kskv sem 6(baru) - ksk601

Edition December 2013

MINISTRY OF EDUCATION, MALAYSIA

VOCATIONAL COLLEGE STANDARD CURRICULUM

COURSE INFORMATION

COURSE NAME : LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME : KSK 601

LEVEL : 3 SEMESTER 6

CREDIT UNIT : 4.0

CONTACT HOUR : FACE TO FACE : 5.0 HOURS/WEEK

NON FACE TO FACE :

COURSE TYPE : VOCATIONAL

PREREQUISITE : KSK 503: LEGAL AND SECURITY ISSUES MANAGEMENT (PART 1)

CORE REQUISITE : -

COURSE OUTCOMES Last Edited 10 - 13 Nov 2013

Module /15 Document Page 1


At the end of the course, the students should be able to:-

Implement Computer Network Policy Evaluate Security Software and Equipment Update Computer Network Security Diagnose Computer Network Threats Implement Computer Network Intrusions Carry Out Contingency Measure Implement Contingency Measures

COURSE DESCRIPTION

This module Legal and Security Issues Management (Part 2) using standard operating procedures, computer security policy, security inspection checklist, computer network layout plan, installation manual, hardware installation tools, company security procedure, updates schedule, manufacturer & vendor support, firmware & software versions, manufacturer technical guidelines, product manual, installation manual, storage media, security updates, computer network security policy, computer network activity diagnostic tools, computer network threats prevention procedures, computer network intrusion prevention procedures, system documentation, contingency procedures document, work schedule, contingency checklist & writing tools, checklist, contingency action plan and report so that company security policies determined, established & inspected, critical security policies requirements determined, computer security software, security equipment installed & recorded, software & equipment update determined, software update acquired, installed & recorded, network threats determined & identified, network threats prevention carried out, network intrusion determined & diagnosed, network intrusion prevention carried out, type of solution determined, contingency action plan executed & contingency report produced, action plan instruction obtained, action plan checklist produced & executed, problem/issues contained to appropriate levels and contingency action applied & documented in accordance with company policies, standard operating procedures and manufacturer updates guidelines.

CONTENT AND LEARNING STANDARDS

Last Edited 10 - 13 Nov 2013



PROGRAM : COMPUTER SYSTEM AND NETWORKING


CODE NAME : KSK 601

CONTENT STANDARD LEARNING STANDARD PERFORMANCE CRITERIA

1. IMPLEMENT COMPUTER NETWORK POLICY

1.1 Determine company security policy

1.2 Establish company security policies

1.3 Inspect company security policy

1.1.1 Interpret computer network security policy

1.1.2 Interpret network safety regulations

1.1.3 Interpret common legal phrase

1.2.1 Evaluate procedures to counteract computer network Security violation

1.2.2 Evaluate procedures implementing computer network security policy

1.2.3 Carry out security audits

1.2.4 Apply security equipment and software

1.2.5 Assign computer network user level privileges

1.3.1 Verify security policy enforcement





1.3.2 Respond security violation occurrence

1.3.3 Apply security policy inspection checklist







CODE NAME : KSK 601


2. EVALUATE SECURITY SOFTWARE AND EQUIPMENT

2.1 Determine critical security policies requirements

2.2 Install computer security software

2.1.1 Interpret security policy

2.1.2 Locate network security placement

2.1.3 Select security solutions

2.1.4 Select security software and equipment

2.2.1 Follow software installation procedure

2.2.2 Execute computer security software installation

2.2.3 Apply basic security software configuration

2.3.1 Interconnect security equipment





2.3 Install security equipment

2.4 Record security software and equipment

2.3.2 Interpret firmware/software version release notes

2.3.3 Comply manufacturer configuration technical guidelines

2.3.4 Follow security equipment installation manual

2.3.5 Apply basic security equipment configuration

2.4.1 Document security software and equipment evaluation

2.4.2 Write report







CODE NAME : KSK 601


3. UPDATE COMPUTER NETWORK SECURITY

3.1 Determine software and equipment update

3.2 Acquire software update

3.1.1 Identify security firmware and software updates requirements

3.1.2 Identify firmware and software version

3.1.3 Obtain security update information

3.1.4 Develop security update schedule

3.1.5 Follow security update schedule

3.2.1 Determine software update acquiring source

3.2.2 Determine software update acquiring method

3.2.3 Determine exact security update





3.3 Install software updates

3.4 Record software updates

3.2.4 Obtain security updates

3.2.5 Store obtained security updates

3.3.1 Comply manufacturer updates guidelines

3.3.2 Follow security updates installation procedure

3.3.3 Apply security equipment basic configuration

3.4.1 Document computer network security updates

3.4.2 Write report

CONTENT AND LEARNING STANDARDSLast Edited 10 - 13 Nov 2013





CODE NAME : KSK 601


4. DIAGNOSE COMPUTER NETWORK THREATS

4.1 Determine network threats

4.2 Identify network threats

4.1.1 Identify network security threats

4.1.2 Obtain support from manufacturer and vendor

4.1.3 Evaluate network threats information

4.1.4 Identify network threats critically level


4.2.2 Evaluate computer network activity

4.2.3 Execute basic network security audits

4.2.4 Select network threat prevention method

4.2.5 Determine vulnerable network and host





4.3 Carry out network threats prevention

4.3.1 Comply Standard Operating Procedure (SOP)

4.3.2 Block unnecessary network access

4.3.3 Execute computer network threats prevention procedures







CODE NAME : KSK 601


5. IMPLEMENT COMPUTER NETWORK INTRUSIONS

5.1 Determine network intrusion

5.2 Diagnose network intrusion

5.3 Carry out network intrusion prevention

5.1.1 Identify network security intrusion

5.1.2 Obtain support from manufacturer and vendor

5.1.3 Evaluate network intrusion information


5.2.2 Evaluate computer network user access

5.2.3 Select network intrusion prevention method

5.2.4 Identify suspicious user and connection

5.3.1 Comply Standard Operating Procedure (SOP)





5.3.2 Block suspicious user and connection

5.3.3 Execute computer network intrusion prevention procedures

5.3.4 Apply computer network user restrictions




CONTENT AND LEARNING STANDARDSS



CODE NAME : KSK 601


6 CARRY OUT CONTINGENCY MEASURES

6.1 Determine type of solution

6.2 Execute contingency action plan

6.3 Produce contingency report

6.1.1 Interpret type of risks involved

6.1.2 Implement appropriate solution measures

6.1.3 Implement solution

6.2.1 Interpret checklist of activities

6.2.2 Interpret work schedule

6.2.3 Identify personnel involved

6.3.1 Collect data on contingency actions

6.3.2 Write report







CODE NAME : KSK 601


7 IMPLEMENT CONTINGENCY MEASURES

7.1 Obtain action plan instruction

7.2 Produce action plan checklist

7.3 Execute action plan

7.1.1 Interpret action plan

7.1.2 Interpret Standard Operating Procedure (SOP)

7.2.1 Interpret action plan

7.2.2 Interpret Standard Operating Procedure (SOP)

7.2.3 Prepare action plan checklist

7.3.1 Carry out action plan steps

7.3.2 Verify outcome of action plan

7.3.3 Record outcome of action planLast Edited 10 - 13 Nov 2013



7.4 Contain problems/issues to appropriate levels

7.5 Apply contingency actions

7.6 Document contingency actions

7.3.4 Update action plan checklist

7.4.1 Detail down/explain the problems/issues

7.4.2 Obtain authority support/approval

7.5.1 Plan contingency actions

7.5.2 Use contingency plan

7.6.1 Write contingency plan execution

7.6.2 Write contingency report



kskv sem 6(baru) - ksk601

Documents