Scribd
Upload
40 views18 pages

NOS - Vulnerability Assessment and Penetration Testing and IAM Essentials - PDF

vulnerability assessment ethical hacking me kaam aayegi

Uploaded by

kkf761900
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
40 views18 pages

NOS - Vulnerability Assessment and Penetration Testing and IAM Essentials - PDF

vulnerability assessment ethical hacking me kaam aayegi

Uploaded by

kkf761900
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 18

QUALIFICATION FILE–Standalone NOS

Vulnerability Assessment and Penetration Testing and IAM Essentials

☐ Horizontal/Generic ☐Vertical/Specialization

☒ Upskilling ☐ Dual/Flexi Qualification ☐ For ToT ☐ For ToA

☒General ☐ Multi-skill (MS) ☐ Cross Sectoral (CS) ☐ Future Skills ☒ OEM

NCrF/NSQF Level: 5

Submitted By:
National Institute of Electronics and Information Technology (NIELIT)
NIELIT Bhawan,
Plot No. 3, PSP Pocket, Sector-8,
Dwarka, New Delhi-110077,
Phone: - 91-11-25308300
e-mail: - [email protected]
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

Table of Contents
Section 1: Basic Details ............................................................................................................................................................................................................................... 3
Section 2: Training Related ......................................................................................................................................................................................................................... 6
Section 3: Assessment Related .................................................................................................................................................................................................................. 7
Section 4: Evidence of the Need for the Standalone NOS ..................................................................................................................................................................... 7
Section 5: Annexure & Supporting Documents Check List .................................................................................................................................................................... 8
Annexure-I: Evidence of Level ................................................................................................................................................................................................................ 9
Annexure II: Tools and Equipment (lab set-up).................................................................................................................................................................................. 10
Annexure III: Industry Validations/ Government Recognition Summary ........................................................................................................................................ 11
Annexure IV : Training Details .............................................................................................................................................................................................................. 12
Annexure V: Blended Learning ............................................................................................................................................................................................................. 12
Annexure VI : Standalone NOS- Performance Criteria details ........................................................................................................................................................ 13
Annexure VII: Assessment Criteria ...................................................................................................................................................................................................... 15
Annexure VIII: Assessment Strategy ................................................................................................................................................................................................... 16
Annexure IX : Acronym and Glossary.................................................................................................................................................................................................. 17

Page 2 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

Section 1: Basic Details

1. NOS-Qualification Name Vulnerability Assessment and Penetration Testing and IAM Essentials
2. Sector/s IT-ITeS
3. Type of Qualification ☒ New ☐ Revised NQR Code & version of the existing Qualification Name of the
/previous qualification: existing/previous version:

4. National Qualification Register (NQR) Code & Version NG-05-IT-01429-2023-V1-NIELIT & 5. NCrF/NSQF Level: 5
Version 1
6. Brief Description of the Standalone NOS This upskilling course provides a comprehensive exploration of cybersecurity techniques
focused on identifying and addressing vulnerabilities within computer systems.
Participants gain hands-on experience in conducting vulnerability assessments and
penetration tests, learning to identify potential weaknesses and proactively secure
systems against cyber threats. This course is essential for cybersecurity professionals
and IT practitioners seeking to enhance their skills in safeguarding digital environments,
ensuring they are well-equipped to detect and mitigate potential security risks.

It is designed to equip participants with essential knowledge and skills in Identity and
Access Management (IAM). It covers key IAM concepts, including user authentication,
authorization, and directory services. Participants learn to implement IAM best practices,
ensuring secure access controls and effective management of user identities within
organizational systems. This course is crucial for IT professionals and security
practitioners aiming to strengthen their expertise in IAM, contributing to enhanced
cybersecurity and compliance with data protection regulations.

Page 3 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

7. Eligibility Criteria for Entry for a a. Entry Qualification &Relevant Experience:


Student/Trainee/Learner/Employee Relevant
Academic/Skill Qualification (with Specialization - Experience (with
S. No.
if applicable) Specialization - if
applicable)
1 Pursuing^ Final Year B.Tech in any branch of NA
Engineering*

Or

Pursuing^ Final Year MCA


Or

Pursuing^ Final Year B.Sc. in any branch of Sciences*


Or

Pursuing^ Final Year B.Sc. in IT/CS/Electronics/allied


subjects

*Students should have relevant knowledge of the


Networking and programming concepts.

#Students with the above entry requirements are


eligible to take the course subject to clearing the
written test comprising of Analytical Reasoning,
Mathematics and English

^Passout students in the above entry requirements


are also eligible for the course.

b. Age: 21 years
8. Credits Assigned to this NOS-Qualification, Subject to 3 9. Common Cost Norm Category (I/II/III)
Assessment (as per National Credit Framework (NCrF)) (wherever applicable): Category-II
10. Any Licensing Requirements for Undertaking Training Not Applicable
on This Qualification (wherever applicable)

Page 4 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

11. Training Duration by Modes of Training Delivery(Specify ☒ Offline ☐ Online ☐ Blended


Total Duration as per selected training delivery modes and
Practical
as per requirement of the qualification) Training Delivery Mode Theory (Hours) Total (Hours)
(Hours)
Classroom (offline) 40 50 90

The mode of delivery shall be based on the regional demand and can be offered in any
of the above modes mentioned.

12. Assessment Criteria


Theory Practical Project Viva Total Passing
(Marks) (Marks) (Marks) (Marks) (Marks) %age
100 0 0 0 100 50

The centralised online assessment is conducted by the Examination Wing, NIELIT


Headquarters.

13. Is the NOS Amenable to Persons with Disability ☒ Yes ☐ No


If “Yes”, specify applicable type of Disability:

a. Locomotor Disability: Leprosy Cured Person, Dwarfism, Muscular Dystrophy


and Acid Attack Victims
b. Visual Impairment: Low Vision

14. Progression Path After Attaining the Qualification, Penetration Tester


wherever applicable Security Analyst
Security Consultant
Security Auditor
Incident Responder
IAM Specialist
15. How will the participation of women be encouraged? Participation by women can be ensured through Government Schemes. Occasionally,
exclusive batches for women would be run for the proposed courses. Funding is available

Page 5 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

for women’s participation under other schemes launched by the Government from time
to time.

16. Other Indian languages in which the Qualification & Only English
Model Curriculum are being submitted
17. Is similar NOS available on NQR-if yes, justification for ☐Yes ☒ No
this qualification
18. Name and Contact Details Submitting / Awarding Body A. Name: SHRI NILADRI DAS
SPOC Position in the organization: Scientist E
(In the case of CS or MS, provide details of both Lead AB & Address: NIELIT Agartala
Supporting ABs) Tel number(s): 8794028299
E-mail address: [email protected]

B. Name: SHRI BINOY DAS


Position in the organization: Senior Technical Officer
Address: NIELIT Agartala
Tel number(s): 8794822459
E-mail address: [email protected]

19. Final Approval Date by NSQC: 30/11/2023 20. Validity Duration: 3 years 21. Next Review Date: 30/11/2026

Section 2: Training Related

1. Trainer’s Qualification and experience in the relevant B.Tech or Equivalent as per NCrF with 15+ years of experience
sector (in years) (as per NCVET guidelines)
2. Master Trainer’s Qualification and experience in the B.Tech or Equivalent as per NCrF with 15+ years of experience
relevant sector (in years) (as per NCVET guidelines)

Page 6 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

3. Tools and Equipment Required for the Training ☒ Yes ☐No


Available at Annexure-II
4. In Case of Revised NOS, details of Any Upskilling Not Applicable
Required for Trainer

Section 3: Assessment Related

1. Assessor’s Qualification and experience in B.Tech or Equivalent as per NCrF with 15+ years of experience
relevant sector (in years) (as per NCVET
guidelines)
2. Proctor’s Qualification and experience in -
relevant sector (in years) (as per NCVET
guidelines), (wherever applicable)
3. Lead Assessor’s/Proctor’s Qualification -
and experience in relevant sector (in years)
(as per NCVET guidelines)
4. Assessment Mode(Specify the assessment Centralized online examination will be conducted
mode)
5. Tools and Equipment Required for Same as for training ☒ Yes ☐ No
Assessment

Section 4: Evidence of the Need for the Standalone NOS

1. Government /Industry initiatives/ requirement (Yes/No): Yes.

2. Number of Industry validation provided: 4

Page 7 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

3. Estimated number of people to be trained: 1000 persons per year shall be trained.

4. Evidence of Concurrence/Consultation with Line/State Departments (In case of regulated sectors): No

NIELIT is recognised as AB and AA under the Government Category. NIELIT is the HRD arm of MeitY, GoI.

Section 5: Annexure & Supporting Documents Check List

Specify Annexure Name / Supporting document file name

Annexure: NCrF/NSQF level justification based on


1. Available at Annexure-I: Evidence of Level
NCrF/NSQF descriptors (Mandatory)
Annexure: List of tools and equipment relevant for
2. Available at Annexure-II: Tools and Equipment
NOS (Mandatory, except in case of online course)
3. Annexure: Industry Validation Available at Annexure-III: Industry Validation
4. Annexure: Training Details Available at Annexure-IV: Training Details
Annexure: Blended Learning (Mandatory, in case
5. Available at Annexure-V: Blended Learning
the selected Mode of delivery is Blended Learning)
Annexure/Supporting Document: Standalone
NOS- Performance Criteria Details
6. Available at Annexure-VI: Performance Criteria
Annexure/Document with PC-wise detailing as per
NOS format (Mandatory- Public view)
Annexure: Performance and Assessment Criteria
7. Available at Annexure-VII: Detailed Assessment Criteria
(Mandatory)
8. Annexure: Assessment Strategy (Mandatory) Available at Annexure-VIII: Assessment Strategy
9. Annexure: Acronym and Glossary (Optional) Available at Annexure-IX: Acronym and Glossary
10. Supporting Document: Model Curriculum Available at Annexure-A: Model Curriculum

Page 8 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

Annexure-I: Evidence of Level

How the job role/ outcomes relate


Key requirements of the job role/ outcome of the NCrF/NSQF
NCrF/NSQF Level Descriptors to the NCrF/NSQF level
qualification Level
descriptor
Professionals undertaking this course are required to possess a
solid theoretical foundation in cybersecurity concepts, including
vulnerability analysis, penetration testing methodologies, and This course is aligned with higher
knowledge of common cybersecurity threats. Similarly, NSQF/NCrF levels, indicating a
Professional Theoretical participants in the "IAM Essentials" course need a comprehensive need for advanced theoretical
Knowledge/Process theoretical understanding of Identity and Access Management knowledge and practical application 5
principles, encompassing user authentication, authorization in the specialized field of
mechanisms, and directory services, to effectively implement Vulnerability Assessment and
secure access controls and manage user identities within Penetration Testing.
organizational systems.
Professionals completing this course will acquire technical skills in
Individuals completing this
identifying and addressing cybersecurity vulnerabilities through
qualification are likely to possess the
hands-on experience in conducting vulnerability assessments and
Professional and Technical penetration tests. In contrast, participants in the "IAM Essentials" expertise required for roles
Skills/ Expertise/ Professional course will develop professional skills in implementing Identity and demanding advanced and
5
Knowledge specialized knowledge in the field of
Access Management best practices, ensuring secure access
Vulnerability Assessment and
controls, and acquiring technical proficiency in managing user
Penetration Testing.
identities within organizational systems.
Completion of this course enhances employment readiness by
equipping professionals with sought-after cybersecurity skills,
Employment Readiness & making them valuable assets in roles focused on safeguarding Candidates will be learning effective
Entrepreneurship digital environments. Similarly, participants in the "IAM Essentials" communications which will make
5
Skills & Mind-set/Professional course gain entrepreneurship skills by understanding how to them smart in communicating with
Skill implement secure access controls and manage user identities various companies and people.
effectively, contributing to a cybersecurity-focused entrepreneurial
mindset that prioritizes data protection and compliance.

Page 9 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

This course delivers broad learning outcomes by providing


professionals with technical proficiency in identifying and
addressing cybersecurity vulnerabilities, fostering a
comprehensive understanding of cybersecurity threats and
Broad Learning countermeasures. In the "IAM Essentials" course, participants Candidate can perform well under
5
Outcomes/Core Skill gain broad learning outcomes by acquiring knowledge and skills supervision of team lead
in Identity and Access Management principles, enabling them to
implement secure access controls and effectively manage user
identities, contributing to enhanced cybersecurity practices and
compliance.
Imparting comprehensive knowledge and practical skills in
cybersecurity, equipping professionals to detect and mitigate
vulnerabilities in digital systems, ensuring robust defense against Takes complete responsibility for
cyber threats. Similarly, the "IAM Essentials" course bears the delivery and quality of own work and
responsibility of providing participants with essential knowledge output as also the subordinates.
Responsibility 5
and skills in Identity and Access Management, fostering an Shares responsibility for the group
understanding of secure access controls and effective user tasks.
identity management, contributing to heightened cybersecurity
and compliance within organizational settings.

Annexure II: Tools and Equipment (lab set-up)

List of Tools and Equipment


Batch Size: 30

S. No. Tool / Equipment Name Specification Quantity for


specified Batch size
1 Classroom 1 (30 Sq.m) 30

2 Students Chair 30 30

3 Students Table 30 30

Page 10 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

4 Desktop computer with GUI based Operating System, CentOS/Ubuntu Linux, Kali Linux 30
accessories Windows 10, VirtualBox, Open-Source Antivirus, Open Source or
Native Firewall Software
5 Deskjet printer 1 No. Paper-A4

Classroom Aids for offline and blended mode of training:

The aids required to conduct sessions in the classroom are:


1. LCD Projector/Smart Board
2. Pin-up Board
3. WhiteBoard, Markers
Annexure III: Industry Validations/ Government Recognition Summary

S. Organization Name Representative Designation Contact Address Contact E-mail ID


No Name Phone No

1 Software World Amrita Saha Proprietor Ujan Abhoynagar, Manipuripara, 7005261744 [email protected]
Agartala, Tripura(West)

9436740983 [email protected]
2 Bada Biplab Power Iduli Debbarma Designated Partner Agartala West Tripura, Pin:
Solution LLP 799003

9862770077
3 Krishna Industrial Debajit Dey Proprietor Badharghat Chowmuhani [email protected]
Services Agartala, Pin: 799003

Page 11 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

4 JB Youth Computer Nishi Kanta Das Project Coordinator Badharghat Chowmuhani, Siddi 9436740983 [email protected]
Solution & Educational Ashram, Agartala
Society

Annexure IV : Training Details


Training Projections:

Year Estimated Training # of Total Estimated training# of Women Estimated training# of People with Disability
Candidates
2023-24 1000 200 20
2024-25 1000 200 20
2025-26 1000 200 20
Data to be provided year-wise for next 3 years.

Annexure V: Blended Learning

Blended Learning Estimated Ratio &Recommended Tools:


Refer NCVET “Guidelines for Blended Learning for Vocational Education, Training & Skilling” available on:
S. Select the Components of the NOS List Recommended Tools – for all Offline: Online
No. Selected Components Ratio

1 Theory/ Lectures - Imparting theoretical and conceptual knowledge Online interaction platforms like JitSi Meet, 60:40
Bharat VC, Google Meet, MS Teams, etc.
2 Imparting Soft Skills, Life Skills and Employability Skills /Mentorship NA NA
to Learners
3 Showing Practical Demonstrations to the learners Online interaction platforms like JitSi Meet, 60:40
Bharat VC, Google Meet, MS Teams, etc.

Page 12 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

4 Imparting Practical Hands-on Skills/ Lab Work/ workshop/ shop floor PCs/Laptops 100:0
training
5 Tutorials/ Assignments/ Drill/ Practice Online interaction platforms like JitSi Meet, 50:50
Bharat VC, Google Meet, MS Teams, etc.
6 Proctored Monitoring/ Assessment/ Evaluation/ Examinations NIELIT Online Examination Online: 100%
Theory
7 On the Job Training (OJT)/ Project Work Internship/ Candidate NA NA
Training

Annexure VI : Standalone NOS- Performance Criteria details

1. Description:
This course provides hands-on training in cybersecurity, teaching participants to identify and address vulnerabilities through assessments and
penetration tests. On the other hand, the "IAM Essentials" course focuses on imparting essential knowledge and skills in Identity and Access
Management, covering authentication, authorization, and directory services to ensure secure access controls and effective user identity
management.
2. Scope:
The scope covers the following:

 In-demand cybersecurity skills to identify and address vulnerabilities, making professionals crucial in fortifying digital infrastructures
against cyber threats.
 Essential for organizations to implement secure identity and access controls, IAM professionals play a key role in ensuring data security,
regulatory compliance, and effective user management.
 Proficiency in both VAPT and IAM enhances a professional's ability to comprehensively secure digital environments, making them
valuable assets in the ever-evolving landscape of cybersecurity.

3. Elements and Performance Criteria

Elements Performance Criteria

Page 13 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

Vulnerability and Penetration PC1: Ability to identify and categorize common vulnerabilities in various systems and applications,
skilling showcasing a comprehensive understanding of potential security weaknesses.
PC2: Applying advanced techniques and tools to exploit common vulnerabilities, demonstrating
proficiency in the execution of security testing and penetration testing methodologies.
PC3: Utilizing a range of security tools and techniques effectively to assess and exploit
vulnerabilities, showcasing practical skills in cybersecurity practices.
PC4: Producing comprehensive and clear reports detailing identified vulnerabilities, exploited
weaknesses, and recommendations for remediation, demonstrating proficiency in communicating
security findings.
PC5: Ensuring compliance with legal and regulatory requirements while performing vulnerability
assessments and exploitation, exhibiting a strong understanding of the ethical and legal aspects of
cybersecurity practices.
Identity and Access PC1: Demonstrates the ability to understand and implement authentication basics, showcasing
Management competence in verifying and validating user identities within an Identity and Access Management
(IAM) system.
PC2: Exhibits proficiency in designing and implementing robust authorization and access control
mechanisms, ensuring that users have appropriate permissions and restrictions based on their roles
and responsibilities.
PC3: Displays expertise in managing directory services, illustrating a comprehensive understanding
of directory structures, user attributes, and the effective organization of identity-related information.
PC4: Demonstrates the capability to establish secure identity federation, allowing for the seamless
and secure sharing of identity information across multiple systems and domains.
PC5: Exhibits proficiency in implementing Identity and Access Management in cloud environments,
demonstrating the ability to navigate and leverage IAM services in cloud platforms effectively.

4. Knowledge and Understanding (KU):


The individual on the job needs to know and understand:
KU1: Imparts Knowledge of cybersecurity techniques, covering the identification and mitigation of vulnerabilities through hands-on
assessments and penetration testing.

KU2: Gain insights into the methodologies and tools used in vulnerability assessments, equipping them to proactively secure digital
systems against potential cyber threats.
Page 14 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

KU3: Covering authentication, authorization, and directory services to ensure secure access controls and effective user identity
management.

KU4: Acquiring a comprehensive understanding of IAM best practices, enabling them to implement robust identity management solutions
and contribute to organizational cybersecurity.

KU5: Collectively equip participants with the KU needed to address cybersecurity challenges, from identifying vulnerabilities to
implementing secure access controls, fostering expertise in safeguarding digital environments.

5. Generic Skills (GS):


User/individual on the job needs to know how to:
GS1. Follow instructions, guidelines and procedures
GS2. Listen effectively and communicate information accurately
GS3. Apply formatting features to achieve the desired results

Annexure VII: Assessment Criteria

Detailed PC-wise assessment criteria and assessment marks for the NOS are as follows:

S. No. Assessment Criteria for Performance Criteria Theory Practical Project Viva
Marks Marks Marks Marks
Vulnerability and PC1: Ability to identify and categorize common vulnerabilities in various - -
Penetration skilling systems and applications, showcasing a comprehensive understanding of 50 -
potential security weaknesses.
PC2: Applying advanced techniques and tools to exploit common
vulnerabilities, demonstrating proficiency in the execution of security testing
Page 15 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

and penetration testing methodologies.


PC3: Utilizing a range of security tools and techniques effectively to assess and
exploit vulnerabilities, showcasing practical skills in cybersecurity practices.
PC4: Producing comprehensive and clear reports detailing identified
vulnerabilities, exploited weaknesses, and recommendations for remediation,
demonstrating proficiency in communicating security findings.
PC5: Ensuring compliance with legal and regulatory requirements while
performing vulnerability assessments and exploitation, exhibiting a strong
understanding of the ethical and legal aspects of cybersecurity practices.
Identity and Access PC1: Demonstrates the ability to understand and implement authentication 50 - -
Management basics, showcasing competence in verifying and validating user identities -
within an Identity and Access Management (IAM) system.
PC2: Exhibits proficiency in designing and implementing robust authorization
and access control mechanisms, ensuring that users have appropriate
permissions and restrictions based on their roles and responsibilities.
PC3: Displays expertise in managing directory services, illustrating a
comprehensive understanding of directory structures, user attributes, and the
effective organization of identity-related information.
PC4: Demonstrates the capability to establish secure identity federation,
allowing for the seamless and secure sharing of identity information across
multiple systems and domains.
PC5: Exhibits proficiency in implementing Identity and Access Management in
cloud environments, demonstrating the ability to navigate and leverage IAM
services in cloud platforms effectively.
Total Marks 100 - - -

Annexure VIII: Assessment Strategy

This section includes the processes involved in identifying, gathering, and interpreting information to evaluate the Candidate on the required
competencies of the program.

Assessment of the qualification evaluates candidates to ascertain that they can integrate knowledge, skills and values for carrying out relevant tasks as
per the defined learning outcomes and assessment criteria.

Page 16 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

The underlying principle of assessment is fairness and transparency. The evidence of the outcomes and assessment criteria. competence acquired by
the candidate can be obtained by conducting Theory (Online) examination.

About Examination Pattern:

1. The question papers for the theory exams are set by the Examination wing (assessor) of NIELIT HQS.
2. The assessor assigns roll number.
3. The assessor carries out theory online assessments. Theory examination would be conducted online and the paper comprise of MCQ
4. Pass percentage would be 50% marks.
5. The examination will be conducted in English language only.

Quality assurance activities: A pool of questions is created by a subject matter expert and moderated by other SME. Test rules are set beforehand.
Random set of questions which are according to syllabus appears which may differ from candidate to candidate. Confidentiality and impartiality are
maintained during all the examination and evaluation processes.

Annexure IX : Acronym and Glossary


Acronym
Acronym Description
AA Assessment Agency
AB Awarding Body
NCrF National Credit Framework
NOS National Occupational Standard(s)
NQR National Qualification Register
NSQF National Skills Qualifications Framework
Glossary
Term Description
National Occupational NOS define the measurable performance outcomes required from an individual engaged in a particular
Standards (NOS) task. They list down what an individual performing that task should know and also do.
Qualification A formal outcome of an assessment and validation process which is obtained when a
competent body determines that an individual has achieved learning outcomes to given standards

Page 17 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials
Approved in 34rd NSQC Meeting Date 31st November 2023 QUALIFICATION FILE– STANDALONE NOS QUALIFICATION CODE NG-05-IT-01429-2023-V1-NIELIT

Qualification File A Qualification File is a template designed to capture necessary information of a Qualification from the
perspective of NSQF compliance. The Qualification File will be normally submitted by the awarding body
for the qualification.
Sector A grouping of professional activities on the basis of their main economic function, product, service or
technology.

Page 18 of 18
Vulnerability Assessment and Penetration Testing and IAM Essentials

You might also like