Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Plan advanced network server security according to business needs

1.1 Consult with client and key stakeholders to identify security requirements in an advanced network server environment

1.2 Analyse and review existing client security documentation and predict network service vulnerabilities

1.3 Research network authentication and network service configuration options and implications to produce network security solutions

1.4 Ensure features and capabilities of network service security options meet the business needs

1.5 Produce or update server security design documentation to include new solutions

1.6 Obtain sign-off for the security design from the appropriate person

2. Prepare for

Network server security implementation

2.1 Prepare for work in line with site-specific safety requirements and enterprise occupational health and safety (OHS) processes and procedures

2.2 Identify safety hazards and implement risk control measures in consultation with appropriate personnel

2.3 Consult appropriate person to ensure the task is coordinated effectively with others involved at the worksite

2.4 Back up server before implementing configuration changes

3. Configure the advanced network server security according to design

3.1 Configure update services to provide automatic updates to ensure maximum security and reliability

3.2 Configure network authentication, authorisation and accounting services to log and prevent unauthorised access to the server

3.3 Configure basic service security and access control lists to limit access to authorised users, groups or networks

3.4 Implement encryption as required by the design

3.5 Configure advanced network service security options for services and remote access

3.6 Configure the operating system or third-party firewall to filter traffic in line with security requirements

3.7 Ensure security of server logs and log servers are appropriately implemented for system integrity

3.8 Implement backup and recovery methods to enable restoration capability in the event of a disaster

4. Monitor and test network server security

4.1 Test server to assess the effectiveness of network service security according to agreed design plan

4.2 Monitor server logs, network traffic and open ports to detect possible intrusions

4.3 Monitor important files to detect unauthorised modifications

4.4 Investigate and verify alleged violations of server or data security and privacy breaches

4.5 Recover from, report and document security breaches according to security policies and procedures

4.6 Evaluate monitored results and reports to implement and test improvement actions required to maintain the required level of network service security

Skill 

Performance Criteria 

Description 

Reading

1.2, 1.3, 3.6, 4.1, 4.3, 4.5, 4.6

• Recognises and interprets technical enterprise security procedures, policies, specifications, and vendor notifications to determine and confirm job requirements

Writing

1.5, 4.5

• Develops a broad range of material including security reports for a specific audience, using clear and detailed language to convey explicit information, requirements and recommendations

Oral Communication

1.1, 2.2, 2.3, 4.5

• Uses listening and questioning skills to confirm understanding for requirements
• Articulates clearly, using specific and relevant language suitable to audience, and participates in verbal exchanges of ideas and solutions

Interact with others

1.6

• Actively identifies the requirements of important communication exchanges, selecting appropriate channels, format, tone and content to suit purpose and audience

Navigate the world of work

2.1

• Keeps up to date on changes to legislation or regulations relevant to own rights and responsibilities, and considers implications of these when planning, negotiating and undertaking work

Get the work done

1.2, 1.4, 2.2, 2.4, 3.1-3.8, 4.1, 4.2, 4.4-4.6

• Considers the strategic and operational potential of digital trends to achieve work goals, enhance work processes, create opportunities and enhance or reduce risks
• Uses a broad range of strategies to store, access and organise virtual information, recognising that design choices will influence what information is retrieved and how it may be interpreted and used
• Is acutely aware of the importance of understanding, monitoring and controlling access to digitally stored and transmitted information
• May operate from a broad conceptual plan, developing the operational detail in stages, regularly reviewing priorities and performance during implementation, and identifying and addressing issues
• Uses nuanced understanding of context to detect, investigate and recover from security breaches

Code and title 

current version 

Code and title 

previous version 

Comments 

Equivalence status 

ICTNWK602 Plan, configure and test advanced server-based security

ICANWK602A Plan, configure and test advanced server-based security

Updated to meet Standards for Training Packages.

Equivalent unit

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.