end_point_assessment_epa

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
end_point_assessment_epa [2020/03/17 21:33] – [Overview] bobend_point_assessment_epa [2022/11/07 17:51] (current) – [Assignment Brief] emma
Line 1: Line 1:
 ====== End point assessment (EPA) ====== ====== End point assessment (EPA) ======
  
-==== Module CY401 (temporary code) ==== +==== Module UFCFBU-10-3 Level 6 10 credits ====
- +
-===== All information on this page is subject to validation and may change =====+
  
 === Module team leader: EPA team === === Module team leader: EPA team ===
  
-{{ :cyberdegree:cy401_epa.docx |Module specification}}+{{ :cyberdegree:end_point_assessment_cyber_security.pdf |Module specification}}
  
 ==== Overview ==== ==== Overview ====
Line 35: Line 33:
   *demonstration of the business impact achieved during the apprenticeship    *demonstration of the business impact achieved during the apprenticeship 
   *evidence of teamworking; and    *evidence of teamworking; and 
-va signed statement from the employer and the institution confirming this as being the apprentice’s own work and confirming that, in their view, the work demonstrates the required KSBs+  *a signed statement from the employer and the institution confirming this as being the apprentice’s own work and confirming that, in their view, the work demonstrates the required KSBs
   *a signed statement from the apprentice confirming this as their own work.    *a signed statement from the apprentice confirming this as their own work. 
  
-The portfolio presents evidence from real-work projects and is used to help the apprentice answer questions in the Technical Discussion. The apprentice must provide the portfolio to the end point assessment institution at least one week before the commencement of the Technical Discussion point assessment. +The portfolio presents evidence from real-work projects and is used to help the apprentice answer questions in the Technical Discussion. The apprentice must provide the portfolio to the end point assessment institution at least one week before the commencement of the Technical Discussion point assessment. 
 + 
 The portfolio will be developed over a period of 6 months and must include evidence from between six and eight real work projects/pieces of work. Evidence can be in the form of: The portfolio will be developed over a period of 6 months and must include evidence from between six and eight real work projects/pieces of work. Evidence can be in the form of:
-text, graphics, presentations, spreadsheets, project plans  +  *text, graphics, presentations, spreadsheets, project plans  
-the product itself (such as a piece of code)  +  *the product itself (such as a piece of code)  
-job sheets, case studies, screen dumps, links  +  *job sheets, case studies, screen dumps, links  
-photographs  +  *photographs  
-audio  +  *audio  
-video  +  *video  
-written feedback+  *written feedback
    
 Evidence of the technical competencies to be submitted in the EPA portfolio are: Evidence of the technical competencies to be submitted in the EPA portfolio are:
  
-Design, build, configure, optimise, test and troubleshoot simple and complex networks. +  *Design, build, configure, optimise, test and troubleshoot simple and complex networks. 
-Apply statistical techniques to large data sets. Identify vulnerabilities in big data architectures and deployment. +  *Apply statistical techniques to large data sets. Identify vulnerabilities in big data architectures and deployment. 
-Build test and debug a digital system to a specification. +  *Build test and debug a digital system to a specification. 
-Configure an Operating System in accordance with security policy. Identify threats and features. +  *Configure an Operating System in accordance with security policy. Identify threats and features. 
-Write, test, debug programs in high and low level languages and scripts. +  *Write, test, debug programs in high and low level languages and scripts. 
-Design, implement and analyse algorithms. +  *Design, implement and analyse algorithms. 
-Construct software to interact with the real world and analyse for security exploits. +  *Construct software to interact with the real world and analyse for security exploits. 
-Analyse malware & identify its mechanisms. +  *Analyse malware & identify its mechanisms. 
-Apply secure programming principles and design patterns to address security issues. +  *Apply secure programming principles and design patterns to address security issues. 
-Apply system engineering and software development methodologies and models. +  *Apply system engineering and software development methodologies and models. 
-Discover, identify and analyse threats, attack techniques, vulnerabilities and mitigations. +  *Discover, identify and analyse threats, attack techniques, vulnerabilities and mitigations. 
-Assess culture & individual responsibilities. +  *Assess culture & individual responsibilities. 
-Undertake ethical system reconnaissance and intelligence analysis. +  *Undertake ethical system reconnaissance and intelligence analysis. 
-Undertake risk modelling, analysis and trades. +  *Undertake risk modelling, analysis and trades. 
-Undertake risk assessment to an external standard. +  *Undertake risk assessment to an external standard. 
-Apply a management system and develop an information security management plan. +  *Apply a management system and develop an information security management plan. 
-Configure and use security technology components and key management. +  *Configure and use security technology components and key management. 
-Design & evaluate a system to a security case. +  *Design & evaluate a system to a security case. 
-Architect, analyse & justify a secure system. +  *Architect, analyse & justify a secure system. 
-Develop an assurance strategy. +  *Develop an assurance strategy. 
-Security monitoring, analysis and intrusion detection. Recognise anomalies & behaviours. +  *Security monitoring, analysis and intrusion detection. Recognise anomalies & behaviours. 
-Manage intrusion response, including with 3rd parties. +  *Manage intrusion response, including with 3rd parties. 
-Organise testing & investigation work in accordance with legal & ethical requirements. +  *Organise testing & investigation work in accordance with legal & ethical requirements. 
-Develop & apply information security policy to implement legal or regulatory requirements.+  *Develop & apply information security policy to implement legal or regulatory requirements.
  
- +== Technical Discussion ==
-Technical Discussion+
 In the technical discussion the apprentice will cover these technical knowledge, competencies and behaviours: In the technical discussion the apprentice will cover these technical knowledge, competencies and behaviours:
-Assess culture & individual responsibilities.  +  *Assess culture & individual responsibilities.  
-Architect, analyse & justify a secure system.  +  *Architect, analyse & justify a secure system.  
-Develop an assurance strategy.  +  *Develop an assurance strategy.  
-Foundations of cyber security, its significance, concepts, threats, vulnerabilities and assurance.  +  *Foundations of cyber security, its significance, concepts, threats, vulnerabilities and assurance.  
-Human dimensions of cyber security.  +  *Human dimensions of cyber security.  
-Understand security assurance, how to achieve it and how to apply security principles.  +  *Understand security assurance, how to achieve it and how to apply security principles.  
-Assurance concepts & approaches.  +  *Assurance concepts & approaches.  
-Legal, regulatory, compliance & standards environment. +  *Legal, regulatory, compliance & standards environment. 
  
 Behaviours Behaviours
-Makes concise, engaging and well-structured verbal presentations, arguments and explanations.  +  *Makes concise, engaging and well-structured verbal presentations, arguments and explanations.  
-Able to deal with different, competing interests within and outside the organization with excellent negotiation skills.  +  *Able to deal with different, competing interests within and outside the organization with excellent negotiation skills.  
-Able to identify the preferences, motivations, strengths and limitations of other people and apply these insights to work more effectively with and to motivate others.  +  *Able to identify the preferences, motivations, strengths and limitations of other people and apply these insights to work more effectively with and to motivate others.  
-Able to work effectively with others to achieve a common goal. +  *Able to work effectively with others to achieve a common goal. 
-Competent in active listening and in leading, influencing and persuading others.  +  *Competent in active listening and in leading, influencing and persuading others.  
-Able to give and receive feedback constructively and incorporate it into his/her own development and life- long learning.  +  *Able to give and receive feedback constructively and incorporate it into his/her own development and life- long learning.  
-Able to put forward, demonstrate value and gain commitment to a moderately complex technology- oriented solution, demonstrating understanding of business need, using open questions and summarising skills and basic negotiating skills.  +  *Able to put forward, demonstrate value and gain commitment to a moderately complex technology- oriented solution, demonstrating understanding of business need, using open questions and summarising skills and basic negotiating skills.  
-A thorough approach to work in the cyber security role. +  *A thorough approach to work in the cyber security role.  
 +==== EPA ====
  
  
  
-==== Assignment Brief ====+EPA tests all the skills, knowledge and behaviours (KSBs) on the Standard. It is based on two distinct assessment methods, both of which must passed in order for the apprentice to pass the apprenticeship. 
 +  
 +The two EPA methods are:
  
-The full assignment brief will be placed here when it is issued+(a) A Practical Test;  and
  
-=== Component A: Workbook === +(b) Technical Discussion informed by a portfolio. 
- +  
-Issued: Start of block release week 1 +The Independent Assessor will assess and grade the Practical Test and conduct, assess and grade the Technical DiscussionFollowing this, the Independent Assessor will determine whether the apprentice has passed or failed the apprenticeship overall and the grade achieved (failpassmerit or distinction). 
- +  
-Due: Start of block release week 3 +
- +
-During the college sessions the apprentices will complete a series of tasks in a workbookThey will commence with detecting and analysing a security incident. They will then have to demonstrate how the incident is managed.  +
- +
- +
-=== Component B: Report (1,500 words)  === +
- +
-Issued: End of block release week 3 +
- +
-Due: Start of block release week 1 of next module +
- +
-Apprentices will write a report detailing how the security policies in place, or that they have written, in their workplace, implement the required legal and regulatory requirementsThey should identify any actions required to remedy any oversights.    +
  
  
Line 127: Line 116:
 ==== Submission details ==== ==== Submission details ====
  
-To be added+To be added when the arrangements are finalised. 
  
-==== Reading lists ====+==== Reading list ====
  
-To be added+There is no reading list for this module. Apprentices are advised to read the assessment plan issued by the Institute for Apprentices and Technical Education 
 +[[https://www.instituteforapprenticeships.org/media/4343/st0409-cyber-security-technical-prof-l6-proposed-v3.pdf|Link to assessment plan]]
  
 ==== Communication ==== ==== Communication ====
  
-All questions about this module, after the course commences, should be initially directed to the module leader. Prior to that contact Bob Higgie bob.higgie@gloscol.ac.uk+All questions about this module should be directed to the Gloucestershire College program leader. 
  
 Please contact via email, which is monitored continuously Please contact via email, which is monitored continuously
  
  
-==== Advice and support ==== 
  
-To be added+
  • end_point_assessment_epa.1584480829.txt.gz
  • Last modified: 2020/09/18 13:15
  • (external edit)