contents · • types of threats facing the information security of individuals and organizations...

SSC/N0926 Maintain and enhance cyber security infrastructure components

1

Contents 1. Introduction and Contacts ......................... P.1

2. Qualifications Pack .................................... P.2

3. Glossary of Key Terms ............................... P.3

4. NOS Units ................................................... P.5

5. Nomenclature for QP and NOS Units ...... P.81

6. Criteria for Assessment of Trainees ......... P.83

SECTOR: IT-ITeS

SUB-SECTOR: IT Services

OCCUPATION: Information/Cyber Security

REFERENCE ID: SSC/Q0923

ALIGNED TO: NCO-2015/ NIL

Security Infrastructure Specialist: in the IT-ITeS Industry was earlier known as Device Manager.

Brief Job Description: This job role is responsible for managing information security infrastructure to keep them performing as per requirements. The main duties consist of configuring, hardening and trouble shooting security infrastructure products and solutions as per policies, undertaking development of security infrastructure policy as well as monitoring and reporting on the performance of security devices and solutions. Personal Attributes: This job may require the individual to work independently and take decisions for his/her own area of work. The individual should have a high level of analytical thinking ability, passion for information security and attention for detail, should be ethical, compliance and result oriented, should also be able to demonstrate interpersonal skills, along with willingness to undertake desk-based job with long working hours.

� NOS describe

what individuals need to do, know and understand in order to carry out a particular job role or function

� NOS are

performance standards that individuals must achieve when carrying out functions in the workplace, together with specifications of the underpinning knowledge and understanding

IT-ITeS SSC NASSCOM E-mail: [email protected]

Introduction

Qualifications Pack- Security Infrastructure Specialist

QUALIFICATIONS PACK – NATIONAL OCCUPATIONAL STANDARDS FOR IT-BPM INDUSTRY

mailto:[email protected]

Qualifications Pack For Security Infrastructure Specialist

2

Job

Deta

ils

Qualifications Pack Code SSC/Q0923

Job Role Security Infrastructure Specialist This job role is applicable in both national and international scenarios

Credits (NSQF) TBD Version number 1.0

Sector IT-ITeS Drafted on 26/08/2016

Sub-sector IT Services Last reviewed on 31/03/2018

Occupation Cyber Security Next review date 31/03/2019

NSQC Clearance on 19/12/2018NSQC Approval date

Job Role Security Infrastructure Specialist (Device Manager)

Role Description Is responsible for configuring, hardening and troubleshooting cyber security infrastructure products as well as developing cyber security infrastructure policy, monitoring and reporting on the performance.

NSQF level Minimum Educational Qualifications Maximum Educational Qualifications

8 Graduate in Security/ Computer Science/Electronics and Engineering /IT NA

Training (Suggested but not mandatory)

Certification in Information systems or related fields, Basic soft skills training, ethical hacking or pertaining to ISO27001

Minimum Job Entry Age 23 Years Old Experience 2-5 years of work experience/internship in information technology

Applicable National Occupational Standards (NOS)

Compulsory: 1. SSC/N0937 Configure cyber security infrastructure components 2. SSC/N0938 Maintain and enhance cyber security infrastructure

components 3. SSC/N0939 Define the cyber security infrastructure policy or

technical security policy for an organization 4. SSC/N0933 Monitor and report on performance of operational and

technical cyber security measures 5. SSC/N0927 Drive interrelated cyber security actions 6. SSC/N0928 Managing a project team 7. SSC/N9001 Manage your work to meet requirements 8. SSC/N9002 Work effectively with colleagues 9. SSC/N9003 Maintain a healthy, safe and secure working

environment 10. SSC/N9004 Provide data/information in standard formats 11. SSC/N9005 Develop your knowledge, skills and competence

Optional: Not Applicable

Performance Criteria As described in the relevant NOS units


3

Glossary of Key Terms

Keywords /Terms Description

Sector

Sector is a conglomeration of different business operations having similar businesses and interests. It may also be defined as a distinct subset of the economy whose components share similar characteristics and interests.

Sub-sector Sub-sector is derived from a further breakdown based on the characteristics and interests of its components.

Vertical

Vertical may exist within a sub-sector representing different domain areas or the client industries served by the industry.

Occupation

Occupation is a set of job roles, which perform similar/related set of functions in an industry.

Function

Function is an activity necessary for achieving the key purpose of the sector, occupation, or area of work, which can be carried out by a person or a group of persons. Functions are identified through functional analysis and form the basis of OS.

Sub-functions

Sub-functions are sub-activities essential to fulfil the achieving the objectives of the function.

Job role

Job role defines a unique set of functions that together form a unique employment opportunity in an organization.

Occupational Standards (OS)

OS specify the standards of performance an individual must achieve when carrying out a function in the workplace, together with the knowledge and understanding they need to meet that standard consistently. Occupational Standards are applicable both in the Indian and global contexts.

Performance Criteria

Performance Criteria are statements that together specify the standard of performance required when carrying out a task.

National Occupational Standards (NOS)

NOS are Occupational Standards which apply uniquely in the Indian context.

Qualifications Pack Code

Qualifications Pack Code is a unique reference code that identifies a qualifications pack.

Qualifications Pack(QP)

Qualifications Pack comprises the set of OS, together with the educational, training and other criteria required to perform a job role. A Qualifications Pack is assigned a unique qualification pack code.

Unit Code

Unit Code is a unique identifier for an OS unit, which can be denoted with either an ‘O’ or an ‘N’.

Unit Title

Unit Title gives a clear overall statement about what the incumbent should be able to do.

Description Description gives a short summary of the unit content. This would be helpful to anyone searching on a database to verify that this is the appropriate OS they are looking for.

Scope

Scope is the set of statements specifying the range of variables that an individual may have to deal with in carrying out the function which have

Defin

ition

s


4

a critical impact on the quality of performance required. Knowledge and Understanding

Knowledge and Understanding are statements which together specify the technical, generic, professional and organizational specific knowledge that an individual needs in order to perform to the required standard.

Organizational Context

Organizational Context includes the way the organization is structured and how it operates, including the extent of operative knowledge managers have of their relevant areas of responsibility.

Technical Knowledge

Technical Knowledge is the specific knowledge needed to accomplish specific designated responsibilities.

Core Skills/Generic Skills

Core Skills or Generic Skills are a group of skills that are key to learning and working in today's world. These skills are typically needed in any work environment. In the context of the OS, these include communication related skills that are applicable to most job roles.

Helpdesk Helpdesk is an entity to which the customers will report their IT problems. IT Service Helpdesk Attendant is responsible for managing the helpdesk.

Keywords /Terms Description IT-ITeS Information Technology - Information Technology enabled Services BPM Business Process Management BPO Business Process Outsourcing KPO Knowledge Process Outsourcing LPO Legal Process Outsourcing IPO Information Process Outsourcing BCA Bachelor of Computer Applications B.Sc. Bachelor of Science OS Occupational Standard(s) NOS National Occupational Standard(s) QP Qualifications Pack UGC University Grants Commission MHRD Ministry of Human Resource Development MoLE Ministry of Labour and Employment NVEQF National Vocational Education Qualifications Framework NVQF National Vocational Qualifications Framework

NSQF National Skill Qualification Framework

Acro

nym

s

SSC/N0937 Configure cyber security infrastructure components

5

Overview This unit is about identifying needs, researching and recommending network security solutions as per requirements.

National Occupational Standard


6

Unit Code SSC/N0937 Unit Title (Task)

Configure cyber security infrastructure components

Description This unit is about configuring network security infrastructure Scope This unit/task covers the following:

Security Infrastructure components on the network are: • Virtual Local Area Network (VLAN) • Internet Data Centre(IDC) & Enterprise Data Centre (EDC) Firewall Virtual

Private Network (VPN) • Secure Sockets Layer virtual private network (SSL VPN) • Antivirus • Server intrusion sensor • Wireless Local Area Network Intrusion Prevention System (WLAN IPS) • Directory Services • Content Management Framework (CMF) • Web Proxy • Firewalls • Network IPS • Security information and event management (SIEM) • Unified threat management (UTM) • Network Security Silicon • Application Control • Web application firewalls • DDoS Defense • Network Access Control • Next Generation IPS • Network Penetration Testing Tools • Data Encryption • Interoperable storage encryption • Open source Security tools • Secure web gateways • Enterprise key management • Network Sandboxing • Operational Security Technology • Security in the switch • Network traffic analysis • Software defined security • Threat intelligence platforms

Appl

icab

le N

OS

Uni

t


7

• Software defined segmentation • Firewall policy management • Hypervisor security protection • Vulnerability assessment • Mobile data protection

Categories of cyber security infrastructure: e.g. • publicly available databases • customer-facing systems • resources that have high concentrations of sensitive data • legacy security infrastructure

Secure values or parameters on infrastructure components: e.g. • OS and application features (enabling or disabling depending on the specific

feature, setting specific parameters, etc.); • Services (e.g., automatic updates) and ports (e.g., DNS over port 53); • Network protocols (e.g., NetBIOS, IPv6) and network interfaces (e.g.,

Bluetooth, IEEE 802.11, infrared); • Methods of remote access (e.g., SSL, VPN, SSH, IPSEC); • Access controls (e.g., controlling permissions to files, directories, registry

keys, and restricting user activities such as modifying system logs or installing applications);

• Management of identifiers/accounts (e.g., changing default account names, determining length of time until inactive accounts are disabled, using unique user names, establishing user groups);

• Authentication controls (e.g., password length, use of special characters, • minimum password age, multifactor authentication/use of tokens); • Audit settings (e.g., capturing key events such as failures, logons, permission

changes, unsuccessful file access, creation of users and objects, deletion and modification of system files, registry key and kernel changes);

• System settings (e.g., session timeouts, number of remote connections, session lock); and

• Cryptography (e.g., using FIPS 140-2-validated cryptographic protocols and algorithms to protect data in transit and in storage), etc.

Software to protect end-user machines against attack could be: e.g., • antivirus • antispyware • antiadware • personal firewalls


8

• host-based intrusion detection systems [HIDS], etc.

Appropriate criteria for prioritizing configurations includes: • system level impact • risk assessments • vulnerability scanning • degree of penetration, etc.

Media: e.g. • paper • tapes • CD/DVDs • USB drives • files • software code, etc.

Operating procedures that are applicable to the system(s) • required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal • health & safety • escalation • information recording and reporting • obtaining work permissions • security & confidentiality

Basic cyber security concepts e.g. • the importance of confidentiality, integrity and availability for information

systems • common types of malicious code- a. virus, b. Trojan; c. logic bomb, d. worm,

e. spyware • types of threats facing the information security of individuals and

organizations • sources of threats to information security in terms of opportunity, ability and

motive

Relevant networking concepts, devices and terminology such as: • Concepts: OSI Model/topology; Network Protocols, bandwidth management,


9

host network access controls, directory services, etc. • Devices: Hubs, switches, routers, bridges, servers, transmission media, Intrusion

detection and prevention System(IDPS), etc. • Databases: Oracle, SQL, MySQL • Terminology: SSL, VPN, 2FA, Encryption, IPSEC, TLS, IP subnetting, network

routing, RADIUS, TACACS+, etc. Performance Criteria (PC) w.r.t. the Scope To be competent, the user/individual on the job must be able to

PC1. follow the security policy document that includes organization’s inventory assessment and network diagrams and maps

PC2. conduct an inventory to identify the approved security infrastructure including hardware and software to be protected

PC3. identify hardware, software and network resources deployed throughout organization’s campus

PC4. identify cyber security infrastructure components and categorize them PC5. identify sensitive data and transaction flows PC6. scan organization’s Internet address ranges PC7. have the network tested to ascertain that it has not been breached nor

infected with viruses before the firewall is deployed PC8. use a dynamic network topology application to map infrastructure initially

and to update the map automatically on adding machines and entering the data

PC9. replace obsolete versions of network device firmware PC10. shut down unused physical interfaces on network infrastructure PC11. establish secure values or parameters that describe particular automated

functions of various infrastructure components PC12. establish the location where a component physically and logically resides

(e.g., behind a firewall, within a DMZ, on a specific subnet, etc.) PC13. implement safeguards through software to protect end-user machines

against attack PC14. protect the network device configuration file from unauthorized disclosure PC15. prioritize configurations using appropriate criteria PC16. test the configurations and the secure values or parameters in virtual

environment and resolve issues and document deviations identified during testing

PC17. record and approve the baseline configuration in accordance with organizationally defined policy

PC18. implement baseline configurations in a centralized and automated manner using automated configuration management tools, automated scripts,


10

vendor-provided mechanisms, etc. PC19. implement access lists that allow only those protocols, ports and IP addresses

that are required as per policy PC20. encode and encrypt and/or a salted hash with iteration to protect the

confidentiality of passwords in configuration files PC21. improve firewall and network performance by examining large or complicated

rulesets and identifying redundant and unused rules PC22. simplify firewall rulesets for more accurate analysis and faster

troubleshooting PC23. select traffic filtering technology and define traffic-filtering rules that will

determine the manner in which the incoming and outgoing traffic flows in the network will be regulated

PC24. implement defined rules on the selected technology and optimize the performance of infrastructure accordingly

PC25. update all the components of the solution, including not only infrastructure, but also the policy

PC26. update firewall IP address, subnet masks, default username and passwords of the firewall infrastructure

PC27. apply vendor-released patches in response to identified vulnerabilities, including software update

PC28. maintain and update technical specification and design documentation, system security documentation, system procedures, etc.

PC29. store, protect, and control the master copies of approved versions of baseline configurations using various media

PC30. Provide technical refresh recommendation based on infrastructure policy

Knowledge and Understanding (K) A. Organizational

Context (Knowledge of the company/ organization and its processes)

The user/individual on the job needs to know and understand: KA1. relevant legislation, policies, procedures, codes of practice, guidelines and

applicable standards for seizing and recording electronic evidence sources KA2. organization’s knowledge base and how to access and update this KA3. limits of your role and responsibilities and who to seek guidance from KA4. the organizational systems, procedures and tasks/checklists within the

domain and how to use these KA5. the operating procedures that are applicable to the system(s) being used in

the organization KA6. typical response times and service times related to own work area

B. Technical Knowledge

The user/individual on the job needs to know and understand: KB1. basic cyber security concepts KB2. Relevant networking concepts, devices and terminology


11

KB3. various cyber security infrastructure components and their functions KB4. how the cyber security infrastructure components are installed, configured,

integrated, and optimized KB5. information technology (IT) security principles and methods (e.g., firewalls,

demilitarized zones, encryption) KB6. network access, identity, and access management (e.g., public key

infrastructure [PKI]) KB7. network design processes, to include understanding of security objectives,

operational objectives, and tradeoffs KB8. communication methods, principles, and concepts (e.g., cryptography, dual

hubs, time multiplexers) that support the network infrastructure KB9. capabilities and applications of network equipment including hubs, routers,

switches, bridges, servers, transmission media, and related hardware KB10. organization's Local Area Network (LAN)/Wide Area Network (WAN)

pathways KB11. network security architecture concepts, including topology, protocols,

components, and principles (e.g., application of defense-in-depth) KB12. network systems management principles, models, methods (e.g., end-to-end

systems performance monitoring), and tools KB13. computer network defense (CND) and vulnerability assessment tools,

including open source tools, and their capabilities KB14. host/network access controls (e.g., access control list) KB15. network protocols (e.g., Transmission Control Protocol and Internet Protocol

[TCP/IP], Dynamic Host Configuration Protocol [DHCP]) and directory services (e.g., Domain Name System [DNS])

KB16. basic concepts, terminology, and operations of a wide range of communications media (e.g., computer and telephone networks, satellite, fiber, wireless)

KB17. traffic analysis using flow and pcaps KB18. Wireless Fidelity (Wi-Fi) KB19. Voice over Internet Protocol (VoIP) KB20. Virtual Private Network (VPN) security KB21. Windows command line (e.g., ipconfig, netstat, dir, nbtstat) KB22. Unix command line (e.g., mkdir, mv, ls, passwd, grep) KB23. common attack vectors on the network layer

Skills (S) A. Core Skills/ Writing Skills


12

Generic Skills You need to know and understand how to: SA1. complete accurate well written work with attention to detail SA2. document call logs, reports, task lists, and schedules with co-workers SA3. prepare status and progress reports SA4. write memos and e-mail to customers, co-workers, and vendors to provide

them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes

Reading Skills You need to know and understand how to:

SA5. read about new products and services with reference to the organization and also from external forums such as websites and blogs

SA6. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets

SA7. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal

SA8. read policy manual, standard operating procedures and service level agreements relevant to work area

SA9. read emails received from own team, across team and external vendors and clients

Oral Communication (Listening and Speaking skills) You need to know and understand how to: SA10. discuss task lists, schedules, and work-loads with co-workers SA11. give clear instructions to specialists/vendors/users/clients as required SA12. keep stakeholders informed about progress SA13. avoid using jargon, slang or acronyms when communicating with a customer,

unless it is required SA14. receive and make phone calls, including call forward, call hold, and call mute

B. Professional Skills

Decision Making You need to know and understand how to:

SB1. follow rule-based decision-making processes SB2. make a decision on a suitable course of action

Plan and Organize You need to know and understand how to:

SB3. plan and organize your work to achieve targets and deadlines Customer Centricity You need to know and understand how to:

SB4. Identify internal or external customer requirement and priorities clearly with respect to work at hand


13

SB5. carry out rule-based transactions in line with customer-specific guidelines, procedures, rules and service level agreements

SB6. check that your own and/or your peers work meets customer requirements Problem Solving You need to know and understand how to:

SB7. apply problem-solving approaches in different situations SB8. seek clarification on problems from others

Analytical Thinking You need to know and understand how to:

SB9. analyze data and activities SB10. configure data and disseminate relevant information to others SB11. pass on relevant information to others

Critical Thinking You need to know and understand how to:

SB12. provide opinions on work in a detailed and constructive way SB13. apply balanced judgments to different situations

Attention to Detail You need to know and understand how to:

SB14. check your work is complete and free from errors Team Working You need to know and understand how to:

SB15. work effectively in a team environment SB16. work independently and collaboratively

C. Technical Skills You need to know and understand how to: SC1. Configure, diagnose and troubleshoot computer networks using in-depth

understanding of TCP/IP protocols SC2. Administer, use and monitor of an intrusion detection system SC3. Configure firewalls and routers SC4. Read coded scripts and modify and debug programs SC5. Work on various operating systems SC6. Work with word processors, spreadsheets and presentations SC7. Stay abreast of the latest developments as per industry standards and

security tools to ensure that corporate security methods and tools


14

Version Control

NOS Code SSC/N0937

Credits (NSQF) TBD Version number 1.0 Industry IT-ITeS Drafted on 18/08/2016 Industry Sub-sector IT Services Last reviewed on 31/03/2018

Occupation Information/Cyber Security Next review date 31/03/2019


15

Overview This unit is about maintenance of cyber security infrastructure components and their enhancement.



16


Maintain and enhance cyber security infrastructure components

Description This unit is about maintenance of cyber security infrastructure components and their enhancement.

Scope This unit/task covers the following: Security Infrastructure on the network include but are not limited to:

• Virtual Local Area Network (VLAN) • Internet Data Centre(IDC) & Enterprise Data Centre (EDC) Firewall Virtual

Private Network (VPN) • Secure Sockets Layer virtual private network (SSL VPN) • Antivirus • Server intrusion sensor • Wireless Local Area Network Intrusion Prevention System (WLAN IPS) • Directory Services • Content Management Framework (CMF) • Web Proxy • Firewalls • Network IPS • SIEM • UTM • Network Security Silicon • Application Control • Web application firewalls • DDoS Defense • Network Access Control • Next Generation IPS • Network Penetration Testing Tools • Data Encryption • Interoperable storage encryption • Open source Security tools • Secure web gateways • Enterprise key management • Network Sandboxing • Operational Security Technology • Security in the switch • Network traffic analysis • Software defined security

Appl

icab

le N

OS

Uni

t


17

• Threat intelligence platforms • Software defined segmentation • Firewall policy management • Hypervisor security protection • Vulnerability assessment • Mobile data protection

Configuration change control processes are: • Request for change from approved sources like end user of the information

system, a help desk, or from management • recording of the request for the proposed change using approved

documentation process • determining if the proposed change requires configuration control • analysis of the proposed change for its security impact on the information

system; testing the proposed change for security and functional impacts • approval of the change by an authorized body like the configuration control

board • implementation of the approved change • verification that the implementation was done correctly • closure of the change request

Operating procedures that are applicable to the system(s) are:

• required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal • health & safety • escalation • information recording and reporting • obtaining work permissions • security & confidentiality

Basic cyber security concepts e.g. • the importance of confidentiality, integrity and availability for information

systems • common types of malicious code- a. virus, b. Trojan; c. logic bomb, d. worm,

e. spyware


18

• types of threats facing the information security of individuals and organizations

• sources of threats to information security in terms of opportunity, ability and motive

Performance Criteria (PC) w.r.t. the Scope To be competent, the user/individual on the job must be able to

PC1. check server availability, functionality, integrity, and efficiency PC2. maintain baseline system security according to organizational

policies PC3. conduct functional and connectivity testing to ensure continuing

operability PC4. conduct periodic server maintenance including cleaning (both

physically and electronically), disk checks, routine reboots, data dumps, and testing

PC5. follow group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs

PC6. update existing signatures of firewall devices and routers PC7. analyze TCP traffic and update atomic signatures to reduce

resource consumption PC8. install server updates and enhancements PC9. implement new system design procedures, test procedures, and

quality standards PC10. repair network connectivity problems PC11. perform repairs and upgradations on faulty server hardware PC12. plan and coordinate the installation of new or modified hardware,

operating systems, and other baseline software PC13. provide ongoing optimization and problem-solving support PC14. follow configuration change control process in case and change of

configuration is required during maintenance or troubleshooting PC15. resolve hardware/software interface and interoperability problems PC16. identify and shut down unneeded services on network devices PC17. provision all the services and information security elements and

devices PC18. use tools to scan and detect the missing security patches and

trigger the patch management process PC19. download the testing patch and fix ineffective security measures

already in place


19

PC20. monitor and maintain server configuration PC21. maintain network infrastructure device operating system software

(e.g., Internetwork Operating System [IOS], firmware) PC22. integrate new systems into existing network architecture PC23. patch network vulnerabilities to ensure information is safeguarded

against outside parties PC24. Perform tracking of OEMs




applicable standards for seizing and recording electronic evidence sources KA2. organization’s knowledge base and how to access and update this KA3. limits of your role and responsibilities and who to seek guidance from KA4. the organizational systems, procedures and tasks/checklists within the

domain and how to use these KA5. the operating procedures that are applicable to the system(s) being used,

such as: a. required service levels (e.g. availability, quality); b. routine maintenance; c. monitoring; d. data integrity (e.g. backups, anti-virus); e. consumables use, storage & disposal; f. health & safety; g. escalation; h. information recording and reporting; i. obtaining work permissions; j. security & confidentiality

KA6. typical response times and service times related to own work area B. Technical Knowledge

The user/individual on the job needs to know and understand: KB1. basic cyber security concepts KB2. various cyber security infrastructure components and their functions KB3. how the cyber security infrastructure components are installed, integrated,

and optimized KB4. information technology (IT) security principles and methods (e.g., firewalls,

demilitarized zones, encryption) KB5. network access, identity, and access management (e.g., public key

infrastructure [PKI]) KB6. network design processes, to include understanding of security objectives,

operational objectives, and tradeoffs KB7. performance tuning tools and techniques KB8. file system implementations (e.g., New Technology File System [NTFS], File

Allocation Table [FAT], File Extension [EXT]) KB9. how system components are installed, integrated, and optimized KB10. the enterprise information technology (IT) architecture


20

KB11. information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)

KB12. network access, identity, and access management (e.g., public key infrastructure [PKI])

KB13. principles and methods for integrating server components KB14. network security architecture concepts, including topology, protocols,

components, and principles (e.g., application of defense-in-depth) KB15. network systems management principles, models, methods (e.g., end-to-end

systems performance monitoring), and tools KB16. computer network defense (CND) and vulnerability assessment tools,

including open source tools, and their capabilities KB17. host/network access controls (e.g., access control list) KB18. network protocols (e.g., Transmission Control Protocol and Internet Protocol


KB19. network traffic analysis methods KB20. Virtual Private Network (VPN) security KB21. what constitutes a network attack and the relationship to both threats and

vulnerabilities KB22. Windows command line (e.g., ipconfig, netstat, dir, nbtstat) KB23. Unix command line (e.g., mkdir, mv, ls, passwd, grep) KB24. the common attack vectors on the network layer KB25. policy-based and risk adaptive access controls

Skills (S) A. Core Skills/

Generic Skills Writing Skills You need to know and understand how to:

SA1. complete accurate well written work with attention to detail SA2. document call logs, reports, task lists, and schedules with co-workers SA3. Prepare status and progress reports SA4. write memos and e-mail to customers, co-workers, and vendors to provide



SA5. read about new products and services with reference to the organization and also from external forums such as websites and blogs

SA6. keep abreast with the latest knowledge by reading brochures, pamphlets, and


21

product information sheets SA7. read comments, suggestions, and responses to Frequently Asked Questions

(FAQs) posted on the helpdesk portal SA8. read policy manual, standard operating procedures and service level

agreements relevant to work area SA9. read emails received from own team, across team and external vendors and

clients Oral Communication (Listening and Speaking skills)

You need to know and understand how to: SA10. discuss task lists, schedules, and work-loads with co-workers SA11. give clear instructions to specialists/vendors/users/clients as required SA12. keep stakeholders informed about progress SA13. avoid using jargon, slang or acronyms when communicating with a customer,







SB4. Identify internal or external customer requirement and priorities clearly with respect to work at hand

SB5. carry out rule-based transactions in line with customer-specific guidelines, procedures, rules and service level agreements

SB6. check that your own and/or your peers work meets customer requirements Problem Solving You need to know and understand how to:





22

Critical Thinking You need to know and understand how to:



SB14. check your work is complete and free from errors Team Working You need to know and understand how to:

SB15. work effectively in a team environment SB16. work independently and collaboratively

C. Technical Skills The user/individual on the job needs to know and understand how to: SC1. Configure, diagnose and troubleshoot computer networks using in-depth

understanding of TCP/IP protocols SC2. Administer, use and monitor of an intrusion detection system SC3. Configure firewalls and routers SC4. Read coded scripts and modify and debug programs SC5. Work on various operating systems SC6. Work with word processors, spreadsheets and presentations SC7. Stay abreast of the latest developments as per industry standards and



23

Version Control

NOS Code SSC/N0938



SSC/N0939 Define the cyber security infrastructure policy or technical security policy for an organization

24

Overview This unit is about performing hardening activities such as secure configurations, removing unauthorized applications and updating authorized patches, etc. in order to minimize exposure and vulnerabilities.



25


Define the cyber security infrastructure policy or technical security policy for an organization

Description This unit is about performing hardening of network devices for minimizing exposure and vulnerabilities

Scope This unit/task covers the following: Various means to evaluate security posture of organisation are: • Security testing of the infrastructure (vulnerability assessment and penetration

testing) • Security testing of applications (static (white box) and dynamic (black box)

testing) • Database scanning (vulnerability assessment of databases) • Architecture review (security assessment of IT architecture against all possible

threats) • threat modelling and threat tree • security gap assessment • risk assessment • security audit

Various operational perspectives for evaluation include but are not limited to: • Who is responsible for developing security architecture? • How is involvement of business owners assured? • How frequently is it reviewed? • Whether new business and operational initiatives trigger the process for

refinement? • How is the cyber security infrastructure architecture integrated with the

enterprise architecture process? • How an organisation evaluates security products and solutions?

Operational Strategies of an organization to be evaluated include but are not limited to: • How are the resources and effort distributed? • Is the resource and effort allocation sufficient to meet the security

requirements? • Whether the organisation requires services from external service provider?

Appl

icab

le N

OS

Uni

t


26

Guidelines, procedures and regulation must include: • approved infrastructure components, their secure configurations, roles,

responsibilities • activities records to be maintained • various templates to be used for information • list of automated tools • requirements for inventory of information systems and components • prohibited settings • required level of coordination among organizational entities • the baseline configuration • configuration monitoring approach • configuration change control • patch management • helpdesk procedures • SDLC procedures • documentation procedures • access lists that allow only those protocols, ports and IP addresses that are

required • Technology refresh guidelines, etc.

Well devised architectural plan would ensure: e.g. • Solution capabilities are planned to address the identified gaps and new age

security threats • Architectural plan aligns to business requirements • Structure exits for the positioning of the security capabilities in the organisation’s

IT ecosystem • All security solutions are properly integrated with the IT infrastructure of the

organisation, etc.

Operating procedures include: • required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal • health & safety • escalation • information recording and reporting


27

• obtaining work permissions • security & confidentiality

Basic Cyber security concepts are: e.g. • the importance of confidentiality, integrity and availability for information

systems; • common types of malicious code like

o virus o Trojan o logic bomb o worm o spyware

• types of threats facing the information security of individuals and organisations; • sources of threats to information security in terms of opportunity, ability and

motive, etc. Performance Criteria (PC) w.r.t. the Scope To be competent, the user/individual on the job must be able to

PC1. confirm if complete and accurate details are available for understanding the security objectives

PC2. review the usage of existing cyber security infrastructure and assess risks w.r.t security objectives

PC3. consult with engineering teams in various cyber security functions for their evaluation and recommendation regarding existing security infrastructure

PC4. Create a map of the security counter measures at different layers Layers: network security, access control mechanisms, endpoint security, application security, databases and unstructured data

PC5. identify level of risk acceptable for business requirements by discussing with business and technical leads

PC6. identify and prioritize critical business functions in collaboration with organizational stakeholders

PC7. Evaluate the positioning of the security countermeasures w.r.t to cyber security infrastructure

PC8. Evaluate the security posture of an organisation by various means PC9. Evaluate the capability of the cyber security infrastructure to address all

possible security threats PC10. Evaluate the process for development of cyber security infrastructure


28

architecture from various operational perspectives PC11. identify the protection needs (i.e., security controls) for the information

system(s) and network(s) and document appropriately PC12. research relevant information required to meet the security objectives based

on the evaluation of assets, threats, vulnerabilities and security risks PC13. identify and record details of constraints that may have an impact on the

business and security options PC14. identify the components of the cyber security infrastructure strategy for the

organisation Protection; architecture; management; operations; monitoring and testing; incident management; security governance

PC15. evaluate the operational strategies of an organisation PC16. Analyse infrastructure security key performance indicators PC17. maintain the security and confidentiality of information relating to the

security objectives PC18. gather sufficient accurate information on which to determine potential costs,

benefits and effectiveness of recommended security solutions PC19. determine the cost, potential benefits, and effectiveness of recommended

security solutions, based on valid assumptions, considerations PC20. obtain necessary approvals from the responsible persons as per

organisational policy PC21. study the existing security policy document that includes organization’s

inventory assessment and network diagrams and maps PC22. develop the purpose and scope of an organisational technical security policy

for cyber security infrastructure and obtain necessary approvals PC23. plan system implementation to ensure that all system components can be

integrated and aligned (e.g., procedures, databases, policies, software, and hardware)

PC24. develop an organisational technical security policy providing various guidelines, procedures and regulations regarding cyber security infrastructure

PC25. provide input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials)

PC26. translate applicable laws, statutes, and regulatory documents and integrate into policy

PC27. specify power supply and heating, ventilation, and air conditioning (HVAC)


29

requirements and configuration based on system performance expectations and design specifications

PC28. translate proposed technical solutions into technical specifications PC29. ensure that all cyber security infrastructure are derived out of an architectural

plan that is well devised PC30. define and document how the implementation of a new system or new

interfaces between systems impacts the security posture of the current environment

PC31. obtain approval from key stakeholders on the policy document after discussing the same and incorporating valid suggestions

PC32. draft and publish security policy following organisational templates and processes




applicable standards for seizing and recording electronic evidence sources KA8. organization’s knowledge base and how to access and update this KA9. organization's core business/mission processes and security strategy KA10. the organizational systems, procedures and tasks/checklists within the

domain and how to use these KA11. the operating procedures that are applicable to the system(s) being used,

typical response times and service times related to own work area B. Technical Knowledge

The user/individual on the job needs to know and understand: KB1. basic cyber security concepts KB2. information assurance (IA) principles KB3. various cyber security infrastructure components and their functions KB4. new and emerging information technology (IT) and information security

technologies KB5. industry indicators useful for identifying technology trends KB6. how the cyber security infrastructure components are installed, integrated,

and optimized KB7. information technology (IT) security principles and methods (e.g., firewalls,

demilitarized zones, encryption) KB8. policy development protocols KB9. various guidelines, procedures and regulations that must be covered in cyber

security infrastructure policy KB10. various cyber security functions and their infrastructural requirements


30

KB11. the results from security incidents, vulnerability assessments, penetration tests, threat assessments and changes to relevant IT/technology security legislation and regulations

KB12. specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability

KB13. network access, identity, and access management (e.g., public key infrastructure [PKI])

KB14. network design processes, to include understanding of security objectives, operational objectives, and tradeoffs

KB15. communication methods, principles, and concepts (e.g., cryptography, dual hubs, time multiplexers) that support the network infrastructure

KB16. capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware

KB17. organization's Local Area Network (LAN)/Wide Area Network (WAN) pathways

KB18. cyber security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)

KB19. Cyber security systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools

KB20. computer network defense (CND) and vulnerability assessment tools, including open source tools, and their capabilities

KB21. host/network access controls (e.g., access control list) KB22. network protocols (e.g., Transmission Control Protocol and Internet Protocol


KB23. basic concepts, terminology, and operations of a wide range of communications media (e.g., computer and telephone networks, satellite, fiber, wireless)

KB24. network traffic analysis methods KB25. wireless Fidelity (Wi-Fi) KB26. voice over Internet Protocol (VoIP) KB27. virtual Private Network (VPN) security KB28. windows command line (e.g., ipconfig, netstat, dir, nbtstat) KB29. unix command line (e.g., mkdir, mv, ls, passwd, grep) KB30. common attack vectors on the network layer

Skills (S)


31

A. Core Skills/ Generic Skills

Writing Skills

The user/ individual on the job needs to know and understand how to: SA1. document call logs, reports, task lists, and schedules with co-workers SA2. prepare status and progress reports SA3. write memos and e-mail to customers, co-workers, and vendors to provide


Reading Skills

The user/individual on the job needs to know and understand how to: SA4. read about new products and services with reference to the organization and

also from external forums such as websites and blogs SA5. keep abreast with the latest knowledge by reading brochures, pamphlets, and





The user/individual on the job needs to know and understand how to: SA9. discuss task lists, schedules, and work-loads with co-workers SA10. give clear instructions to specialists/vendors/users/clients as required SA11. keep stakeholders informed about progress SA12. avoid using jargon, slang or acronyms when communicating with a customer,



Decision Making

The user/individual on the job needs to know and understand how to: SB1. follow rule-based decision-making processes SB2. make decisions on suitable courses of action

Plan and Organize

The user/individual on the job needs to know and understand: SB3. plan and organize your work to achieve targets and deadlines

Customer Centricity


32

The user/individual on the job needs to know and understand how to: SB4. carry out rule-based transactions in line with customer-specific guidelines, SB5. procedures, rules and service level agreements SB6. check your own and/or your peers work meets customer requirements

Problem Solving The user/individual on the job needs to know and understand how to:


Analytical Thinking

The user/individual on the job needs to know and understand how to: SB9. analyze data and activities SB10. configure data and disseminate relevant information to others SB11. pass on relevant information to others

Critical Thinking

The user/individual on the job needs to know and understand how to: SB12. provide opinions on work in a detailed and constructive way SB13. apply balanced judgments to different situations


SB14. apply good attention to details SB15. check your work is complete and free from errors

Team Working You need to know and understand how to:

SB16. work effectively in a team environment SB17. contribute to the quality of team working SB18. work independently and collaboratively

C. Technical Skills You need to know and understand how to: SC1. Configure, diagnose and troubleshoot computer networks using in-depth

understanding of TCP/IP protocols SC2. Administer, use and monitor of an intrusion detection system SC3. Develop policy, programs, and guidelines SC4. Establish and maintain communication channels with stakeholders SC5. Work on various operating systems SC6. Work with word processors, spreadsheets and presentations SC7. Stay abreast of the latest developments as per industry standards and security

tools to ensure that corporate security methods and tools


33

NOS Version Control

NOS Code SSC/N0939



SSC/N0933 Monitor and report on performance of operational and technical cyber security measures

34

Overview This unit is about monitoring and reporting on performance of operational and technical cyber security measures



35


Monitor and report on performance of operational and technical cyber security measures

Description This unit is about monitoring and reporting on performance of operational and technical cyber security measures

Scope This unit/task covers the following: Information to be collected on the implementation and performance of operational and technical cyber security measures:

• scan to discover components not recorded in the inventory • Scan to identify disparities between the approved baseline

configuration and the actual configuration for an information system • Monitor information systems for changes and alert system staff if

unauthorized changes occur or are attempted • Querying audit records/log monitoring to identify unauthorized

deviations from policy • Run system integrity checks • Review configuration change control records (including system

impact analyses) to verify conformance with policy and procedures.

Remedial actions and counter measures include but are not limited to:

• Implementing non-destructive remediation actions (e.g., quarantining of unregistered device(s), blocking insecure protocols, etc.)

• Sending an alert with change details to appropriate staff using email • Rolling back changes and restoring from backups • Updating the inventory to include newly identified components • Updating baseline configurations to represent new configurations

Supporting documents include but are not limited to: • technical designs • baseline configurations • system Security Plans, • risk Assessments, • security Assessment Reports,

Nat

iona

l Occ

upat

iona

l Sta

ndar

d


36

• plans of Action & Milestones

Operating procedures that are applicable to the system(s) • required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal • health & safety • escalation • information recording and reporting • obtaining work permissions • security & confidentiality

Basic Cyber security concepts are: e.g. • the importance of confidentiality, integrity and availability for

information systems; • common types of malicious code like


• types of threats facing the information security of individuals and organisations

• sources of threats to information security in terms of opportunity, ability and motive, etc.

Performance Criteria(PC) w.r.t. the Scope

Element Performance Criteria To be competent, the user/individual on the job must be able to

PC1. implement automated solutions for monitoring and reporting on the implementation and functioning of cyber security infrastructure components

PC2. document the systems and/or components that are not monitored via automated tools

PC3. develop a manual process for monitoring and reporting their implementation and performance against policy requirements

PC4. collect information on the implementation and performance of


37

operational and technical cyber security measures using automated tools or manual processes

PC5. assess the configurations against policy and approved baseline configurations using automated tools

PC6. facilitate reporting for Security Information and Event Management applications that can be accessed by management and/or formatted into other reports on baseline configuration and performance status

PC7. identify uncommon traffic trends and false positives PC8. reconcile changes detected as a result of monitoring activities with

approved changes PC9. analyse the results of monitoring activities to determine the reason(s)

that an unauthorized change occurred PC10. obtain vulnerabilities identification and analysis from authorised

source PC11. obtain risk assessment reports from authorised source PC12. obtain cyber security audit reports from authorised source PC13. select specific metrics to measure implementation, efficiency,

effectiveness, and the impact of operational and technical cyber security measures

PC14. analyse infrastructure security key performance indicators PC15. consolidate findings into reports to support management and

compliance PC16. plan for remedial action or counter measures for areas where

inconsistencies have been identified PC17. undertake remedial action for the identified inconsistencies using

automated tools PC18. ensure that updates have been made to supporting documents after

obtaining due authorisations

Knowledge and Understanding (K)

B. Organizational Context (Knowledge of the company / organization and its processes)

The user/individual on the job needs to know and understand: KA1. relevant legislation, policies, procedures, codes of practice, guidelines

and applicable standards for seizing and recording electronic evidence sources

KA2. organization’s knowledge base and how to access and update this KA3. organization's core business/mission processes and security strategy KA4. the organizational systems, procedures and tasks/checklists within

the domain and how to use these KA5. the operating procedures that are applicable to the system(s) being


38

used KA6. typical response times and service times related to own work area


The user/individual on the job needs to know and understand: KB1. basic cyber security concepts KB2. information assurance (IA) principles KB3. various cyber security infrastructure components and their functions KB4. new and emerging information technology (IT) and information

security technologies KB5. industry indicators useful for identifying technology trends KB6. how the cyber security infrastructure components are installed,

integrated, and optimized KB7. information technology (IT) security principles and methods (e.g.,

firewalls, demilitarized zones, encryption) KB8. policy development protocols KB9. various guidelines, procedures and regulations that must be covered

in cyber security infrastructure policy KB10. various cyber security functions and their infrastructural

requirements KB11. specialized system requirements (e.g., critical infrastructure systems

that KB12. may not use standard information technology [IT]) for safety,

performance, and reliability KB13. network access, identity, and access management (e.g., public key

infrastructure [PKI]) KB14. network design processes, to include understanding of security

objectives, operational objectives, and tradeoffs KB15. communication methods, principles, and concepts (e.g.,

cryptography, dual hubs, time multiplexers) that support the network infrastructure

KB16. capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware

KB17. organization's Local Area Network (LAN)/Wide Area Network (WAN) pathways

KB18. cyber security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)

KB19. Cyber security systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools


39

KB20. computer network defense (CND) and vulnerability assessment tools, including open source tools, and their limitations, compatibilities and capabilities

KB21. host/network access controls (e.g., access control list) KB22. network protocols KB23. basic concepts, terminology, and operations of a wide range of

communications media (e.g., computer and telephone networks, satellite, fiber, wireless)

KB24. network traffic analysis methods KB25. Wireless Fidelity (Wi-Fi) and Mi-Fi KB26. Voice over Internet Protocol (VoIP) KB27. Virtual Private Network (VPN) security KB28. Windows command line (e.g., ipconfig, netstat, dir, nbtstat) KB29. Unix command line (e.g., mkdir, mv, ls, passwd, grep) KB30. common attack vectors on the network layer

Skills (S) [Optional]


Writing Skills The user/ individual on the job needs to know and understand how to:

SA1. document call logs, reports, task lists, and schedules with co-workers SA2. prepare status and progress reports SA3. write memos and e-mail to customers, co-workers, and vendors to

provide them with work updates and to request appropriate information without English language errors regarding grammar or sentence construct and following professional etiquettes

Reading Skills

The user/individual on the job needs to know and understand how to: SA4. read about new products and services with reference to the

organization and also from external forums such as websites and blogs

SA5. keep abreast with the latest knowledge by reading brochures, pamphlets, and product information sheets

SA6. read comments, suggestions, and responses to Frequently Asked Questions (FAQs) posted on the helpdesk portal

SA7. read policy manual, standard operating procedures and service level agreements relevant to work area

SA8. read emails received from own team, across team and external vendors and clients


40

Oral Communication (Listening and Speaking skills)

The user/individual on the job needs to know and understand how to: SA9. discuss task lists, schedules, and work-loads with co-workers SA10. give clear instructions to specialists/vendors/users/clients as required SA11. keep stakeholders informed about progress SA12. avoid using jargon, slang or acronyms when communicating with a

customer, unless it is required SA13. receive and make phone calls, including call forward, call hold, and

call mute B. Professional

Skills

Decision Making The user/individual on the job needs to know and understand how to:

SB1. follow rule-based decision-making processes SB2. make decisions on suitable courses of action

Plan and Organize The user/individual on the job needs to know and understand:

SB3. plan and organize your work to achieve targets and deadlines Customer Centricity The user/individual on the job needs to know and understand how to:

SB3. carry out rule-based transactions in line with customer-specific guidelines

SB4. procedures, rules and service level agreements SB5. check your own and/or your peers work meets customer

requirements Problem Solving The user/individual on the job needs to know and understand how to:


Analytical Thinking The user/individual on the job needs to know and understand how to:


Critical Thinking The user/individual on the job needs to know and understand how to:


C. Technical The user/individual on the job needs to know and understand how to:


41

Skills SC1. configure, diagnose and troubleshoot computer networks using in-depth understanding of TCP/IP protocols

SC2. administer, use and monitor of an intrusion detection system SC3. configure firewalls and routers SC4. read coded scripts and modify and debug programs SC5. work on various operating systems SC6. work with word processors, spreadsheets and presentations SC7. stay abreast of the latest developments as per industry standards and



42

NOS Version Control

NOS Code SSC/N0933




43

Overview This unit is about making reports based on test results and making enhancements to existing security solutions.


SSC/N0927 Drive interrelated cyber security actions

44


Drive interrelated cyber security actions

Description This unit is about performing hardening of network devices for minimizing exposure and vulnerabilities

Scope This unit/task covers the following: Cyber security functions and operations:

• vulnerability scanning • threat management • security monitoring and incident management • security governance • risk and compliance management • security policy management • security review and audit • application security • access and identity management • endpoint security

Key Cyber security activities are: e.g.

• vulnerability scanning • threat management • security monitoring and incident management • security governance • risk and compliance management • security policy management • security review and audit • application security • access and identity management • endpoint security, etc.

Operating procedures include:

• required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal

Appl

icab

le N

OS

Uni

t


45

• health & safety • escalation • information recording and reporting • obtaining work permissions • security & confidentiality

Basic Cyber security concepts are: e.g. • the importance of confidentiality, integrity and availability for information

systems; • common types of malicious code like


• types of threats facing the information security of individuals and organisations; • sources of threats to information security in terms of opportunity, ability and

motive, etc.

Security solutions: • Firewall • IDS/IPS • web security gateways • email security • content management

Performance Criteria (PC) w.r.t. the Scope To be competent, you must be able to:

PC1. identify the business functions, and key stakeholders within these, and establish their interest and understanding, relevant to achieving the organisation's aims

PC2. recognise the roles, responsibilities, interests and concerns of the stakeholders in other business functions

PC3. identify all the activities, functions and operations that are attributed to security or require analysis from security perspective

PC4. create an inventory of roles that are responsible, accountable and informed for activities, functions and operations in cyber security

PC5. create an inventory of cyber security operations that fall into various key cyber security activities

PC6. identify functions that have a joint working relationship with own function


46

PC7. consider implication of own work on other functions PC8. discuss and consult with stakeholders from other functions in relation to key

decisions and activities impacting them PC9. take agreements and track actionables of other functions for interrelated

work PC10. follow up with appropriate personnel for meeting timelines and effective

functioning PC11. agree on communication and documentation process with stakeholders and

maintain the same PC12. identify and sort out conflicts of interest and disagreements with

stakeholders, in ways that minimise damage to work and activities, and to the individuals involved and the organisation

PC13. monitor and review the effectiveness of working relationships with stakeholders in other business functions, seeking and providing feedback, in order to identify areas for improvement

PC14. fulfil agreements made with colleagues and stakeholders and let them know, advising them promptly of any difficulties, or where it will be impossible to fulfil agreements

PC15. undertake actions agreed with stakeholders in line with the terms of any agreements made

PC16. advise stakeholders of difficulties or where it will be impossible to fulfil agreed actions in line with the terms of any agreements made



The user/individual on the job needs to know and understand: KA1. relevant legislation, standards, policies, and procedures followed in the

company including cyber security policy KA2. organization’s knowledge base and how to access and update this KA3. limits of your role and responsibilities and who to seek guidance from KA4. the organizational systems, procedures and tasks/checklists within the

domain and how to use these KA5. the operating procedures that are applicable to the system(s) being used KA6. typical response times and service times related to own work area KA7. different business functions and their roles and responsibilities in achieving

the organization’s overall aims function B. Technical Knowledge

The user/individual on the job needs to know and understand: KB1. basic cyber security concepts KB2. information assurance (IA) principles KB3. various cyber security functions and operations KB4. cyber security roles and responsibilities


47

KB5. standard SDLC practices and process KB6. the enterprise information technology (IT) architecture Information

technology architecture KB7. measures or indicators of system performance and availability Information KB8. functions that can be impacted by own work KB9. activities that will need joint working KB10. various stakeholders to own work in other functions KB11. internet ports, protocols and services and their usefulness KB12. security solutions KB13. the reasons why there may be conflicts and misunderstandings between

business functions, for example, regarding which publics/stakeholders and activities are the most important

KB14. why it is important to identify key colleagues and stakeholders within the different business functions

KB15. principles of effective communication and how to apply them in order to communicate effectively with colleagues and stakeholders

KB16. why it is important to recognize the roles, responsibilities, interests and concerns of colleagues and stakeholders

KB17. how to consult with colleagues and stakeholders in relation to key decisions and activities

KB18. importance of taking account of the views of colleagues and stakeholders, particularly in relation to their priorities, expectations and attitudes towards the role of the marketing

KB19. why communication with colleagues and stakeholders on fulfilment of agreements or any problems affecting or preventing fulfilment is important

KB20. how to identify conflicts of interest with colleagues and stakeholders and the techniques that can be used to manage or remove them

KB21. importance of agreeing upon communication and documentation strategy for joint working


Generic Skills Writing Skills The user/ individual on the job needs to know and understand how to:

SA1. document call logs, reports, task lists, and schedules with co-workers SA2. prepare status and progress reports SA3. write memos and e-mail to customers, co-workers, and vendors to provide


Reading Skills


48














SB4. carry out rule-based transactions in line with customer-specific guidelines, SB5. procedures, rules and service level agreements SB6. check your own and/or your peers work meets customer requirements




SB9. analyze data and activities SB10. configure data and disseminate relevant information to others


49

SB11. pass on relevant information to others Critical Thinking The user/individual on the job needs to know and understand how to:



SB14. apply good attention to details SB15. check your work is complete and free from errors


SB16. work effectively in a team environment SB17. contribute to the quality of team working SB18. work independently and collaboratively

C. Technical Skills You need to know and understand how to: SC1. work on various operating systems SC2. work with word processors, spreadsheets and presentations SC3. stay abreast of the latest developments in terms of industry standards and

information security tools and techniques SC4. track deliverables and follow up with stakeholders


50

NOS Version Control

NOS Code SSC/N0927



SSC/N0928 Manage a project team

51

Overview This unit is about managing a team working on a project.



52

Unit Code SSC/N0928 Unit Title (Task) Manage a project team

Description This unit is about managing a team working on a project. Scope This unit/task covers the following:

Operating procedures includes:

• required service levels (e.g. availability, quality) • routine maintenance • monitoring • data integrity (e.g. backups, anti-virus) • consumables use, storage & disposal • health & safety • escalation • information recording and reporting • obtaining work permissions • security & confidentiality

Performance Criteria(PC) w.r.t. the Scope

Element Performance Criteria To be competent, you must be able to:

PC1. ensure the allocation and authorisation of work to the project management team is consistent with achieving the project objectives

PC2. brief team members on the project and their work allocations PC3. inform team members of changes to work allocations in an appropriate way PC4. provide appropriate support and guidance to team members PC5. monitor and assess the performance of the team against agreed objectives

and work plans PC6. provide feedback to the team at appropriate times and locations, and in a

form and manner most likely to maintain and improve their performance PC7. take effective action to manage any actual or potential conflict between team

members PC8. update objectives and work plans regularly, to take account of any individual,

team and organisational changes

Knowledge and Understanding (K)

C. Organizational Context (Knowledge of the company /

The user/individual on the job needs to know and understand: KA1. relevant legislation, standards, policies, and procedures followed in the

company KA2. organization’s knowledge base and how to access and update this

Nat

iona

l Occ

upat

iona

l Sta

ndar

d


53

organization and its processes)

KA3. limits of your role and responsibilities and who to seek guidance from KA4. the organizational systems, procedures and tasks/checklists within the

domain and how to use these KA5. the operating procedures that are applicable to the system(s) being used KA6. typical response times and service times related to own work area


The user/individual on the job needs to know and understand: KB1. the context of the project KB2. the arrangements for the delivery of the project KB3. relevant management plans for the project team KB4. methods for monitoring and evaluating progress KB5. how to allocate and authorize project work KB6. how to communicate team and individual responsibilities clearly to those

involved KB7. how to manage conflict between team members KB8. the application of negotiation and influencing skills KB9. the differences between managing individuals for whom you have KB10. managerial responsibility and those who you do not, and the implications this

difference may have for project management Skills (S)


Writing Skills The user/ individual on the job needs to know and understand how to:

SA1. document call logs, reports, task lists, and schedules with co-workers SA2. prepare status and progress reports SA3. write memos and e-mail to customers, co-workers, and vendors to provide


Reading Skills






clients


54

Oral Communication (Listening and Speaking skills)








SB6. carry out rule-based transactions in line with customer-specific guidelines, SB7. procedures, rules and service level agreements SB8. check your own and/or your peers work meets customer requirements





Critical Thinking The user/individual on the job needs to know and understand how to:



55

NOS Version Control

NOS Code SSC/N0928



SSC/N9001 Manage your work to meet requirements

56

Overview This unit is about planning and organizing your work in order to complete it to the required standards on time



57


Manage your work to meet requirements

Description This unit is about planning and organizing your work in order to complete it to the required standards on time.

Scope This unit/task covers the following: Work requirements: • activities (what you are required to do) • deliverables (the outputs of your work) • quantity (the volume of work you are expected to complete) • standards (what is acceptable performance, including compliance with Service

Level Agreements) • timing (when your work needs to be completed)

Appropriate people: • line manager • the person requesting the work • members of the team/department • members from other teams/departments

Resources: • equipment • materials • information

Performance Criteria (PC) w.r.t. the Scope To be competent on the job, you must be able to:

PC1. establish and agree your work requirements with appropriate people PC2. keep your immediate work area clean and tidy PC3. utilize your time effectively PC4. use resources correctly and efficiently PC5. treat confidential information correctly PC6. work in line with your organization’s policies and procedures PC7. work within the limits of your job role PC8. obtain guidance from appropriate people, where necessary PC9. ensure your work meets the agreed requirements


Context (Knowledge of the company/ organization and

You need to know and understand: KA1. your organization’s policies, procedures and priorities for your area of work

and your role and responsibilities in carrying out your work KA2. limits of your responsibilities and when to involve others KA3. your specific work requirements and who these must be agreed with

Appl

icab

le N

OS

Uni

t


58

its processes) KA4. the importance of having a tidy work area and how to do this KA5. how to prioritize your workload according to urgency and importance and the

benefits of this KA6. your organization’s policies and procedures for dealing with confidential

information and the importance of complying with these KA7. the purpose of keeping others updated with the progress of your work KA8. who to obtain guidance from and the typical circumstances when this may be

required KA9. the purpose and value of being flexible and adapting work plans to reflect

change B. Technical Knowledge

You need to know and understand: KB1. the importance of completing work accurately and how to do this KB2. appropriate timescales for completing your work and the implications of not

meeting these for you and the organization KB3. resources needed for your work and how to obtain and use these



SA1. complete accurate work with attention to detail Reading Skills You need to know and understand how to:

SA2. read instructions, guidelines, procedures, rules and service level agreements Oral Communication (Listening and Speaking skills) You need to know and understand how to:

SA3. ask for clarification and advice from line managers SA4. communicate orally with colleagues



SB1. make a decision on a suitable course of action Plan and Organize You need to know and understand how to:

SB2. plan and organize your work to achieve targets and deadlines SB3. agree objectives and work requirements

Customer Centricity You need to know and understand how to:

SB4. deliver consistent and reliable service to customers SB5. check that your own work meets customer requirements

Problem Solving You need to know and understand how to:


59

SB6. refer anomalies to the line manager SB7. seek clarification on problems from others


SB8. provide relevant information to others SB9. analyze needs, requirements and dependencies in order to meet your work

requirements Critical Thinking You need to know and understand how to:

SB10. apply judgments to different situations Attention to Detail You need to know and understand how to:

SB11. check your work is complete and free from errors SB12. get your work checked by peers


SB13. work effectively in a team environment C. Technical Skills You need to know and understand how to:

SC1. use information technology effectively, to input and/or extract data accurately

SC2. identify and refer anomalies in data SC3. store and retrieve information SC4. keep up to date with changes, procedures and practices in your role


60

NOS Version Control

NOS Code SSC/N9005


Next review date 31/03/2019

SSC/N9002 Work effectively with colleagues

61

Overview This unit is about working effectively with colleagues, either in your own work group or in other work groups within your organization.



62


Work effectively with colleagues

Description This unit is about working effectively with colleagues, either in your own work group or in other work groups within your organization.

Scope This unit/task covers the following: Colleagues: • line manager • members of your own work group • people in other work groups in your organization

Communicate: • face-to-face • by telephone • in writing


PC1. communicate with colleagues clearly, concisely and accurately PC2. work with colleagues to integrate your work effectively with them PC3. pass on essential information to colleagues in line with organizational

requirements PC4. work in ways that show respect for colleagues PC5. carry out commitments you have made to colleagues PC6. let colleagues know in good time if you cannot carry out your commitments,

explaining the reasons PC7. identify any problems you have working with colleagues and take the

initiative to solve these problems PC8. follow the organization’s policies and procedures for working with colleagues



You need to know and understand: KA1. your organization’s policies and procedures for working with colleagues and

your role and responsibilities in relation to this KA2. the importance of effective communication and establishing good working

relationships with colleagues KA3. different methods of communication and the circumstances in which it is

appropriate to use these KA4. benefits of developing productive working relationships with colleagues KA5. the importance of creating an environment of trust and mutual respect in an

environment where you have no authority over those you are working with KA6. where you do not meet your commitments, the implications this will have on

Appl

icab

le N

OS

Uni

t


63

individuals and the organization B. Technical Knowledge

You need to know and understand: KB1. different types of information that colleagues might need and the importance

of providing this information when it is required KB2. the importance of understanding problems from your colleague’s perspective

and how to provide support, where necessary, to resolve these Skills (S) A. Core Skills/


SA1. complete accurate, well written work with attention to detail SA2. communicate effectively with colleagues in writing



SA4. listen effectively and orally communicate information accurately SA5. ask for clarification and advice from line managers





SB3. check that your own work meets customer requirements SB4. deliver consistent and reliable service to customers


SB5. apply problem solving approaches in different situations Critical Thinking You need to know and understand how to:

SB6. apply balanced judgments to different situations Attention to Detail You need to know and understand how to:


Team Working


64

You need to know and understand how to: SB9. work effectively in a team environment SB10. work effectively with colleagues and other teams SB11. treat other cultures with respect

C. Technical Skills You need to know and understand how to: SC1. identify and refer anomalies SC2. help reach agreements with colleagues SC3. keep up to date with changes, procedures and practices in your role


65

NOS Version Control

NOS Code SSC/N9005



SSC/N9003 Maintain a healthy, safe and secure working environment

66

Overview This unit is about monitoring the working environment and making sure it meets requirements for health, safety and security.



67


Maintain a healthy, safe and secure working environment

Description This unit is about monitoring your working environment and making sure it meets requirements for health, safety and security.

Scope This unit/task covers the following: Emergency procedures: • illness • accidents • fires • other reasons to evacuate the premises • breaches of security


PC1. comply with your organization’s current health, safety and security policies and procedures

PC2. report any identified breaches in health, safety, and security policies and procedures to the designated person

PC3. identify and correct any hazards that you can deal with safely, competently and within the limits of your authority

PC4. report any hazards that you are not competent to deal with to the relevant person in line with organizational procedures and warn other people who may be affected

PC5. follow your organization’s emergency procedures promptly, calmly, and efficiently

PC6. identify and recommend opportunities for improving health, safety, and security to the designated person

PC7. complete any health and safety records legibly and accurately Knowledge and Understanding (K) A. Organizational


You need to know and understand: KA1. legislative requirements and organization’s procedures for health, safety and

security and your role and responsibilities in relation to this KA2. what is meant by a hazard, including the different types of health and safety

hazards that can be found in the workplace KA3. how and when to report hazards KA4. limits of your responsibility for dealing with hazards KA5. your organization’s emergency procedures for different emergency situations

and the importance of following these KA6. the importance of maintaining high standards of health, safety and security

Appl

icab

le N

OS

Uni

t


68

KA7. implications that any non-compliance with health, safety and security may have on individuals and the organization


You need to know and understand: KB1. different types of breaches in health, safety and security and how and when

to report these KB2. evacuation procedures for workers and visitors KB3. how to summon medical assistance and the emergency services, where

necessary KB4. how to use the health, safety and accident reporting procedures and the

importance of these KB5. government agencies in the areas of safety, health and security and their

norms and services Skills (S) A. Core Skills/


SA1. complete accurate, well written work with attention to detail Reading Skills You need to know and understand how to:


SA3. listen effectively and orally communicate information accurately B. Professional Skills



SB2. plan and organize your work to meet health, safety and security requirements Customer Centricity You need to know and understand how to:

SB3. build and maintain positive and effective relationships with colleagues and customers


SB4. apply problem solving approaches in different situations Analytical Thinking You need to know and understand how to:

SB5. analyze data and activities Critical Thinking


69

You need to know and understand how to: SB6. apply balanced judgments to different situations





SC1. identify and refer anomalies SC2. help reach agreements with colleagues SC3. keep up to date with changes, procedures and practices in your role


70

NOS Version Control

NOS Code SSC/N9005



SSC/N9005 Develop your knowledge, skills and competence

71

Overview This unit is about providing specified data/information related to your work in templates or other standard formats



72


Provide data/information in standard formats

Description This unit is about providing specified data/information related to your work in templates or other standard formats.

Scope This unit/task covers the following: Appropriate people: • line manager • members of your own work group • people in other work groups in your organization • subject matter experts

Data/information: • quantitative • qualitative

Sources: • within your organization • outside your organization

Formats: • paper-based • electronic


PC1. establish and agree with appropriate people the data/information you need to provide, the formats in which you need to provide it, and when you need to provide it

PC2. obtain the data/information from reliable sources PC3. check that the data/information is accurate, complete and up-to-date PC4. obtain advice or guidance from appropriate people where there are

problems with the data/information PC5. carry out rule-based analysis of the data/information, if required PC6. insert the data/information into the agreed formats PC7. check the accuracy of your work, involving colleagues where required PC8. report any unresolved anomalies in the data/information to appropriate

people PC9. provide complete, accurate and up-to-date data/information to the

appropriate people in the required formats on time Knowledge and Understanding (K) A. Organizational

Context You need to know and understand:

KA1. your organization’s procedures and guidelines for providing data/information

Appl

icab

le N

OS

Uni

t


73

(Knowledge of the company/ organization and its processes)

in standard formats and your role and responsibilities in relation to this KA2. the knowledge management culture of your organization KA3. your organization’s policies and procedures for recording and sharing

information and the importance of complying with these KA4. the importance of validating data/information before use and how to do this KA5. procedures for updating data in appropriate formats and with proper

validation KA6. the purpose of the CRM database KA7. how to use the CRM database to record and extract information KA8. the importance of having your data/information reviewed by others KA9. the scope of any data/information requirements including the level of detail

required KA10. the importance of keeping within the scope of work and adhering to

timescales B. Technical Knowledge

You need to know and understand: KB1. data/information you may need to provide including the sources and how to

do this KB2. templates and formats used for data/information including their purpose and

how to use these KB3. different techniques used to obtain data/information and how to apply KB4. these KB5. how to carry out rule-based analysis on the data/information KB6. typical anomalies that may occur in data/information KB7. who to go to in the event of inaccurate data/information and how to report

this Skills (S) A. Core Skills/


SA1. complete accurate, well written work with attention to detail Reading Skills You need to know and understand how to:


SA3. listen effectively and orally communicate information accurately B. Professional Skills




74



SB4. check that your own work meets customer requirements SB5. meet and exceed customer expectations


SB6. apply problem solving approaches in different situations Analytical Thinking You need to know and understand how to:

SB7. configure data and disseminate relevant information to others Critical Thinking You need to know and understand how to:





SC1. use information technology effectively, to input and/or extract data accurately

SC2. validate and update data SC3. identify and refer anomalies in data SC4. store and retrieve information SC5. share information using standard formats and templates SC6. keep up to date with changes, procedures and practices in your role


75

NOS Version Control

NOS Code SSC/N9005




76

Overview This unit is about taking action to ensure you have the knowledge and skills you need to perform competently in your current job role and to take on new responsibilities, where required.



77


Develop your knowledge, skills and competence

Description This unit is about taking action to ensure you have the knowledge and skills you need to perform competently in your current job role and to take on new responsibilities, where required. Competence is defined as: the application of knowledge and skills to perform to the standards required.

Scope This unit/task covers the following: Appropriate people may be: • line manager • human resources specialists • learning and development specialists • peers

Job role: • current responsibilities as defined in your job description • possible future responsibilities

Learning and development activities: • formal education and training programs, leading to certification • non-formal activities (such as private study, learning from colleagues, project

work), designed to meet learning and development objectives but without certification

Appropriate action may be: • undertaking further learning and development activities • finding further opportunities to apply your knowledge and skills


PC1. obtain advice and guidance from appropriate people to develop your knowledge, skills and competence

PC2. identify accurately the knowledge and skills you need for your job role PC3. identify accurately your current level of knowledge, skills and competence

and any learning and development needs PC4. agree with appropriate people a plan of learning and development activities

to address your learning needs PC5. undertake learning and development activities in line with your plan PC6. apply your new knowledge and skills in the workplace, under supervision PC7. obtain feedback from appropriate people on your knowledge and skills and

how effectively you apply them PC8. review your knowledge, skills and competence regularly and take appropriate

Appl

icab

le N

OS

Uni

t


78

action Knowledge and Understanding (K) A. Organizational


You need to know and understand: KA1. your organization’s procedures and guidelines for developing your

knowledge, skills and competence and your role and responsibilities in relation to this

KA2. the importance of developing your knowledge, skills and competence to you and your organization

KA3. different methods used by your organization to review skills and knowledge including: • training need analysis • skills need analysis • performance appraisals

KA4. how to review your knowledge and skills against your job role using different methods and analysis

KA5. different types of learning and development activities available for your job role and how to access these

KA6. how to produce a plan to address your learning and development needs, who to agree it with and the importance of undertaking the planned activities

KA7. different types of support available to help you plan and undertake learning and development activities and how to access these

KA8. why it is important to maintain records of your learning and development KA9. methods of obtaining and accepting feedback from appropriate people on

your knowledge skills and competence KA10. how to use feedback to develop in your job role


You need to know and understand: KB1. the knowledge and skills required in your job role KB2. your current learning and development needs in relation to your job role KB3. different types of learning styles and methods including those that help you

learn best KB4. the importance of taking responsibility for your own learning and

development KB5. to the importance of learning and practicing new concepts, theory and how

to apply these in the work environment or on samples. KB6. how to explore sample problems and apply solutions



SA1. communicate with colleagues in writing


79


SA2. read instructions, guidelines and procedures Oral Communication (Listening and Speaking skills) You need to know and understand how to:

SA3. ask for clarification and advice from line managers B. Professional Skills




SB3. check that your own work meets customer requirements Problem Solving You need to know and understand how to:

SB4. refer anomalies to the line manager Analytical Thinking You need to know and understand how to:

SB5. analyze data and activities Critical Thinking You need to know and understand how to:





SC1. use information technology effectively SC2. agree objectives and work requirements SC3. keep up to date with changes, procedures and practices in your role


80

NOS Version Control

NOS Code SSC/N9005



Nomenclature for QP and NOS Units

81

_____________________________________________________________________________

Qualifications Pack

9 characters SSC/Q0101

National Occupational Standard 9 characters SSC/N0101

Occupational Standard 9 characters SSC/N0101

It is important to note that an OS unit can be denoted with either an ‘O’ or an ‘N’.

• If an OS unit denotes ‘O’, it is an OS unit that is an international standard. An example of OS unit denoting ‘O’ is SSC/O0101.

• If an OS unit denotes ‘N’, it is an OS unit that is a national standard and is applicable only for the Indian IT-ITeS industry. An example of OS unit denoting ‘N’ is SSC/N0101

SSC denoting Software & Services Companies (IT-ITeS industry) Q denoting Qualifications Pack

QP number (2 numbers) Occupation (2 numbers)

SSC denoting Software & Services Companies (IT-ITeS industry) N denoting National Occupational Standard

NOS number (2 numbers) Occupation (2 numbers)

SSC denoting Software & Services Companies (IT-ITeS industry) O denoting Occupational Standard

OS number (2 numbers) Occupation (2 numbers)

Nomenclature for QP and NOS Units

82

The following acronyms/codes have been used in the nomenclature above:

Sub-Sector Range of Occupation numbers

IT Service (ITS) 01-20

Business Process Management (BPM) 21-40

Engg. and R&D (ERD) 41-60

Software Products (SPD) 61-80

Sequence Description Example

Three letters Industry name

(Software & Service Companies )

SSC

Slash / /

Next letter Whether QP or NOS N

Next two numbers Occupation Code 01

Next two numbers OS number 01

Criteria for Assessment of Trainees

83

Job Role Security Infrastructure Specialist Qualification Pack SSC/Q0923 Sector Skill Council IT-ITeS

Marks Allocated

Assessment Outcomes

Assessment Criteria for Outcomes Total Mark

Out of

Theory Skills

Practical

1. SSC/N0937 (Configure cyber

security infrastructure components)

PC1. follow the security policy document that includes organization’s inventory assessment and network diagrams and maps

100

3 1 2

PC2. conduct an inventory to identify the approved security infrastructure including hardware and software to be protected

3 1 2

PC3. identify hardware, software and network resources deployed throughout organization’s campus

3 1 2

PC4. identify cyber security infrastructure components and categorize them

3 1 2

PC5. identify sensitive data and transaction flows 2 1 1 PC6. scan organization’s Internet address ranges 3 1 2 PC7. have the network tested to ascertain that it has not been breached nor infected with viruses before the firewall is deployed

3 1 2

PC8. use a dynamic network topology application to map infrastructure initially and to update the map automatically on adding machines and entering the data

4 1 3

PC9. replace obsolete versions of network device 4 1 3

Guidelines for Assessment: 1. Criteria for assessment for each Qualification Pack (QP) will be created by the Sector Skill Council (SSC). Each

performance criteria (PC) will be assigned Theory and Skill/Practical marks proportional to its importance in NOS.

2. The assessment will be conducted online through assessment providers authorised by SSC. 3. Format of questions will include a variety of styles suitable to the PC being tested such as multiple choice

questions, fill in the blanks, situational judgment test, simulation and programming test. 4. To pass a QP, a trainee should pass each individual NOS. Standard passing criteria for each NOS is 70%. 5. For latest details on the assessment criteria, please visit www.sscnasscom.com. 6. In case of successfully passing only certain number of NOS's, the trainee is eligible to take subsequent

assessment on the balance NOS's to pass the Qualification Pack.

http://www.sscnasscom.com/


84

firmware PC10. shut down unused physical interfaces on network infrastructure

3 1 2

PC11. establish secure values or parameters that describe particular automated functions of various infrastructure components

4 1 3

PC12. establish the location where a component physically and logically resides (e.g., behind a firewall, within a DMZ, on a specific subnet, etc.)

4 1 3

PC13. implement safeguards through software to protect end-user machines against attack

4 1 3

PC14. protect the network device configuration file from unauthorized disclosure

4 1 3

PC15. prioritize configurations using appropriate criteria 4 1 3 PC16. test the configurations and the secure values or parameters in virtual environment and resolve issues and document deviations identified during testing

4 1 3

PC17. record and approve the baseline configuration in accordance with organizationally defined policy

4 1 3

PC18. implement baseline configurations in a centralized and automated manner using automated configuration management tools, automated scripts, vendor-provided mechanisms, etc.

3 1 2

PC19. implement access lists that allow only those protocols, ports and IP addresses that are required as per policy

3 1 2

PC20. encode and encrypt and/or a salted hash with iteration to protect the confidentiality of passwords in configuration files

3 1 2

PC21. improve firewall and network performance by examining large or complicated rulesets and identifying redundant and unused rules

3 1 2

PC22. simplify firewall rulesets for more accurate analysis and faster troubleshooting

3 1 2

PC23. select traffic filtering technology and define traffic-filtering rules that will determine the manner in which the incoming and outgoing traffic flows in the network will be regulated

3 1 2


85

PC24. implement defined rules on the selected technology and optimize the performance of infrastructure accordingly

3 1 2

PC25. update all the components of the solution, including not only infrastructure, but also the policy

4 1 3

PC26. update firewall IP address, subnet masks, default username and passwords of the firewall infrastructure

4 1 3

PC27. apply vendor-released patches in response to identified vulnerabilities, including software update

3 1 2

PC28. maintain and update technical specification and design documentation, system security documentation, system procedures, etc.

3 1 2

PC29. store, protect, and control the master copies of approved versions of baseline configurations using various media

3 1 2

PC30. Provide technical refresh recommendation based on infrastructure policy

3 1 2

Total 100 30 70 2. (SSC/N0938

Maintain and enhance cyber security infrastructure components)

PC1. check server availability, functionality, integrity, and efficiency

100

3 1 2

PC2. maintain baseline system security according to organizational policies

4 1 3

PC3. conduct functional and connectivity testing to ensure continuing operability

5 2 3

PC4. conduct periodic server maintenance including cleaning (both physically and electronically), disk checks, routine reboots, data dumps, and testing

4 1 3

PC5. follow group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs

4 1 3

PC6. update existing signatures of firewall devices and routers

5 2 3

PC7. analyze TCP traffic and update atomic signatures to reduce resource consumption

6 2 4

PC8. install server updates and enhancements 5 2 3 PC9. implement new system design procedures, test procedures, and quality standards

5 2 3

PC10. repair network connectivity problems 4 1 3


86

PC11. perform repairs and upgradations on faulty server hardware

4 1 3

PC12. plan and coordinate the installation of new or modified hardware, operating systems, and other baseline software

4 1 3

PC13. provide ongoing optimization and problem-solving support

4 1 3

PC14. follow configuration change control process in case and change of configuration is required during maintenance or troubleshooting

4 1 3

PC15. resolve hardware/software interface and interoperability problems

4 1 3

PC16. identify and shut down unneeded services on network devices

3 1 2

PC17. provision all the services and information security elements and devices

4 1 3

PC18. use tools to scan and detect the missing security patches and trigger the patch management process

4 1 3

PC19. download the testing patch and fix ineffective security measures already in place

4 1 3

PC20. monitor and maintain server configuration 4 1 3 PC21. maintain network infrastructure device operating system software

3 1 2

PC22. integrate new systems into existing network architecture

4 1 3

PC23. patch network vulnerabilities to ensure information is safeguarded against outside par ties

5 2 3

PC24. Perform tracking of OEMs 4 1 3 Total 100 30 70 3. SSC/N0939 (Define

the cyber security infrastructure policy or technical security

policy for an organization)

PC1. confirm if complete and accurate details are available for understanding the security objectives

100

2 1 1

PC2. review the usage of existing cyber security infrastructure and assess risks w.r.t security objectives

3 1 2

PC3. consult with engineering teams in various cyber security functions for their evaluation and recommendation regarding existing security infrastructure

3 1 2

PC4. Create a map of the security counter measures at different layers

4 1 3


87

PC5. identify level of risk acceptable for business requirements by discussing with business and technical leads

3 1 2

PC6. identify and prioritize critical business functions in collaboration with organizational stakeholders

3 1 2

PC7. Evaluate the positioning of the security countermeasures w.r.t to cyber security infrastructure

3 1 2

PC8. Evaluate the security posture of an organisation by various means

3 1 2

PC9. Evaluate the capability of the cyber security infrastructure to address all possible security threats

3 1 2

PC10. Evaluate the process for development of cyber security infrastructure architecture from various operational perspectives

3 1 2

PC11. identify the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately

3 1 2

PC12. research relevant information required to meet the security objectives based on the evaluation of assets, threats, vulnerabilities and security risks

4 1 3

PC13. identify and record details of constraints that may have an impact on the business and security options

3 1 2

PC14. identify the components of the cyber security infrastructure strategy for the organisation

3 1 2

PC15. evaluate the operational strategies of an organisation

4 1 3

PC16. Analyse infrastructure security key performance indicators

4 1 3

PC17. maintain the security and confidentiality of information relating to the security objectives

3 1 2

PC18. gather sufficient accurate information on which to determine potential costs, benefits and effectiveness of recommended security solutions

3 1 2

PC19. determine the cost, potential benefits, and effectiveness of recommended security solutions, based on valid assumptions, considerations

4 1 3

PC20. obtain necessary approvals from the responsible persons as per organisational policy

2 1 1


88

PC21. study the existing security policy document that includes organization’s inventory assessment and network diagrams and maps

4 1 3

PC22. develop the purpose and scope of an organisational technical security policy for cyber security infrastructure and obtain necessary approvals

4 1 3

PC23. plan system implementation to ensure that all system components can be integrated and aligned (e.g., procedures, databases, policies, software, and hardware)

4 1 3

PC24. develop an organisational technical security policy providing various guidelines, procedures and regulations regarding cyber security infrastructure

3 1 2

PC25. provide input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials)

3 1 2

PC26. translate applicable laws, statutes, and regulatory documents and integrate into policy

3 1 2

PC27. specify power supply and heating, ventilation, and air conditioning (HVAC) requirements and configuration based on system performance expectations and design specifications

3 1 2

PC28. translate proposed technical solutions into technical specifications

3 1 2

PC29. ensure that all cyber security infrastructure are derived out of an architectural plan that is well devised

2 1 1

PC30. define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment

3 1 2

PC31. obtain approval from key stakeholders on the policy document after discussing the same and incorporating valid suggestions

2 1 1

PC32. draft and publish security policy following organisational templates and processes

3 1 2

Total 100 32 68


89

4. SSC/N0933 (Monitor and report on performance of

operational and technical cyber

security measures)

PC1. implement automated solutions for monitoring and reporting on the implementation and functioning of cyber security infrastructure components

100

6 2 4

PC2. document the systems and/or components that are not monitored via automated tools

5 2 3

PC3. develop a manual process for monitoring and reporting their implementation and performance against policy requirements

6 2 4

PC4. collect information on the implementation and performance of operational and technical cyber security measures using automated tools or manual processes

6 2 4

PC5. assess the configurations against policy and approved baseline configurations using automated tools

6 2 4

PC6. facilitate reporting for Security Information and Event Management applications that can be accessed by management and/or formatted into other reports on baseline configuration and performance status

6 2 4

PC7. identify uncommon traffic trends and false positives

6 2 4

PC8. reconcile changes detected as a result of monitoring activities with approved changes

6 2 4

PC9. analyse the results of monitoring activities to determine the reason(s) that an unauthorized change occurred

6 2 4

PC10. obtain vulnerabilities identification and analysis from authorised source

4 1 3

PC11. obtain risk assessment reports from authorised source

4 1 3

PC12. obtain cyber security audit reports from authorised source

4 1 3

PC13. select specific metrics to measure implementation, efficiency, effectiveness, and the impact of operational and technical cyber security measures

6 2 4

PC14. analyse infrastructure security key performance indicators

6 2 4


90

PC15. consolidate findings into reports to support management and compliance

6 2 4

PC16. plan for remedial action or counter measures for areas where inconsistencies have been identified

6 2 4

PC17. undertake remedial action for the identified inconsistencies using automated tools

6 2 4

PC18. ensure that updates have been made to supporting documents after obtaining due authorisations

5 2 3

Total 100 33 67 5. SSC/N0927 (Drive interrelated cyber security actions)

PC1. identify the business functions, and key stakeholders within these, and establish their interest and understanding, relevant to achieving the organisation's aims

100

4 0 4

PC2. recognise the roles, responsibilities, interests and concerns of the stakeholders in other business functions

6 1 5

PC3. identify all the activities, functions and operations that are attributed to security or require analysis from security perspective

4 0 4

PC4. create an inventory of roles that are responsible, accountable and informed for activities, functions and operations in cyber security

9 3 6

PC5. create an inventory of cyber security operations that fall into various key cyber security activities

9 3 6

PC6. identify functions that have a joint working relationship with own function

4 0 4

PC7. consider implication of own work on other functions

6 1 5

PC8. discuss and consult with stakeholders from other functions in relation to key decisions and activities impacting them

7 2 5

PC9. take agreements and track actionables of other functions for interrelated work

7 3 4

PC10. follow up with appropriate personnel for meeting timelines and effective functioning

7 2 5

PC11. agree on communication and documentation process with stakeholders and maintain the same

6 3 3


91

PC12. identify and sort out conflicts of interest and disagreements with stakeholders, in ways that minimise damage to work and activities, and to the individuals involved and the organisation

5 2 3

PC13. monitor and review the effectiveness of working relationships with stakeholders in other business functions, seeking and providing feedback, in order to identify areas for improvement

7 3 4

PC14. fulfil agreements made with colleagues and stakeholders and let them know, advising them promptly of any difficulties, or where it will be impossible to fulfil agreements

7 2 5

PC15. undertake actions agreed with stakeholders in line with the terms of any agreements made

6 2 4

PC16. advise stakeholders of difficulties or where it will be impossible to fulfil agreed actions in line with the terms of any agreements made

6 2 4

Total 100 29 71 6. SSC/N0928

(Manage a project team)

PC1. ensure the allocation and authorisation of work to the project management team is consistent with achieving the project objectives

100

13 5 8

PC2. brief team members on the project and their work allocations

12 4 8

PC3. inform team members of changes to work allocations in an appropriate way

12 4 8

PC4. provide appropriate support and guidance to team members

13 5 8

PC5. monitor and assess the performance of the team against agreed objectives and work plans

13 5 8

PC6. provide feedback to the team at appropriate times and locations, and in a form and manner most likely to maintain and improve their performance

12 4 8

PC7. take effective action to manage any actual or potential conflict between team members

12 4 8

PC8. update objectives and work plans regularly, to take account of any individual, team and organisational changes

13 5 8

Total 100 36 64


92

7. SSC/N9001 (Manage your work to

meet requirements)

PC1. establish and agree your work requirements with appropriate people

100

7 0 7

PC2. keep your immediate work area clean and tidy 12 6 6 PC3. utilize your time effectively 12 6 6 PC4. use resources correctly and efficiently 19 6 13 PC5. treat confidential information correctly 7 1 6 PC6. work in line with your organization’s policies and procedures

12 0 12

PC7. work within the limits of your job role 6 0 6 PC8. obtain guidance from appropriate people, where necessary

6 0 6

PC9. ensure your work meets the agreed requirements 19 6 13 Total 100 25 75

8. SSC/N9002 (Work effectively with

colleagues)

PC1. communicate with colleagues clearly, concisely and accurately

100

20 0 20

PC2. work with colleagues to integrate your work effectively with theirs

10 0 10

PC3. pass on essential information to colleagues in line with organizational requirements

10 10 0

PC4. work in ways that show respect for colleagues 20 0 20 PC5. carry out commitments you have made to colleagues

10 0 10

PC6. let colleagues know in good time if you cannot carry out your commitments, explaining the reasons

10 10 0

PC7. identify any problems you have working with colleagues and take the initiative to solve these problems

10 0 10

PC8. follow the organization’s policies and procedures for working with colleagues

10 0 10

Total 100 20 80 9. SSC/N9003

(Maintain a healthy, safe and secure

working environment)

PC1. comply with your organization’s current health, safety and security policies and procedures

100

20 10 10

PC2. report any identified breaches in health, safety, and security policies and procedures to the designated person

10 0 10

PC3. identify and correct any hazards that you can deal with safely, competently and within the limits of your authority

20 10 10


93

PC4. report any hazards that you are not competent to deal with to the relevant person in line with organizational procedures and warn other people who may be affected

10 0 10

PC5. follow your organization’s emergency procedures promptly, calmly, and efficiently

20 10 10

PC6. identify and recommend opportunities for improving health, safety, and security to the designated person

10 0 10

PC7. complete any health and safety records legibly and accurately

10 0 10

Total 100 30 70 10. SSC/N9004

(Provide data/information in standard formats)

PC1. establish and agree with appropriate people the data/information you need to provide, the formats in which you need to provide it, and when you need to provide it

100

13 13 0

PC2. obtain the data/information from reliable sources 13 0 13 PC3. check that the data/information is accurate, complete and up-to-date

12 6 6

PC4. obtain advice or guidance from appropriate people where there are problems with the data/information

6 0 6

PC5. carry out rule-based analysis of the data/information, if required

25 0 25

PC6. insert the data/information into the agreed formats

13 0 13

PC7. check the accuracy of your work, involving colleagues where required

6 0 6

PC8. report any unresolved anomalies in the data/information to appropriate people

6 6 0

PC9. provide complete, accurate and up-to-date data/information to the appropriate people in the required formats on time

6 0 6

Total 100 25 75 11. SSC/N9005 (Develop your

knowledge, skills and competence)

PC1. obtain advice and guidance from appropriate people to develop your knowledge, skills and competence 100

10 0 10

PC2. identify accurately the knowledge and skills you need for your job role

10 0 10


94

PC3. identify accurately your current level of knowledge, skills and competence and any learning and development needs

20 10 10

PC4. agree with appropriate people a plan of learning and development activities to address your learning needs

10 0 10

PC5. undertake learning and development activities in line with your plan

20 10 10

PC6. apply your new knowledge and skills in the workplace, under supervision

10 0 10

PC7. obtain feedback from appropriate people on your knowledge and skills and how effectively you apply them

10 0 10

PC8. review your knowledge, skills and competence regularly and take appropriate action

10 0 10

Total 100 20 80

contents · • types of threats facing the information security of individuals and organizations...

Documents