T Level Technical Qualification in Digital Software

Development (Level 3)
Planning
Content area 6: Data
Students will develop fundamental knowledge and understanding of data relevant
to digital software development in order to communicate with other professionals.
Students will understand how to store, access, quality assure, manipulate,
analyse and process data.

6.1 Data, information and knowledge 0-35 35-70% 70-100%

6.1.1 Know and understand the
differences and relationships between:
• data
• information
• knowledge.
6.1.2 Know and understand sources for
generating data:
• humans: surveys, forms
• artificial intelligence (AI)/machine learning:
dangers of feedback loop
• sensors: temperature, accelerometer,
vibration, sound, light, pressure
• Internet of Things (IoT): smart objects
(thermostats, lights,
security camera, trackers
• transactions: customer data, membership,
timing, basket.
6.1.3 Know and understand ethical data
practices and the metrics to
determine the value of data:
• quantity
• timeframe
• source
• veracity.
6.1.4 Understand how organisations use data
and information:
• analysis to identify patterns
• system performance analysis: load, outage,
throughput, status
• user monitoring: login/logout, resources
accessed
• targeted marketing: discounts, upselling
• threat/opportunity assessment: competitors,
security, compliance.
6.1.5 Understand the interrelationships
between data, information and the way it is
generated, and make judgements about the
suitability of data, information and the way it is
generated in digital software development.
6.2 Methods of transforming data
6.2.1 Know and understand methods of
transforming data:
• manipulating
• analysing
• processing.
6.3 Data taxonomy
6.3.1 Know the definition of each category,
understand its purpose, and understand that
data is categorised as:
• quantitative
• qualitative.
6.3.2 Know the definition for structured data,
understand its purpose and understand that
quantitative data is structured.
6.3.3 Know the definition for unstructured
data, understand its purpose and understand
that qualitative data is unstructured.
representation of quantitative data:
• discrete values
• continuous values
• categorical values.
6.3.5 Know and understand the properties of
qualitative data:
• stored and retrieved only as a single object
• codified into structured data.
6.3.6 Understand the interrelationships
between data categories, data structure and
transformation, and make judgements about
the suitability of data categories, data
structure and transformation in digital
software development.
6.4 Data types
6.4.1 Know the definition of common data
types and understand their purpose and when
each is used:
• integer
• real
• character
• string
• Boolean
• date
• Blob.
6.4.2 Understand the interrelationships
between structured data, unstructured data
and data type.
6.4.3 Understand the interrelationships
between data type and data
transformation.
6.4.4 Be able to make judgements about the
suitability of using structured
data, unstructured data, data types and data
transformations in digital
software development.
6.5 Data formats
6.5.1 Know the definition of common data
formats and understand their
purpose and when each is used:
• JSON
• Text file
• CSV
• UTF-8
• ASCII
• XML.
6.5.2 Understand the interrelationships
between data format and data
transformation and make judgements about
the suitability of using
data formats in digital software development.
6.6 Structures for storing data
6.6.1 Understand the role of metadata in
providing descriptions and contexts for data.
6.6.2 Know the definition of file-based and
directory-based structures and understand
their purposes and when they are used.
6.6.3 Know the definition of hierarchy-based
structure and understand its purpose and
when it is used.
6.6.4 Understand the interrelationships
between storage structures and data
transformation.
6.7 Data dimensions and maintenance
6.7.1 Know the definitions of the six Vs
(dimensions) and understand the six Vs
(dimensions) of Big Data and their impact on
gathering, storing, maintaining and processing:
• volume
• variety
• variability
• velocity
• veracity
• value.
6.7.2 Know the definition of Big Data and
understand that it has multiple dimensions.
6.7.3 Understand the impact of each
dimension on how data is gathered and
maintained.
6.7.4 Know the definitions of data quality
assurance methods and understand
their purpose and when each is used:
• validation
• verification
• reliability
• consistency
• integrity
• redundancy.
6.7.5 Know and understand factors that affect
how data is maintained:
• time
• skills
• cost.
6.7.6 Understand the interrelationships
between the dimensions of data,
data quality assurance methods and factors
that impact how data is
maintained, and make judgements about the
suitability of maintaining,
transforming and quality assuring data in
digital software development.
6.8 Data systems
6.8.1 Know the definition of data wrangling
and understand its purpose and when it is
used.
6.8.2 Know and understand the purpose of
each step of data wrangling:
• structure
• clean
• validate
• enrich
• output.
6.8.3 Know and understand the purpose of
each core function of a data system:
• input
• search
• save
• integrate
• organise (index)
• output
• feedback loop.
6.8.4 Know the types of data entry errors and
understand how and why they occur:
• transcription errors
• transposition errors.
6.8.5 Know and understand methods to avoid
data entry errors:
• validation of user input
• verification of user input by double entry
• drop-down menus
• pre-filled data entry boxes.
6.8.6 Know and understand the factors that
impact data entry:
• time needed to create the screens
• expertise needed to create screens
• time needed to enter the data.
6.8.7 Understand the relationship between
factors that impact data entry and data quality
and make judgements about the suitability of
methods to reduce data entry errors in digital
software development
6.8.8 Understand the relationship between
factors that impact implementation
of data entry and make judgements about the
suitability of implementing
data entry in digital software development.
6.9 Data visualisation
6.9.1 Know and understand data visualisation
formats and when they are used:
• graphs
• charts
• tables
• reports
• dashboards
• infographics.
6.9.2 Know and understand the benefits and
drawbacks of data visualisation
formats based on:
• type of data
• intended audience
• brief.
6.10 Data models
6.10.1 Know the types of data models and
understand how they organise data
into structures:
• hierarchical
• network
• relational.
6.10.2 Know and understand the factors that
impact the selection of data models for
organising data:
• efficiency of accessing individual items of
data
• efficiency of data storage
• level of complexity in implementation.
6.10.3 Understand the benefits and
drawbacks of different data models and make
judgements about the suitability of data
models based on efficiency and complexity.
6.10.4 Be able to draw and represent data
models:
• hierarchical models with blocks, arrows and
labels
• network models with blocks, arrows and
labels
• relational models with tables, rows, columns
and labels.
6.11 Data access across platforms
6.11.1 Understand the features, purposes,
benefits and drawbacks of accessing data
across platforms:
o permissions:
o authorisation
o privileges
o access rights
o rules
• access mechanisms:
o role-based access (RBAC)
o rule-based access control (RuBAC)
o Application Programming Interfaces (API).
6.11.2 Know and understand the benefits and
drawbacks of methods to access data across
platforms.
6.11.3 Understand the interrelationships
between data access requirements and data
access methods and make judgements about
the suitability
of accessing data in digital software
development.
6.12 Data analysis tools
6.12.1 Know data analysis tools and
understand their purpose and when they
are used:
• storing Big Data for analysis:
o data warehouse
o data lake
o data mart
• analysis of data:
o data mining
o reporting
• use of business intelligence gained through
analysis:
o financial planning and analysis
o customer relationship management (CRM):
– customer data analytics
– communications.
6.12.2 Understand the interrelationships
between data analysis tools and the
scale of data.
Content area 7: Digital environments
7.1 Hardware
7.1.1 Understand the features and use of
different types of physical computers:
• personal computers
• mobile devices (smartphones and tablets)
• servers
• embedded devices.
7.1.2 Understand the features and use of
different types of hardware devices:
• input devices
• output devices
• processors:
o number of cores
o clock speed
o cache size
o mobile processors
• main memory:
o RAM (Random Access Memory)
o ROM (Read-only Memory)
• secondary storage:
o magnetic
o solid state
o optical
• motherboard
• graphics processing units
• network interface devices:
o PCI (Peripheral Component Interconnect)
o USB (Universal Serial Bus)
• cooling:
o air cooling
o liquid cooling
• sensors.
7.2 Software
7.2.1 Understand the features and use of
operating systems:
• batch:
o non-interactive applications
o high volume
o scheduling
• multitasking:
o concurrent execution of multiple tasks
o time-slicing
o interrupts
• real-time operating system:
o monitoring and control applications
o transaction processing
• network operating system:
o resource sharing
o user management
o communication
• mobile operating system:
o smartphones and tablets
o lower processing requirements
o increased battery life.
7.2.2 Understand the features and use of
common utilities:
• file management
• defragmenters
• file compression
• package managers
• protection software
• backup software.
7.2.3 Understand the features and use of
common code development tools:
• integrated development environments:
o code editing tools
o debugging tools
o screen design tools
• compilers
• interpreters.
7.2.4 Understand the features and use of
common application software:
• word processors
• spreadsheets
• databases
• email
• project management software.
7.3 Networks
7.3.1 Understand the benefits and drawbacks
of connecting devices to form networks.
7.3.2 Understand the features of different
types of networks:
• number of users
• connection media
• coverage media
• network types:
o personal area network (PAN)
o local area network (LAN)
o metropolitan area network (MAN)
o wide area network (WAN)
o virtual private network (VPN).
7.3.3 Understand the features, characteristics,
benefits and drawbacks of
connectivity methods:
• wired:
o copper/ethernet
o fibre-optic
• wireless:
o wireless access points.
7.3.4 Understand the features, benefits and
drawbacks of the common
network topologies:
• star
• mesh
• tree
• logical versus physical.
7.3.5 Understand the features, benefits and
drawbacks of different
network models:
• client-server
• thin client
• peer-to-peer.
7.3.6 Understand the role of common
components of a network:
• server
• client
• router
• network switch
• internet connection/internet backbone.
7.3.7 Understand the seven-layer OSI (open
systems interconnection) model, including the
function and related protocols of each layer:
• application layer
• presentation layer
• session layer
• transport layer
• network layer
• data link layer
• physical layer.
7.3.8 Understand the four-layer TCP/IP
(transmission control protocol/ internet
protocol) model, including the function and
related protocols
of each layer:
• application layer
• transport layer
• internet layer
• network layer.
7.3.9 Understand the role of data packets in
transmitting over a network, including:
• contents and structure of a data packet
• role of the components of a data packet
• packet switching:
o causes of packet loss
• error handling:
o cyclic redundancy check (CRC).
7.3.10 Understand the role of common
network protocols:
• web protocols:
o HTTP
o HTTPS
• mail protocols:
o SMTP
o POP
o IMAP
• routing protocols:
o RIP
o OSPF
• application protocols:
o FTP
o SFTP
o DHCP
o DNS.
7.3.11 Understand the concepts of bandwidth
and latency, and their effect on the
performance of networks and connected
systems.
7.4 Virtual environments
7.4.1 Understand the role and characteristics
of common virtual environment components:
• virtual machines:
o clients (virtual PC, virtual switch, virtual
router)
o servers
• hypervisors:
o type 1
o type 2.
7.4.2 Understand the key features of virtual
environments:
• increased security
• managed execution
• sharing
• aggregation
• emulation
• isolation
• portability.
7.4.3 Understand the benefits of the use of
virtual environments:
• cost effectiveness for large environments
• easy management
• resilience
• potentially lower carbon footprint
• improved disaster recovery options
• better testing environments
• provision of education and training options.
7.4.4 Understand the drawbacks of the use of
virtual environments:
• extra hardware load
• slower execution time
• potential for false representation of
performance.
7.5 Cloud environments
7.5.1 Understand different types of cloud:
• private
• public.
7.5.2 Understand the benefits of the use of
cloud:
• portability
• elasticity
• fewer storage limitations
• cost effectiveness.
7.5.3 Understand common cloud delivery
models, their advantages and disadvantages,
and the way in which responsibility and
ownership of resources are distributed
between the client and the cloud provider:
• Infrastructure as a Service (IaaS):
o client manages application software, system
software (middleware and operating system),
runtime, data and user accounts
o cloud provider manages virtualisation and
hardware (servers, network and storage)
• Platform as a Service (PaaS):
o client manages application software, data
and user accounts
o cloud provider manages virtualisation,
hardware (servers, network and storage) and
systems software (middleware and operating
system) and runtime
• Software as a Service (SaaS):
o client manages user accounts and data
o cloud provider manages virtualisation,
hardware (servers, network
and storage) systems software (middleware
and operating system),
runtime and application software.
7.6 Resilient digital environments
7.6.1 Understand the benefits of resilient
environments and the impact on
organisations and clients:
• increased security:
o data security (storage and transfer)
o reduced vulnerabilities
• increased reputation:
o protect brand/image
o retain customer confidence
• reduction in downtime.
7.6.2 Understand methods used to improve
the resilience of digital environments:
• software updates/upgrades:
o planned updates/upgrades
o patches in response to new vulnerabilities
• hardware replacement:
o rolling replacement plans
o secure disposal
• data and system redundancy
• device hardening:
o removal of unneeded ports, applications,
permissions and access
• backup systems and recovery procedures:
o onsite
o remote/offsite
o cloud
• hot, cold and warm sites
• standard operating procedures:
o effective staff training
o induction
o new digital systems
o new or updated policies.
Content area 8: Security
8.1 Security risks
8.1.1 Know the type of confidential
information held by organisations:
• Human Resources:
o salaries and benefits
o staff personal details
• commercially sensitive information:
o client details
o stakeholder details
o intellectual property
o sales numbers
o contracts
• access information:
o usernames
o passwords
o multi-factor authentication (MFA) details
o personal identification number (PIN)
o access codes
o passphrases
o biometric data.
8.1.2 Understand why information must be
kept confidential by organisations:
• salaries and benefits:
o prevent competitors from offering higher
wages to attract staff
o prevent employees from comparing
salaries/demanding
comparable pay
• staff details:
o protect privacy
o prevent competitors from directly contacting
them
• intellectual property:
o prevent competitors from copying designs
• client details:
o prevent competitors from contacting clients
o protect client privacy
• sales numbers
• access information:
o prevent unauthorised access.
8.1.3 Understand the potential impact to an
organisation of failing to maintain
privacy and confidentiality:
• non-compliance with regulations:
o loss of licence to practise
• loss of trust
• damage to organisation’s image
• financial loss:
o fines
o refunds
o loss of earnings/termination of contracts
• legal action
• reduced security.
8.2 Types of threats and vulnerabilities
8.2.1 Understand potential technical threats
and their impacts on
organisations and individuals including
prevention and
mitigation methods:
• botnets
• denial of service (DoS)/distributed denial of
service (DDoS)
• malicious hacking:
o hacktivists/nation states/organised
crime/individuals
o password cracking/brute force
o cross-site scripting
o SQL injection
o buffer overflow
• malware:
o viruses
o worms
o key loggers
o ransomware
o spyware
o remote access trojans
• social engineering:
o phishing
o spear phishing
o smishing
o vishing
o pharming
o watering hole attacks
o USB baiting
• domain name server attack/redirection of
traffic
• insecure application programming interfaces
(APIs)
• man-in-the-middle attacks
• open/unsecured Wi-Fi networks.
8.2.2 Understand potential technical
vulnerabilities to systems and data:
• inadequate security processes:
o weak encryption
o inadequate password policy
o failure to use multi-factor authentication
• out-of-date components:
o hardware
o software (lack of support/compatibility with
legacy systems,
zero-day bugs)
o firmware.
8.2.3 Understand potential human threats,
including prevention and mitigation
methods, to systems and data:
• human error:
o file properties
o confirmation boxes
o staff training
• malicious employee:
o immediate removal from premises
o suspend user accounts immediately
• disguised criminal:
o accompany all visitors
o check identification of visitors
• poor cyber hygiene:
o locking all unattended machines
o not writing down passwords
o poor password management.
8.2.4 Understand potential physical
vulnerabilities, including prevention and
mitigation methods, to systems, data and
information, including:
• lack of access control:
o entry control systems
• poor access control:
o do not allow tailgating
o use complex access codes
o change codes regularly
o monitor access areas
o audit of staff access to secure areas
• nature of location:
o protect against shoulder surfing
o protect against the environment
o protect against vandalism
• poor system robustness:
o rugged machines
• natural disasters.
8.2.5 Understand the potential impact to an
organisation of threats and
vulnerabilities:
• loss/leaking of sensitive data
• unauthorised access to digital systems
• data corruption
• disruption of service
• unauthorised access to restricted physical
areas.
8.3 Threat mitigation
8.3.1 Understand the purposes, processes,
benefits and drawbacks of common threat
mitigation techniques:
• security settings:
o hardware
o software
• anti-malware software:
o function
o actions
• intrusion detection
• encryption:
o hashing
o symmetric
o asymmetric
• user access policies
• staff vetting
• staff training
• software-based access control
• device hardening
• backups:
o type (full, incremental, differential)
o safe storage
• software updates
• firmware/driver updates
• air gaps
• certification of APIs (application programme
interfaces)
• VPNs (virtual private networks)
• multi-factor authentication
• password managers
• port scanning
• penetration testing:
o ethical hacking
o unethical hacking.
8.3.2 Understand the processes and
procedures that assure internet security and
the reasons why they are used:
• firewall configuration:
o rules for traffic (inbound and outbound)
o traffic type rules
o application rules
o IP address rules
• network segregation:
o virtual
o physical
o offline network
• network monitoring
• port scanning.
8.4 Interrelationship of components required
for effective security
8.4.1 Understand how the relationships in the
CIA triad interrelate:
• confidentiality:
o ensuring that data is kept private by
controlling who has access
to the data
• integrity:
o ensuring that the data has not been
tampered with; this can be
done by maintaining confidentiality
• availability:
o ensuring that data is available and useful;
this can be done by
ensuring integrity.
8.4.2 Understand the elements of the
Identification Authentication Authorisation
Accountability (IAAA) model, including the
techniques
used and their benefits and drawbacks:
• identification:
o recognising the individual within a digital
system
o knowledge-based identification, including
username
o possession-based identification methods
o biometric-based ID methods
• authentication:
o verifying the identity claimed during the
identification phase
o multi-factor authentication methods
o passwords and passphrases
o biometric authentication
• authorisation:
o ensuring that authenticated users can only
access resources
and perform actions that they are permitted to
o role-based, using the role of the user within
the digital system
o access control lists
• accountability:
o ensuring that any actions within a system can
be traced back
to the responsible user
o audit logs
o user activity.