ICTCYS401 - Design and implement network security infrastructure for an organisation

ICTCYS401
Design and implement network security infrastructure for an organisation

Application

This unit describes the skills and knowledge required to set up network security infrastructure scalable to a medium to large organisation.

It applies to individuals who work as networking engineers and cloud engineers and specialise in cyber security in an Information and Communications Technology (ICT) and digital team environment.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Elements and Performance Criteria

ELEMENT	PERFORMANCE CRITERIA
Elements describe the essential outcomes.	Performance criteria describe the performance needed to demonstrate achievement of the element.
1. Prepare to design and implement network security infrastructure	1.1 Obtain work details and scope from required personnel and arrange for site access in compliance with required security arrangements, legislation, codes, regulations and standards 1.2 Establish security threats impacting organisation with required personnel and assess its likelihood 1.3 Confirm and document established requirements and risks according to organisational procedures
2. Design network security infrastructure	2.1 Establish requirements and features of network security infrastructure 2.2 Identify and evaluate a range of industry standard network security providers 2.3 Discuss and confirm selected network security provider with required personnel according to infrastructure requirements
3. Implement network security infrastructure	3.1 Establish and create secure network boundaries 3.2 Implement server, application and user security technologies according to network security requirements 3.3 Confirm required levels of user access throughout organisation 3.4 Establish maintenance and alert processes for risk and security threats according to organisational procedures
4. Finalise and monitor network security infrastructure	4.1 Test deployment of network security infrastructure and its components according to organisational testing procedures 4.2 Gather and review test results and logs and adjust accordingly 4.3 Confirm completion of requirements with required personnel 4.4 Document work performed and results according to organisational procedures 4.5 Conduct routine reviews of network security infrastructure according to organisational procedures

Evidence of Performance

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

design and implement a network security infrastructure according to organisational requirements.

In the course of the above, the candidate must:

identify at least three security risks and at least three threats impacting business

identify and evaluate the advantages and disadvantages of at least two industry standard network security providers suitable to infrastructure being designed and implemented.

Evidence of Knowledge

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

network infrastructure features, including:

connectivity

routing and switching capabilities

network security

access control

organisational business processes and applicable organisational, infrastructure, network and security requirements in each area

organisational procedures applicable to designing and implementing network security infrastructure, including:

documenting established requirements, risks and work performed

establishing requirements and features of network security infrastructure

establishing maintenance and alert processes

conducting routine reviews of network security infrastructure

testing methods and procedures

security risks, and tolerance of risk in an organisation

industry standard network security providers

industry standards and regulations applicable to implementing network security infrastructure in an organisation.

Assessment Conditions

Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

This includes access to:

required hardware, software and its components

organisational procedures and policies applicable to network security infrastructure

required network security providers and solutions

site server

application and user security technologies.

Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.

Foundation Skills

This section describes those language, literacy, numeracy and employment skills that are essential to performance but not explicit in the performance criteria.

SKILL	DESCRIPTION
Learning	Identifies and gathers information applicable to business, infrastructure and network
Reading	Selects and applies network infrastructure features and procedures suited to job requirements and system design from range of routine texts
Writing	Uses required and industry specific terminology in documenting research findings and network security policies
Technology	Uses required technological tools and software in designing and implementing network security infrastructure Applies skills in systems administration, network security, applications and programming

Sectors

Cyber security