K72T002 0cur

COMPETENCY BASED TRAINING CURRICULUM
FOR
NVQ LEVEL 5 NATIONAL DIPLOMA COURSE
IN
INFORMATION AND CYBER SECURITY TECHNOLOGY
(CBT Curriculum Code: K72T002)
Validated by:
National Apprentice and Industrial Training Authority
Developed and Endorsed by:

Tertiary and Vocational Education Commission
Sponsored by
Sri Lanka Computer Emergency Readiness Team/Coordination Center
Ministry of Technology
State Ministry of Skills Development, Vocational Education,

Research & Innovations
25.02.2022
PREFACE
This curriculum outline is based on National Competency Standards for information and Cyber
Security Technology (competency standard code: K72T002) which specified the skills need of
the industry at NVQ Level 5. This is the national curriculum which facilitates the teaching and
learning process in Competency Based Training (CBT) mode for NVQ Level 5 National Diploma
programmes under National Vocational Qualification (NVQ) Framework.
The Curriculum outline was developed in consultation with relevant industry experts, it was
validated by the National Industrial Training Advisory committee (NITAC) and endorsed by the
Tertiary and Vocational Education Commission (TVEC). It is expected to review and revise this
document on completion of 3 years. However, all are welcome to point out any shortcomings
and propose improvements to this curriculum
In order to implement this curriculum, Training providers are welcome to adopt this curriculum
with TVEC accreditation and Competency Based assessment. We appreciate the technical
contribution and other support made by the members of the development group and National
Industrial Training Advisory Committee, supervisory staff and other supporting staff involved in
development work. We note with gratitude the hard work done by staff of institutions involved
to compete this document.
Tharanga Naleen Gamlath Dr. K. A. Lalithadheera

Chairman Director General
National Apprentice & Industrial Training Tertiary & Vocational Education
Authority Commission
1
ACKNOWLEDGMENT
Overall Direction
Mr. Tharanga Naleen Chairman, National Apprentice & Industrial Training Authority
Gamlath
Dr. K. A. Lalithadheera Director General, Tertiary & Vocational Education Commission
Mrs. R.M.A.P. Directress (Quality), National Apprentice & Industrial Training Authority
Samaradivakara
Development Committee
Mr. Chamara Rupasinghe, Chief Executive Officer
Flix 11 (Pvt) Ltd
Mr. M.P. Dileepa Lathsara, Chief Executive Officer

TechCERT (Pvt) Ltd.
Ms. D. Sunari N De Silva, Senior Manager, Information Security

Commercial Bank of Ceylon PLC
Ms. Nelushie Keshinie Bandara, Information Security Engineer

Sri Lanka CERT
Mr. S. P. Christy, Director

Layers – 7 Seguro
Consultoria (Pvt) Ltd.
Mr. T. K. J. Sandagomi, SGM – Enterprise Risk Management

Mobitel (Pvt) Ltd
Mr. K.S.K Silva, Corporate Trainer

InnoventSys(Pvt) Ltd.
Mr. S.M.D.A.S. Suraweera, Project Manager

Sri Lanka CERT
Dr. J A D J Jayalath, Deputy Director General, Tertiary & Vocational Education

Commission
Mr. G.A.M.U.Ganepola, Director, Tertiary & Vocational Education Commission
Mr. P. M. C. P. Gunathilake, Deputy Director, Tertiary & Vocational Education

Commission
2
Facilitator (Development)
Eng. P.N.K. Dias
Consultant
Coordinator (Development)
Mr. W.G. Saman Kumara, Assistant Director, Tertiary & Vocational Education
Commission
National Industrial Training Dr. Rasika Dayaratne, Senior Lecturer – University of Colombo
Advisory Committee (NITAC)
Mr. Kavinga Yapa Abeywardana, Lecturer - SLIIT Sri Lanka
Dr. Kanishka Karunasena, Head of Research, Policy and Projects – Sri Lanka
CERT | CC
Mr. Chamara Rupasinghe, Chief Executive Officer

Flix 11 (Pvt) Ltd
Mr. M.P.Dileepa Lathsara , Chief Executive Officer

TechCERT (Pvt) Ltd.
Mr. Rohana Palliyaguru, Chief Operating Officer - Sri Lanka CERT | CC
Ms. Nelushie Keshinie Bandara, Information Security Engineer

Sri Lanka CERT
Mr. Mahinda Kandapahala, Information Security Engineer – Sri Lanka CERT |

CC
Facilitator (Validation)
Eng. P.N.K. Dias
Consultant
Coordinator (Validation)
Ms. T.M.H.P. Tennakoon, Inspector (SSCD)
National Apprentice and Industrial Training Authority
3
Competency Based Training Curriculum
for NVQ Levels 5 National Diplomas in
Implementation of NVQ Level 5 Curricula
Training providers are required to meet following conditions in order to implement NVQ level5 & 6
diplomas;
i. Credit Policy
NVQ Level 5 and 6 programmes should have minimum 60 credits (1500 Notional Hours) and 120
minimum credits (3000 notional hours) respectively as details given below.
Levels of Credits NVQ Level 5 NVQ Level 6

National Diploma National Diploma
20 Credits (500 hrs)
Level 3 & 4 credit (Maximum) 20 Credits (500 hrs)
Level 5 credit (Minimum) 40 Credits (1000 hrs) 50 Credits (1250 hrs)
Level 6 credit (Minimum) 50 Credits (1250 hrs)
Total Number of credit 60 Credits (1500 hrs)

120 Credits (3000 hrs)
(Minimum)
Note: one credit is equivalent to 25 notional hours which include class room teaching, tutorials,
assignment, projects, on the job training and self-study.
Credit policy defines the minimum course content. Training providers could add any more subjects
above modular requirements of the qualification packages.
ii. Units Classifications
List of Units consists of Core Technical Units, Electives and Employability Units.
Core Technical Units in NCS : It is compulsory to include these units in

Qualification
Employability Unit : It is compulsory to include 8 Credit in NVQ
5 and 6 credit in NVQ 6. These units are
listed in the NCS.
4
Electives : Units to be added to make total credits
equivalent to 60 if total credits of Core Technical
Units and Employability units is less than 60.
iii. Approval to establish NVQ Level 5 & 6 Course
Training providers are required submit a proposal based on Guideline 01 – “Criteria on Requirements to
conduct NVQ Level 5 & 6 Programmes” which could be downloaded from TVEC website and obtain
approval from TVEC to establish the course.
iv. Entry Qualification
Relevant NVQ Level 4 Qualification or 3 passes at GCE (A/L). Details of relevant NVQ 4 and subjects
of GCE (A/L) relevant to this course could be obtained from TVEC. Bridging modules should be
organized as required in the pre-requisites in modules.
v. Upon establishment of the course, obtain TVEC Accreditation and Install a Quality Management
System.
vi. Conduct continuous assessment and maintain a progress record book.
vii. Written test at the end of each semester conducted by the training institute, with paper
moderation by TVEC. Pass Mark for written tests is 50%.
viii. Three Months on the job training on completion of both NVQ Level 5 and NVQ Level 6
programmes respectively.
ix. Competency Based Assessment (Final Assessment) by NVQ Level 5 & 6 Assessors assigned by
TVEC.
x. Certificates are issued by TVEC with the signature of the Director General of TVEC and Head and
Officer responsible for assessment at the training centre.
5
Competency Based Training Curriculum
for NVQ Levels 5 National Diploma in Information and Cyber Security
Technology
(CBT Curriculum Code: K72T002)
List of Modules Code No. Page

Technical Modules
1. Fundamentals of Information Security K72T002M01 11
2. Network and Communication Security K72T002M02 14
3. Operating Systems and Application Security K72T002M03 16
4. Mobile and Internet of Things (IoT) Security K72T002M04 19
5. Introduction to Ethical Hacking K72T002M05 21
6. Introduction to Enterprise Security Architecture K72T002M06 24
7. Security Monitoring and Administration K72T002M07 27
8. Information Security Standards, Policies, Procedures K72T002M08 29
9. Vulnerability Assessment and Remediation K72T002M09 35
10. Fundamentals of Database Security K72T002M10 38
11. Introduction to Cryptography K72T002M11 40
12. Incident Response and Security Operations Center K72T002M12 43
13. Fundamentals of Digital Forensics K72T002M13 46
14. Introduction to Governance Risk and Compliance K72T002M14 49
15. Introduction to Information Security Laws, K72T002M15 52
Regulations and Ethics
16. Introduction to Business Continuity Planning and K72T002M16 55
Disaster Recovery
Employability Modules in Level 5

1. Workplace Information Management EMPM01 31
2. Workplace Communication Management EMPM02 58
3. Planning and Scheduling work at workplace EMPM03 61
6
MODULE STRUCTURE
NVQ Level 5 Qualification
Semester 1
Lectures/ Practical/ Self-
Module Type Notional
Module Tutorials Industry study
Code C/E hours
visits
M01 Fundamentals of Information Security C 80 60 10 10
M02 Network and Communication Security C 110 70 30 10
Operating Systems and Application
M03 C 70 40 20 10
Security
Mobile and Internet of Things (IoT)
M04 C 60 30 20 10
Security
M05 Introduction to Ethical Hacking C 110 70 30 10
M06 Enterprise Security Architecture C 110 80 20 10
M07 Information Security Monitoring C 100 70 20 10
Information Security Standards,
M08 C 60 40 10 10
Policies, Procedures
EMPM01 Workplace Information Management C 50 30 15 05
Total 750 500 175 75
Semester 2
Lectures/ Practical/ Self-
Module Notional
Module Type Tutorials Industry study
Code hours
visits
Vulnerability Assessment and
M09 C 100 50 30 20
Remediation
M10 Fundamentals of Database Security C 90 50 20 20
M11 Introduction to Cryptography C 90 50 20 20
Incident Response and Security
M12 C 100 50 40 10
Operations Center
M13 Fundamentals of Digital Forensics C 100 50 40 10
Introduction to Governance Risk and
M14 C 70 40 10 20
Compliance
Information Security Laws, Regulations
M15 C 70 40 10 20
and Ethics
Business Continuity and Disaster
M16 C 70 40 10 20
Recovery
Workplace Communication
EMPM02 C 50 30 15 05
Management
Planning and Scheduling Work at
EMPM03 C 75 45 20 10
Workplace
Total 815 445 215 155
C – Compulsory
7
MAPPING OF COMPETENCY UNITS AND CURRICULUM MODULES
NVQ Level 5 Qualification
Semester 1
Module Code Module Competency Unit/s related
K72T002U01, K72T002U02, K72T002U03,

Fundamentals of Information
M01 K72T002U04, K72T002U05, K72T002U06,
Security
K72T002U07, EMPU01, EMPU02, EMPU03
K72T002U01, K72T002U02, K72T002U03,
Network and Communication
M02 K72T002U04, K72T002U05, K72T002U06,
Security
K72T002U01, K72T002U02, K72T002U03,
Operating System and
M03 K72T002U04, K72T002U05, K72T002U06,
Application Security
K72T002U01, K72T002U02, K72T002U03,
Mobile and Internet of Things
M04 K72T002U04, K72T002U05, K72T002U06,
(IoT) Security
K72T002U01, K72T002U02, K72T002U03,
Introduction to Ethical
M05 K72T002U04, K72T002U05, K72T002U06,
Hacking
K72T002U01, K72T002U02, K72T002U03,
Enterprise Security
M06 K72T002U04, K72T002U05, K72T002U06,
Architecture
Information Security K72T002U01, K72T002U02, K72T002U06
M07
Monitoring
Information Security K72T002U01, K72T002U02, K72T002U03,
M08 Standards, Policies, K72T002U04, K72T002U05, K72T002U06,
Procedures K72T002U07, EMPU01, EMPU02, EMPU03
EMPM01 Workplace Information EMPU01
Management
Semester 2
Vulnerability Assessment and K72T002U06, K72T002U07, EMPU01
M09
Remediation
Fundamentals of Database K72T002U01, K72T002U02, K72T002U03, K72T002U04
M10
Security
M11 Introduction to Cryptography K72T002U01, K72T002U02, K72T002U03, K72T002U04
K72T002U01, K72T002U07, EMPU01, EMPU02,
Incident Response and
M12
Security Operations Center EMPU03
K72T002U01, K72T002U07, EMPU01, EMPU02,
Fundamentals of Digital
M13
Forensics EMPU03
8
K72T002U01, K72T002U02, K72T002U03, K72T002U04,
Introduction to Governance
M14 K72T002U05, K72T002U06, K72T002U07, EMPU01,
Risk and Compliance
EMPU02, EMPU03
K72T002U01, K72T002U02, K72T002U03, K72T002U04,
Information Security Laws,
M15 K72T002U05, K72T002U06, K72T002U07, EMPU01,
Regulations and Ethics
EMPU02, EMPU03
K72T002U01, K72T002U02, K72T002U03, K72T002U04,
Business Continuity and
M16 K72T002U05, K72T002U06, K72T002U07, EMPU01,
Disaster Recovery
EMPU02, EMPU03
EMPM02 Workplace Communication EMPU02
Management
EMPM03 Planning and Scheduling EMPU03
work at workplace
9
MODULE DESCRIPTORS
NVQ Level 05
Semester I
10
Module Title Fundamentals of Information Security
Module Code K72T002M01
Module Type Compulsory
Relevant Unit/s All
Pre-Requisites NVQ 4 or GCE (A/L) with GIT
To enable the students to:

Module Aim/s  Understand the overview of information security
 Understand core concepts of Information Security
 Understand terminology related to Information Security
At the end of this module the student shall be able to:
Learning  describe the evolution of information security

 describe the types of malware
Outcome/s  demonstrate common breaches using an existing vulnerability
 understand the importance of Information Security(IS) in business continuity
 explore latest cyber security attacks
 Evolution of information security

o Information Vs cyber security
 CIA (Confidentiality, Integrity and Availability)
 Information as an asset
 vulnerabilities, Threats, and risks
 Information Security Concepts: Information security issues, goals,
architecture, attacks, Security Services and Mechanisms
 enterprise governance risk and compliance
o importance of risk when discussing information security (role of risk
management in information security)
o InfoSec organization structure
Learning Content  Information security standards
 Physical security
/ Topics
o Physical Access Control
o NAC-Network Admission Control
o Surveillance-CCTV etc.
o Alerts and Alarms
o Environment monitoring - fire, water, climate control
 Network Security
o Gateway level security etc.
 Operating system and application security
 Malware
o Types of malware
 Virus
11
 Trojan
 Worm
 Ransomware
 APT (Advance persistent Threats) etc.
o Malware classification (based on payload, target and propagation)
o Countermeasures
o Antivirus, EDR
 User identity, authentication, authorization and accountability
o Identity and Access Management (IAM)
o Privilege access management
 Availability and disaster recovery
 Cyber security laws and regulations-introduction
 Digital Forensics
 Impact of IS breaches for a business
o Impact to the goodwill or brand image
o Failure to serve the client/operational disruption
 Introduction to cloud and cloud security
 Terminology of information security
 Demonstrations- a common breach using an existing vulnerability, Ex - password

Practical hack, mobile malware
Assignment: study and prepare a brief report on latest cyber security attacks
and breaches
Resources  Networked computers
 Internet facility
1. Computer and Information Security Handbook - 3rd Edition
by John R. Vacca
2. The Complete Cyber Security Course, Volume 1 Hackers Exposed, by Nathan
House
Prescribed Texts 3. Principles of Information Security - 5th Edition, by Whitman, Michael
& / or Mattord, Herbert
4. Foundations of Information Security A Straightforward Introduction, by
References
Jason Andress
5. Cybersecurity for Dummies by Joseph Steinberg
* Select a book that can be used to create lecture plan and as student
references
 Illustrated talk
Teaching/
 Group activities
Learning  Discussions
Activities  Guest lectures from private and state organizations
 Demonstrations
 assignments
12
Topic / Activity/Learning
Type Module Weighting
Assessment & outcomes
Weighting Formative Assignments – above 40%
Assessment assignment, presentation and
viva test
Summative 60%
Question paper based on class
(semester end)
room teaching
Assessment
80 hrs. (60T + 10P + 10S)
Duration
(T-Theory , P-Practical , S- Self Studies)
13
Module Title Network and Communication Security
Relevant Unit/s All
Pre-Requisites NVQ 4 or GCE (A/L) with GIT and K72T002M1

*Intermediate course

Module Aim/s  Understand the concepts related to Network Security
 Describe how networks are protected using various network security
technologies
Learning At the end of this module the student shall be able to:
Outcome/s  Describe OSI reference Layers and security of individual layer
 Explain how network-based attacks are taking place.
 Explain available network security measures
Network and Communication Security
 Network Security basics
o Network and network components (components, 7 layers)
o Importance of network protocols in IS-TCP/IP
o Understanding different types of network threats
o Physical security for networks
o Physical and logical partitioning using firewalls
 Network Security Technologies
o Fire-walling - firewalls, UTM
o Denial of Service Prevention
o Network Intrusion detection and prevention
o Web, email security, proxy
Learning Content o VPN
o Remote Access
/ Topics
o NAC
 Secure protocols for communication
o Encryption
o HTTPS/SSL/TSL/SSH
 Wireless Security
 User Authentication and Access management to network devices
o Protocols and technologies
o Securing access to device and systems
 Best practices for network Security
 Introduction to secure networks
o Network architecture
 Introduction to IOT communication in relation to IS
14
- Group Activity – Configure a firewall to control traffic (Trainer to setup the
lab so that the student can implement multiple rules on a firewall and test
Practical communication – web, mail, ftp, etc.,)
- Assignment: study and provide a report on most commonly used network
protection technologies and how they work
 Networked computers
Resources  Internet facility
 Firewall, switches and routers
 Tools(wire shark)
by John R. Vacca
Prescribed Texts House
& / or 3. Principles of Information Security - 5th Edition, by Whitman, Michael
Mattord, Herbert
References
Jason Andress
5. Network Security For Dummies, 1st Edition, Author Chey Cobb :
Teaching/
 Demonstrations
 assignment
viva test
Summative 60%
(semester end)
room teaching
Assessment
110 hrs. (70T +30P + 10S)
Duration
15
Module Title Operating Systems and Application Security
Relevant Unit/s All
NVQ 4 ICT or equivalent qualifications and K72T002M1
Pre-Requisites *Intermediate course

Module Aim/s
 Understand the security of a host from operating system to application and
safe guarding of information
Learning  List the operating system components/layers to secure

 Explain different operating systems (Windows, Linux, Mac OS)
Outcome/s  Demonstrate the deployment of security measures related to applications
 Explain the importance of AAA – Authentication, Authorization and
Accountability
Operating Systems and Application Security

(basic knowledge on the structure of processing nodes: it can be computer, mobile,
network nodes, IOT device)
Structure of Processing Nodes: Introduction
 Physical Security
 Network Security
 Virtualization
 OS Kernel
 OS
 Services
 Applications
Learning Content
/ Topics Introduction to root kits
Operating System Security

 Security policy
 Design, Architecture and deployment/implementation
 Secure OS (Hardening of OS)
 File System Security - File integrity etc.
 User management and Access control and authentication
 Logging and monitoring
 Maintenance
 Continuous assessments of Operating System Vulnerabilities
 Patching and updates
16
Introduction to Application Security Concepts
 Architecture and deployment
 Principle of Least Privilege - access only to manage the work
 Principle of Separation of Duties - based on the job function - restricted
access to complete the full operation
 Principle of Defense in Depth - access only to the application - no privilege to
access settings
 Principle of Failing Securely - designed with potential failures in mind
 Principle of Open Design - option of integrating various open security
standards available and the possibility to upgrade with time
 Principle of Avoiding Security by Obscurity
 Principle of Minimizing Attack Surface Area
 Continuous assessment on application vulnerabilities
 Demonstrations Identifying vulnerability in an operating system using a

vulnerability scanner and exploiting the same to breach the operating system
(Unpatched netbios services). This can be demonstrated by the trainer.
 Practical – How multiple viruses are detected using an Anti-Virus Application
Practical
o simulation of rootkits and ransomware (carried out only by the trainer)
 Assignment 01: Various attacks which take place at different layers (Physical to
Application) – (Individual Assignment)
 Assignment 02 – Different types of attacks for different applications – web, mail,
mobile apps, banking apps etc. (Group Assignment – Presentation)
 Networked and isolated devices (Stand-alone computers)
Resources  Firewall, switches and routers
 Tools (wire shark)
 Anti-virus software

by John R. Vacca
Prescribed Texts
House
References Mattord, Herbert
Jason Andress
Teaching/
 Demonstrations
 assignment
17
Type Topic / Activity/Learning Module Weighting
outcomes
Assessment &
Formative Assignments – above 40%
Weighting Assessment assignment, presentation and
viva test
60%
Summative
(semester end)
room teaching
Assessment
70 hrs. (40T + 20P + 10S)
Duration
18
Module Title Mobile and Internet of Things (IoT) Security
Relevant Unit/s All
NVQ 4 ICT or equivalent qualifications and K72T002M1
Pre-Requisites *Intermediate course

Module Aim/s
 Understand the security of mobile and IoT devices
Learning At the end of this module the student shall be able to:
Outcome/s  Explain mobile/IoT operating systems and security challenges
 Explain common mobile and IoT security measures

 Types of Mobile Devices
o Portable Computers
o Tablets
o Smartphones
o Wearable Technology
o Legacy Devices
o Mobile Device Removable Storage
o Introduction to IOS, ANDROID and other mobile OS and their key
differences (can be a group exercise)
 Mobile Device Risks
o Limited Physical Security
o Connecting to Public Networks
o Location Tracking
Learning Content
o Installing Unsecured Applications
/ Topics o Accessing Untrusted Content
o Bring Your Own Device (BYOD) Risks
 Securing Mobile Devices
o Device Setup
o Device and App Management
o Device Loss or Theft
 Mobile Device App Security
o BYOD Security
o Implementing mobile device management
 Introduction to IoT devices
o Types of devices and deployment of architecture
 Security challenges and IoT
o Limitations to implement security in IoT devices
 Overcome IoT security challenges
19
o Authentication and Encryption
 Demonstrations- A mobile breach can be demonstrated by the trainer
Practical
 Assignment 01: Common attacks targeting mobile devices
 Assignment 02: Common security issues in IoT devices (Self Study)
 Networked and isolated devices (computer)
 Mobile devices
by John R. Vacca
Prescribed Texts
House
Jason Andress
Teaching/  Group activities
 Discussions
Learning
 Guest lectures from private and state organizations
Activities  Demonstrations
 assignment
viva test
Summative 60%
(semester end)
room teaching
Assessment
60 hrs. (30T + 20P + 10S)
Duration
20
Module Title Introduction to Ethical Hacking

Relevant Unit/s All
Pre-Requisites NVQ 4 ICT or equivalent qualifications and K72T002M1

Module Aim/s
 Understand how cyber-attacks can take place and preventive techniques

Learning
 Explain how attacks are happening
Outcome/s  Describe the ways of prevention of attacks
 Explain the purpose of ethical hacking
 Demonstrate the usage of attacking tools and techniques to provide relevant
knowledge
 Introduction to Ethical Hacking
o What is ethical hacking
o Importance of ethical hacking
o Black hat, White hat and Grey hat Hacking
 Stages of attacking
o Understand the target environment using foot printing and
Reconnaissance tools
 Introduction to Social Engineering
o Scanning the target environment
o Gaining access through enumeration tools
Learning Content o Maintaining access
o Clearing tracks
/ Topics
 Vulnerability Analysis tools (exploitation tools)
 Introduction to attacking tools related to Network and communication
o Sniffing (E.g. Wire-shark,)
o Denial-of-Service
o Session Hijacking
o Evading IDS, Firewalls, and Honeypots
o Hacking Wireless Networks
 Introduction to attacking tools related to web applications
o Hacking Web Servers
o Hacking Web Applications
 Introduction to attacking tools related to databases
21
o SQL Injection tools
 Introduction to attacking tools related to mobile platforms
 Introduction to attacking tools related to IoT
Demonstration and group activity

Hands-on labs covering multiple attack technologies commonly used by
Practical attackers
01. Identify and list the tools to be demonstrated
02. Setup target applications and nodes
 Multiple tools used for attacks
o NMAP. Nmap stands for Network Mapper
o Exploitation tools (E.g. Metasploit (rapid 7)),
o Scanning Tools (Nessus, Angry IP Scanner, SuperScan)
o Burp Suit. Burp Suite is a popular platform that is widely used for
Resources performing security testing of web applications
o Cain & Abel
o Ettercap
o EtherPeek
o SQL map
o Kali Linux

by John R. Vacca
Mattord, Herbert
References
Jason Andress
5. CEH v10 Certified Ethical Hacker Study Guide, by Ric Messier
Teaching/
 Demonstrations
 assignment
22
outcomes
Assessment &
Formative Assignments – above 40%
Weighting Assessment assignment, presentation and
viva test
60%
Summative
(semester end)
room teaching
Assessment
110 hrs. (70T +30 P +10S)
Duration
23
Module Title Introduction to Enterprise Security Architecture
Module Code 14 Jan
K72T002M06
Module Type 17 Dec & 7 Jan
Compulsory
Relevant Unit/s All units

Module Aim/s
 obtain overall understanding on how security works on an enterprise in
terms of technology, people and the processes

 explain the alignment of IS concepts with the business goals
Learning Outcome/s
 explain the design of enterprise architecture in relation to IS
 identify the main technology layers and components used
 follow policies, standards, structure and base concepts.
 Business strategy and enterprise security

o Identify business objectives, goals and strategy
o Identify business attributes that are required to achieve those
goals
o Identify all the risk associated with the attributes that can
prevent a business from achieving its goals
o Risk analysis
o Identify the required controls to manage the risk
 Define conceptual architecture for business risk (overview)
o Governance, policy and domain architecture
Learning Content / o Operational risk management architecture
Topics o Information Security architecture
- Certificate management architecture
- Access control architecture
- Incident response architecture
- Application security architecture
- Web services architecture
- Communication security architecture
 Define physical architecture and map with conceptual architecture

o Platform security
o Hardware security
o Network security
24
o Operating system security
o File security
o Database security, practices and procedures
o Application security
o High availability and growth scalability
 Define components (specific security areas) architecture and map with

physical architecture(overview)
o Security standards (e.g., US National Institute of Standards and
Technology [NIST], ISO)
o Security products and tools (e.g., antivirus [AV], virtual private
network [VPN], firewall, wireless security, vulnerability scanner)
o Web services security (e.g., HTTP/HTTPS protocol, application
program interface [API], web application firewall [WAF])
 Operational architecture and Implementation guides:

o Security Administration
o Configuration/patch management
o Monitoring
o Logging
o Penetration testing
o Access management
o Change management
o Digital Forensics, etc.
 Organizational reporting hierarchy and information security team

structure
o Structure and responsibilities of individuals
Individual Assignment: the trainer will provide a sample network architecture

diagram with the business case, students are requested to identify the
anomalies of the network architecture and re-structure the same
Group Assignment: trainer will provide few scenarios and the team to come-up
with the enterprise security architecture
 Small to medium business (one location less than 50 users no
Practical/Assignments
external services)
 Large enterprise (multiple branches few hundred employees
multiple internet facing services to client E.g. banks)
 Large government organization
 Multinational organization (present in multiple countries
multiple geography few thousand users)
25
Resources  Open source tools and software
 Relevant acts
 Relevant standards
by John R. Vacca
2. The Complete Cyber Security Course, Volume 1 Hackers Exposed, by
Nathan House
Prescribed Texts & / 3. Principles of Information Security - 5th Edition, by Whitman, Michael
Mattord, Herbert
or References
4. Foundations of Information Security A Straightforward
Introduction, by Jason Andress
*Reference books, specific chapters and texts related to the module to

be defined
Teaching/ Learning  Group activities
Activities  Discussions
 Given practical
 assignment
Type Topic / Activity Weighting

Assessment &
Continuous Assignments – based on above 40%
Weighting Assessment assignment and viva test
Common Question paper for 60%
module 1,2 &3 based on class
End semester
room teaching (MCTIs and
Assessment
structured short answered
test items)
110 hrs. (80.T + 20.P + 10S)
Duration
26
Module Title Security Monitoring and Administration
Relevant Unit/s K72T002U01, K72T002U02, K72T002U05

Module Aim/s
 monitor and oversee security systems in an organizational environment for
incident management and assessment of security risks

 Explain the importance of security monitoring and administration of
Learning networks, systems and users
Outcome/s  Monitor networks or systems performance
 Identify threats to the networks or systems
 Secure systems and resource access
 Introduction to monitoring
 Fundamentals of Monitoring
o Aspects of monitoring-
 System health monitoring
 Logs monitoring
 Network flows
 Network packet monitoring (tapping, mirroring etc.)
o Identifying primary monitoring points
Learning Content o Privilege access monitoring
 application access and OS access
/ Topics  Network access
 Database access
o Continuous Monitoring (detecting anomalies)
o Introduction to threat hunting
o Compliance monitoring
o Identification of False positive and false negative
o Centralized logging and monitoring
 Introduction to monitoring tools (Nagios, Wireshark, SIEM etc.)
 Technologies used
o SNMP
o NetFlow
27
o QFlow
 Change request management and monitoring
 Identification and classification of incidents
Demonstrations in a lab set-up:

 Demonstrating of network and systems monitoring using a NMS (E.g.:
NAGIOS,)
 Analyze Network packet capture (PCAP file) using open source monitoring
Practical and packet analyzing tools (E.g.: Wireshark)
 Configure and enable system logs, audit logs and log levels
 Scenario building on SIEM (using the OSSIM platform)
Integrating router, firewall, Linux server and windows server (logs from a
router), monitor logs, develop basic correlation rules
 Open source tools and software
by John R. Vacca
Mattord, Herbert
References
5. CEH Certified Ethical Hacker All-in-One Exam Guide, Author Matthew
Walker
 Demonstrations
Activities
 Given practical
 assignment

Assessment &
Continuous Assignments - based on above 40%
Weighting Assessment practical and viva test
End semester Question paper based on class 60%

Assessment room teaching
100hrs. (70T +20P +10S)

Duration
28
Module Title Information Security Standards, Policies and Procedures
Relevant Unit/s All

Module Aim/s
 understand Information Security Frameworks and standards and their
requirements

 explain Importance of having Information Security Framework
 identify commonly practiced Information Security Frameworks and
Learning Outcome/s standards
 demonstrate the understanding of information security management
system
 describe expected outcomes of security standards and its
o implementation
Information Security Standards
 Information Security Policies, Procedures, Frameworks, Standards and

Guidelines of an enterprise
o Importance of having Information Security Framework
o Components of Information Security Framework
o Requirement for Information Security Frameworks and
Standards
o Standards vs InfoSec Standards
(Note: A framework consists of standards, guidelines and practices
that an organization uses to manage a security program, develop
Learning Content /
and document security processes that implement
Topics specific security controls chosen to reduce risk at that enterprise
against the threats it is likely to see)
 Common Information Security Frameworks and standards
o ISO / IEC 27000 series
o NIST
o HIPAA
o PCIDSS
o ITIL
o COBIT
 An Information Security Management System (ISMS)

o (Note: It is a Framework of policies and controls that manage
29
security and risks systematically and across entire enterprise
information security.)
o (The framework for ISMS is usually focused on risk
assessment and risk management)
 Introduction to ISO 27001
(Note: with a specific focus on Data Center Security: Standards, Best
Practices & Requirements)
 Expected out comes of security standard implementation
 Implementation of a standard - certification
 Keeping the certification live
o Continuous improvements
Group Assignment:
Practical/assignment o Group Presentation on the controls of ISO 27001, NIST, PCIDSS, ITIL
 Open source tools and software
 ISO Guidelines and other reference frameworks and standards
1. Computer and Information Security Handbook - 3rd Edition by John R.
Vacca
2. The Complete Cyber Security Course, Volume 1 Hackers Exposed, by
Nathan House
Prescribed Texts & / or 3. Principles of Information Security - 5th Edition, by Whitman, Michael
Jason Andress
5. ISO Guidelines and other reference frameworks and standards
Teaching/ Learning  Group activities
 Discussions
Activities
 Demonstrations
 Given practical
 assignment

Assessment &
Continuous Assignments - based on above 40%
Weighting Assessment practical and viva test
60%
End semester Question paper based on class
60.hrs. (40T + 10P + 10S)

Duration
30
Module Title Workplace Information Management
Module Code EMPM01
Relevant Unit/s EMPU01
Pre-Requisites None
Module Aims  Make use of information and information systems to carry out
organizational functions
 Make use of information and information systems to enhance
workplace performance

 Explain the importance of ICT tools in promoting the productivity of
the organization
Learning Outcomes  Describe the purpose of establishing ICT tools and strategies in
enhancing the performance at workplace
 Apply Information skills to enhance the productivity of the
organization
 Identification of documentation requirements

 Selecting and/or collecting required documentation
 Documentation procedures and methods
 Completing /perfecting documentation
 Reading, interpreting and using equipment/system manuals and
specifications
 Interpretation of all applicable laws, policies and procedures relevant to
Learning Content / enterprise
Topics
 Computer and information system usage
 Forecasting Techniques
 Forecasting Software
 Mathematical Modeling
 Data Collection Techniques for Market Research
 The range of analytical techniques appropriate for analysis of information
 The influence of human factors on information analysis, e.g. Prejudices
31
and biases
 Conducting and recording of performance evaluations
Teaching Aids
Resources
Networked Computers, Multimedia, Whiteboard
Information Management: Best Practices – Volume 1
Recommended Texts &
/ or References (Bob Boiko, Erik M. Hartman )
 Discuss/ explain and provide essential theoretical inputs.

 Emphasize the importance of a valid information system in promoting
customer relations - make reference to following
- Identification of customer needs.
- Measurement of customer needs and satisfaction.
Teaching Learning - Obtaining feedback from customers.
Activities
- Recognition and understanding of customer problems and resolution
or timely referral of problem in a manner satisfactory to the customer.
 Application of enterprise policies in satisfying customer needs
 Identifying enterprise Protocols associated with "Customer Services"
 Discuss "Satisfying customer complaints" using information sources
available

Use of ICT Tools, Software
applications, application of
50%
information management skills
at work place
Assessment & Formative Knowledge on various aspects
Weighting assessment of information management
skills at work place - Oral
10%
questioning during class room
presentations
Knowledge on various aspects

Summative
of information management 30%
assessment
skills at work place - Multiple
32
Choice Test Items/ Matching
and Completion test items and
structured essay type questions
knowledge on application of
information management skills- 10%
Viva voce
Duration 50 hours (30T + 15P + 05S)
(T-Theory, P-Practical, S- Self Studies)
33
MODULE DESCRIPTORS
NVQ Level 05
Semester 2
34
Module Title Vulnerability Assessment & Remediation
Relevant Unit/s K72T002U06, K72T002U07, K72T002U08
 determine whether infrastructure components, systems and applications
Module Aim/s meet confidentiality, integrity, authentication, availability, authorization and
non-repudiation standards
 report the testing outcomes by compiling the Vulnerability Assessment
report using templates
Learning
 explain what are vulnerability assessment (VA) and penetration testing
Outcome/s
 identify VA framework
 categorize, analyze and carry-out vulnerability testing
 remediate vulnerabilities
 Introduction to vulnerability assessment (VA) and penetration testing
o Requirement for VA
 Compliance purposes
 Mitigating cyber risks
 Regulatory requirements
o Areas of vulnerability assessments (network vulnerability
assessments, system/host based vulnerability assessments,
application VA etc.)
o source code review
o Penetration testing
 Vulnerability Assessment framework
Learning Content  Preparation for VA
/ Topics o Agreement/NDAs
o Information gathering (organization policies, network diagrams etc.)
o Stakeholder communication
 Categories of vulnerability testing
o Black box, white box and gray box
o Internal and external VA
o In-house and out sourced VA
o Intrusive and non-intrusive
 Vulnerability testing
o Vulnerability identification
o Vulnerability analysis
 Vulnerability classification (high, critical, medium)
35
 Common classification frameworks (CVE, CVSS)
 Validation of false positives and false negatives
o Vulnerability reporting
 Templates for reporting
 Validation with system owners
 Types of tools used for VA
o Scanning tools (Nessus, Nmap, Wireshark, metasploit, John the
Ripper, sqlmap, Aircrack-ng, Burp suite and OWASP ZAP web
application security scanners, Kali Linux, Etc.
o Web application testing guidelines - Open Web Application Security
Project (OWASP)
 Vulnerability remediation
o Prioritization of vulnerability remediation action
o Methods of remediation (Security patches, compensating controls
etc.)
o Review of remediation
Practical:
Perform vulnerability assessment for a given system by using provided
VA tools
(Instructor come up with few number of hosts which contain known
vulnerabilities. each student to use provided VA tools and identify the
vulnerabilities of the hosts.)
Practical Instructor to enable the monitoring of the target host using tools like
Wireshark/TCP Dump –student get the visibility how ports scanning
happens
Assignment 1: Prepare a report after the vulnerability assessment using

a provided format
 Open source /commercial tools and software
by John R. Vacca
Prescribed Texts 2. The Complete Cyber Security Course, Volume 1 Hackers Exposed, by Nathan
& / or House
3. Principles of Information Security - 5th Edition, by Whitman, Michael
Teaching/
36
Learning  Group activities
 Given practical
 assignment

Assessment &
60%
Common Question on class room
End semester
teaching (MCTIs and structured
Assessment
short answered test items)
100hrs. (50T + 30P +20S)

Duration
37
Module Title Fundamentals of Database Security
Module Code 14 Jan
K72T002M10
Compulsory
Relevant Unit/s K72T002U01, K72T002U02, K72T002U03, K72T002U04

Module Aim/s
 explain and apply preventive techniques for database threats

Learning
 Explain what is Database Management System (DBMS)?
Outcome/s
 Explain types of database threats
 Apply preventive techniques for above database threats
 Introduction to Database Management System(DBMS)

o Types of databases
o Database architecture
o Database structures
o Languages
 Importance of Database security
o Importance of security of data
o Statutory and regulatory requirements (GDPR, BSS)
 Types of database threats
o Excessive privilege
o Default accounts
Learning Content o SQL injection
/ Topics o Denial of service etc.
 Database security control
o Physical security for DBMS
o Network security for DBMS (3 Tier architecture)
o OS level control (hardening of OS)
o Secure configuration of database
o Privilege access management and authentication
o Database logging and audit
o Database back-up
o Database encryption
o Security application and OS up-date and patch management
 Database security monitoring
38
o Monitoring health of the database and the host
o Database activity monitoring
o Change request management and access monitoring
o Continuous assessments of vulnerabilities
 Database standards and benchmarks
o implementing standards and benchmarks based on industry and
vendor specifications
Practical: (demonstration) SQL injection attack

Practical Assignment 1: study and present attacks on databases (DBMS) and prevention
techniques (Individual activity)
Assignment 2: study and present database hardening best practices (group activity)
 DBMS (Microsoft SQL server, MySQL, Oracal)

 Open source/commercial tools and software
 Documentations on relevant standards
1. Computer and Information Security Handbook - 3rd Edition by John R. Vacca
House
Prescribed Texts
& / or Mattord, Herbert
References 4. Foundations of Information Security A Straightforward Introduction, by
Jason Andress
5. Database Security, 01st Edition, Book by Alfred Basta and Melissa Zgola :
Teaching/  Illustrated talk

Activities  Given practical
 assignment

Assessment &
Common Question paper for 60%
module 1,2 &3 based on class
End semester
room teaching (MCTIs and
Assessment
structured short answered test
items)
90hrs. (50T + 20P + 20S)
Duration
39
Module Title Introduction to Cryptography
Relevant Unit/s K72T002U01, K72T002U02, K72T002U03, K72T002U04
Pre-Requisites NVQ 4 ICT or equivalent qualifications

Module Aim/s
 describe what is meant by Cryptography and Steganography and their
usages
 recognize what is Cryptography and its history
Learning
 explain concepts of cryptography & Steganography
Outcome/s  explain use of cryptography
 explain Cryptographic Algorithms
 use Steganography
 use Cryptography
 History of cryptography
 Introduction to Cryptography: Network security model, Cryptographic
systems, Cryptanalysis,
 Steganography - Information hiding
 Foundational concepts of cryptography
 Importance of cryptography
o Message confidentiality
Message integrity
Message non-repudiation
 Common algorithms
o Old ciphers
o New ciphers
Learning Content  Symmetric key cryptography
/ Topics  Asymmetric key cryptography (public key)
 Encryption and Decryption Techniques
 PKI (Public Key Infrastructure)
 Crypto hashing functions
 Use of cryptography
o Encryption
 HTTPS
 SSL
 Email encryption etc.
o Digital signature
 Document signing
 E-mail signing(PGP)
o Digital certificate and certificate authority
o Electronic money (crypto currency)
40
Practical Examples: using of; The Caesar cipher
Mono-alphabetic cipher
Poly-alphabetic cipher
Vigenère cipher
(Instructor to design the above practical as a game/team activity)
Practical on Steganography –
 Encoding an image with a secret text
Practical on use of cryptography
Practical
o Generating a CSR (Certificate Signing Request) and get a signed
certificate from a local CA (Certificate Authority). Then the student can
use the signed certificate to send a signed/encrypted email to another
student
o Signing a document (word or pdf)
Assignment: Individual assignment –report on history of cryptography
Group assignment and presentation - Real life usage of
cryptography
 Certificate server (Microsoft or open source)
Resources
 Open source tools to demonstrate above activities
by John R. Vacca
House
Mattord, Herbert
Prescribed Texts 4. Foundations of Information Security A Straightforward
& / or Introduction, by Jason Andress
References 5. Applied cryptography: protocols, algorithms, and source code in C, Author

Bruce Schneier, Publisher: Wiley-India, 2007, ISBN 8126513683,
9788126513680
6. Cryptography Made Simple Nigel Smart
• ISBN-10: 3319219359
• ISBN-13: 978-3319219356
Teaching/
Activities  Demonstrations
 Given practical
 assignment
41
Weighting
Formative above practical and assignment, 40%
Assessment their course works,
presentations and viva test
Summative 60%
(semester end)
room teaching
Assessment
90hrs. (50T + 20P + 20S)
Duration
42
Module Title Incident Response and Security Operations Center
Relevant Unit/s K72T002U01, K72T002U06, K72T002U07, K72T002U08, K72T002U09
 identify, troubleshoot and escalate of security incidents by detection and
Module Aim/s analysis of security events based on the complexity
 communicate with management, external parties and technology owners to
escalate security incidents

Learning  Explain what is Incident response
 Plan for detection of security alert
Outcome/s
 Analyze the security alert
 Escalate to the next level
 Carry out Post incident activities
 Understand the Security Operation Center (SOC) functionalities
 Introduction to the incident response
o What is an incident?
o Importance of incident response (IR)
o Stages of IR
o Introduction to SOC (Security Operation Center)
o Introduction to roles and responsibilities of security monitoring
o Introduction to law enforcement agencies, CERTs and regulators
 Preparation (creating processes and procedures)
o Introduction to IR policies and communication guidelines
o Incorporate threat intelligence feeds
Learning Content o Support cyber threat hunting exercises
/ Topics o Understanding threat detection capability
 Detection and Reporting

o Introduction to security monitoring tools (SIEM, IDS, etc.)
o Monitoring dashboards and alerts
o Detecting potential security incidents
o identifying incidents and alerting (opening a ticket and assigning
responsibility/escalation using a workflow)
o reporting- compliance and escalation report
 Triage and Analysis
 Containment and Eradication
43
 Post incident activities
-Complete an Incident Report based on templates
-Monitor Post-Incident
-Update Threat Intelligence
-Identify preventative measures
Practical
 Develop multiple scenarios on a test setup where the activities to be
monitored using a SIEM tool (OSIM/ELK). While the supervisor executes the
scenario, the student can monitor the activity/incident in the SIEM. Student
to come up with an incident report as the result
Practical
Assignment: (Individual)
 Students are requested to identify, document and present how an
incident response take place for the given scenarios (Example scenarios:
Privilege escalation attempt, website port scan)
 Open source /commercial tools and software
by John R. Vacca
House
Prescribed Texts Mattord, Herbert
& / or
References
5. Security Operations Center Guidebook. A Practical Guide for a Successful
SOC by Gregory Jarpey and R. Scott McCoy
6. NIST guidelines
7. SANS guidelines
 Demonstrations
Activities
 Given practical
 assignment
Assessment & Continuous Assignments – based on above 40%

Assessment assignment and viva test
44
Weighting
End semester Question paper based on class 60%
100hrs. (50T + 40P + 10S)
Duration
45
Module Title Fundamentals of Digital Forensics
Module Code 14 Jan
K72T002M13
Compulsory

Module Aim/s  understand digital forensic, applicable laws and procedures and process
 understand anti-forensic techniques

Learning  Describe digital forensic, and applicable laws
Outcome/s  Describe Digital forensic procedures and process
 Acquire and preserve electronic evidences
 Detect anti-forensic techniques
 Introduction to digital forensics

 Laws related to digital forensics
o Provisions in the Computer crimes Act No 24 of 2007 Sri Lanka
o The Evidence (Special Provisions) Act of 1995
 Importance of digital forensics
 Characteristics of digital evidence
o Admissible
o Authentic
o Complete
o Reliable
Learning Content o Believable
 Digital forensic procedures
/ Topics
o Live forensic and dead forensics
o Preservation of digital and electronic evidences
o Chain of custody
o SOP of organization
 Forensic process
o Identification
o Collections
o Preservation
o Examination
o Analysis
o Presentation
46
 Acquiring and preserving digital and electronic evidences
o Hardware/software write blocker
o Open source tools – E.g. Autopsy
o Wireshark
o TCPdump/Windump/WinPcap
o DumpIT
o Disk Imaging and disk cloning tools
o Microsoft sys internal tools
o WhoIs, Finger, Ping, Trace, NS look up, Dig
o Procedure of first responder
 Identifying digital and electronic evidences
 Acquiring, Preserving and transporting digital and electronic
evidences
 Forensic tools for first responder
 Data Recovery:
o Recover deleted files
o Recover data from physically damaged media
 Anti-forensic techniques e.g. data overwriting, data hiding and distortion,
encryption
 Timeline analysis
 Procedural Documentation
o Discovery method
o Personnel involved
o Exact sequence of events/ Attack timeline
o System events
o Documentation of actions and timeline
o Preventative measures resulting from the investigation
o Recovery steps taken and further recommendations
Practical: hands-on usage of forensic tools

o Live forensic tools; E.g. DumpIT, Microsoft sys internal tools, WhoIs,
Finger, Ping, Trace, NS look up, Dig
o Dead forensic tools: Autopsy,
o Network forensic tools (Wireshark, TCPdump/Windump)
Practical o Disk Imaging and disk cloning tools
 Group Practical: simulation of the forensic process
o Supervisor to create a real life scenario and allow student groups to
practice the learning outcomes using provided tools and present using a
report
Resources  Networked computers and peripherals

 Specialized forensic related hardware and devices
47
 Open-source tools and software
 Documentation of Relevant acts and standards

by John R. Vacca
House
Mattord, Herbert
Prescribed Texts 5.Digital Forensics Processing and Procedures Meeting the
& / or Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice
Requirements
References by David Lilburn Watson, Andrew Jones
6.Digital Forensics
by André Årnes
7.Cybercrime investigations bridging the gaps between security
professionals, law enforcement, and prosecutors
by Anthony Reyes, Richard Brittson, Kevin OShea, James Steele
 (ISC )2 reference for ethics
Teaching/
Learning  Group activities
 Given practical
 assignment

Assessment &
60%
Common Question paper on
End semester class room teaching (MCTIs and
Assessment structured short answered test
items)
100 hrs. (50T +40P + 10S)
Duration
48
Module Title Introduction to Governance Risk and Compliance

Module Aim/s  understand the concept of IT Governance Risk and Compliance (GRC)
 follow risk management process including risk monitoring and reporting
within a risk management standards and framework

Learning  Explain what is GRC (Governance Risk and Compliance) and risk
management process
Outcome/s
 Identify risks and treatment plans
 Monitor and report risks
 Develop a risk register
 Introduction to Enterprise GRC (governance, risk, and compliance)

 Introduction to IT governance and compliance frameworks
 Risk management Terminology (assets, threats, vulnerability, impact,
likelihood)
 Importance of risk management for organization in related to cyber security
 Risk management related roles
 Risk management process
o Risk identification
 Risk identification methods and techniques (E.g. brain
storming, risk reviews and audits, cause and effect analysis,
Learning Content tools such as SIEM, vulnerability scanner)
o Risk analysis
/ Topics
 Quantitative and Qualitative risk analysis
 Determining impact, determining likelihood and inherent
risk
 Control assessment,
 Residual risk determination
o Risk evaluation
o Risk treatment
 Risk treatment options (E.g. Treat, transfer, acceptance,
avoidance)
 Developing risk treatment plan
o Risk Monitoring and reporting
49
 Risk registers
 Risk profile, risk indicators
 Risk management standards and framework (E.g. ISO 31000, ISO 27005, NIST
Special Publications)
 IT governance standards e.g. COBIT
 Commonly practiced standards in terms of compliance
Practical:
Assignment:1
 Identify risk treatment plans for given scenarios (individual assignment)
Assignment:2 (group Assignment)

 Field visit: the group can visit an enterprise which follows a proper risk
management processes, meet the relevant risk management officer or
Practical
team to get an introduction
 Develop a risk register based on the above engagement
 Student groups are encouraged to target different business domains
(E.g. software development enterprise, logistic company, financial
institutions and retail companies)
 Open-source tools and software
 Documentation of relevant frameworks and standards

by John R. Vacca
House
Mattord, Herbert
& / or
5. Information Security Governance Framework and Toolset for CISOs and
References
Decision Makers.
by Andrej Volchkov
6. Securing an IT organization through governance, risk management, and audit
by Rainey, James L. Sigler, Ken E
 ISO 31000
 NIST framework
 Documentation related to GRC
50
 Field trips
Activities
 Given practical
 assignment

Assessment &
Continuous E.g. Assignments 40%
Weighting Assessment
60%
End semester Question paper based on class
70 hrs. (40T + 10P + 20S)

Duration
51
Module Title Introduction to Information Security Laws, Regulations and Ethics

 identify the major Laws applicable for Information Security-National and
Global
Module Aim/s
 explore information security frameworks, such as the NIST, COBIT, ITIL etc.
and the ways in which these relate to national contexts.
 understand the importance of information security compliance

Learning  identify the major Laws applicable for Information Security-National and
Global
Outcome/s
 analyze national practices and policies as -per of international standards and
good practices
 apply Information security ethics
 Purpose of Laws, Regulations and Ethics

 Laws applicable for Information Security-National
o Computer Crimes Act, No 24 of 2007
o Electronic Transaction Act
o Payment Devices Frauds Act, No. 30 OF 2006
o Legislation for Scripless Securities Trading
o Payment and Settlement Systems Act, No. 28 of 2005
o Data protection bill
o Cyber security bills
Learning Content o Intellectual Property Act no. 36 of 2003
o Other relevant prevailing laws
/ Topics
 Laws applicable for Information Security-Global
o Importance of global Information security laws and regulations
o Commonly applicable global regulations
 EU GDPR –European Union General Data Protection
Regulation
 Budapest Convention (The Convention on Cybercrime of the
Council of Europe (CETS No.185)
 Other relevant regulations
 Information security ethics
o Organizational code of ethics
52
o Code of professional ethics
o (ISC )2 for reference
Note: Ethics — moral principles that govern a person's behavior — is a

critical part of any sound cybersecurity defense strategy. Without clear
ethical standards and rules, cybersecurity professionals are almost
indistinguishable from the black-hat criminals against whom they seek to
protect systems and data.
Assignment 1:
Presentation on information security ethics
Practical Role play on information security ethics
Individual assignment:
 Analyze national and international legal landscape for a given case study
 Relevant acts and bills
by John R. Vacca
House
Mattord, Herbert
& / or
5. Cybercrime investigations bridging the gaps between security professionals,
References
law enforcement, and prosecutors by Anthony Reyes, Richard Brittson, Kevin
OShea, James Steele
http://icta.lk/act
http://documents.gov.lk/en/acts.php
Teaching/  Illustrated talk

Activities  Given practical
 assignment
Assessment & Continuous Assignments – based on above 40%

Assessment assignment and viva test
53
Weighting 60%
items)
70 hrs. (40T + 10P + 20S)

Duration
54
Module Title Introduction to Business Continuity Planning and Disaster Recovery

Module Aim/s  identify potential disasters that can disrupt critical activities of an
organization at strategic, tactical and operational level
 understand a business continuity plan and disaster recovery plan

Learning  explain principles and Concepts of Business Continuity Management and
Outcome/s Organizational Resilience
 explain concepts of Business Impact Analysis (BIA)
 explain different types of plans for business continuity and disaster recovery
 Introduction to Disaster recovery and Business Continuity

 What is Business Continuity Plan (BCP)?
 Principles and Concepts of Business Continuity Management and
Organizational Resilience.
 Different categories of hazards, threat and vulnerabilities that can disrupt
critical activities of an organization at strategic, tactical and operational
level.
 Concepts of Business Impact Analysis (BIA) which is used for the evaluation
of organization’s security posture
 Strategy for Mitigation of Threat, Preparedness, Response, Recovery,
Resumption and Restoration of products and services.
 Introduction to service delivery objectives
Learning Content
 High availability solutions for business continuity
/ Topics  Implementation of the different types of plans namely
o Emergency Response Plans (ERP),
o Incident Management Plans (IMPs),
o Business Continuity Plans (BCPs) and
o Crisis Management Plans (CMPs). E.g. Pandemic Plan, Disaster and
Recovery Plan for IT systems (DRP), Cyclone and Tsunami Incident
Management Plans etc.
 Validation of plans through audit, exercising and maintenance
 Overview of the main clauses of ISO 22301- Societal Security and Business
Continuity Management Systems.
 Introducing Disaster Recovery Plan (DRP)
o Primary and DR sites
Practical
55
Assignment:1:
 Types of disasters and effects on ICT systems
Assignment:2:
 Study and present high availability solutions applicable for disaster recovery
and business continuity
Resources  Open-source tools and software
 Regulatory guidelines and policies
by John R. Vacca
House
Prescribed Texts
Mattord, Herbert
& / or 4. Foundations of Information Security A Straightforward
References
5.Business Continuity For Dummies
by Released December 2012
Publisher(s): For Dummies
ISBN: 9781118326831
 Given practical
Activities
 Field trips
 assignment

Assessment &
60%
items)
70hrs. (40T + 10P + 20S)
Duration
56
Employability Modules
Semester 2
Module Title Workplace Communications Management
57
Module Code EMPM02
Pre-Requisites None
Module Aims  Apply communication skills to maintain effective workplace performance
 Adjust to diverse situations at workplace, through effective manipulation
of communication skills
At The student will be able to:
 Identify the essential components of an efficient communication system
 Identify and overcome barriers to effective communication
 Use all channels of communication equally well
 Use common computer applications to collect, analyze and maintain
Learning Outcomes
essential data and information required to perform and enhance day to
day activities of the organization
 Contributes to the overall growth and productivity development of the
organization
 Basic communication models - (Reference to 2 typical models)

 Principles of effective, interactive communication
 Barriers to effective communication and distortions in the communication
process
 Personal values and communication
Learning Content /  Policies of the organization relevant to information and communication
Topics
function
 Protocol and Procedures of the organization
 Importance of ICT tools in promoting the efficiency and effectiveness of the
organization
 Common computer applications
 Importance of networking in day to day activities of the organization
58
Teaching Aids
Resources Networked Computers, Multimedia, Whiteboard
Recommended Texts &

/ or References
 Knowledge to be imparted by providing learner centered activities
 Facilitator may use different teaching methodologies such as
brainstorming, projects, mind mapping, small group activities, illustrated
talk, fish ball technique, demonstrations, when delivering knowledge
component of this module
The following may be discussed in groups of trainees and followed up with

Exercises" & "Role plays"
Teaching Learning  Oral communication
Activities
 Written communication
The following may be discussed in groups of trainees and followed up with”

Exercises" & “Role plays"
 Constructing sound inductive arguments.

 Reading and comprehending written communications and information
 Using job-related terminology
 Using proper listening techniques
Application of communication
50%
skills at work place
Formative Knowledge of various aspects of 10%
assessment communication skills at work
place - Oral questioning during
class room presentations
Summative Knowledge of various aspects of 30%
assessment communication skills at work
59
place- Multiple Choice Test Items/
Assessment &
Matching and Completion test
Weighting
items and structured essay type
questions
knowledge on application of 10%
communication skills- Viva voce
Duration 50 hours (30T + 15P + 05S)
(T-Theory, P-Practical, S- Self Studies)
60
Module Title Planning and Scheduling Work at Workplace
Module Code EMPM03
Pre-Requisites None
Module Aims To enable the students to:
 Plan and schedule work to be performed at workplace

 Assign work to workers based on assessment of competencies / work
capacities of individual workers/working team
 Predict likely problems / probable changes that would come up in
implementation of planned schedule
Learning Outcomes At the end of this module the student shall be able to:
 Prepare a work schedule for a given work situation
 Determine work priorities as per predetermined criteria such as goals,
targets and organizational requirements
 Develop a plan (process) to complete work to be done in a given
situation
 Assess competencies of individual workers before assigning work
Learning Content /  Goals and Objectives of the organization

Topics
 Planning priorities
 Plans related to work and related activities at workplace
 Systems, procedures and processes relevant to the organization
 Quality and continuous improvement processes applied within the
organization
 Company specific performance standards
 Industry/Workplace Codes of Practice /Codes of ethics
 Frontline management roles applicable to team management
 Manufacturer' s specifications and product specifications
 Standard specifications of commonly used materials
 Simple planning techniques/methods - (two to three common
techniques/methods)
61
 Forecasting Techniques /methods
 Time management techniques
 Competency assessment methods
Resources Teaching Aids

Networked Computers, Multimedia, Whiteboard
Recommended Texts &

/ or References
Teaching Learning  Small group activity -1 - Identify work requirements of a drawing office
Activities
or of a given project
 Small group activity -2 - Set work priorities as per organizational
requirements goals and targets
 Small group activity -3 -Develop a plan (process) to complete work to
be done at drawing office or in a given project
 Individual activity - Prepare list/s of tools, equipment, material
required to complete the work as indicated in the plan developed in
activity -3
 Small group activity -4 Brainstorm in groups to identify,
 Deficiencies in the plan (Developed in activity -3)
 Modifications to be made to overcome deficiencies
 Explain and follow up with exercises
 Forecasting methods / Techniques, Time management techniques,
Competency assessment method

Use of different approaches and
Assessment & techniques related to planning of
Weighting 50%
work, application of skills in
Formative
Planning work at work place
assessment
Knowledge of various aspects of 10%
planning of work to be performed at
workplace - Oral questioning during
62
class room presentations
Knowledge of various aspects of 30%
planning of work to be performed at
workplace - Multiple Choice Test
Items/ Matching and Completion
test items and structured essay type
Summative
questions
assessment
knowledge on application of 10%
planning of work in a given work
situation - Viva voce
75hours (45T + 20P + 10S)

Duration (T-Theory , P-Practical , S- Self Studies)
63

K72T002 0cur

Uploaded by

Copyright:

Available Formats

K72T002 0cur

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

K72T002 0cur

Uploaded by

Copyright:

Available Formats

COMPETENCY BASED TRAINING CURRICULUM

Developed and Endorsed by:

State Ministry of Skills Development, Vocational Education,

Tharanga Naleen Gamlath Dr. K. A. Lalithadheera

Mr. M.P. Dileepa Lathsara, Chief Executive Officer

Ms. D. Sunari N De Silva, Senior Manager, Information Security

Ms. Nelushie Keshinie Bandara, Information Security Engineer

Mr. S. P. Christy, Director

Mr. T. K. J. Sandagomi, SGM – Enterprise Risk Management

Mr. K.S.K Silva, Corporate Trainer

Mr. S.M.D.A.S. Suraweera, Project Manager

Dr. J A D J Jayalath, Deputy Director General, Tertiary & Vocational Education

Mr. G.A.M.U.Ganepola, Director, Tertiary & Vocational Education Commission

Mr. P. M. C. P. Gunathilake, Deputy Director, Tertiary & Vocational Education

Mr. Chamara Rupasinghe, Chief Executive Officer

Mr. M.P.Dileepa Lathsara , Chief Executive Officer

Mr. Rohana Palliyaguru, Chief Operating Officer - Sri Lanka CERT | CC

Ms. Nelushie Keshinie Bandara, Information Security Engineer

Mr. Mahinda Kandapahala, Information Security Engineer – Sri Lanka CERT |

Implementation of NVQ Level 5 Curricula

Levels of Credits NVQ Level 5 NVQ Level 6

Level 5 credit (Minimum) 40 Credits (1000 hrs) 50 Credits (1250 hrs)

Level 6 credit (Minimum) 50 Credits (1250 hrs)

Total Number of credit 60 Credits (1500 hrs)

ii. Units Classifications

Core Technical Units in NCS : It is compulsory to include these units in

iii. Approval to establish NVQ Level 5 & 6 Course

iv. Entry Qualification

List of Modules Code No. Page

Employability Modules in Level 5

Module Code Module Competency Unit/s related

K72T002U01, K72T002U02, K72T002U03,

INFORMATION AND CYBER SECURITY TECHNOLOGY

To enable the students to:

At the end of this module the student shall be able to:

Learning  describe the evolution of information security

 Evolution of information security

 Demonstrations- a common breach using an existing vulnerability, Ex - password

Pre-Requisites NVQ 4 or GCE (A/L) with GIT and K72T002M1

To enable the students to:

To enable the students to:

At the end of this module the student shall be able to:

Learning  List the operating system components/layers to secure

Operating Systems and Application Security

Operating System Security

 Demonstrations Identifying vulnerability in an operating system using a

1. Computer and Information Security Handbook - 3rd Edition

To enable the students to:

Module Code K72T002M05

To enable the students to:

At the end of this module the student shall be able to:

Demonstration and group activity

1. Computer and Information Security Handbook - 3rd Edition

To enable the students to:

At the end of this module the student shall be able to:

 Business strategy and enterprise security

 Define physical architecture and map with conceptual architecture

 Define components (specific security areas) architecture and map with

 Operational architecture and Implementation guides: