Network Threats and Vulnerabilities

Overview

Framework:
RQF
Level:
Level 3
Unit No:
D/618/5218
Credits:
6
Guided learning hours:
42 hours

Aim

Learners will learn about types and sources of network attacks and develop the skills and understanding needed to plan and protect a network. They will also learn how to configure devices and software to improve network security.

Unit Learning Outcomes

1

Understand network threats and vulnerabilities.

Attacks: denial of service, back door, spoofing, mathematical, brute force, software exploitation, viruses, rootkits, worms, Trojans, spyware, adware.

Sources of attacks: internal; external via internet connections or through unsecured wireless access point, viruses introduced by email.

Assessment Criteria

  • 1.1

    Explain types and sources of network attacks.

  • 1.2

    Explain the motives behind network attacks.

2

Understand network security practices.

Email systems: security features e.g. secure MIME, spam, hoaxing, relay agents.

Wireless systems: security features e.g. site surveys, MAC association, WEP/WPA keys, TKIP Networked devices: security features e.g. router, switch, wireless access point.

Transmission media: issues e.g. use of shielding.

Personal access control: devices e.g. biometrics, passwords, usernames, permissions, digital signatures.

Security control at device level: access control e.g. protocols, log in, certificates.

Encryption: e.g. encrypting files for confidentiality, encryption with application-specific tools, recovering encrypted data Intrusion detection systems: devices e.g. firewalls, virus protection, spyware protection, file monitoring, folder monitoring, use of honeypots, alarms

Assessment Criteria

  • 2.1

    Explain how hardware and software can be used to minimise network security threats.

3

Understand organisational aspects of network security

Policies and procedures: monitoring; education and training; backup and recovery schemes; configuring and upgrading software; setting up file and folder permissions.

User responsibilities: adherence to specific guidelines e.g. strength of password, installation of new software.

Education and training: maintenance of skills; knowledge of exploits; application of updates and patches.

Physical security of system: lock and key; logging of entry; secure room environments; authentication of individual.

Risk assessment and reduction: potential risks; penetration testing; security audits.

Assessment Criteria

  • 3.1

    Explain the range of actions an organisation should take to minimise network security threats.

  • 3.2

    Plan procedures to secure a network in line with organisational requirements.

4

Be able to apply network security.

Administration: procedures e.g. implementing password policy, locking down user accounts, securing administrator’s permissions, protecting against viruses, restricting access to critical services, installing or updating security software.

Algorithms: types (private/public key encryption), DES, 3DES, RSA, hashing.

Transport: methods e.g. IPSEC, GRE, VPN.

Application: e.g. certificates, trust memberships.

Filtering: e.g. firewalls, access control lists.

Test: test for functionality; test for performance e.g. does security measure slow down system functions.

Assessment Criteria

  • 4.1

    Configure a device or software to improve network security.