Course Title: Monitor and administer network security

Part B: Course Detail

Teaching Period: Term1 2012

Course Code: COSC5436C

Course Title: Monitor and administer network security

School: 155T Vocational Health and Sciences

Campus: City Campus

Program: C4293 - Certificate IV in Information Technology (Networking)

Course Contact: Geoff Moss

Course Contact Phone: +61 3 9925 4852

Course Contact Email: geoff.moss@rmit.edu.au


Name and Contact Details of All Other Relevant Staff

Chelton Evans

chelton.evans@rmit.edu.au

Nominal Hours: 30

Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.

Pre-requisites and Co-requisites

The following unit is a prerequisite for this competency:
• ICAS3032A - Provide network systems administration

Course Description

This unit defines the competency required to monitor and administer security functions on a network according to organisational policies.


National Codes, Titles, Elements and Performance Criteria

National Element Code & Title:

ICAS4124B Monitor and administer network security

Element:

1. Ensure user accounts are controlled

1.1Review organisation's network and security policy to ensure up-todate knowledge and understanding of policies
1.2Modify default and previously created user settings to ensure that they conform with organisational security policy
1.3Investigate log-on procedures for security and appropriateness and modify log-on requirements, using relevant utilities, where applicable
1.4Ensure that appropriate procedures are put in place to deal with user accounts that are no longer required
1.5Access information resources to identify and understand current,documented security gaps and their associated repair procedure
1.6Ascertain the security repairs applicable to the current network and discuss with appropriate person togain approval for repair implementation
1.7Obtain and implement the appropriate hardware and software necessary for network security repair

Performance Criteria:

1.1Review organisation's network and security policy to ensure up-todate knowledge and understanding of policies
1.2Modify default and previously created user settings to ensure that they conform with organisational security policy
1.3Investigate log-on procedures for security and appropriateness and modify log-on requirements, using relevant utilities, where applicable
1.4Ensure that appropriate procedures are put in place to deal with user accounts that are no longer required
1.5Access information resources to identify and understand current,documented security gaps and their associated repair procedure
1.6Ascertain the security repairs applicable to the current network and discuss with appropriate person togain approval for repair implementation
1.7Obtain and implement the appropriate hardware and software necessary for network security repair

Element:

2. Secure file and resource access

2.1Review inbuilt security and access features of the operating system and document areas for concern
2.2Analyse the file security categorisation scheme and the role of users in setting file security, in relation to organisational security policy and recommend revision, if necessary
2.3Implement, if necessary, a process for ongoing updates of virus checking software, at server and workstation levels
2.4Investigate and implement inbuilt or additional encryption facilities, as appropriate, to meet organisational security needs

Performance Criteria:

2.1Review inbuilt security and access features of the operating system and document areas for concern
2.2Analyse the file security categorisation scheme and the role of users in setting file security, in relation to organisational security policy and recommend revision, if necessary
2.3Implement, if necessary, a process for ongoing updates of virus checking software, at server and workstation levels
2.4Investigate and implement inbuilt or additional encryption facilities, as appropriate, to meet organisational security needs

Element:

3. Monitor threats to the system

3.1Investigate the current security of the network, including physical aspects, utilising appropriate third-party testing software where applicable
3.2Review logs and audit reports to identify and record security threats, intrusions or attempts
3.3Carry out spot checks and other activities to ensure that procedures are not being bypassed
3.4Evaluate the findings of the state of security and prepare recommendations for improvement
3.5Prepare documentation in a report for presentation to appropriate person to gain approval for changes to be made

Performance Criteria:

3.1Investigate the current security of the network, including physical aspects, utilising appropriate third-party testing software where applicable
3.2Review logs and audit reports to identify and record security threats, intrusions or attempts
3.3Carry out spot checks and other activities to ensure that procedures are not being bypassed
3.4Evaluate the findings of the state of security and prepare recommendations for improvement
3.5Prepare documentation in a report for presentation to appropriate person to gain approval for changes to be made


Learning Outcomes



Details of Learning Activities

  • logging into servers with ssh
  • scanning a network with nmap
  • file and folder encryption with True Crypt
  • windows updates
  • domain security - auditing login and directory access
  • theory - eg zero-day attack


Teaching Schedule

WeeksTopicSoftware/ReadingPractical Exercises and Assessment
1

Introduction to Topic

Overview of course

See online resources 
2Secure file and resource accessSee online resourcesPrac 2
4Secure file and resource accessSee online resourcesPrac 8 ssh
5Monitor threats to the systemSee online resourcesPrac 10 nmap
7

Ensure user accounts are controlled

Monitor threats to the system

Secure file and resource access

See online resourcesPrac 13 security
9

Ensure user accounts are controlled

Secure file and resource access

Monitor threats to the system

See online resourcesPrac 14 Kaspersky


Learning Resources

Prescribed Texts


References


Other Resources


Overview of Assessment

Critical aspects for assessment and evidence required to demonstrate competency in this unit.
Assessment must confirm an understanding of the organisation’s network security and access policies. Assessment must confirm knowledge of the security features available in the operating environment and the ability to monitor and administer security functions on the network. This may include use of third-party diagnostic tools.

Assessment occurs throughout the program and includes learning and assessment activities conducted in the classroom, online and in the workplace giving you the opportunity to practice and be assessed on what you are learning in a work context. You must demonstrate an understanding of all elements of a particular competency to be deemed competent. Assessment methods have been designed to measure achievement of each competency in a flexible manner over a range of assessment tasks.

Assessment will incorporate a variety of methods including technical requirements, documentation, workplace activities, in class exercises, quizzes, practical problem solving exercises and presentations. Participants are advised that they are likely to be asked to personally demonstrate their assessment work to their teacher to ensure that the relevant competency standards are being met.

If you have a long term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or the Disability Liaison Unit if you would like to find out more.


Assessment Tasks

Skills Based Assessments:
These assessments can be done either at RMIT or at the workplace providing appropriate equipment is available.


All pracs need to be successfully completed to pass the course.


Assessment Matrix

ElementPractical TasksIn Class/Work ObservationIn Class TestingIndividual discussion **
1.1xxxx
1.2xxxx
1.3xxxx
1.4xxxx
1.5xxxx
1.6xxxx
1.7xxxx
1.8xxxx
2.1xxxx
2.2xxxx
2.3xxxx
2.4xxxx
3.1xxxx
3.2xxxx
3.3xxxx
3.4xxxx
3.5xxxx

Course Overview: Access Course Overview