^

 
 

Unit of competency details

ICTNWK622 - Configure and manage intrusion prevention system on network sensors (Release 1)

Summary

Usage recommendation:
Current
Mapping:
MappingNotesDate
Supersedes and is equivalent to ICTNWK609 - Configure and manage intrusion prevention system on network sensors 20/Jul/2020

Release Status:
Current
Releases:
ReleaseRelease date
1 1 (this release) 21/Jul/2020


Classifications

SchemeCodeClassification value
ASCED Module/Unit of Competency Field of Education Identifier 020113 Networks And Communications  

Classification history

SchemeCodeClassification valueStart dateEnd date
ASCED Module/Unit of Competency Field of Education Identifier 020113 Networks And Communications  21/Jul/2020 
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form

Unit Of competency

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 6.0.

Application

This unit describes the skills and knowledge required to use required tools, equipment and software to implement an intrusion prevention system (IPS) on IPS sensors to mitigate network attacks.

It applies to individuals with advanced Information and Communications Technology (ICT) skills who are working as certified IPS specialists, network security specialists and network security managers.

No licensing, legislative or certification requirements apply to this unit at the time of publication.

Unit Sector

Networking

Elements and Performance Criteria

ELEMENT 

PERFORMANCE CRITERIA 

Elements describe the essential outcomes.

Performance criteria describe the performance needed to demonstrate achievement of the element.

1. Evaluate ways IPS sensors are used to mitigate network attacks

1.1 Evaluate inline operations network system requirements according to industry standards and organisational requirements

1.2 Evaluate inline to promiscuous mode sensor operations and IPS devices network protection capability

1.3 Evaluate and determine ways IPS can defeat evasive network hacking methods

1.4 Evaluate selection considerations, placement and deployment of network IPS and IPS signature

2. Select, install and configure IPS sensors

2.1 Install, initialise and configure sensor interfaces, interface pairs, virtual local area network (VLAN) pairs and VLAN groups

2.2 Configure management access to sensor appliance and create required user accounts

2.3 Set up, manage and monitor sensor communications with external management and monitoring systems and use built-in tools

2.4 Upgrade IPS sensor parameters and licensing requirements and maintain network integrity

2.5 Plan mitigation of specific network vulnerabilities and exploits according to organisational requirements

3. Tune IPS sensor advanced system parameters

3.1 Tune sensor signatures and provide optimal protection of network

3.2 Create custom and meta signatures and align to mitigation performance requirements

3.3 Configure passive operating system (OS) fingerprinting gateway

3.4 Configure external product interface to receive and process information from external security and management products

3.5 Configure a virtual sensor and anomaly detection

4. Manage IPS security and network response attacks

4.1 Monitor IPS events and determine network attack response 4.2 Assess IPS effectiveness against security intrusion

4.2 Report on security and response attacks according to organisational requirements

Foundation Skills

This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.

S KILL 

D ESCRIPTION 

Learning

  • Demonstrates a sophisticated knowledge of principles, concepts, language and practices associated with the digital world and uses these to troubleshoot and understand the uses and potential of new technology
  • Demonstrates knowledge that identified ‘problems’ can be surface indicators of deeper issues and routinely reframes problem definitions as part of the process of identifying a root cause

Numeracy

  • Selects from and flexibly applies, a wide range of highly developed mathematical and problem-solving strategies and techniques in a broad range of contexts

Reading

  • Recognises and interprets complex technical and regulatory information to determine and confirm job requirements

Writing

  • Demonstrates sophisticated writing skills by selecting required conventions and stylistic devices to express precise meaning
  • Writes and edits complex computer code and technical data, ensuring correct syntax and accuracy

Teamwork

  • Develops and implements communications strategies with internal and external persons
  • Shares knowledge, information and experience openly as an integral part of the working relationship

Planning and organising

  • Operates from a broad conceptual plan, developing the operational detail in stages, regularly reviewing priorities and performance during implementation and identifying and addressing issues

Problem solving

  • Uses a broad range of strategies to store, access and organise virtual information, recognising that design choices will influence what information is retrieved and how it may be interpreted and used
  • Uses a mix of intuitive and formal processes to identify key information and issues, evaluate alternative strategies, anticipate consequences and consider implementation issues and contingencies

Self-management

  • Understands own legal rights and responsibilities and considers implications of these when planning and undertaking work
  • Demonstrates an acute awareness of the importance of knowledge, monitoring and controlling access to digitally stored and transmitted information

Unit Mapping Information

Supersedes and is equivalent to ICTNWK609 Configure and manage intrusion prevention system on network sensors.

Links

Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2

 

Assessment requirements

Modification History

Release 

Comments 

Release 1

This version first released with ICT Information and Communications Technology Training Package Version 6.0.

Performance Evidence

The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:

  • identify and evaluate requirements for a medium size digital environment on at least one occasion
  • configure, tune and manage intrusion prevention system on at least one occasion.

In the course of the above, the candidate must:

  • upgrade and maintain IPS sensors
  • document finalised processes and outcomes.

Knowledge Evidence

The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:

  • configuration, verification and troubleshooting procedures to undertake switch and router operation and routing protocol
  • internetwork operating system (IOS), internet protocol (IP) networking models and deployment schemes
  • IP addressing and transmission control protocol (TCP) and IP stack
  • IPS and intrusion detection system (IDS) strategies, sensor technologies and licensing requirements
  • local area network and wide area network (LAN/WAN) implementations and design
  • network topologies, architectures, elements, standards and protocols
  • virtual local area network (VLAN) concepts and functionality and virtual private network (VPN) technologies
  • legislation, regulations, standards and codes of practice required to network security.

Assessment Conditions

Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.

This includes access to:

  • a site or prototype where network installation may be conducted
  • industry standard hardware and software
  • organisational guidelines, policies and procedures
  • live network
  • an IPS system and its sensors.

Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.

Links

Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2