Please enable JavaScript to use CodeHS

Texas Cybersecurity Capstone Framework


Standard Description
126.52.1A (A) identify and demonstrate employable work behaviors such as regular attendance, punctuality, maintenance of a professional work environment, and effective written and verbal communication; Lessons
126.52.1B (B) identify and demonstrate positive personal qualities such as authenticity, resilience, initiative, and a willingness to learn new knowledge and skills; Lessons
126.52.1C (C) solve problems and think critically; Lessons
126.52.1D (D) demonstrate leadership skills and function effectively as a team member; and Lessons
126.52.1E (E) demonstrate an understanding of ethical and legal responsibilities in relation to the field of cybersecurity. Lessons
126.52.2A (A) develop a personal career plan along with the education, job skills, and experience necessary to achieve career goals; Lessons
126.52.2B (B) develop a resume or a portfolio appropriate to a chosen career plan; and Lessons
126.52.2C (C) illustrate interview skills for successful job placement. Lessons
126.52.3A (A) analyze and apply to a scenario local, state, national, and international cyber law such as David's Law and Digital Millennium Copyright Act; Lessons
126.52.3B (B) evaluate historic cases or events regarding cyber; and Lessons
126.52.3C (C) explore compliance requirements such as Section 508 of the Rehabilitation Act of 1973, Family Educational Rights and Privacy Act of 1974 (FERPA), Health Insurance Portability and Accountability Act of 1996 (HIPAA), and Gramm-Leach-Bliley Act (GLBA). Lessons
126.52.4A (A) debate the relationship between privacy and security; and Lessons
126.52.4B (B) identify ethical or unethical behavior when presented with various scenarios related to cyber activities. Lessons
126.52.5A (A) define the phases of penetration testing, including plan, discover, attack, and report; Lessons
126.52.5B (B) develop a plan to gain authorization for penetration testing; Lessons
126.52.5C (C) identify commonly used vulnerability scanning tools such as port scanning, packet sniffing, and password crackers; Lessons
126.52.5D (D) develop a list of exploits based on results of scanning tool reports; and Lessons
126.52.5E (E) prioritize a list of mitigations based on results of scanning tool reports. Lessons
126.52.6A (A) evaluate symmetric and asymmetric algorithms such as substitution cipher, Advanced Encryption Standard (AES), Diffie-Hellman, and Rivest-Shamir-Adleman (RSA); Lessons
126.52.6B (B) explain the purpose of hashing algorithms, including blockchain; Lessons
126.52.6C (C) explain the function of password salting; Lessons
126.52.6D (D) explain and create a digital signature; and Lessons
126.52.6E (E) explain steganography. Lessons
126.52.7A (A) explain the purpose of establishing system baselines; Lessons
126.52.7B (B) evaluate the role of physical security; Lessons
126.52.7C (C) evaluate the functions of network security devices such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and intrusion detection prevention systems (IDPS); Lessons
126.52.7D (D) analyze log files for anomalies; and Lessons
126.52.7E (E) develop a plan demonstrating the concept of defense in depth. Lessons
126.52.8A (A) explain the benefits of network segmentation, including sandboxes, air gaps, and virtual local area networks (VLAN); Lessons
126.52.8B (B) investigate the role of software-managed networks, including virtualization; Lessons
126.52.8C (C) discuss the role of honeypots and honeynets in networks; and Lessons
126.52.8D (D) create an incoming and outgoing network policy for a firewall. Lessons
126.52.9A (A) identify cyberattacks by their signatures; Lessons
126.52.9B (B) explain proper data acquisition; Lessons
126.52.9C (C) examine evidence from devices for suspicious activities; and Lessons
126.52.9D (D) research current cybercrime cases involving digital forensics. Lessons
126.52.10A (A) describe the integration of artificial intelligence and machine learning in cybersecurity; Lessons
126.52.10B (B) investigate impacts made by predictive analytics on cybersecurity; and Lessons
126.52.10C (C) research other emerging trends such as augmented reality and quantum computing. Lessons
126.52.11A (A) issue commands via the command line interface (CLI) such as ls, cd, pwd, cp, mv, chmod, ps, sudo, and passwd; Lessons
126.52.11B (B) describe the file system structure for multiple operating systems; Lessons
126.52.11C (C) manipulate and edit files within the CLI; and Lessons
126.52.11D (D) determine network status using the CLI with commands such as ping, ifconfig/ipconfig, traceroute/tracert, and netstat. Lessons
126.52.12A (A) collaborate with others to create a technical report; Lessons
126.52.12B (B) create, review, and edit a report summarizing technical findings; and Lessons
126.52.12C (C) present technical information to a non-technical audience. Lessons
126.52.13A (A) differentiate types of attacks, including operating systems, software, hardware, network, physical, social engineering, and cryptographic; Lessons
126.52.13B (B) explain blended threats such as combinations of software, hardware, network, physical, social engineering, and cryptographic; Lessons
126.52.13C (C) discuss risk response techniques, including accept, transfer, avoid, and mitigate; Lessons
126.52.13D (D) develop a plan of preventative measures to address cyberattacks; Lessons
126.52.13E (E) describe common web vulnerabilities such as cross-site scripting, buffer overflow, injection, spoofing, and denial of service; Lessons
126.52.13F (F) describe common data destruction and media sanitation practices such as wiping, shredding, and degaussing; and Lessons
126.52.13G (G) develop an incident response plan for a given scenario or recent attack. Lessons
126.52.14A (A) describe various access control methods such as mandatory access control (MAC), role-based access control (RBAC), and discretionary access control (DAC); Lessons
126.52.14B (B) develop and defend a plan for multi-factor access control using components such as biometric verification systems, key cards, tokens, and passwords; and Lessons
126.52.14C (C) review a disaster recovery plan (DRP) that includes backups, redundancies, system dependencies, and alternate sites. Lessons
126.52.15A (A) explain commonly used physical security controls, including lock types, fences, barricades, security doors, and mantraps; and Lessons
126.52.15B (B) describe the role of embedded systems such as fire suppression; heating, ventilation, and air conditioning (HVAC) systems; security alarms; and video monitoring. Lessons