ICTNWK421 - Install, configure and test network security

Assessment tasks will be designed to reinforce and extend knowledge and skill competence within set and controlled parameters in accordance with each unit's learning outcomes and performance criteria requirements, including the setting of work based practical application tasks designed to provide evidence of competence outcomes, within periodic and scheduled timelines. Students will be expected to demonstrate the following required skills with respect to one network: - identify and analyse network security threats and vulnerabilities; - make recommendations to management to address network security deficiencies and fulfill organisational asset security requirements; - implement perimeter security, network hardening measures and authentication and user account controls - according to identified deficiencies and organisational asset security requirements; - design and conduct testing to verify the key function and performance measures of network security; - debug network security according to test results; - review logs and audit reports to identify and record five security incidents, intrusions and attempts, and; - undertake three (3) spot checks and audits to ensure that procedures are not being bypassed.Students will also be expected to demonstrate the following knowledge: - security requirements of the organisation, including: organisational structure and functions; features and capabilities of networking technologies; privacy issues and privacy legislation; security information sources, and; risk analysis; - virtual private network (VPN) issues, including bandwidth and dynamic security environment; - configuration of routers and switches; - current hardware and software security products, including general features and capabilities; - function and operation of VPN concepts including encryption, firewalls, packet tunnelling, and authentication; - network protocols and operating systems; - security perimeters and functions; - security protocols, standards and data encryption; - security threats including eavesdropping, data interception, data corruption and data falsification; - types of VPNs including site-to-site and user-to-site internet traffic and extranets, and; - systems and procedures related to audit and intrusion detection systems; auditing and penetration testing techniques; cryptography; local area network (LAN), wireless local area network (WLAN) and wide area network (WAN); screened subnets; transmission control protocol, internet protocol (TCPs/IPs), and applications, and; virus detection software.