| 8.1.1 |
Describe the steps of the cybersecurity lifecycle (e.g., people, process and tools) |
Lessons
|
| 8.1.2 |
Write a set of principles, rules, and practices to provide guidance and direction |
Lessons
|
| 8.1.3 |
Follow appropriate decision-making model to determine correct response procedures |
Lessons
|
| 8.2.1 |
Plan, prepare, and develop scope for a Cyber Incident Response Plan |
Lessons
|
| 8.2.2 |
Determine correct detection, mitigation, and reporting processes |
Lessons
|
| 8.2.3 |
Evaluate assessment and decision-making steps when handling an incident or event |
Lessons
|
| 8.2.4 |
Determine correct investigative procedures |
Lessons
|
| 8.2.5 |
Gather intelligence from a variety of sources including open source and others |
Lessons
|
| 8.2.6 |
Document intelligence gathering efforts including who, what, when, where, why, and how |
Lessons
|
| 8.2.7 |
Determine extent of event or incident scope including severity |
Lessons
|
| 8.2.8 |
Determine correct containment steps based on the type of incident or event encountered |
Lessons
|
| 8.2.9 |
Implement the correct eradication response and processes |
Lessons
|
| 8.2.10 |
Determine next steps post investigation (post breach) from legal, HR, news media response |
Lessons
|
| 8.3.1 |
Determine the appropriate security control, technique or process based on the property, system or data you are protecting |
Lessons
|
| 8.3.2 |
Explain the importance of security controls, techniques, and threat risk assessments |
Lessons
|
| 8.3.3 |
Select the appropriate solution to eliminate vulnerabilities and establish a security baseline |
Lessons
|
| 8.3.4 |
Develop plans to protect a variety of property, systems, or data |
Lessons
|
| 8.3.5 |
Implement the appropriate controls to ensure security of property, systems, or data |
Lessons
|
| 8.3.6 |
Compare and contrast alternative methods to mitigate security risks for data in transit and data at rest |
Lessons
|
| 8.4.1 |
Describe the digital chain of custody process for tracking data and equipment (legal evidence) |
Lessons
|
| 8.4.2 |
Describe all steps to capture and maintain evidence |
Lessons
|
| 8.4.3 |
Follow chain of custody procedures |
Lessons
|
| 8.4.4 |
Maintain detailed records (e.g., chain of custody forms, evidence collection forms, etc.) |
Lessons
|
| 8.4.5 |
Track digital evidence (e.g., how it has been gathered, tracked, and protected) |
Lessons
|
| 8.4.6 |
Describe a chain of custody |
Lessons
|
| 8.4.7 |
Develop a plan for data transport, encryption to avoid alteration of data and legal holds |
Lessons
|
| 8.4.8 |
Develop a plan for recovery, disposal of evidence, and follow up |
Lessons
|
| 8.4.9 |
Write a forensics summary report |
Lessons
|
| 9.1.1 |
Summarize basic forensic concepts and practices including eDiscovery, documentation, chain of
custody, and data transport |
Lessons
|
| 9.1.2 |
Determine a first responder’s logical approach during an investigation with objective, evidence-based
research |
Lessons
|
| 9.1.3 |
Review the First Responder steps and processes for proper documentation |
Lessons
|
| 9.1.4 |
Explain what eDiscovery is including the contextual process for electronic evidence collection
(Electronically Stored Information ESI) |
Lessons
|
| 9.1.5 |
Observe and discuss legal restrictions, stipulations, regulatory compliance, and confidentiality when gathering evidence |
Lessons
|
| 9.1.6 |
Summarize Chain of Custody processes during investigations |
Lessons
|
| 9.2.1 |
Explain the proper use of penetration testing versus vulnerability scanning |
Lessons
|
| 9.2.2 |
Explain the many types of vulnerabilities, exploits, and cyber threats a First Responder encounters |
Lessons
|
| 9.2.3 |
Discover the common types of cyber threat actors including Cybercriminals, Attention-Seekers, Hacktivists, Jihadi Hackers, and Nation States |
Lessons
|
| 9.2.4 |
Explain and summarize the common cybersecurity attacks including the preferred tactics, techniques,
and procedures (TTPS) of threat actors |
Lessons
|
| 9.2.5 |
Examine and summarize the targets of cyber threat actors including governments, military agencies, non-profits, and businesses across sectors including retail, legal, energy, healthcare, technology, entertainment, and telecommunications |
Lessons
|
| 9.2.6 |
Review and examine geopolitical flashpoints (e.g., U.S.-China Relations, Iranian Nuclear Accord,
Economic Sanctions on Russia, Syrian Conflict, ISIS-related Activity, North Korean Policy, StateSponsored Cyber Activity, Cybersecurity Regulations) |
Lessons
|
| 9.3.1 |
Describe and demonstrate various methods and tools for threat detection and eDiscovery |
Lessons
|
| 9.3.2 |
Describe and demonstrate vulnerability management methods, practices, and scanning tools |
Lessons
|
| 9.3.3 |
Describe and demonstrate various practices, methods, and tools for penetration testing |
Lessons
|
| 9.3.4 |
Identify encryption methods and demonstrate tools to decipher encrypted data |
Lessons
|
| 9.3.5 |
Review basic cryptography concepts, methods, and its relationship to forensics |
Lessons
|
| 9.3.6 |
Identify Web application exploits, vulnerabilities |
Lessons
|
| 9.3.7 |
Describe and demonstrate Web Application Security and Scanning methods and tools |
Lessons
|
| 9.3.8 |
Identify methods or tools to eliminate cloud exploits and vulnerabilities |
Lessons
|
| 9.3.9 |
Describe and demonstrate a working knowledge of phishing attacks and mitigation steps |
Lessons
|
| 9.4.1 |
Explain what malware is including its history |
Lessons
|
| 9.4.2 |
Review and define the most common malware terminologies |
Lessons
|
| 9.4.3 |
Describe the ways and methods malware is spread |
Lessons
|
| 9.4.4 |
Review the types of malware specifically examining viruses, worms, trojan horses, rootkits ransomware, keyloggers, and grayware attack |
Lessons
|
| 9.4.5 |
Choose one malware scenario and select the appropriate type of mitigation and deterrent techniques |
Lessons
|
| 9.4.6 |
Use appropriate tools and techniques to eliminate malware from spreading |
Lessons
|
| 10.1.1 |
Explain Artificial Intelligence (AI), potential applications, concerns, and opportunities in relation to security issues |
Lessons
|
| 10.1.2 |
Describe machine learning and potential applications, concerns, and opportunities |
Lessons
|
| 10.1.3 |
Explain the role of ethics as it relates to security and emerging technologies |
Lessons
|
| 10.2.1 |
Describe job skills needed for potential careers in new and emerging technologies |
Lessons
|
| 10.2.2 |
Explore potential uses for and industries that may use emerging technologies |
Lessons
|
