1.1 Understand the types of preventative business control techniques

and be able to apply and maintain them in protecting the digital

security of an organisation

• Preventative control techniques:

o physical:

– specialist locks (anti-picking)

– barriers (for example, fencing, bollards)

– gates

– cages

– flood defence systems

– temperature control (for example, air conditioning)

o combined – managed access:

– card readers

– biometric

– video

– pin/passcodes

o administrative, policies and procedures:

– separation of duties and relevance of role-based access

o technical – domains and security policies:

– allowlist

– denylist

– access control lists

– sandboxing

– device hardening

– certificate authority.

• Set up a domain services environment with security controls

(for example, group-based security and permissions, password

complexity).

• Set up and deploy a certificate authority (for example,

directory certificate services – install onto PC).

• Implement security controls in a business environment in line

with NCSC cyber essentials:

o boundary firewalls

o secure configuration (for example, enabling multi-factor

authentication (MFA))

o access control

o malware protection

o patch management

• Configure and apply appropriate access control methods to end user

devices (for example, authentication, MAC, DAC, ABAC, RBAC).

• Manage documents and data accurately in accordance with data

protection legislation.

(E5, D1, D5, D6)

1.2 Understand the types of detective business control techniques in

protecting the digital security of an organisation

• Detective control techniques:

o physical:

– closed-circuit television (CCTV)

– motion sensors

o administrative, policies and procedures:

– logs (for example, logs of temperature in server room,

error logs)

– review/audit (for example, people entering and leaving

the facilities).

1.3 Understand the types of corrective business control techniques in

protecting the digital security of an organisation

• Corrective control techniques:

o physical:

– fire suppression (for example, sprinklers, extinguishers)

– gas suppression (for example, inert and chemical gas systems)

o administrative, policies and procedures:

– standard operating procedure (for example, actions taken when

a fire is identified).

1.4 Understand the types of deterrent business control techniques in

protecting the digital security of an organisation

• Deterrent control techniques:

o physical:

– security guards

– alarm systems

– visible surveillance systems

o administrative, policies and procedures:

– standard operating procedure (for example, setting alarm

system, fire drill)

– employment contracts stipulating codes of conduct

– acceptable usage policies.

1.5 Understand the types of directive business control techniques in

protecting the digital security of an organisation

• Directive control techniques:

o physical:

– signage

– mandatory ID badge display (employees and visitors)

o administrative, policies and procedures:

– agreement types

– general security policies and procedures

– regular and compulsory staff training (for example,

human firewall training).

1.6 Understand the types of compensating business control

techniques in protecting the digital security of an organisation

• Compensating control techniques:

o physical:

– temperature controls (for example, air conditioning)

o administrative, policies and procedures:

– role-based awareness training

– standard operating procedures (for example,

environmental control monitoring).

1.7 Be able to apply and monitor appropriate business control

techniques and policies and procedures to ensure personal,

physical and environmental security

• Review the identified risk:

o gather information from system and users.

• Select, apply and monitor appropriate business control techniques:

o preventative

o detective

o corrective

o deterrent

o directive

o compensating

o recovery.

• Comply with relevant regulatory and organisational policies

and procedures.

(D3)

1.8 Understand components of a disaster recovery plan in protecting

the digital security of an organisation

• Disaster recovery plan (DRP) components:

o physical:

– back-ups

– off-site alternative storage of servers

o administrative, policies and procedures of a DRP supported by an

organisational business continuity plan (BCP):

– ensuring all systems maintain functionality (for example,

arranging hardware)

– ensuring users can access systems away from the main

building site

– deploying back-ups to maintain data integrity

– ensuring digital changes continue to meet business needs

– managing assets across the network and logging changes

(for example, tagging and logging laptops)

– reporting infrastructure changes to management.

1.9 Understand the types of impacts that can occur within an

organisation as a result of threats and vulnerabilities

• Danger to life – breaches in health and safety policies (for example,

injury and death).

• Privacy – breaches of data (for example, compromised confidential

business data, identity theft).

• Property and resources – damage to property and systems.

• Economic – financial loss or impairment.

• Reputation – damage to brand and business value.

• Legal – fines, prosecution.

1.10 Understand the potential vulnerabilities in critical systems

• Unauthorised physical access to network ports.

• User account control.

• Single point of failure.

• Open port access:

o universal serial bus (USB)

o network ports.

• Wireless networks.

1.11 Understand the impact of measures and procedures that are put in

place to mitigate threats and vulnerabilities

• Measures:

o recovery time objective (RTO)

o recovery point objective (RPO)

o mean time between failure (MTBF)

o mean time to repair (MTTR).

• Procedures:

o standard operating procedure (SOP):

– installation procedure

– back-up procedure

– set-up procedure.

o service level agreement (SLA):

– system availability and uptime

– response time and resolution timescales.

1.12 Understand the process of risk management

• Process:

o identification – identifying potential risk or threats and

vulnerabilities

o probability – likelihood of occurrence (for example, high,

medium, low)

o impact – assess damage that can occur (for example,

asset value)

o prioritisation – rank risks based on the analysis of probability

and impact, ownership of risk

o mitigation – reducing probability or impact of risk.

1.13 Understand approaches and tools for the analysis of threats and

vulnerabilities

• Approaches:

o qualitative – non-numeric:

– determine severity using red, amber, green (RAG) rating:

 red – high risk requiring immediate action

 amber – moderate risk that needs to be observed closely

 green – low risk with no immediate action required

o quantitative – numeric:

– analyse effects of risk (for example cost overrun,

resource consumption).

• Tools:

o fault tree analysis

o impact analysis

o failure mode effect critical analysis

o annualised loss expectancy (ALE)

o Central Computer and Telecommunications Agency (CCTA)

Risk Analysis and Management Method (CRAMM)

o strength, weakness, opportunity, threat (SWOT) analysis

o risk register – risk is identified and recorded using a RAG rating.

1.14 Understand factors involved in threat assessment for the

mitigation of threats and vulnerabilities

• Environmental:

o extreme weather

o natural disaster

o animals (for example, rodent in server room)

o humidity

o air quality.

• Manmade:

o internal:

– malicious or inadvertent activity from employees and contractors

o external:

– malware

– hacking

– social engineering

– third-party organisations

– terrorism.

• Technological:

o technology failures and faults:

– misconfigured devices

– Wi-Fi dropouts

– inaccessible systems

– VPN not connecting

– expired passwords

o device failure and faults (for example, laptops,

tablets, telephones):

– hard disk failure

– RAM failure

– damaged peripherals

o system failures and faults:

– software breakages/corruption

– inaccessible websites

o impact of technical change:

– potential downtime

– system/software upgrades

– misconfigured systems.

• Political:

o changes/amendments in legislation.

1.15 Understand the purpose of and be able to carry out risk

assessment in a digital support context

• Purpose:

o to identify and reduce risk by:

– implementing Health and Safety Executive (HSE) guidelines to

projects (for example, supporting users with safe ergonomic

equipment usage and accessibility)

– investigating risks within the project environment (for example,

undertaking a PESTLE analysis)

– internal and external risk identification (for example,

system access for employees and contractors)

– quantification of impact on asset value (for example,

financial loss as a result of downtime).

• Conduct a security risk assessment in line with the risk management

process for a system (for example, BYOD):

o assess the system and identify components.

• Apply the risk management process:

o identify possible risks within the system

o calculate the probability and impact of the identified risk

o analyse and prioritise based on level of risk to system o record all relevant findings and actions accurately and concisely using appropriate technical terms.

(E4, M6, D4)

1.16 Understand types of risk response within a digital support context

• Types of response:

o accept – the impact of the risk is deemed acceptable

o avoid – change scope to avoid identified risk

o mitigate – reduce the impact or probability of the identified risk

o transfer – contractually outsource the risk to another party.

1.17 Understand the process of penetration testing within digital

support

• Penetration testing (for example wireless network tests):

o customer engagement

o information gathering

o discovery and scanning

o vulnerability testing

o exploitation

o final analysis and review

o utilise the test results.

1.18 Understand the considerations in the design of a risk mitigation

strategy and be able to demonstrate continuous improvement

through the application of risk mitigation in maintaining the

digital security of

an organisation and its data in a digital support context

• Risk response (for example, accept, avoid, mitigate or transfer

the risk).

• User profile (for example, requirements, ability level).

• Cost and benefit.

• Escalation to appropriate authority within organisation.

• Identify, gather and systematically organise information on incidents

in preparation for analysis.

• Process and analyse trends in incident data to identify

underlying risks.

• Identify user profile (for example, requirements, ability level).

• Identify and apply risk mitigation techniques to the identified threats,

vulnerabilities or incidents detected in end user devices

(for example, installing RMM software, device hardening).

• Monitor and review as part of a continuous improvement process:

o assign an owner of the risk

o plan contingencies

o update devices with current security software

o interpret the outputs of penetration testing.

1.19 Understand the purpose of technical security controls as risk

mitigation techniques and their applications to business risks

within a digital support context

• Purpose – to improve network security for users and systems.

• Technical security controls and their applications:

o 5 cyber essentials controls:

– access control – restricting access to a minimum based on user

attributes (for example, principle of least privilege, username

and password management)

– patch management – maintaining system and software updates

to current levels

– malware protection – maintaining up-to-date anti-malware/

anti-virus software and regular scanning

– boundary firewalls and internet gateways – restricting the flow

of traffic in systems

– secure configuration – ensuring user only has required

functionality (for example, removing unnecessary software,

configuration to limit web access)

o device hardening – removing unneeded programs, accounts

functions, applications, ports, permissions and access

o remote monitoring and management (RMM) (for example,

end user devices)

o vulnerability scanning (for example, port scanning,

device scanning).

1.20 Be able to demonstrate continuous improvement through the

application of risk mitigation in maintaining the digital security

of an organisation and its data in a digital support context

• Identify, gather and systematically organise information on incidents

in Preparation for analysis.

• Process and analyse trends in incident data to identify

underlying risks.

• Identify user profile (for example, requirements, ability level).

• Identify and apply risk mitigation techniques to the identified threats,

vulnerabilities or incidents detected in end user devices

(for example, installing RMM software, device hardening).

• Monitor and review as part of a continuous improvement process:

o assign an owner of the risk

o plan contingencies

o update devices with current security software

o interpret the outputs of penetration testing

o record all relevant findings and actions accurately and concisely

using appropriate technical terms.

(E4, M5, D4)

1.21 Understand the purpose and types of encryption as a risk

mitigation technique and their applications

• Purpose – to store and transfer data securely using cryptography.

• Types of encryption and their applications:

o asymmetric encryption – applied to send private data from one

user to another (for example, encrypted email systems)

o symmetric encryption – applied to encrypt and decrypt a message

using the same key (for example, card payment systems).

• Data at rest encryption:

o full disk encryption – applied to encrypt the contents of an entire

hard drive using industry standard tool (for example, Windows,

macOS)

o HSM – safeguards digital keys to protect a device and its data

from hacking

o TPM – applied to store encryption keys specific to the host device.

• Data in transit encryption:

o SSL – applied to create an encrypted link between a website and

a browser using security keys for businesses to protect the data

on their websites

o TLS – applied to encrypt end-to-end communication between

networks (for example, in email, websites and instant messaging).

1.22 Understand the purpose, criteria and types of back-up involved in

risk mitigation

• Purpose:

o maintaining an up-to-date copy of data to enable future recovery

and restoration (for example, full disaster recovery or partial data

loss).

• Back-up criteria:

o frequency (for example, periodic back-ups)

o source (for example, files or data)

o destination (for example, internal, external)

o storage (for example, linear tape open (LTO), cloud, disk).

• Types of back-up:

o full

o incremental

o differential

o mirror.

1.23 Understand the relationship between organisational policies

and procedures and risk mitigation and be able to explain their

importance in respect of adherence to security

• Organisational digital use policy:

o standard operating procedures for:

– network usage and control (for example, monitoring bandwidth,

identifying bottlenecks)

– internet usage (for example, restricted access to sites,

social media)

– bring your own device (BYOD)

– working from home (WFH) (for example, DSE assessment)

– periodic renewal of password

– software usage (for example, updating applications).

• Health and safety policy for:

o standard operating procedures:

– lone working

– manual handling/safe lifting (for example, moving hardware)

– working at height

– fire safety (for example, staff training)

– Reporting of Injuries, Diseases and Dangerous Occurrences

Regulations (RIDDOR) 2013.

• Change procedure – approval and documentation of all changes:

o auditing of policies and standard operating procedures – ensuring

all actions are routinely examined (for example, to ensure

continued compliance).

• Explain the purpose and application of each policy and procedure,

summarising key information and using appropriate technical terms:

o digital use policy

o health and safety policy.

• Explain the potential impact on security if policies and procedures

are not adhered to (for example, danger to life, privacy).

(E5, D5)

1.24 Understand the purpose and application of legislation, industry

standards and regulatory compliance, and industry best practice

guidelines for the security of information systems in the context

of digital support

• Legislation:

o EU General Data Protection Regulation (GDPR):

– purpose – standardises the way data is used,

stored and transferred to protect privacy

– applications within digital support:

 article 1 – subject matter and objectives

 article 2 – material scope

 article 3 – territorial scope

 article 4 – definitions

 article 5 – principles relating to processing of personal data

 article 6 – lawfulness of processing

 article 7 – conditions for consent.

o Data Protection Act (DPA) 2018:

– purpose – UK interpretation of GDPR to protect data

and privacy

– applications within digital support:

 used fairly, lawfully and transparently

 used for specified, explicit purposes

 used in a way that is adequate, relevant and limited to only

what is necessary

 accurate and, where necessary, kept up-to-date

 kept for no longer than is necessary

 handled in a way that ensures appropriate security, including

protection against unlawful or unauthorised processing,

access, loss, destruction or damage

o Computer Misuse Act 1990:

– purpose – protects an individual’s computer rights

– applications within digital support:

 unauthorised access to computer materials (point 1 to 3)

 unauthorised access with intent to commit or facilitate

commission of further offences (point 1 to 5)

 unauthorised acts with intent to impair, or with recklessness

as to impairing, operation of computer (point 1 to 6).

• Industry standards and regulatory compliance:

o ISO 27001:2017:

– purpose – certifiable standard for information security

management

– applications within digital support:

 GDPR/DPA 2018

 information security

 information management

 penetration testing

 risk assessments.

o Payment Card Industry Data Security Standard (PCI DSS):

– purpose – worldwide standard for protecting business card

payments to reduce fraud

– applications within digital support:

 build and maintain a secure network

 protect cardholder data

 maintain a vulnerability management program

 implement strong access control measures

 regularly monitor and test networks

 maintain an information security policy.

Industry best practice guidelines:

o National Cyber Security Centre (NCSC) ‘10 Steps to

Cyber Security’:

– purpose – inform organisations about key areas of

security focus

– applications within digital support:

 user education and awareness

 home and mobile working

 secure configuration

 removable media controls

 managing user privileges

 incident management

 monitoring

 malware protection

 network security

 risk management regime.

o Open Web Application Security Project (OWASP):

– purpose:

 implements and reviews the usage of cyber security tools

and resources

 implements education and training for the general public

and for industry experts

 used as a networking platform.

– applications within digital support:

 support users with online security

 improve security of software solutions.

1.25 Understand the principles of network security and their

application to prevent the unauthorised access, misuse,

modification or denial of a computer, information system or data

• The CIA triad – confidentiality, integrity and availability applied to the

development of security policies.

• IAAA (identification, authentication, authorisation and accountability)

– applied to prevent unauthorised access by implementing security

policies to secure a network further:

o applying directory services

o security authentication process

o using passwords and security implications

o identification and protection of data

o maintaining an up-to-date information asset register.

1.26 Understand methods of managing and controlling access to

digital systems and their application within the design of network

security architecture

• Authentication – restricts or allows access based on system

verification of user.

• Firewalls – restricts or allows access to a defined set of services.

Apply and monitor appropriate access control methods to support

physical and virtual infrastructure as required:

o intrusion detection system (IDS) – analyses and monitors network

traffic for potential threats

o intrusion prevention system (IPS) – prevents access based on

identified potential threats

o network access control (NAC) – restricts or allows access based

on organisational policy enforcement on devices and users

of network

o mandatory access control (MAC) – restricts or allows access

based on a hierarchy of security levels

o discretionary access control (DAC) – restricts or allows access

based on resource owner preference

o attribute-based access control (ABAC) – restricts or allows access

based on attributes or characteristics

o role-based access control (RBAC) – restricts or allows access to

resources based on the role of a user

o rule-based access control (RuBAC) – use a rule list to define

access parameters.

1.27 Understand physical and virtual methods of managing and

securing network traffic and their application within the design of

network security architecture

• Physical (for example businesses utilising servers, firewalls and

cabling):

o software defined networking (SDN):

– transport layer security (TLS) (for example,

used for banking websites)

o demilitarised zone (DMZ)

o air gapping.

• Virtual:

o virtual LAN (VLAN):

– virtual private network (VPN) (for example, intranet,

file systems, local network systems)

o virtual routing and forwarding (VRF)

o subnets

o IP security (IPSec)

o air gapping.

1.28 Understand techniques applied and be able to install and

configure software to ensure cyber security for internet connected

devices, systems and networks

• Wireless security – WPA2 and WPA3 and use of end-to-end security

implemented to monitor access to Wi-Fi systems.

• Device security – password/authentication implemented to improve

device security.

• Encryption.

• Virtualisation

• Penetration testing.

• Malware protection.

• Anti-virus protection.

• Software updates and patches.

• Multi-factor authentication.

• Single logout (SLO).

• Install and configure software on end user devices:

o vulnerability scanning software (for example port scanning

software, device scanning software)

o anti-malware software

o firewall software.

• Apply device hardening to remove unnecessary software.

• Check installation and configuration on end user devices.

• Harden devices:

o change default passwords

o set correct permissions on files and services

o apply updates and fixes

o remove unnecessary software

o apply security policies

o disable unauthorised devices.

• Test that the installation and configuration of end user devices has

been successful.

(E4, D1, D6)

1.29 Understand the importance of cyber security to organisations and

society

• Organisations:

o protection of:

– all systems and devices

– cloud services and their availability

– personnel data and data subjects (for example,

employee information, commercially sensitive information)

– password protection policies for users and systems

– adherence to cyber security legislation to avoid financial,

reputational and legal impacts

– protection against cybercrime.

• Society:

o protection of personal information to:

– maintain privacy and security

– protect from prejudices

– ensure equal opportunities

– prevent identity theft

individuals’ rights protected under DPA 2018:

– be informed about how data is being used

– access personal data

– have incorrect data updated

– have data erased

– stop or restrict the processing of data

– data portability (allowing individuals to get and reuse data for

different services)

– object to how data is processed in certain circumstances.

o protection against cybercrime.

1.30 Understand techniques applied to cyber security for internet

connected devices, systems and networks

• Wireless security – WPA2 and WPA3 and use of end-to-end security

implemented to monitor access to Wi-Fi systems.

• Device security – password/authentication implemented to improve

device security.

• Encryption.

• Virtualisation.

• Penetration testing.

• Malware protection.

• Anti-virus protection.

• Software updates and patches.

• Multi-factor authentication.

• Single logout (SLO).

1.31 Understand the fundamentals of network topologies and network

referencing models and the application of cyber security

principles

• Topologies:

o bus

o star

o ring

o token ring

o mesh

o hybrid

o client-server

o peer-to-peer.

• Network referencing models:

o open systems interconnection (OSI) model:

– application layer

– presentation layer

– session layer

– transport layer

– network layer

– data link layer

– physical layer

o transmission control protocol/internet protocol (TCP/IP):

– application layer

– transport layer

– network layer

– network interface layer.

• The minimum cyber security standards principles applied to network

architecture:

o identify – management of risks to the security of the network,

users and devices:

– assign cyber security lead

– risk assessments for systems to identify severity of different

possible security risks

– documentation of configurations and responses to threats and

vulnerabilities

o protect – development and application of appropriate control

measures to minimise potential security risks:

– implementation of anti-virus software and firewall

– reduce attack surface

– use trusted and supported operating systems and applications

– decommission of vulnerable and legacy systems where

applicable

– performance of regular security audits and vulnerability checks

– data encryption at rest and during transmission

– assign minimum access to users

– provide appropriate cyber security training

o detect – implementation of procedures and resources to identify

security issues:

– installation and application of security measures

– review audit and event logs

– network activity monitoring

o respond – reaction to security issues:

– contain and minimise the impacts of a security issue

o recover – restoration of affected systems and resources:

– back-ups and maintenance plans to recover systems and data

– continuous improvement review.

1.32 Understand the common vulnerabilities to networks, systems and

devices, and the application of cyber security controls

• Missing patches, firmware and security updates:

o application of cyber security controls:

– patch manager software

– tracking network traffic

– test groups/devices to test security.

• Password vulnerabilities (for example, missing, weak or default

passwords, no password lockout allowing brute force or dictionary

attacks):

o application of cyber security controls:

– minimum password requirements in line with up-to-date

NCSC guidance (for example, length, special character)

– password reset policy.

• Insecure basic input-output system (BIOS)/unified extensible

firmware interface (UEFI) configuration:

o application of cyber security controls:

– review BIOS/UEFI settings

– update BIOS.

• Misconfiguration of permissions and privileges:

o application of cyber security controls:

– testing permissions and access rights to systems

– scheduled auditing of permissions and privileges

(for example, remove access of terminated staff).

• Unsecure systems due to lack of protection software:

o application of cyber security controls:

– protecting against malware (for example, virus, worm,

trojan, ransomware)

– update security software

– monitoring security software

– buffer overflow.

• Insecure disposal of data and devices:

o application of cyber security controls:

– compliance with Waste Electrical and Electronic Equipment

(WEEE) Directive 2013

– checking and wiping all data devices.

• Inadequate back-up management:

o application of cyber security controls:

– back-up frequency

– application of appropriate types of back-up.

• Unprotected physical devices:

o application of cyber security controls:

– install correct software.

2.1 Understand the values of agile methodologies and work practices

• Individuals and interactions over processes and tools.

• Working software over comprehensive documentation.

• Customer collaboration over contract negotiation.

• Responding to change over following a plan.

2.2 Understand the applications of agile methodologies and work

practices in support of continuous innovation and development

in a digital environment

• Scrum:

o defined roles, events, artefacts and rules

o applies daily scrums

o workloads are broken down into sprints.

• Kanban:

o manages workloads by balancing demands with available

capacity

o identifies bottlenecks in workload

o manages work using a Kanban board

o uses work in progress (WIP) limits to prevent over-commitment.

• Dynamic systems development method (DSDM):

o fixed cost, quality and time

o uses MoSCoW in the prioritisation of scope.

• Feature-driven development:

o breaks down development into smaller features

o plans, designs and builds by feature.

• Crystal:

o focuses on communications and interactions between people over

processes and tools.

• Lean (7 principles):

o eliminate waste

o build in quality

o create knowledge

o defer commitment

o deliver fast

o respect people

o optimise the whole.

• Extreme programming (XP):

o advocates frequent releases in short development cycles

o introduces check points when new customer requirements can

be adopted

o uses planning and feedback loops.

2.3 Understand the incorporation of digital technologies by

organisations into key areas of business operations and the

implications for digital support roles

• Key areas:

o finance:

– budget/finance dashboards

– invoicing processes

– online expense tracking

o sales and marketing:

– customer relationship management (CRM) systems

– social media management and tools

o operations:

– performance dashboards

– online ticket systems

o human resources:

– personnel management systems

– digital training

o communications:

– video conferencing

– email

– collaborative platforms

o research and development:

– access to information

– development environments (for example computer-aided

design (CAD), integrated development environment (IDE).

• Implications for digital support roles:

o increased demand for support due to organisational system’s

reliance on digital systems

o increased training needs of workforce due to reliance on digital

competencies and digital skills

o increased requirement for CPD to support changing systems

and technologies

o requirement to operate and maintain changing digital information

systems to support the organisation to collect, store, maintain and

distribute information.

2.4 Understand the application of service functions in creating a

domain within a networked environment

• Active directory domain services (AD DS):

o active directory – provides functionality to centrally manage

and organise user and device accounts, security groups and

distribution lists, contained in organisational units (OUs)

o group policy – provides functionality to create group policy objects

(GPOs) which can be applied to OUs. GPOs can be applied to

deploy settings and files to users’ profiles and devices, based on

their OU.

• Dynamic host configuration protocol (DHCP) – a network

management protocol to assign IP addresses and network

configuration to a network client device.

• Domain name system (DNS) – for the translation of hostnames to

IP addresses.

• File server and distributed file system (DFS) – to provide shared disk

access and manage permissions.

• Print server – to provide shared printer access.

• Mail servers – manage emails to/from client mailboxes.

• Certificate authorities – application of digital certificates to certify the

ownership of a public key for use in encryption.

2.5 Understand the applications and processes of content

management system (CMS) and the methods used to identify

and resolve user problems

• Problem/incident and request management:

o logging/raising of support requests

o tracking of request progress

o tracking open and closed tickets.

• Knowledge management:

o identification of staff training needs (for example,

use of particular software)

o collating of user support knowledge.

• Change management:

o supporting implementation of new systems.

• Configuration/asset management:

o tracking software licences

o responding to requests for hardware and software

o decommission or redeployment of systems/users.

• Methods used to identify and resolve user problems:

o troubleshooting to diagnose problems:

– information gathering:

 investigation of support requests

 investigation of probable causes

 troubleshoot issues (for example, check line speeds,

check uptime and downtime)

problem analysis:

 elimination of known fixes and problems

 elimination of potential causes

 consideration of remaining possibilities

– test remaining possibilities:

 testing and elimination of possible causes

 identify the appropriate solution

– problem resolution:

 backing up data on system

 implementing the solution

 testing the solution

 repeating the process until required outcome

 documenting the cause and solution on content

management system

 implementing security controls to mitigate against

cause reoccurring.

2.6 Understand the types of end user devices and systems where

content management systems can be applied to identify and

resolve user problems

• Desktop:

o thick clients

o thin clients.

• Cloud workspaces:

o free cloud workspaces

o paid licensed cloud workspaces.

• Mobile devices:

o tablets

o smartphones

o wearable technology (for example, smartwatches)

o e-reader.

• Laptops.

• Peripherals:

o mouse

o keyboard

o monitors

o printers/scanners

o speakers

o projectors

o storage drives

o magnetic reader/chip reader

o smart card reader.

• IoT:

o smart buildings:

– alarm systems (for example, fire, security)

– metres (for example, water, power)

– lighting

o smart devices:

– autonomous vehicles

– TVs.

2.7 Understand the types of operating systems and how they are used

in a digital support environment

• End user (for example, Windows, macOS, Linux):

o used on desktop PCs and laptops.

• Mobile (for example, iOS, Android):

o used on tablets, devices and mobile phones.

• Server (for example, Windows, Linux):

o used in client-server network environments.

2.8 Understand the range of application types used in a digital

support context

• Productivity software:

o word processing software

o spreadsheet software

o presentation software

o visual diagramming software.

• Web browser.

• Collaboration software:

o email client

o conferencing software

o voice over internet protocol (VoIP)

o instant messaging software

o online workspace

o document sharing.

• Business software:

o database software

o project management software

o business-specific applications (bespoke)

o accounting software

o customer relationship management (CRM)

o ticket management software.

• Development software:

o computer-aided design (CAD)

o integrated development environment (IDE).

2.9 Understand application installation and configuration concepts

in a digital support context and be able to install and configure

software and systems

• System requirements:

o storage space

o RAM

o compatibility

o processor

o OS.

• Hard disk drive (HDD) configuration:

o advantages:

– increased storage capacity

– lower cost

o disadvantages:

– high risk of damage due to moving parts

– greater potential to overheat.

• Solid state drive (SSD) configuration:

o advantages:

– faster access

– faster write and rewrite speeds

– lower risk of damage due to no moving parts

– applied in devices to reduce device size (for example

mobile phone, tablet)

o disadvantages:

– higher cost

– less storage capacity.

• Network card configuration:

o advantages:

– efficiency

– highly secure

– runs efficiently

o disadvantages:

– higher cost

– performance lifespan.

• Resource setup for performance optimisation.

• Permissions:

o folder/file access for installation and operation

o user authorisation

o principle of least privilege.

• Security considerations:

o impact to device

o impact to network

o impact on usability

o impact on the way data is stored.

• Install and configure software and systems onto end user devices:

o remotely install an operating system and configure

system settings:

– select appropriate boot drive and configure with the correct

partitions/formats

– configure domain set-up

– configure time, date, region and language settings

– install additional drivers

– install any available updates (for example Windows updates)

– upgrade an existing operating system ensuring all user data

is preserved.

• Install productivity software:

o apply software updates

o install network-based software.

2.10 Understand operating system (OS) deployment considerations in

a digital support context

• System requirements.

• Hardware configuration.

• Methods of installation and deployment:

o network-based

o local (for example, CD/USB)

o virtualised

o cloud-based.

• Boot methods:

o internal hard drive:

– SSD

– HDD

o external media drive:

– USB-based/solid state (for example, flash drive,

hot-swappable drive)

o network-based:

– preboot execution environment (PXE)

– Netboot.

• Partitioning:

o dynamic

o basic

o primary

o extended

o logical

o GUID Partition Table (GPT).

• File system types:

o Extensible File Allocation Table (exFAT)

o FAT32

o New Technology File System (NTFS)

o Resilient File System (ReFS)

o Network File System (NFS)

o third extended file system (ext3)

o fourth extended file system (ext4)

o Hierarchical File System (HFS)

o swap partition.

• File system formatting:

o quick format:

– files easier to recover

– no scanning for bad sectors

– less time intensive

o full format:

– full scrubbing of files

– files harder to recover

– full scan of bad sectors

– more time intensive.

2.11 Understand the types of deployment methods and the advantages

and disadvantages of their application

• Unattended installation – requires minimal technician response due

to pre-defined options being set up:

• Thin imaging:

o advantages:

– used on a large scale

– used on a variety of devices

– ability to put out latest software for build

– flexibility

o disadvantages:

– requires more maintenance

– more difficult to configure.

• Base image:

o advantages:

– used on a large scale

– built to meet specific purpose

– easier to create

o disadvantages:

– more difficult to maintain

– less flexible.

• In-place upgrade – upgrading an operating system without a full

clean install

o advantages:

– efficient process

– user profiles are not lost

– simple process

o disadvantages:

– potential compatibility issues

– requires operating system media or large download.

• Manual clean install – installing an operating system with the

installation media:

o advantages:

– most appropriate/latest version of operating system

– simple process

o disadvantages:

– may require a back-up

– timely process.

• Repair installation – performing a repair installation without data loss

and without upgrading:

o advantages:

– no loss of data

– no need to check compatibility

– may resolve operating system and application instabilities

o disadvantages:

– manual process

– may not resolve operating system and application instabilities.

• Multi-boot – ability to boot a single device with multiple operating

systems

o advantages:

– ability to run multiple operating systems from different

manufacturers

o disadvantage:

– difficult to set up and maintain.

• Remote network installation – installing an operating system from

a network boot:

o advantages:

– physical access may not be needed

– takes advantage of unattended installation

– efficient deployment to multiple devices

o disadvantages:

– speed of deployment is limited to network capabilities

– specific network configuration may be required

– requirement for specific device features (for example

PXE booting capabilities)

– significant configuration required.

2.12 Be able to deploy software applications and operating systems

remotely

• Gather and analyse user data to determine requirements.

• Select and configure appropriate deployment method:

o thin imaging:

– gather software installer and drivers and build task sequence

o base image:

– install operating systems, drivers and software

– configure operating system, applications and drivers

– capture disk image.

• Deploy operating system with chosen method.

• Apply updates to operating system, applications and drivers.

• Test deployment meets business requirements.

• Comply with organisational safety and security policies

and procedures.

2.13 Understand the steps in creating and deploying disk images

• Creation of a base image file.

• Creation of customisation or answer file.

• Addition of any additional drivers and software required.

• Distribution of the image.

• Deployment of the image.

• Updating software versions and drivers to avoid introducing

vulnerabilities and instabilities.

2.14 Understand the benefits of using image files to deploy operating

systems or software

• Automation requires fewer resources.

• Ensures consistency of deployment.

• Reduces ongoing support costs.

• Quick system restoration.

2.15 Understand the purpose and process of system recovery and

restoration

• System recovery:

o fixes a system in its current state

o preserves all files and folders.

• System restoration:

o applied when system recovery fails

o reverts system back to a previous state.

• Process:

o ensuring data is backed up

o booting in system recovery tools

o following on-screen instructions

o testing of issue to confirm resolution.

2.16 Understand the purpose and types of corporate and internet

service provider (ISP) email configurations and their applications

within digital support

• Email configuration – server configuration of an email account used

when traffic moves through a firewall or when configuring an email

account set-up:

o Post Office Protocol 3 (POP3) – used to receive emails from the

server to a local piece of software

o Internet Message Access Protocol (IMAP) – allows emails to be

held on a mail server and received by software

o Simple Mail Transfer Protocol (SMTP) – used to receive emails

that are sent over the internet

o Secure/Multipurpose Internet Mail Extensions S/MIME) – used to

send encrypted email messages

o port and Secure Sockets Layer (SSL) settings – encrypted

connection between the website server and the browser to

improve security

o Transport Layer Security (TLS) – successor to SSL, used to

provide security for data.

2.17 Understand the process of the configuration of on-premises and

cloud-based integrated commercial provider email services:

• Ensuring alignment with corporate policy.

• Configure user profiles (for example, usernames, passwords,

email signatures).

• Identifying and selecting:

o provider (for example, G Suite, Microsoft 365)

o protocol (for example, SMTP, IMAP, POP3)

o configure mail exchange (MX) record

o domain for incoming mail

o domain for outgoing mail.

2.18 Understand the purpose of remote access and its application

within digital support

• Purpose:

o facilitates work from a remote location using network resources as

if connected to a physical network or a choice of multiple networks

(for example, facilitates working from home due to office closure

as part of a BCP).

• Applications:

o desktop sharing

o remote support (for example, fault diagnosis, remote correction of

user issues)

o off-site working.

2.19 Understand the role and configuration factors of a VPN in

securing remote access and remote support to protect data

• Role:

o encrypts network traffic

o masks IP address to increase privacy.

• Configuration factors:

o settings

o client configurations

o server configurations

o port and security protocols (for example, TLS, SSL)

o encryption setting and certificates

o authentication.

2.20 Understand the process of configuring a simple VPN

• Configuration of the VPN server:

o enabling the VPN service

o configuring IP address and DNS hostnames of the VPN interface

o managing user access including authentication and permissions.

• Configuration of the client device:

o creating the connection

o setting the destination IP address and fully qualified domain name

(FQDN)

o setting permissions and conditions.

2.21 Understand the support processes provided to end users and

customers

• User management:

o adding users

o removing users

o accessing times.

• Password management:

o complexity setting

o expiry

o reset on next logon.

• Permissions and privileges:

o access to resources

o group policies

o configuring shared resources.

• Installation and deployment of software.

• Connection to remote resources.

• Fault identification.

• Issue escalation from first to third line support.

• Knowledge management:

o documentation.

• Known fixes.

• SOPs.

• Asset management.

• Auditing.

2.22 Be able to solve problems as they arise and apply appropriate

methods in a digital support context

• Apply troubleshooting to diagnose problems:

o information:

– investigate support requests

– investigate probable causes

– troubleshoot issues.

o problem analysis:

– eliminate known fixes and problems

– eliminate potential causes

– consider remaining possibilities.

o test remaining possibilities:

– test and eliminate possible causes

– identify the appropriate solution.

o apply problem resolution:

– back-up data on system

– implement the solution

– test the solution

– repeat process until required outcome is achieved

– document the cause and solution on fault logging system.

o implement actions to mitigate against the cause reoccurring.

2.23 Be able to monitor and operate information systems

• Analyse performance of system components:

o hardware

o software

o database

o network

o people.

• Assess and monitor the appropriate security controls

(for example, firewalls, anti-virus).

• Monitor network performance and user traffic.

• Operate and maintain assets:

o track software licences

o respond to requests for hardware and software

o log and tag assets correctly.

• Support users via face to face or remote access software:

o train users in use of the system

o organise and record user issues within a content

management system

o user password management

o fault identification

o issue escalation.

• Record and summarise all relevant findings and actions to inform

future policies and procedures:

o logically organise all findings

o using appropriate technical terms.

2.24 Understand the components of version control management and

its application within digital support

• Fresh installation:

o OS

o application software

o utility software

o licensing.

• Patching and updating:

o system updates (for example OS updates)

o driver/firmware updates

o anti-virus/anti-malware updates

o software and applications.

• Updates:

o installation of updates

o rollback procedures:

– rollback device drivers

o rollback OS update failures

o rollback updates.

• Deployment using network tools (for example, group policy):

o locally installed

o network deployed

o testing

o release control.

2.25 Understand the process of asset management and its application

in digital support

• Identification and planning:

o user needs

o organisational needs

o constraints

o deployment strategies.

• Acquisition and implementation:

o sourcing assets (for example hardware and software)

o integration into current system.

• Operation and maintenance:

o tracking software licences

o responding to requests for hardware and software.

• Decommissioning and redeployment:

o removing non-utilised assets

o decommissioning out-of-date systems

o management of new or leaving staff profiles.

2.26 Understand the purpose and applications of mobile device

management (MDM) and be able to configure accessories and

ports of mobile devices

• Purpose:

o tracks and locates mobile devices

o secures mobile devices

o manages use of devices

o manages configurations:

– wireless data network

– cellular data network

– hotspot

– tethering

– airplane mode

– Bluetooth

– email accounts.

• Applications:

o segregation:

– multiple profile options for personal and professional use

– management of application data

– compliance with organisational policies and procedures.

• Remote management:

o remote wipe

o disabling functionalities

o restricts mobile devices

o controls app store

o restricts calling/data use

o controls back-up and synchronisation.

• Security:

o screen lock

o encrypts device

o password enforcement

o failed login attempts/login restrictions

o multi-factor authentication.

• Authenticator applications (for example, Google authentication,

fast identity online (FIDO)).

• Apply mobile device management (MDM) to configure mobile

devices to allow:

o wireless data networks

o cellular data networks

o hotspots

o tethering

o airplane mode

o Bluetooth

o email accounts.

2.27 Be able to explain the application and benefits of digital solutions

to meet specific requirements

• Analyse requirements:

o access to information, services or products

o conducting transactions.

• Identify the best application of digital solutions to meet requirements:

o digital systems (for example, content management systems)

o productivity software

o digital technologies.

• Explain the benefits of applying the identified digital solution:

o express ideas clearly and concisely

o use appropriate level of detail to reflect audience requirements

o use technical terminology.

2.28 Be able to operate digital information systems and tools to

maintain information and delivery of a digital support service

• Operate information systems to collect, store, maintain and distribute

information to support service delivery.

• Process and review user feedback data on service:

o critically analyse validity of user feedback.

• Maintain service delivery and information:

o create, action and update tickets

o communicate the status of tickets with users

o monitor and record system performance

o support users remotely by utilising remote support software.

• Record and summarise all relevant findings and actions to inform

future policies and procedures:

o logically organise all findings

o using appropriate technical terms.

2.29 Understand the methods and tools used to train others in

using digital systems and technologies, and the appropriate

applications of these methods and tools

• Methods:

o shadowing

o desk side

o remote support

o e-learning

o VR

o AR

o smart boards

o applications (for example Kahoot!, Padlet)

o simulation.

• Tools:

o crib sheets

o smart sheets

o webinars

o screencasts

o managed learning environments (MLE)

o virtual learning environments (VLE)

o sandboxed environments

o MOOCs.

3.1 Understand and be able to identify types of sources of knowledge

that can be applied within digital support

• Academic publications (for example, textbooks, research journals

and periodicals).

• Supplier literature (for example, handbooks or online articles for

specific devices, computers or laptops).

• Search engines (for example, Google, Bing).

• Websites (for example, wikis, forums, Stack Overflow,

manufacturers’ websites).

• Social media (for example, company profiles for Twitter/X,

Facebook and LinkedIn).

• Blogs (for example, reviews of new technologies, opinions on

topical issues in the digital sector).

• Vlogs (for example, demonstrations, tutorials on digital

technologies).

• Professional networks (for example, digital transformation

networking events/conferences).

• E-learning (for example, MOOCs, recognised vendor qualifications,

Cisco).

• Peers (for example, colleagues, network contacts, other industry

professionals).

• Be able to identify sources of knowledge and apply factors that

legitimise their use to meet requirements in a digital infrastructure

context:

o identify and clarify the parameters of the requirements

o identify appropriate sources of knowledge (up to 3) (for example,

search engines, blogs)

o apply the factors of reliability and validity to identified sources

(for example, authority, date of publication)

o assess and review potential bias of sources

o assess and review the identified sources’ appropriateness to meet

the requirements.

(E4, D1)

3.2 Understand the factors of reliability and validity to be applied to

legitimise the use of sources of knowledge

• Industry-certified accreditation (for example, Cisco certified network

associate (CCNA1), Microsoft technology associate (MTA), network

fundamentals).

• Appropriateness.

• Evidence-based:

o citations.

• Relevant context.

• Credibility of author:

o affiliated to specific bodies (for example, government,

industry regulators)

o reputation

o experience (for example relevant qualification in subject).

• Target audience – produced with specific audience requirements

taken into consideration (for example use of technical/non-technical

terminology).

• Publication:

o version (for example use of the current version)

o date of publication (for example if the content is outdated).

3.3 Be able to search for information to support a topic or scenarios

within digital support and corroborate information across multiple

sources

• Identify and clarify the parameters of the search (for example

explore the future of the digital economy, identify trends in Big Data).

• Identify the sources of data that contain the required information.

• Safely and securely search sources for the information required.

• Corroborate sources by applying cross-referencing across

multiple sources.

• Apply reliability and validity factors.

• Assess and review potential bias of sources.

(E4, D5)

3.4 Understand the factors of bias and be able to identify bias when

using sources of knowledge in a specific digital support content

• Types of conscious and unconscious bias:

o author/propriety bias – unweighted opinions of the author

or owner

o confirmation bias – sources support a predetermined assumption

o selection bias – selection of sources that meets specific criteria

o cultural bias – implicit assumptions based on societal norms.

• Indicators of bias within sources:

o partiality

o prejudice

o omission.

• Bias reduction:

o based on fact/evidence

o inclusive approach:

– full representation of demographics

– objectivity.

• Identify bias:

o identify the types of bias (for example, confirmation, unconscious)

o identify the indicators of bias within the source

o explain clearly and concisely how bias has been created within

the source

o explain clearly and concisely how bias can be avoided within

sources.

3.5 Understand and be able to demonstrate the process of critical

thinking and the application of evaluation techniques and tools

• Process of critical thinking:

o identification of relevant information:

– different arguments, views and opinions

o analysis of identified information:

– identify types of bias and objectivity

– understand links between information and data

o selection of relevant evaluation techniques and tools

o evaluation of findings and drawing of conclusions

o recording of conclusions.

• Evaluation techniques:

o formative evaluation

o summative evaluation

o qualitative (for example, interviews, observations, workshops)

o quantitative (for example, experiments, surveys, statistical

analysis) benchmarking

o corroboration:

– cross-referencing

o triangulation.

• Evaluation tools:

o gap analysis

o KPI analysis

o score cards

o observation reports

o user diaries

o scenario mapping

o self-assessment frameworks

o maturity assessments.

• Apply the process of critical thinking to meet requirements:

o identify relevant information

o analyse the information

o select and apply appropriate evaluation techniques and tools

o evaluate findings

o logically organise and record conclusions.

• Select and apply techniques and tools to support evaluation in a

digital infrastructure context:

o identify and clarify the parameters of the evaluation

o select appropriate techniques and tools to support the evaluation

o apply the selected techniques and use the appropriate tools to

support the evaluation

o record the findings of the evaluation for the requirement.

(E1, E3, E4, M5, M6, M8, D2, D3, D4)

3.6 Understand the functions of incident and request management

systems in communicating information

• Reporting:

o ticket-based:

– users log issue via ticket system or email

– digital support manually input details if user contacts

via telephone

– tracks issue trends

– records internal customer satisfaction

o online chat bots:

– artificial intelligence (AI) responds to commonly asked

questions

– efficient use of digital support resource.

• Recording requirements:

o user/customer details

o issue details

o resolution

o time taken.

• Tracking and communicating progress:

o visibility on status and escalation.

3.7 Understand methods of communication and sharing knowledge

and their application within a digital support context

• Integrated and standalone IT service management tools:

o incident and problem management systems

o change management systems.

• Knowledge bases and knowledge management systems.

• Wikis and shared documents.

• Shared digital workspaces.

• Telephone.

• Instant messaging.

• Email.

• Video conferencing.

• Digital signage.

• Social media:

o organisational

o public

o personal.

• Blogs.

• Community forums.

• Project management tools (for example, issue logs, Gantt charts,

Kanban boards, burndown charts).

• Policy, process and procedure documents.

3.8 Be able to compare options of sources and rationalise the actions

taken to ensure the reliability and validity of sources

• Identify the sources for comparison.

• Apply the relevant reliability and validity factors to the sources.

• Compare the outcomes of the validity and reliability actions.

• Explain and recommend the choice of action to ensure the sources

are reliable and valid, using appropriate technical terms.

(E1, E3, E5, M5, D3)