Anda di halaman 1dari 15

Edition December

2013

MINISTRY OF EDUCATION, MALAYSIA


VOCATIONAL COLLEGE STANDARD CURRICULUM
COURSE INFORMATION

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

LEVEL

3 SEMESTER 6

CREDIT UNIT

4.0

CONTACT HOUR

FACE TO FACE

NON FACE TO FACE

5.0 HOURS/WEEK

COURSE TYPE

VOCATIONAL

PREREQUISITE

KSK 503: LEGAL AND SECURITY ISSUES MANAGEMENT (PART 1)

CORE REQUISITE

COURSE OUTCOMES
Last Edited

10 - 13 Nov 2013

Module Page

1/15

Document Page

Edition December

2013

At the end of the course, the students should be able to:-

Implement Computer Network Policy


Evaluate Security Software and Equipment
Update Computer Network Security
Diagnose Computer Network Threats
Implement Computer Network Intrusions
Carry Out Contingency Measure
Implement Contingency Measures

COURSE DESCRIPTION

This module Legal and Security Issues Management (Part 2) using standard operating procedures, computer security policy, security
inspection checklist, computer network layout plan, installation manual, hardware installation tools, company security procedure, updates
schedule, manufacturer & vendor support, firmware & software versions, manufacturer technical guidelines, product manual, installation
manual, storage media, security updates, computer network security policy, computer network activity diagnostic tools, computer network
threats prevention procedures, computer network intrusion prevention procedures, system documentation, contingency procedures document,
work schedule, contingency checklist & writing tools, checklist, contingency action plan and report so that company security policies
determined, established & inspected, critical security policies requirements determined, computer security software, security equipment
installed & recorded, software & equipment update determined, software update acquired, installed & recorded, network threats determined &
identified, network threats prevention carried out, network intrusion determined & diagnosed, network intrusion prevention carried out, type of
solution determined, contingency action plan executed & contingency report produced, action plan instruction obtained, action plan checklist
produced & executed, problem/issues contained to appropriate levels and contingency action applied & documented in accordance with
company policies, standard operating procedures and manufacturer updates guidelines.

CONTENT AND LEARNING STANDARDS


Last Edited

10 - 13 Nov 2013

Module Page

2/15

Document Page

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
1. IMPLEMENT COMPUTER
NETWORK POLICY

LEARNING STANDARD
1.1 Determine company security policy

1.2 Establish company security policies

2013

PERFORMANCE CRITERIA
1.1.1

Interpret computer network security policy

1.1.2

Interpret network safety regulations

1.1.3

Interpret common legal phrase

1.2.1 Evaluate procedures to counteract computer network


Security violation
1.2.2 Evaluate procedures implementing computer network
security policy
1.2.3 Carry out security audits
1.2.4 Apply security equipment and software
1.2.5 Assign computer network user level privileges

1.3 Inspect company security policy


Last Edited

10 - 13 Nov 2013

Module Page

3/15

1.3.1 Verify security policy enforcement


Document Page

Edition December

CONTENT STANDARD

LEARNING STANDARD

2013

PERFORMANCE CRITERIA
1.3.2 Respond security violation occurrence
1.3.3 Apply security policy inspection checklist

CONTENT AND LEARNING STANDARDS


Last Edited

10 - 13 Nov 2013

Module Page

4/15

Document Page

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
2. EVALUATE SECURITY
SOFTWARE AND
EQUIPMENT

LEARNING STANDARD
2.1 Determine critical security policies
requirements

2.2 Install computer security software

2.3 Install security equipment


Last Edited

10 - 13 Nov 2013

Module Page

5/15

2013

PERFORMANCE CRITERIA
2.1.1

Interpret security policy

2.1.2

Locate network security placement

2.1.3

Select security solutions

2.1.4

Select security software and equipment

2.2.1

Follow software installation procedure

2.2.2

Execute computer security software installation

2.2.3

Apply basic security software configuration

2.3.1

Interconnect security equipment

Document Page

Edition December

CONTENT STANDARD

LEARNING STANDARD

2.4Record security software and


equipment

2013

PERFORMANCE CRITERIA
2.3.2

Interpret firmware/software version release notes

2.3.3

Comply manufacturer configuration technical guidelines

2.3.4

Follow security equipment installation manual

2.3.5

Apply basic security equipment configuration

2.4.1

Document security software and equipment evaluation

2.4.2

Write report

CONTENT AND LEARNING STANDARDS


Last Edited

10 - 13 Nov 2013

Module Page

6/15

Document Page

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
3. UPDATE COMPUTER
NETWORK SECURITY

LEARNING STANDARD
3.1 Determine software and equipment
update

2013

PERFORMANCE CRITERIA
3.1.1 Identify security
requirements

firmware

and

software

updates

3.1.2 Identify firmware and software version


3.1.3 Obtain security update information
3.1.4 Develop security update schedule
3.1.5 Follow security update schedule

3.2 Acquire software update

3.2.1 Determine software update acquiring source


3.2.2 Determine software update acquiring method
3.2.3 Determine exact security update
3.2.4 Obtain security updates

Last Edited

10 - 13 Nov 2013

Module Page

7/15

Document Page

Edition December

CONTENT STANDARD

LEARNING STANDARD

2013

PERFORMANCE CRITERIA
3.2.5 Store obtained security updates

3.3 Install software updates

3.3.1 Comply manufacturer updates guidelines


3.3.2 Follow security updates installation procedure
3.3.3 Apply security equipment basic configuration

3.4 Record software updates

3.4.1 Document computer network security updates


3.4.2 Write report

CONTENT AND LEARNING STANDARDS

Last Edited

10 - 13 Nov 2013

Module Page

8/15

Document Page

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
4. DIAGNOSE COMPUTER
NETWORK THREATS

LEARNING STANDARD
4.1 Determine network threats

4.2 Identify network threats

4.3 Carry out network threats


Last Edited

10 - 13 Nov 2013

Module Page

9/15

2013

PERFORMANCE CRITERIA
4.1.1

Identify network security threats

4.1.2

Obtain support from manufacturer and vendor

4.1.3

Evaluate network threats information

4.1.4

Identify network threats critically level

4.2.1

Interpret computer network security policy

4.2.2

Evaluate computer network activity

4.2.3

Execute basic network security audits

4.2.4

Select network threat prevention method

4.2.5

Determine vulnerable network and host

4.3.1

Comply Standard Operating Procedure (SOP)

Document Page

Edition December

CONTENT STANDARD

LEARNING STANDARD
prevention

2013

PERFORMANCE CRITERIA
4.3.2

Block unnecessary network access

4.3.3

Execute computer
procedures

network

threats

prevention

CONTENT AND LEARNING STANDARDS


Last Edited

10 - 13 Nov 2013

Module Page

10/15

Document Page

10

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
5. IMPLEMENT COMPUTER
NETWORK INTRUSIONS

LEARNING STANDARD
5.1 Determine network intrusion

5.2 Diagnose network intrusion

5.3 Carry out network intrusion


prevention

Last Edited

10 - 13 Nov 2013

Module Page

11/15

2013

PERFORMANCE CRITERIA
5.1.1

Identify network security intrusion

5.1.2

Obtain support from manufacturer and vendor

5.1.3

Evaluate network intrusion information

5.2.1

Interpret computer network security policy

5.2.2

Evaluate computer network user access

5.2.3

Select network intrusion prevention method

5.2.4

Identify suspicious user and connection

5.3.1

Comply Standard Operating Procedure (SOP)

5.3.2

Block suspicious user and connection


Document Page

11

Edition December

CONTENT STANDARD

LEARNING STANDARD

2013

PERFORMANCE CRITERIA
5.3.3

Execute computer
procedures

network

intrusion

5.3.4

Apply computer network user restrictions

prevention

CONTENT AND LEARNING STANDARDSS


Last Edited

10 - 13 Nov 2013

Module Page

12/15

Document Page

12

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
6

CARRY OUT
CONTINGENCY
MEASURES

LEARNING STANDARD
6.1 Determine type of solution

6.2 Execute contingency action plan

6.3 Produce contingency report

2013

PERFORMANCE CRITERIA
6.1.1

Interpret type of risks involved

6.1.2

Implement appropriate solution measures

6.1.3

Implement solution

6.2.1

Interpret checklist of activities

6.2.2

Interpret work schedule

6.2.3

Identify personnel involved

6.3.1

Collect data on contingency actions

6.3.2

Write report

CONTENT AND LEARNING STANDARDS


Last Edited

10 - 13 Nov 2013

Module Page

13/15

Document Page

13

Edition December

PROGRAM

COMPUTER SYSTEM AND NETWORKING

COURSE NAME

LEGAL AND SECURITY ISSUES MANAGEMENT (PART 2)

CODE NAME

KSK 601

CONTENT STANDARD
7

IMPLEMENT
CONTINGENCY
MEASURES

LEARNING STANDARD
7.1 Obtain action plan instruction

7.2 Produce action plan checklist

7.3 Execute action plan

Last Edited

10 - 13 Nov 2013

Module Page

14/15

2013

PERFORMANCE CRITERIA
7.1.1

Interpret action plan

7.1.2

Interpret Standard Operating Procedure (SOP)

7.2.1

Interpret action plan

7.2.2

Interpret Standard Operating Procedure (SOP)

7.2.3

Prepare action plan checklist

7.3.1

Carry out action plan steps

7.3.2

Verify outcome of action plan

7.3.3

Record outcome of action plan

Document Page

14

Edition December

7.4 Contain
problems/issues
appropriate levels

7.3.4

Update action plan checklist

7.4.1

Detail down/explain the problems/issues

7.4.2

Obtain authority support/approval

7.5.1

Plan contingency actions

7.5.2

Use contingency plan

7.6.1

Write contingency plan execution

7.6.2

Write contingency report

2013

to

7.5 Apply contingency actions

7.6 Document contingency actions

Last Edited

10 - 13 Nov 2013

Module Page

15/15

Document Page

15