VU21996 - Evaluate and test an incident response plan for an enterprise
Overview
This unit provides the basic knowledge and skills for a cyber security practitioner to examine, as part of a team, an organisation’s existing incident response plan (IRP) and expand it as necessary to more thoroughly deal with incidents. The unit includes forming the team, clarifying roles, interpreting an incident response plan (IRP), using red and blue teams to test the IRP, implementing an incident, evaluating the IRP for its effectiveness and developing improvement.
Assessment
For Melbourne campuses
Assessment tasks will be designed to reinforce and extend knowledge and skill competence within set and controlled parameters in accordance with each unit’s learning outcomes and performance criteria requirements, including the setting of work based practical application tasks designed to provide evidence of competence outcomes, within periodic and scheduled timelines.
Students will be expected to demonstrate the following required skills:
- communicate and contribute as a member of a team;
- problem solve network security infrastructure;
- interpret and follow documented material and procedures;
- use a laptop or a workstation;
- install and demonstrate the application of software packages;
- perform basic mathematical calculations;
- plan and develop an Incident Response Plan (IRP) for the enterprise;
- plan and develop attack exercises to test a security system for vulnerabilities;
- plan and develop mitigation strategy to defend a security system form attacks, and;
- evaluating IRP effectiveness and implementing new strategies.
Required reading
The qualified trainer and assessor will provide teaching and learning materials as required in the form of workbooks produced by the Polytechnic and/or via the Polytechnic e-learning system.
As part of a course
This unit is not compulsory for any specific course. Depending on the course you study, this unit may be taken as an elective.