Get 15% off on your first assignment order and best assignment writing service for HND AssignmentsOrder Now

Have Any Question?

UK +4474648-84564

Free Support


Unit 46 Network Security


· Aim

To provide learners with opportunities to manage, support and implement a secure network infrastructure for a commercial LAN or WAN environment.

· Unit abstract

ICT professionals managing a complex network infrastructure for a large corporate entity, as well as individuals maintaining small systems or personal access, all have to contemplate and implement a variety of network security intrusion prevention and detection methods.

Attacks evolve and threats change as systems increase in speed, capacity and use and as technologies change. The network security expert needs to ensure their skills remain current and maintain an understanding of the technological issues along with the social and commercial impact.

This unit explores the social impact of network security, and by designing a network security solution learners will understand the importance of enabling the IT user to remain safe whilst being able to use the system without unreasonable restrictions.

Learners will research, design and implement secure environments protecting IT systems and therefore individuals from attack. The protection will include intrusion detection and prevention, user and resource access management and the maintenance of malware defence. Learners will implement a proposed networked security solution, and manage the implemented solution.

· Learning outcomes

On successful completion of this unit a learner will:
  1. Understand the impact on the social and commercial environment of network security design
  2. Be able to design network security solutions
  3. Be able to implement network security solutions
  4. Be able to manage network security solutions.

Unit content

1         Understand the impact on the social and commercial environment of network security design

Threats: management of threats eg awareness, current threats, patches, updates, access policies, maintenance of systems, expertise management

Social impact: organisation trust eg data credibility, good will, corporate trust, financial trust; individual impact; corporate impact; social engineering; public relations management; law enforcement involvement

Security policy: review and management eg access to systems, establishment and review of personal, corporate and technical trust; vetting of staff; forensic analysis of systems

Impact on productivity: loss eg systems recovery, data recovery, loss of good will, loss of custom, loss of services; systemic review; legal proceedings

Estimating risk: penetration testing; audits eg internal and external; procedures eg establishment of baseline operating model, contingency planning, scrutiny and due diligence, vetting of contractors and commercial partners

2         Be able to design network security solutions

LAN design: technical response eg STP (Spanning Tree Protocol) prioritisation, MAC control, VLAN (Virtual Local Area Network) security, ARP (Address Resolution Protocol) poisoning, client access, wireless, device trust; VLAN design; trunk design; segregation of LAN segments

WAN design: technical response eg routing protocol authentication, access control lists, route maps, passive interfaces, traffic filters, network segregation, DMZ (Demilitarised Zone)management

Server deployment: security needs according to server specification eg printer access, file management, data management, email

Border systems: Intrusion Detection Systems (IDS) eg firewalls filters and rules, email monitoring, application and packet monitoring, signature management, trust, network behavioural norms; access control eg traffic filters, route redirection

User access: user group eg group membership, user group allocation, attribution of rights; user eg personal attribution of rights, continual review of rights allocation; rights eg file, server, service, data, hardware, printer, email

Physical security: power resilience and supply; physical access control eg lock and key, electronic access control, personnel based security, biometrics; hardware and systems redundancy; backup eg data, configuration, imaging; recovery policies

3         Be able to implement network security solutions

Core systems: components eg servers, switch systems, router systems, firewalls

Communication: methods eg routing protocols, STP, hash exchanges, VLANs, dot1q

Cryptography: tunnelling eg GRE, VPN; key exchange methodology; crypto method eg RSA, IPSec, ISAKMP, IKE, DES, 3DES

Intrusion detection: precautions eg establishment of signatures, establish network behavioural norms

Intrusion prevention: tools eg firewalls, access control, traffic filters

Malware: policy levels eg desktop, server, router; virus definition deployments

Rights: access eg user, group, network, device, VLAN, address range, file, database, time based

Testing: systematic; type eg port, address, protocol, load, access, known exploits

4         Be able to manage network security solutions

User access: physical access; systems access

Environment testing: security audits; penetration testing

Policy review: access policy review; periodic review of user access (physical and system level)

System monitoring: monitoring eg load, traffic types, peak flow, trend analysis, user access patterns, device behaviour, logging servers

Change management: infrastructure eg network device removal/addition, server addition/removal, network addition/removal; procedural eg user group addition/removal, service addition/removal; impact on productivity

Learning outcomes and assessment criteria

Learning outcomes   On successful completion of this unit a learner will: Assessment criteria for pass   The learner can:
LO1 Understand the impact on the social and commercial environment of network security design evaluate a current system’s network securitydiscuss the potential impact of a proposed network designdiscuss current and common threats and their impact
LO2 Be able to design network security solutions design a network security solution to meet a given specificationevaluate design and analyse feedback
LO3 Be able to implement network security solutions using a design, implement a complex network security solutionsystematically test the complex network security solutiondocument and analyse test results
LO4 Be able to manage network security solutions manage a network security solutionanalyse ongoing network security policies and practicesrecommend potential change management.


Links to National Occupational Standards, other BTEC units, other BTEC qualifications and other relevant units and qualifications

The learning outcomes associated with this unit are closely linked with:

Level 3 Level 4 Level 5
Unit 32: Networked Systems Security Unit 24: Networking Technologies Unit 44: Local Area Networking Technologies
  Unit 25: Routing Concepts Unit 45: Wide Area Networking Technologies
  Unit 26: Design a Small or Home Office Network Unit 48: IT Security Management
  Unit 27: Network Operating Systems  

This unit has links to the Level 4 and Level 5 National Occupational Standards for IT and Telecoms Professionals, particularly the areas of competence of:

  • IT Security Management.