server
  2. Add users and authorisation rules to new realm according to business needs
  3. Describe user attributes and user attribute set-up
  4. Set up an authentication filter and authorisation parameters on the appropriate server according to business requirements
Create an authentication realm and reuse as required to protect different areas of server

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Add users and authorisation rules to new realm according to business needs

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Describe user attributes and user attribute set-up

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Set up an authentication filter and authorisation parameters on the appropriate server according to business requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Apply authentication methods

  1. Develop or obtain authentication protocols as required
  2. Develop and distribute related methods to users according to business need
  3. Brief user on authentication system and their responsibilities according to enterprise security plan
  4. Apply authentication system to network and user according to system product requirements
  5. Record and store permission and configuration information in a secure central location
Develop or obtain authentication protocols as required

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Develop and distribute related methods to users according to business need

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Brief user on authentication system and their responsibilities according to enterprise security plan

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Apply authentication system to network and user according to system product requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Record and store permission and configuration information in a secure central location

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Monitor authentication system

  1. Review the authentication system according to user and enterprise security and quality of service requirements
  2. Ensure ongoing security monitoring, using incident management and reporting processes, according to enterprise security plan
  3. Adjust authentication system if required
Review the authentication system according to user and enterprise security and quality of service requirements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Ensure ongoing security monitoring, using incident management and reporting processes, according to enterprise security plan

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Adjust authentication system if required

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Determine authentication requirements

1.1 Determine user and enterprise security requirements with reference to enterprise security plan

1.2 Identify and analyse authentication options according to user and enterprise requirements

1.3 Select the most appropriate authentication and authorisation processes

2. Configure authentication software or tools

2.1 Create an authentication realm and reuse as required to protect different areas of server

2.2 Add users and authorisation rules to new realm according to business needs

2.3 Describe user attributes and user attribute set-up

2.4 Set up an authentication filter and authorisation parameters on the appropriate server according to business requirements

3. Apply authentication methods

3.1 Develop or obtain authentication protocols as required

3.2 Develop and distribute related methods to users according to business need

3.3 Brief user on authentication system and their responsibilities according to enterprise security plan

3.4 Apply authentication system to network and user according to system product requirements

3.5 Record and store permission and configuration information in a secure central location

4. Monitor authentication system

4.1 Review the authentication system according to user and enterprise security and quality of service requirements

4.2 Ensure ongoing security monitoring, using incident management and reporting processes, according to enterprise security plan

4.3 Adjust authentication system if required

Required Skills and Knowledge

ELEMENT

PERFORMANCE CRITERIA

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Determine authentication requirements

1.1 Determine user and enterprise security requirements with reference to enterprise security plan

1.2 Identify and analyse authentication options according to user and enterprise requirements

1.3 Select the most appropriate authentication and authorisation processes

2. Configure authentication software or tools

2.1 Create an authentication realm and reuse as required to protect different areas of server

2.2 Add users and authorisation rules to new realm according to business needs

2.3 Describe user attributes and user attribute set-up

2.4 Set up an authentication filter and authorisation parameters on the appropriate server according to business requirements

3. Apply authentication methods

3.1 Develop or obtain authentication protocols as required

3.2 Develop and distribute related methods to users according to business need

3.3 Brief user on authentication system and their responsibilities according to enterprise security plan

3.4 Apply authentication system to network and user according to system product requirements

3.5 Record and store permission and configuration information in a secure central location

4. Monitor authentication system

4.1 Review the authentication system according to user and enterprise security and quality of service requirements

4.2 Ensure ongoing security monitoring, using incident management and reporting processes, according to enterprise security plan

4.3 Adjust authentication system if required

Evidence of the ability to:

design and deploy authentications solutions to the business technology environment and business needs

configure authentication software or tools

monitor and test authentication process after implementation

ensure authentication solutions are current.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

To complete the unit requirements safely and effectively, the individual must:

summarise the problems and challenges dealing with organisational authentication issues, including resource accounting through authentication

discuss common virtual private network (VPN) issues, including:

quality of service (QoS) considerations

bandwidth

dynamic security environment

function and operation of VPN concepts

outline authentication adaptors

summarise biometric authentication adaptors

summarise digital certificates, such as VeriSign, X.509, and SSL

explain the function and operation of authentication controls including:

passwords

personal identification numbers (PINs)

smart cards

biometric devices

other authentication protocols

outline network authentication services, such as Kerberos and NT LAN Manager (NTLM)

summarise the features of common password protocols, such as:

challenge handshake authentication protocol (CHAP)

challenge phrases

password authentication protocol (PAP)

remote authentication dial-in user service (RADIUS) authentication

describe the principles of security tokens.