List the assessment methods to be used and the context and resources required for assessment. Copy and paste the relevant sections from the evidence guide below and then re-write these in plain English.
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Plan and design firewall solution | 1.1 Determine level and nature of security needed to meet enterprise requirements 1.2 Identify security threats 1.3 Research available perimeter security options 1.4 Design security perimeter to meet identified enterprise requirements |
2. Configure perimeter to secure network | 2.1 Deploy perimeter devices according to design 2.2 Configure perimeter topology 2.3 Configure basic functionality of devices to allow access 2.4 Configure advanced functions |
3. Plan, design and configure network devices to provide secure fallover and redundancy | 3.1 Back up device configuration 3.2 Design and configure perimeter to enable continuity of service during upgrade of devices 3.3 Design and configure perimeter to enable continuity of service in the event of device failure |
4. Plan, design and configure a VPN solution | 4.1 Configure perimeter for site-to-site virtual private networks (VPNs) 4.2 Configure perimeter as a remote access VPN server 4.3 Configure perimeter to allow VPN tunnel forwarding 4.4 Diagnose and resolve VPN connectivity issues |
5. Test and verify design performance | 5.1 Test functionality of basic features 5.2 Test functionality of advanced features 5.3 Perform penetration testing to verify that the perimeter meets security requirements 5.4 Monitor perimeter device performance 5.5 Monitor security breaches 5.6 Document test results and report to appropriate person |
Evidence of the ability to:
identify threats to perimeter security
develop design for a secure perimeter
deploy perimeter to meet security requirements
design and configure advanced features of perimeter devices to provide additional services
design and configure an integrated VPN solution
conduct exhaustive testing of perimeter.
Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.
To complete the unit requirements safely and effectively, the individual must:
identify and describe emerging security issues and the need for security policies
describe the security perimeter issues related to networks, including:
auditing and penetration testing techniques
capabilities of software and hardware perimeter solutions
logging analysis techniques
organisational network infrastructure
security technologies according to perimeter design
weaknesses of installed perimeter design.
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the network industry, and include access to:
site or prototype where perimeter security may be implemented and managed
perimeter devices
organisational security requirements.
Assessors must satisfy NVR/AQTF assessor requirements.