^

 
 

Unit of competency details

ICTNWK602 - Plan, configure and test advanced server-based security (Release 1)

Summary

Usage recommendation:
Superseded
Mapping:
MappingNotesDate
Supersedes and is equivalent to ICANWK602A - Plan, configure and test advanced server based securityUpdated to meet Standards for Training Packages. 24/Mar/2015
Is superseded by and equivalent to ICTNWK619 - Plan, configure and test advanced server-based security 20/Jul/2020

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 25/Mar/2015


Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 031305 Computer Engineering  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 031305 Computer Engineering  30/Jul/2015 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Unit Of competency

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.

Application

This unit describes the skills and knowledge required to implement advanced server security using secure authentication and network services on a network server.

It applies to individuals working as information and communications technology (ICT) network specialists, ICT network engineers, network security specialists, network security planners and network security designers.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Networking

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Plan advanced network server security according to business needs

1.1 Consult with client and key stakeholders to identify security requirements in an advanced network server environment

1.2 Analyse and review existing client security documentation and predict network service vulnerabilities

1.3 Research network authentication and network service configuration options and implications to produce network security solutions

1.4 Ensure features and capabilities of network service security options meet the business needs

1.5 Produce or update server security design documentation to include new solutions

1.6 Obtain sign-off for the security design from the appropriate person

2. Prepare for

Network server security implementation

2.1 Prepare for work in line with site-specific safety requirements and enterprise occupational health and safety (OHS) processes and procedures

2.2 Identify safety hazards and implement risk control measures in consultation with appropriate personnel

2.3 Consult appropriate person to ensure the task is coordinated effectively with others involved at the worksite

2.4 Back up server before implementing configuration changes

3. Configure the advanced network server security according to design

3.1 Configure update services to provide automatic updates to ensure maximum security and reliability

3.2 Configure network authentication, authorisation and accounting services to log and prevent unauthorised access to the server

3.3 Configure basic service security and access control lists to limit access to authorised users, groups or networks

3.4 Implement encryption as required by the design

3.5 Configure advanced network service security options for services and remote access

3.6 Configure the operating system or third-party firewall to filter traffic in line with security requirements

3.7 Ensure security of server logs and log servers are appropriately implemented for system integrity

3.8 Implement backup and recovery methods to enable restoration capability in the event of a disaster

4. Monitor and test network server security

4.1 Test server to assess the effectiveness of network service security according to agreed design plan

4.2 Monitor server logs, network traffic and open ports to detect possible intrusions

4.3 Monitor important files to detect unauthorised modifications

4.4 Investigate and verify alleged violations of server or data security and privacy breaches

4.5 Recover from, report and document security breaches according to security policies and procedures

4.6 Evaluate monitored results and reports to implement and test improvement actions required to maintain the required level of network service security

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

Skill 

Performance Criteria 

Description 

Reading

1.2, 1.3, 3.6, 4.1, 4.3, 4.5, 4.6

  • Recognises and interprets technical enterprise security procedures, policies, specifications, and vendor notifications to determine and confirm job requirements

Writing

1.5, 4.5

  • Develops a broad range of material including security reports for a specific audience, using clear and detailed language to convey explicit information, requirements and recommendations

Oral Communication

1.1, 2.2, 2.3, 4.5

  • Uses listening and questioning skills to confirm understanding for requirements
  • Articulates clearly, using specific and relevant language suitable to audience, and participates in verbal exchanges of ideas and solutions

Interact with others

1.6

  • Actively identifies the requirements of important communication exchanges, selecting appropriate channels, format, tone and content to suit purpose and audience

Navigate the world of work

2.1

  • Keeps up to date on changes to legislation or regulations relevant to own rights and responsibilities, and considers implications of these when planning, negotiating and undertaking work

Get the work done

1.2, 1.4, 2.2, 2.4, 3.1-3.8, 4.1, 4.2, 4.4-4.6

  • Considers the strategic and operational potential of digital trends to achieve work goals, enhance work processes, create opportunities and enhance or reduce risks
  • Uses a broad range of strategies to store, access and organise virtual information, recognising that design choices will influence what information is retrieved and how it may be interpreted and used
  • Is acutely aware of the importance of understanding, monitoring and controlling access to digitally stored and transmitted information
  • May operate from a broad conceptual plan, developing the operational detail in stages, regularly reviewing priorities and performance during implementation, and identifying and addressing issues
  • Uses nuanced understanding of context to detect, investigate and recover from security breaches

Unit Mapping Information

Code and title 

current version 

Code and title 

previous version 

Comments 

Equivalence status 

ICTNWK602 Plan, configure and test advanced server-based security

ICANWK602A Plan, configure and test advanced server-based security

Updated to meet Standards for Training Packages.

Equivalent unit

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

 

Assessment requirements

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 1.0.

Performance Evidence

Evidence of the ability to:

  • identify network service security vulnerabilities and appropriate controls
  • plan, design and configure a secure network authentication service
  • secure a wide range of network services to ensure server and data security, including:
  • dynamic name system (DNS)
  • web and proxy
  • mail
  • file transfer protocol (FTP)
  • firewall
  • implement cryptographic techniques
  • monitor the server for security breaches.

Note: If a specific volume or frequency is not stated, then evidence must be provided at least once.

Knowledge Evidence

To complete the unit requirements safely and effectively, the individual must:

  • explain auditing and penetration testing techniques
  • summarise best practice procedures for implementing backup and restore
  • outline cryptographic techniques
  • clarify the procedures for error and event logging and reporting
  • explain intrusion detection and recovery procedures
  • outline network service configuration, including:
  • DNS
  • dynamic host configuration protocol (DHCP)
  • web
  • mail
  • FTP
  • server messages block (SMB)
  • network time protocol (NTP)
  • proxy
  • summarise network service security features, options and limitations
  • outline network service vulnerabilities
  • summarise operating system help and support utilities
  • describe planning, configuration, monitoring and troubleshooting techniques
  • outline security protection mechanisms
  • summarise security threats and risks
  • explain server firewall configuration
  • explain server monitoring and troubleshooting tools and techniques, including network monitoring and diagnostic utilities
  • summarise user authentication and directory services.

Assessment Conditions

Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the networking industry, and include access to:

  • a site where server installation may be conducted
  • relevant server specifications
  • cabling
  • networked (LAN) computers
  • server diagnostic software
  • switch
  • client requirements
  • WAN service point of presence
  • workstations
  • relevant regulatory documentation that impacts on installation activities.

Assessors must satisfy NVR/AQTF assessor requirements.

Links

Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2