Application
This unit describes the skills and knowledge required to install, configure and test network security in an organisational environment.
It applies to individuals who are involved in the installation, configuration, and testing of network security for networks of any size in job roles including network administrator, penetration tester, and security consultant.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Elements and Performance Criteria
ELEMENT | PERFORMANCE CRITERIA |
Elements describe the essential outcomes. | Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Assess network security threats and vulnerabilities | 1.1 Review current system security against organisational asset security requirements to identify security threats and vulnerabilities 1.2 Analyse network, software, hardware and system security threats and vulnerabilities to prioritise deficiencies to be addressed 1.3 Make recommendations to management to address security deficiencies according to organisational asset security requirements |
2. Implement countermeasures for identified threats and vulnerabilities | 2.1 Implement required level of perimeter security to meet organisational asset security requirements and according to identified threats and vulnerabilities 2.2 Assess and implement server and network hardening techniques and measures 2.3 Implement secure authentication and user account controls to secure data integrity and transmission |
3. Test and verify functionality and performance of countermeasures implemented | 3.1 Design function and performance test items to verify key functions and performance of countermeasures 3.2 Conduct function and performance tests to modify and debug countermeasures 3.3 Develop documentation on the current system settings and file according to organisational guidelines |
4. Maintain and improve network security | 4.1 Review logs and audit reports to identify and record security incidents, intrusions and attempts 4.2 Carry out spot checks and audits to ensure that procedures are not being bypassed 4.3 Document newly discovered security threats vulnerabilities and recommendations in a report for presentation to superior to gain approval recommendations to be implemented |
Foundation Skills
This section describes those language, literacy, numeracy and employment skills that are essential to performance but not explicit in the performance criteria.
Skill | Description |
Reading | Recognises and interprets textual information to determine specific information about security incidents |
Writing | Accurately records test results and develops material for a specific audience, using clear and detailed language in order to convey explicit information |
Oral Communication | Articulates information clearly, using specific and relevant language suitable to audience to convey recommendations and provide verbal reports Uses listening and questioning techniques to confirm understanding |
Numeracy | Extracts and evaluates the mathematical information embedded in tasks and texts |
Get the work done | Determines job priorities, resources and equipment, and works logically and systematically to undertake clearly defined and familiar tasks Understands the purposes, specific functions and key features of common digital systems and tools, and operates them effectively to complete routine tasks Recognises and responds to predictable routine problems related to own role in the immediate work context, including detecting intrusion and debugging the system when required |
Sectors
Networking