The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!
From the Wiki University
What evidence can you provide to prove your understanding of each of the following citeria?
Prepare to run vulnerability assessment
|
|
Obtain work details and scope from required personnel and arrange for site access in compliance with required security arrangements, legislation, codes, regulations and standards Completed |
Evidence:
|
Discuss and evaluate scanning tools and select according to vulnerability assessment requirements Completed |
Evidence:
|
Establish testing regime and schedule, and documentation requirements according to organisational needs Completed |
Evidence:
|
Run vulnerability assessment and penetration test
|
|
Perform vulnerability assessment according to organisational procedures Completed |
Evidence:
|
Identify and document vulnerabilities arising from vulnerability assessment according to organisational procedures Completed |
Evidence:
|
Run a simple penetration test according to organisational procedures Completed |
Evidence:
|
Identify and document potential threats arising from penetration test according to organisational procedures Completed |
Evidence:
|
Contribute and develop ideas in addressing vulnerabilities Completed |
Evidence:
|
Finalise vulnerability assessment process
|
|
Discuss vulnerabilities identified in vulnerability assessment and penetration testing with required personnel Completed |
Evidence:
|
Contribute ideas with required personnel and remediate vulnerabilities identified according to organisational procedures Completed |
Evidence:
|
Escalate unresolved vulnerabilities to required personnel Completed |
Evidence:
|
Document identified vulnerabilities and work performed according to organisational procedures Completed |
Evidence:
|
Report to management and confirm vulnerability assessment with required personnel Completed |
Evidence:
|