Unit of competency details
ICTNWK622 - Configure and manage intrusion prevention system on network sensors (Release 1)
Summary
Usage recommendation:
Current
Releases:
1 1 (this release) |
21/Jul/2020 |
Companion volumes:
Unit of competency
Assessment requirements
Training packages that include this unit
Qualifications that include this unit
Classifications
Classification history
ASCED Module/Unit of Competency Field of Education Identifier | 020113 | Networks And Communications | 21/Jul/2020 | |
The content being displayed has been produced by a third party, while all attempts have been made to make this content as accessible as possible it cannot be guaranteed. If you are encountering issues following the content on this page please consider downloading the content in its original form
Unit of competency
Modification History
Release
|
Comments
|
Release 1
|
This version first released with ICT Information and Communications Technology Training Package Version 6.0.
|
Application
This unit describes the skills and knowledge required to use required tools, equipment and software to implement an intrusion prevention system (IPS) on IPS sensors to mitigate network attacks.
It applies to individuals with advanced Information and Communications Technology (ICT) skills who are working as certified IPS specialists, network security specialists and network security managers.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Unit Sector
Networking
Elements and Performance Criteria
ELEMENT
|
PERFORMANCE CRITERIA
|
Elements describe the essential outcomes.
|
Performance criteria describe the performance needed to demonstrate achievement of the element.
|
1. Evaluate ways IPS sensors are used to mitigate network attacks
|
1.1 Evaluate inline operations network system requirements according to industry standards and organisational requirements
1.2 Evaluate inline to promiscuous mode sensor operations and IPS devices network protection capability
1.3 Evaluate and determine ways IPS can defeat evasive network hacking methods
1.4 Evaluate selection considerations, placement and deployment of network IPS and IPS signature
|
2. Select, install and configure IPS sensors
|
2.1 Install, initialise and configure sensor interfaces, interface pairs, virtual local area network (VLAN) pairs and VLAN groups
2.2 Configure management access to sensor appliance and create required user accounts
2.3 Set up, manage and monitor sensor communications with external management and monitoring systems and use built-in tools
2.4 Upgrade IPS sensor parameters and licensing requirements and maintain network integrity
2.5 Plan mitigation of specific network vulnerabilities and exploits according to organisational requirements
|
3. Tune IPS sensor advanced system parameters
|
3.1 Tune sensor signatures and provide optimal protection of network
3.2 Create custom and meta signatures and align to mitigation performance requirements
3.3 Configure passive operating system (OS) fingerprinting gateway
3.4 Configure external product interface to receive and process information from external security and management products
3.5 Configure a virtual sensor and anomaly detection
|
4. Manage IPS security and network response attacks
|
4.1 Monitor IPS events and determine network attack response 4.2 Assess IPS effectiveness against security intrusion
4.2 Report on security and response attacks according to organisational requirements
|
Foundation Skills
This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.
S KILL
|
D ESCRIPTION
|
Learning
|
- Demonstrates a sophisticated knowledge of principles, concepts, language and practices associated with the digital world and uses these to troubleshoot and understand the uses and potential of new technology
- Demonstrates knowledge that identified ‘problems’ can be surface indicators of deeper issues and routinely reframes problem definitions as part of the process of identifying a root cause
|
Numeracy
|
- Selects from and flexibly applies, a wide range of highly developed mathematical and problem-solving strategies and techniques in a broad range of contexts
|
Reading
|
- Recognises and interprets complex technical and regulatory information to determine and confirm job requirements
|
Writing
|
- Demonstrates sophisticated writing skills by selecting required conventions and stylistic devices to express precise meaning
- Writes and edits complex computer code and technical data, ensuring correct syntax and accuracy
|
Teamwork
|
- Develops and implements communications strategies with internal and external persons
- Shares knowledge, information and experience openly as an integral part of the working relationship
|
Planning and organising
|
- Operates from a broad conceptual plan, developing the operational detail in stages, regularly reviewing priorities and performance during implementation and identifying and addressing issues
|
Problem solving
|
- Uses a broad range of strategies to store, access and organise virtual information, recognising that design choices will influence what information is retrieved and how it may be interpreted and used
- Uses a mix of intuitive and formal processes to identify key information and issues, evaluate alternative strategies, anticipate consequences and consider implementation issues and contingencies
|
Self-management
|
- Understands own legal rights and responsibilities and considers implications of these when planning and undertaking work
- Demonstrates an acute awareness of the importance of knowledge, monitoring and controlling access to digitally stored and transmitted information
|
Unit Mapping Information
Supersedes and is equivalent to ICTNWK609 Configure and manage intrusion prevention system on network sensors.
Links
Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2
Assessment requirements
Modification History
Release
|
Comments
|
Release 1
|
This version first released with ICT Information and Communications Technology Training Package Version 6.0.
|
Performance Evidence
The candidate must demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including evidence of the ability to:
- identify and evaluate requirements for a medium size digital environment on at least one occasion
- configure, tune and manage intrusion prevention system on at least one occasion.
In the course of the above, the candidate must:
- upgrade and maintain IPS sensors
- document finalised processes and outcomes.
Knowledge Evidence
The candidate must be able to demonstrate knowledge to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit, including knowledge of:
- configuration, verification and troubleshooting procedures to undertake switch and router operation and routing protocol
- internetwork operating system (IOS), internet protocol (IP) networking models and deployment schemes
- IP addressing and transmission control protocol (TCP) and IP stack
- IPS and intrusion detection system (IDS) strategies, sensor technologies and licensing requirements
- local area network and wide area network (LAN/WAN) implementations and design
- network topologies, architectures, elements, standards and protocols
- virtual local area network (VLAN) concepts and functionality and virtual private network (VPN) technologies
- legislation, regulations, standards and codes of practice required to network security.
Assessment Conditions
Skills in this unit must be demonstrated in a workplace or simulated environment where the conditions are typical of those in a working environment in this industry.
This includes access to:
- a site or prototype where network installation may be conducted
- industry standard hardware and software
- organisational guidelines, policies and procedures
- live network
- an IPS system and its sensors.
Assessors of this unit must satisfy the requirements for assessors in applicable vocational education and training legislation, frameworks and/or standards.
Links
Companion Volume Implementation Guide is found on VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2