Unit of competency
Modification History
Release |
Comments |
Release 1 |
This version first released with ICT Information and Communications Technology Training Package Version 1.0. |
Application
This unit describes the skills and knowledge required to provide basic website server, and protocol security appropriate to the level required by an organisation.
It applies to individuals employed as web maintenance staff who are required to ensure that a website meets basic security requirements.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Unit Sector
Web
Elements and Performance Criteria
ELEMENT |
PERFORMANCE CRITERIA |
Elements describe the essential outcomes. |
Performance criteria describe the performance needed to demonstrate achievement of the element. |
1. Determine business security requirements |
1.1 Identify the level of security required based on the business, and the commercial intent of the website 1.2 Identify whether password protection is needed for the site, or part of the site 1.3 Decide on minimum or maximum password protection solutions, based on the business requirements |
2. Ensure web server security |
2.1 Ensure that the web server password is obscure and non-traceable 2.2 Install and maintain an effective intrusion detection system, according to business requirements 2.3 Ensure that user accounts have only the required permissions on the server 2.4 Ensure that interpreters’ programs, that run common gateway interfaces (CGIs), are not stored in the CGI-bin directory 2.5 Ensure that web forms check data before passing it to the server |
3. Ensure protocol security |
3.1 Protect the fixed internet connection, and the internet protocol (IP) address 3.2 Protect shared network resources from intrusion, according to business requirements 3.3 Ensure that personal computer (PC) protocols and preferences follow security protocols 3.4 Disable control protocol, or internet protocol (TCP/IP), bindings for file and printer sharing 3.5 Ensure that network basic input/output system (NetBIOS) over TCP/IP is disabled |
Foundation Skills
This section describes language, literacy, numeracy and employment skills incorporated in the performance criteria that are required for competent performance.
Skill |
Performance Criteria |
Description |
Reading |
1.1-1.3, 2.1-2.5, 3.1-3.5 |
|
Writing |
2.2, 3.1-3.5 |
|
Oral Communication |
1.1, 1.2 |
|
Navigate the world of work |
1.3 |
|
Get the work done |
1.1-1.3, 2.1-2.5, 3.1-3.5 |
|
Unit Mapping Information
Code and title current version |
Code and title previous version |
Comments |
Equivalence status |
ICTWEB408 Ensure basic website security |
ICAWEB408A Ensure basic website security |
Updated to meet Standards for Training Packages |
Equivalent unit |
Links
Companion Volume implementation guides are found in VETNet - https://vetnet.gov.au/Pages/TrainingDocs.aspx?q=a53af4e4-b400-484e-b778-71c9e9d6aff2