The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Evaluate the ways IPS sensors are used to mitigate network attacks
|
|
Evaluate system requirements of the network according to industry standards for inline operations Completed |
Evidence:
|
Compare inline to promiscuous mode sensor operations and evaluate how IPS protects network devices from attacks Completed |
Evidence:
|
Evaluate the evasive techniques used by hackers and determine ways IPS can defeat those techniques in the network Completed |
Evidence:
|
Evaluate the considerations necessary for selection, placement, and deployment of a network IPS, including using features of IPS signature Completed |
Evidence:
|
Select and install IPS sensors and configure essential system parameters
|
|
Install and initialise the sensor for configuration of sensor interfaces, interface pairs, virtual local area network (VLAN) pairs and VLAN groups Completed |
Evidence:
|
Configure management access to the sensor appliance and create user accounts to comply with different user roles Completed |
Evidence:
|
Set up sensor communications with external management and monitoring systems Completed |
Evidence:
|
Manage and monitor sensor operation using built-in tools Completed |
Evidence:
|
Upgrade and maintain IPS sensor parameters and licensing requirements to maintain network integrity Completed |
Evidence:
|
Plan the mitigation of specific network vulnerabilities and exploits Completed |
Evidence:
|
Tune IPS sensor advanced system parameters to optimise attack mitigation performance
|
|
Tune sensor signatures to provide optimal protection of the network Completed |
Evidence:
|
Create custom signatures and a meta signature to meet mitigation performance configurations for given test scenarios while disabling alert production for the component signatures Completed |
Evidence:
|
Configure gateway for passive operating system (OS) fingerprinting Completed |
Evidence:
|
Configure the external product interface to receive and process information from external security and management products to automatically enhance the sensor configuration information Completed |
Evidence:
|
Configure a virtual sensor and anomaly detection Completed |
Evidence:
|
Monitor the IPS advanced features for optimal performance Completed |
Evidence:
|
Manage security and response of the IPS to network attacks
|
|
Monitor IPS events using network tools to determine appropriate response to network attacks Completed |
Evidence:
|
Use network management tools to assess and manage IPS effectiveness against security intrusion Completed |
Evidence:
|