NTISthis.com

Evidence Guide: ICTTEN8195A - Evaluate and apply network security

Student: __________________________________________________

Signature: _________________________________________________

Tips for gathering evidence to demonstrate your skills

The important thing to remember when gathering evidence is that the more evidence the better - that is, the more evidence you gather to demonstrate your skills, the more confident an assessor can be that you have learned the skills not just at one point in time, but are continuing to apply and develop those skills (as opposed to just learning for the test!). Furthermore, one piece of evidence that you collect will not usualy demonstrate all the required criteria for a unit of competency, whereas multiple overlapping pieces of evidence will usually do the trick!

From the Wiki University

 

ICTTEN8195A - Evaluate and apply network security

What evidence can you provide to prove your understanding of each of the following citeria?

Analyse the operation of the Internet

  1. Evaluate the interrelationship of IP to open systems interconnect (OSI) seven layer model and the impact on network topologies and network elements
  2. Assess media access control (MAC) and IP addressing and their application in security
  3. Report on transmission control protocol/internet protocol (TCP/IP) operations and the use of transport protocols for transmitting data over the network
  4. Examine the various types of routing protocols and implication on security
  5. Analyse forms of label switching as applied to data packets
  6. Use software to simulate the least cost algorithms
Evaluate the interrelationship of IP to open systems interconnect (OSI) seven layer model and the impact on network topologies and network elements

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assess media access control (MAC) and IP addressing and their application in security

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Report on transmission control protocol/internet protocol (TCP/IP) operations and the use of transport protocols for transmitting data over the network

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Examine the various types of routing protocols and implication on security

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse forms of label switching as applied to data packets

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Use software to simulate the least cost algorithms

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse internetwork protocols

  1. Compare connection-oriented and connection-less networks in internetworking applications
  2. Research the design parameters used in networks
  3. Produce a report on IP multi-casting protocols and systems including IP frame fields of the data frames
Compare connection-oriented and connection-less networks in internetworking applications

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research the design parameters used in networks

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on IP multi-casting protocols and systems including IP frame fields of the data frames

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research and report internetwork operations

  1. Analyse protocol considerations of voice over internet protocol (VoIP)
  2. Research the protocols G723.1, G729 and G729A standards and evaluate their application in internetworking
  3. Determine the format of JPEG and GIF files as applied to still pictures
  4. Determine the format of MPEG-2 and H.32x series multimedia protocols for motion pictures
  5. Evaluate the features of different of multi-service protocols and of different email system protocols in networking operations
  6. Produce a report on the features the different web-based protocols used in internetworking operations
Analyse protocol considerations of voice over internet protocol (VoIP)

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research the protocols G723.1, G729 and G729A standards and evaluate their application in internetworking

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine the format of JPEG and GIF files as applied to still pictures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Determine the format of MPEG-2 and H.32x series multimedia protocols for motion pictures

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Evaluate the features of different of multi-service protocols and of different email system protocols in networking operations

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on the features the different web-based protocols used in internetworking operations

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse features and types of network security

  1. Analyse procedures and processes used for security attacks and use of protection mechanisms
  2. Research conventional encryption algorithms and determine possible locations of encryption devices
  3. Produce a report on conventional encryption key distribution problems and how message authentication and verification is achieved
  4. Research one-way hashing and secure hashing functions
  5. Produce a report on digital signature standard (DSS) principles including public key cryptography algorithms for network security
Analyse procedures and processes used for security attacks and use of protection mechanisms

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research conventional encryption algorithms and determine possible locations of encryption devices

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on conventional encryption key distribution problems and how message authentication and verification is achieved

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research one-way hashing and secure hashing functions

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on digital signature standard (DSS) principles including public key cryptography algorithms for network security

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research features of public key authentication and email network security protocols

  1. Research public key authentication using Kerberos
  2. Analyse how electronic mail security is achieved using pretty good privacy (PGP)
  3. Research and report on IPSec protocol security
  4. Produce a report on encapsulating security payload (ESP) including Internet key management processes
Research public key authentication using Kerberos

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Analyse how electronic mail security is achieved using pretty good privacy (PGP)

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research and report on IPSec protocol security

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on encapsulating security payload (ESP) including Internet key management processes

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research features of web, network management and system security

  1. Analyse how web threats and attacks occur in an IP network and determine system intruders and threats
  2. Research the operation of transaction protocols
  3. Evaluate the processes used for selection and protection of system passwords
  4. Evaluate system threats and methods used to counter act the threats
  5. Produce a report on anti-virus protection strategies, including firewall design principles, types and configurations
Analyse how web threats and attacks occur in an IP network and determine system intruders and threats

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Research the operation of transaction protocols

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Evaluate the processes used for selection and protection of system passwords

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Evaluate system threats and methods used to counter act the threats

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Produce a report on anti-virus protection strategies, including firewall design principles, types and configurations

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Document evaluation report

  1. Present a final report to include research and evaluation of network security management principles and the application to the network in the workplace with enhancement recommendations
Present a final report to include research and evaluation of network security management principles and the application to the network in the workplace with enhancement recommendations

Completed
Date:

Teacher:		 Evidence:

 

 

 

 

 

 

 

Assessed

Teacher: ___________________________________ Date: _________

Signature: ________________________________________________

Comments:

 

 

 

 

 

 

 

 

Instructions to Assessors

Evidence Guide

The evidence guide provides advice on assessment and must be read in conjunction with the performance criteria, required skills and knowledge, range statement and the Assessment Guidelines for the Training Package.

Overview of assessment

Critical aspects for assessment and evidence required to demonstrate competency in this unit

Evidence of the ability to:

analyse the operation of the Internet

implement Internet technology

select Internetwork protocols

research and report various internetwork operations

analyse features and types of network security methods and their weaknesses

analyse features of various cryptography systems

research and report the features of public key authentication and email network security protocols

research and report the features of web, network management and system security.

Context of and specific resources for assessment

Assessment must ensure:

a telecommunications operations site with a mentor or supervisor appropriately experienced in relevant telecommunications technology and infrastructure

networked computers and relevant software.

Method of assessment

A range of assessment methods should be used to assess practical skills and knowledge. The following examples are appropriate for this unit:

oral or written questioning to assess required knowledge

direct observation of the candidate carrying out relevant security checks within a networked communication system

review of reports completed by the candidate for different security breached scenarios.

Guidance information for assessment

Holistic assessment with other units relevant to the industry sector, workplaces and job role is recommended, for example:

ICTPMG8143A Manage a telecommunications project

ICTPMG8149A Evaluate and use telecommunications management networks.

Aboriginal people and other people from a non-English speaking background may have second language issues.

Access must be provided to appropriate learning and assessment support when required.

Assessment processes and techniques must be culturally appropriate, and appropriate to the oral communication skill level, and language and literacy capacity of the candidate and the work being performed.

In all cases where practical assessment is used it will be combined with targeted questioning to assess required knowledge. Questioning techniques should not require language, literacy and numeracy skills beyond those required in this unit of competency.

Where applicable, physical resources should include equipment modified for people with special needs.

Required Skills and Knowledge

Required skills

analytical skills to evaluate a range of complex technical data

communication skills to work effectively within a group and present information

information technology skills to use:

software for desktop research

statistical data

word processing software

literacy skills to prepare reports given a specific format and read and interpret technical standards

planning and organisational skills to manage own work in specific time frames

research skills to gather and record data from measurements

technical skills to:

operate test equipment

use telecommunications management networks

Required knowledge

administrative network management systems

algorithms

cryptography

encapsulation

encryption

enterprise solutions

firewalls

network topologies

operations network management systems

organisational policy and procedures

protocols

routing theory

system threats

transaction protocols

workplace and industry environment

Range Statement

The range statement relates to the unit of competency as a whole. It allows for different work environments and situations that may affect performance. Bold italicised wording, if used in the performance criteria, is detailed below. Essential operating conditions that may be present with training and assessment (depending on the work situation, needs of the candidate, accessibility of the item, and local industry and regional contexts) may also be included.

Network elements may include:

bridges

gateways

routers

servers

switches.

Transport protocols may include:

Ethernet

point-to-point protocol (PPP)

synchronous data link control (SDLC)

synchronous optical network (SONET).

Routing protocols may include:

adaptive

enhanced interior gateway routing protocol (EIGRP)

fixed

flooding

interior gateway routing protocol (IGRP)

open shortest path first (OSPF)

random

routing information protocol (RIP).

Label switching may include:

cell switching routers (CSR)

IP

tag.

Least cost algorithms may include:

Bellman-Ford's

Dijkstra's.

Design parameters may include:

datagram lifetime

error and flow control techniques

fragmentation

reassembly

routing.

Frame fields may include:

datagram format

internet control message protocol (ICMP)

IPv6 header and addressing

protocol data unit (PDU).

Multi-service protocols

may include:

border gateway protocol (BGP)

OSPF

resource reservation protocol (RSVP)

real time control protocol (RTCP)

real time protocol (RTP).

Email system protocols

may include:

data transparency:

ASCII

binary

EBCDIC

radix64 coding

Unicode

multipurpose mail extensions (MIME)

simple mail transfer protocol (SMTP).

Web-based protocols may include:

common gateway interface (CGI)

file transfer protocol (FTP)

hyper-text mark-up language protocol (HTML)

hyper-text transfer protocol (HTTP)

Java applets and application programmers interface (API).

Encryption algorithms may include:

Blowfish

Data Encryption Standard (DES)

Feistel Cipher

International Data Encryption Algorithm (IDEA).

Hashing functions may include:

hash message authentication checksum (HMAC)

Secure HAsh (SHA-1).

Public key cryptography algorithms may include:

Dieffie-Hellman key exchange

Rivest Shamir Adleman (RSA).

IPSec may include:

authentication header

internet protocol (IP) security

transport and tunnel modes of operation.

Key management processes may include:

internet security association and key management protocol (ISAKMP)

Oakley key determination protocol (OKDP).

Transaction protocols may include:

secure electronic transaction (SECT)

simple network management protocol (SNMP)

SNMPv1 (community facility and proxies)

SNMPv3 (message processing and the user security model)

secure socket layer (SSL).

System threats may include:

logic bombs

trap doors

Trojans

viruses

worms.