1.12.2. |
Differentiate between appropriate and inappropriate information. |
Lessons
|
1.12.3. |
Interpret security policies through job specific training and training updates. |
Lessons
|
1.12.4. |
Apply secure password behavior. |
Lessons
|
1.12.5. |
Apply physical and virtual situational awareness (e.g., clean desk policies, shoulder surfing, social engineering, tailgating). |
Lessons
|
2.1.2. |
Describe authentication, authorization, and auditing. |
Lessons
|
2.1.4. |
Identify security risks and describe associated safeguards and methodologies (e.g., auditing). |
Lessons
|
2.1.5. |
Describe major threats to computer systems (e.g., insider threats, viruses, worms, spyware, ransomware, spoofing, hacking, social engineering, phishing). |
Lessons
|
2.1.10. |
Describe computer forensics, its importance in information security and cybersecurity, and its relevance to law enforcement. |
Lessons
|
2.1.11. |
Identify the need for personal security in digital information and describe how personal information can be safeguarded. |
Lessons
|
2.1.12. |
Practice information security per job requirements. |
Lessons
|
2.1.13. |
Describe privacy security compliance on systems (e.g., Health Insurance Portability and Accountability Act [HIPAA], Payment Card Industry [PCI], Sarbanes Oxley Act [SOX], Americans with Disabilities Act [ADA], General Data Protection Regulation [GDPR], European Union Data Protection Regulation [EUDPR]). |
Lessons
|
3.1.1. |
Differentiate between authentication and authorization. |
Lessons
|
3.1.2. |
Compare authentication techniques (e.g. single factor, multifactor, passwords, biometrics, certificates, Radio Frequency Identification [RFID] cards). |
Lessons
|
3.2.1. |
Identify and implement data and application security. |
Lessons
|
3.2.4 |
Provide user authentication (e.g., assign and reset user accounts and passwords). |
Lessons
|
3.2.5 |
Install, test, implement, and update virus and malware detection and protection software. |
Lessons
|
3.2.6 |
Identify sources of virus and malware infection and remove viruses and malware. |
Lessons
|
3.2.7 |
Provide documentation, training, and support to users on established security procedures. |
Lessons
|
3.3.1. |
Describe network security policies (e.g., acceptable use policy). |
Lessons
|
3.3.5. |
Assess risks based on vulnerability of the organization, likelihood of risk, and impact on the organization. |
Lessons
|
3.3.7 |
Train users in network security procedures |
Lessons
|
3.4.2 |
Analyze system log files to identify security risks. |
Lessons
|
3.4.4. |
Identify the components of human security (e.g., social engineering) and techniques to mitigate human security threats (e.g., policies, procedures, training). |
Lessons
|
3.5.1. |
Describe wireless security risks (e.g., unauthorized access) and how to mitigate them. |
Lessons
|
3.5.2 |
Compare methods of increasing the security of wireless networks and devices (e.g., Media Access Control [MAC] address filtering, Wi-Fi Protected Access [WPA], 802.1x, Remote Authentication Dial In User Service [RADIUS]). |
Lessons
|
3.5.3 |
Research security enhancements provided by Institute of Electrical and Electronics Engineers (IEEE). |
Lessons
|
3.5.4 |
Describe practices and policies for preventing and detecting installation of rogue networks. |
Lessons
|
3.5.5. |
Describe security practices and policies for personal devices. |
Lessons
|
3.5.6. |
Implement and test the security of a wireless network. |
Lessons
|
4.5.6. |
Secure the wireless network. |
Lessons
|
4.6.2 |
Identify the advantages of protocols (e.g., Domain Name System [DNS], File Transfer Protocol [FTP], Hypertext Transfer Protocol [HTTP], Telecommunications Network [Telnet], Remote Desktop Protocol [RDP]], Secure Shell [SSH] ) and associated port numbers. |
Lessons
|
4.6.7. |
Describe a Virtual Private Network (VPN) and identify associated protocols (e.g., Layer 2 Tunneling Protocol [L2TP], Point-to-Point Tunneling Protocol [PPTP]). |
Lessons
|
4.11.2 |
Provision cloud services (e.g., Software as a Service [SaaS], Platform as a Service [PaaS], Infrastructure as a Service [IaaS], Security as a Service). |
Lessons
|
4.13.1. |
Differentiate between disaster recovery and business continuity. |
Lessons
|
4.13.2. |
Identify common backup devices. |
Lessons
|
4.13.3. |
Identify the criteria for selecting a backup system. |
Lessons
|
4.13.4. |
Establish a process for archiving files. |
Lessons
|
4.13.5. |
Develop a disaster recovery plan |
Lessons
|
9.1.1. |
Identify the goals, objectives and purposes of cybersecurity. |
Lessons
|
9.1.2. |
Describe the concepts of malware attack vectors. |
Lessons
|
9.1.3 |
Maintain data security using data labeling, handling and, disposal as prescribed by policy and law. |
Lessons
|
9.1.4 |
Mitigate threats by remaining abreast of industry information. |
Lessons
|
9.1.5. |
Identify types of controls (e.g., Deterrent, Preventive, Detective, Compensating, Technical, and Administrative). |
Lessons
|
9.2.1 |
Perform authorization control (e.g., least privilege, separation of duties, mandatory access, discretionary access, rule-based access control, role-based access control, time of day restrictions, location distractions). |
Lessons
|
9.2.2 |
Implement authentication techniques (e.g., Tokens, Common access card, Smart card, Multifactor authentication, Single sign-on, Biometrics, Personal identification verification card, Username, Federation, Transitive trust/authentication). |
Lessons
|
9.2.3 |
Use authentication factors (e.g., Something you are, Something you have, Something you know). |
Lessons
|
9.2.4 |
Mitigate security implications of third party connectivity and access. |
Lessons
|
9.2.5 |
Implement Data Loss Prevention (DLP). |
Lessons
|
9.2.6 |
Implement perimeter security (e.g., Fencing, Proximity readers, Access list, Proper lighting, Mantraps, Video Surveillance, Signs, Guards, Barricades, Biometrics, Protected distribution (cabling), Alarms, Motion detection). |
Lessons
|
9.2.7 |
Inventory devices. |
Lessons
|
9.3.1. |
Identify application vulnerabilities (e.g., Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, Buffer overflow, Integer overflow, Zero-day, Cookies and attachments, Locally Shared Objects (LSOs), Flash cookies, Malicious add-ons, Session hijacking, Header manipulation, Arbitrary code execution/remote code execution). |
Lessons
|
9.3.2 |
Mitigate application attacks (e.g., SANS, OWASP). |
Lessons
|
9.3.3 |
Implement secure coding concepts (e.g., Error and exception handling, Input validation, Cross-site scripting prevention, Cross-site Request Forgery, (XSRF) prevention, OWASP). |
Lessons
|
9.3.4 |
Implement secure application configuration (e.g., Application hardening, Application patch management). |
Lessons
|
9.3.5 |
Discover and mitigate common database vulnerabilities and attacks. |
Lessons
|
9.3.6. |
Differentiate between Server-side vs. client-side validation. |
Lessons
|
9.4.1 |
Setup and maintain secure roles and system management techniques (e.g., password, group, and user privilege policies and monitoring). |
Lessons
|
9.4.2 |
Secure use of network Protocols (e.g., IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP). |
Lessons
|
9.4.3 |
Apply principles of IPv4 and IPv6 securely. |
Lessons
|
9.4.4 |
Apply wireless security configurations (e.g., Disable SSID broadcast, TKIP, CCMP, Antenna placement, Power level controls). |
Lessons
|
9.4.5 |
Manage PKI and certificates (Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures). |
Lessons
|
9.4.6 |
Use of algorithms/protocols with transport encryption (e.g., SSL, TLS, IPSec, SSH, HTTPS). |
Lessons
|
9.4.7 |
Install and configure network devices (firewalls, switches, load balancers, proxies, web security gateways, VPN concentrators). |
Lessons
|
9.4.8 |
Install and configure network security devices. (Protocol analyzers, Spam filter, UTM security appliances, URL filter, Content inspection, Malware inspection). |
Lessons
|
9.4.9 |
Implement port security. |
Lessons
|
9.4.10 |
Monitor and manage network Unified Threat Management. |
Lessons
|
9.4.11 |
Mitigate network threats (e.g., Flood guards, Loop protection, Implicit deny, Network separation, Log analysis, Unified threat management, peripheral and removable media). |
Lessons
|
9.4.12 |
Apply the principles of secure Network Design (e.g., DMZ, Subnetting, NAT/PAT, Remote access, Telephony, Virtualization). |
Lessons
|
9.5.1. |
Describe, locate, and mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware). |
Lessons
|
9.5.2. |
Describe and discover vulnerabilities to and mitigate network attacks. (e.g., Man-in-the-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks). |
Lessons
|
9.5.3 |
Configure defenses for Password attacks (e.g., Brute Force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables). |
Lessons
|
9.5.4. |
Describe, appraise for, and mitigate Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole). |
Lessons
|
9.6.1 |
Adhere to licensing and intellectual property laws (e.g., copyright, trademark, digital-rights management). |
Lessons
|
9.6.2 |
Adhere to regulatory and industry standards (e.g., PCIDSS, PADSS). |
Lessons
|
9.7.1. |
Recognize digital reconnaissance techniques (e.g., packet capture, OS fingerprinting, topology discovery, DNS harvesting). |
Lessons
|
9.7.4. |
Collect digital evidence according to established policies and protocols (e.g., system image, packet captures). |
Lessons
|
9.8.1 |
Design and implement network segmentation. |
Lessons
|
9.8.2. |
Differentiate between detection controls and prevention controls (e.g., IDS vs. IPS, Camera vs. guard). |
Lessons
|
9.8.3. |
Use discovery tools and utilities to identify threats (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner). |
Lessons
|
9.8.4 |
Create, edit and use roles and system management tools. |
Lessons
|
9.8.5 |
Implement endpoint security. |
Lessons
|
9.8.6 |
Implement Access Control Lists (ACL). |
Lessons
|
9.8.7 |
Deploy a server hardening plan. |
Lessons
|
9.8.8 |
Implement a Network Access Control (NAC) plan. |
Lessons
|
9.8.9 |
Interpret alarms and alert trends. |
Lessons
|
9.8.10 |
Apply Incident response procedures (e.g., Preparation, Incident identification, Escalation and notification, Mitigation steps, Lessons learned, Reporting, Recovery procedures, First responder, Incident isolation, Quarantine, Device removal, Data breach). |
Lessons
|
9.8.11 |
Differentiate between types of Penetration testing (e.g., Black box, White box, Gray box). |
Lessons
|
9.9.1 |
Describe the concepts of Risk Management (e.g., Business continuity concepts, Business impact analysis, Identification of critical systems and components, Removing single points of failure). |
Lessons
|
9.9.2 |
Describe the concepts of Risk assessment (e.g., Disaster recovery plan, IT contingency planning - Succession planning, Redundancy). |
Lessons
|
9.9.3 |
Describe and plan Fault tolerance (e.g., Hardware, RAID, Clustering, Load balancing, Disaster recovery concepts, Backup plans/policies, Backup execution/frequency). |
Lessons
|
9.10.1 |
Enforce concepts related to threat vectors and probability/threat likelihood. |
Lessons
|
9.10.2 |
Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF). |
Lessons
|
9.10.3 |
Implement Governance, risk management and Compliance Management processes (risk mitigation, govern compliance). |
Lessons
|