Application
This unit describes the skills and knowledge required to implement the device security configuration on WAN links and DMZs for a medium to large size organisation.
It applies to those who work in senior cyber security roles including, senior network and senior server administrators, network engineers and security architects, and are responsible for the configuration and implementation of security for required devices.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Elements and Performance Criteria
1. Prepare configuration of security devices | 1.1 Conduct a needs analysis and determine organisation’s needs to configure security devices 1.2 Determine devices required for configuration according to organisational requirements 1.3 Determine network and system security requirements 1.4 Obtain and review manufacturing and technical requirements for devices 1.5 Research and document device risk threats and vulnerabilities according to organisational requirements |
2. Design configuration plan | 2.1 Develop and document configuration plan according to organisational requirements 2.2 Submit plan to required personnel and seek and respond to feedback 2.3 Finalise plan and communicate to required personnel in preparation for configuration |
3. Configure security devices | 3.1 Isolate devices according to technical specification and configuration plan 3.2 Configure virtual networks according to specifications and plan 3.3 Configure secure site-to-site connectivity and VPN requirements 3.4 Implement required encryption according to specifications and plan 3.5 Implement a DMZ according to specifications and plan |
4. Test configured devices | 4.1 Test configuration capabilities against requirements 4.2 Conduct penetration test and record outcomes according to organisational requirements 4.3 Document and communicate test findings to required personnel and implement any required configuration changes 4.4 Lodge documentation according to organisational policies and procedures |
Evidence of Performance
The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:
design a security configuration plan and implement device configuration for at least three different security devices.
In the course of the above, the candidate must:
conduct cyber security needs analysis
document processes and outcomes.
Evidence of Knowledge
The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:
procedures for configuring, verifying and troubleshooting security devices
cyber security device configuration methodologies
conducting cyber security needs analysis
configuring security networks required to configure security devices.
Assessment Conditions
Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.
This includes access to:
required hardware, software and components
devices required for configuration
risk appetite of organisation required to configure security devices
organisational operating environments, networks and systems
organisational style guides required for presenting documented processes, procedures and findings.
Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.
Foundation Skills
Reading | Organises, evaluates and critiques ideas and information from a range of complex texts Uses a range of strategies to build and maintain understanding throughout complex texts |
Writing | Prepares complex workplace documentation detailing processes and outcomes using required structure, layout and required language |
Planning and organising | Develops the operational detail in stages, regularly reviewing priorities and performance during strategy development and implementation, and identifies and addresses issues challenges as they arise |
Problem solving | Identifies context to recognise anomalies and subtle deviations to normal expectations, focusing attention and remedying problems as they arise |
Technology | Demonstrates a sophisticated understanding of principles, concepts, language and practices associated with the digital world and uses these to troubleshoot and understand the uses and potential of new technology |
Sectors
Cyber security