ICT Security Threats - IT/CU/ICT/CR/3/6 - PDF

Summary

This document outlines the unit of competency for controlling ICT security threats. The unit covers learning outcomes, content, and suggested assessment methods.

Full Transcript

ICT SECURITY THREATS -------------------- **UNIT CODE: IT/CU/ICT/CR/3/6** **Relationship to Occupational Standards** This unit addresses the unit of competency: **CONTROL ICT SECURITY THREATS** **Duration of Unit:**200hours **Unit Description** This unit specifies competencies required to cont...

ICT SECURITY THREATS -------------------- **UNIT CODE: IT/CU/ICT/CR/3/6** **Relationship to Occupational Standards** This unit addresses the unit of competency: **CONTROL ICT SECURITY THREATS** **Duration of Unit:**200hours **Unit Description** This unit specifies competencies required to control ICT security threats. It involves identification of security threats, establishing and installing security measures, deployment of security measures, system vulnerability testing and monitoring. **Summary of Learning Outcomes** 1. Identify security threats 2. Establish and Install security measures 3. Deploy security measures 4. Test system vulnerability 5. Monitor security system **Learning Outcomes, Content and Suggested Assessment Methods** +-----------------------+-----------------------+-----------------------+ | **Learning Outcome** | **Content** | **Suggested | | | | Assessment Methods** | +=======================+=======================+=======================+ | 1. Identify security | - Definition of | - Practical | | threats | security threats | | | | | - Oral questioning | | | - Categories of | | | | security threats | - Written tests | | | | | | | | | | | | | | | - Internal | | | | | | | | - external | | | | | | | | | | | | | | | | - Importance of | | | | Computer Security | | | | to an | | | | Organization | | | | | | | | - Identification of | | | | Common threats | | | | | | | | | | | | | | | | - Fraud and theft | | | | | | | | - Employee sabotage | | | | | | | | - Loss of physical | | | | and | | | | infrastructure | | | | support | | | | | | | | - Malicious hackers | | | | and code | | | | | | | | - Industrial | | | | espionage | | | | | | | | - Threats to | | | | personal privacy | | | | | | | | - Natural | | | | Calamities | | | | | | | | - Cyber crime | | | | | | | | | | | | | | | | - Constraints to | | | | computer security | | | | | | | | - Cost | | | | | | | | - User | | | | responsibilit | | | | y | | | | | | | | - Integration | | | | challenges | | | | | | | | - Inadequate | | | | Assessment | | +-----------------------+-----------------------+-----------------------+ | 2. Establish and | - Definition of | - Written tests | | Install security | security risk | | | measures | management | - Observation | | | | | | | - Benefits of Risk | - Report writing | | | management | | | | | - Practical | | | - Risk management | | | | procedures | | | | | | | | | | | | | | | | - Risk assessment | | | | | | | | - Risk mitigation | | | | Uncertainty | | | | analysis | | | | | | | | - interdependencies | | | | | | | | - cost | | | | considerations | | | | | | | | | | | | | | | | - Benefits of | | | | security measures | | | | | | | | - Types of Security | | | | measures | | | | | | | | | | | | | | | | - Firewalls | | | | | | | | - User accounts | | | | control | | | | | | | | - Security policies | | | | | | | | - Antivirus | | | | | | | | - Encryption | | | | | | | | - Secure Socket | | | | Layer protocol | | | | (SSL) | | | | | | | | - Multi-factor | | | | authentication | | | | | | | | - Malware detection | | | | | | | | - Site monitoring | | | | | | | | - Daily or weekly | | | | backups | | | | | | | | | | | | | | | | - Application of | | | | security measures | | +-----------------------+-----------------------+-----------------------+ | 3. Deploy security | - Implement | - Practical | | measures | security measures | | | | contained in the | - Oral questioning | | | ICT security | | | | policy | - Short tests to | | | | assess | | | - Apply physical | underpinning | | | and logical risk | knowledge. | | | mitigation | | | | measures | | | | | | | | | | | | | | | | - Take corrective | | | | action | | | | | | | | - Security audit to | | | | identify security | | | | gaps | | | | | | | | - Generate system | | | | audit report | | +-----------------------+-----------------------+-----------------------+ | 4. Test system | - Definition of | - Practical | | vulnerability | vulnerability | exercises | | | | | | | - System testing | - Oral questioning | | | schedule | | | | | | | | - Levels of system | | | | vulnerability | | | | | | | | - Ethical | | | | penetration | | | | | | | | - System | | | | vulnerability | | | | test report | | +-----------------------+-----------------------+-----------------------+ | 5. Monitor security | - Define monitoring | - Practical | | system | criteria | exercises | | | | | | | - Evaluation of | - Oral questioning | | | system security | | | | performance based | - Short tests to | | | on defined | assess | | | criteria | underpinned | | | | knowledge. | | | - updating and | | | | overhauling of | | | | Security systems | | | | | | | | - Generate | | | | monitoring report | | +-----------------------+-----------------------+-----------------------+ **Suggested Methods of Delivery** - Presentations and practical demonstrations by trainer; - Guided learner activities and research to develop underpinning knowledge; - Supervised activities and projects in a workshop; The delivery may also be supplemented and enhanced by the following, if the opportunity allows: - Visiting lecturer/trainer from the ICT sector; - Industrial visits. **Recommended Resources** +-----------------------------------------------------------------------+ | **Tools** | | | | 1. Monitoring tools | | | | 2. CCTV | | | | 3. Maintenance tools | | | | 4. firewalls | | | | 5. antivirus | | | | 6. anti-spy ware | | | | 7. password management software | +=======================================================================+ | **Equipment** | | | | screw driver | | | | sensors | | | | cctv | | | | Computer | +-----------------------------------------------------------------------+ | **Materials and supplies** | | | | - Digital instructional material including DVDs and CDs | +-----------------------------------------------------------------------+ | **Reference materials** | | | | Manufacturers manuals | +-----------------------------------------------------------------------+

Use Quizgecko on...
Browser
Browser