Standards in this Framework
Standards Mapped
Mapped to Course
| Standard | Lessons |
|---|---|
|
19.01
Define cybersecurity. |
|
|
19.02
Describe how information security evolved into cybersecurity and the impact of the Internet on the pace and nature of the evolution. |
|
|
19.03
Describe the individual elements that comprise the CIA triad (i.e., Confidentiality, Integrity, Availability). |
|
|
19.04
Define and explain the various types of hackers and the role each plays in cybersecurity. |
|
|
19.05
Describe various methodologies used by hackers and the basis for their employment. |
|
|
19.06
Describe the individual elements of the AAA model (Authentication, Authorization and Accounting). |
|
|
20.01
Describe the role of the National Security Agency. |
|
|
20.02
Describe current trends in cyberattacks and strategies for combating them. |
|
|
20.03
Describe the legal implications of computer hacking and other forms of cyberattacks. |
|
|
20.04
Understand the importance of the weekly bulletins distributed by the United States Computer Emergency Readiness Team (US-CERT). |
|
|
20.05
Determine if any software or hardware on a given network has vulnerabilities outlined in the most recent US-CERT bulletin. |
|
|
21.01
Differentiate between cybersecurity and information assurance. |
|
|
21.02
Define confidentiality and give examples of security breaches. |
|
|
21.03
Define integrity and give examples of security breaches. |
|
|
21.04
Define authenticity and give examples of security breaches. |
|
|
21.05
Define accountability (non-repudiation) and give examples of security breaches. |
|
|
22.01
Describe the internal components of a computer (e.g., power supply, hard drive, mother board, I/O cards/ports, cabling). |
|
|
22.02
Demonstrate and understanding of common computer and programming terminology. |
|
|
22.03
Explain the physical and logical architecture of a microcomputer system. |
|
|
22.04
Describe the file types used in the operation of a computer. |
|
|
22.05
Compare and contrast memory technologies (e.g., RAM, ROM, virtual memory, memory management). |
|
|
23.01
Compare operating system file naming conventions. |
|
|
23.02
Describe the common elements that comprise the architecture of an operating system (e.g., kernel, file manager, memory manager, device manager, network manager). |
|
|
23.03
Demonstrate proficiency with file management and structure (e.g., folder creation, file creation, backup, copy, delete, open, save). |
|
|
23.04
Demonstrate a working knowledge of standard file formats. |
|
|
23.05
Describe the purpose of various operating systems (e.g., Windows, Mac, iOS, Android and Linux). |
|
|
23.06
Describe the difference between client and network operating systems. |
|
|
23.07
Differentiate between different operating systems and applications and Macros. |
|
|
23.08
Explain the basics of boot sequences, methods and startup utilities. |
|
|
23.09
Compare and contrast open source and proprietary software. |
|
|
23.10
Describe common system utilities used in performing computer maintenance. |
|
|
24.01
Explain the interrelations of the seven layers of the Open Systems Interconnection (OSI) as it relates to hardware and software. |
|
|
24.02
Describe the purpose of the OSI model and each of its layers. |
|
|
24.03
Explain specific functions belonging to each OSI model layer. |
|
|
24.04
Understand how two network nodes communicate through the OSI model. |
|
|
24.05
Discuss the structure and purpose of data packets and frames. |
|
|
24.06
Describe the two types of addressing covered by the OSI model. |
|
|
25.01
Explain the interrelations of the four layers of the TCP/IP model as it relates to hardware and software. |
|
|
25.02
Describe the purpose of the TCP/IP model and each of its layers. |
|
|
25.03
Explain specific functions belonging to each TCP/IP model layer. |
|
|
25.04
Understand how two network nodes communicate through the TCP/IP model. |
|
|
25.05
Describe the two types of addressing covered by the TCP/IP model. |
|
|
26.01
Describe the services and protocols used in the OSI Application Layer (i.e., DHCP, DNS, FTP, HTTP, SMTP, Telnet, IMAP). |
|
|
26.02
Describe the services and protocols used in the OSI Transport Layer (i.e., TCP, TLS/SSL, UDP). |
|
|
26.03
Describe the services and protocols used in the OSI Network Layer (i.e., IP, ICMP, IGMP, IPsec). |
|
|
26.04
Describe the services and protocols used in the OSI Data Link Layer (i.e., ARP, OSPF, L2TP, PPP). |
|
|
27.01
Define networking and describe the purpose of a network. |
|
|
27.02
Describe the conceptual background of digital networks and cloud computing including terminology and basics. |
|
|
27.03
Describe various types of networks and the advantages and disadvantages of each (e.g., peer to peer, client/server, server/thin client, ROI). |
|
|
27.04
Describe the use, advantages, and disadvantages of various network media (e.g. coaxial, twisted pair, fiber optics). |
|
|
27.05
Describe the function of various network devices (e.g., managed switch, switched hub or switch, router, bridge, gateway, access points, modem). |
|
|
27.06
Describe how network devices are identified (i.e., IP addressing). |
|
|
27.07
Explain the protocols commonly used in a network environment. |
|
|
27.08
Differentiate between public and private IP addresses. |
|
|
27.09
Describe the common ports and corresponding protocols used in a network. |
|
|
27.10
Describe the difference between the Internet and intranet. |
|
|
27.11
Compare and contrast IPv4 and IPv6. |
|
|
27.12
Compare and contrast the different methods for network connectivity (e.g., broadband, wireless, Bluetooth, cellular). |
|
|
27.13
Discuss the differences between Local Area Network (LAN), Wide Area Network (WAN), Metropolitan Area Network (MAN), Virtual Local Area Network (VLAN), and Virtual Private Network (VPN). |
|
|
28.01
Describe the various types of cloud computing (IaaS, PaaS, SaaS) and modes of delivery (Public, Private, Community, Hybrid). |
|
|
28.02
Describe practices that aid in protecting the Hybrid cloud model. |
|
|
28.03
Describe the challenges and solutions associated with securing embedded devices. |
|
|
29.01
Distinguish between vulnerability and a threat. |
|
|
29.02
Discuss the different types of attacks (e.g., active, passive). |
|
|
29.03
Define security policy and explain its role in cybersecurity. |
|
|
29.04
Describe the basic methods of authentication (e.g., password, biometrics, smart cards. two-factor authentication, multifactor authentication). |
|
|
29.05
Describe the various forms of encryption methodologies (e.g., symmetric, asymmetric, block cipher, stream cipher). |
|
|
29.06
Describe hash functions and their role in authentication. |
|
|
29.07
Describe various method of access control used in computer security (e.g., policies, groups, Access Control List (ACL)). |
|
|
29.08
Understand the concept of malware (i.e., ransomware, worms, viruses, adware) and how attackers use it to steal sensitive or confidential information. |
|
|
30.01
Define cybercrime and discuss the challenges facing law enforcement. |
|
|
30.02
Identify the key legislative acts that impact cybersecurity. |
|
|
30.03
Describe the Federal criminal code related to computers and give examples of cybercrimes and penalties, particularly those involving inappropriate access. |
|
|
30.04
Discuss the concept of digital forensics and its place in cybercrime investigations and incident response. |
|
|
30.05
Distinguish among the Intellectual Property Rights of trademark, patent, and copyright. |
|
|
30.06
Explain digital rights management and the implications of the Digital Millennium Copyright Act (DMCA). |
|
|
30.07
Describe the implications of various social media on the safeguarding of personal or sensitive information. |
|
|
30.08
Describe various safeguards that can be employed to help ensure that sensitive or confidential information is not inadvertently divulged or obtained. |
|
|
31.01
Define virtual computing. |
|
|
31.02
Explain the benefits of virtual computing. |
|
|
31.03
Differentiate between guest and host operating systems. |
|
|
31.04
Install desktop virtualization software. |
|
|
31.05
Describe the role of the hypervisor. |
|
|
31.06
Create and upgrade a virtual machine. |
|
|
31.07
Optimize the performance of a virtual machine. |
|
|
31.08
Preserve the state of a virtual machine. |
|
|
31.09
Clone, move and share virtual machines. |
|
|
31.10
Use basic (static) and dynamic virtual disks and disk drives. |
|
|
31.11
Configure a virtual network. |
|
|
31.12
Connect devices to a virtual machine. |
|
|
31.13
Enable security settings on a virtual machine. |
|
|
32.01
Configure 802.1x authentication for a given scenario. |
|
|
32.02
Connect clients to a VPN. |
|
|
32.03
Understand Authentication, Authorization and Accounting (AAA) management. |
|
|
32.04
Differentiate between TACACS+ (Terminal Access Controller Access Control System) and RADIUS. |
|
|
32.05
Differentiate between Layer 2 Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) protocols as they apply to VPN options. |
|
|
32.06
Implement the use of SSH (Secure Shell). |
|
|
32.07
Implement the use of IPsec (Internet Protocol Security). |
|
|
32.08
Identify vulnerabilities associated with authentication. |
|
|
32.09
Understand ways to implement VoIP technologies. |
|
|
32.10
Demonstrate the use and purpose of Kerberos. |
|
|
33.01
Configure access controls including biometric devices, keypads and security tokens. |
|
|
33.02
Recognize social engineering attempts. |
|
|
33.03
Evaluate environmental controls (e.g., EMI shielding, temperature, humidity and fire suppression). |
|
|
33.04
Develop a method of training users to recognize, report, and avoid social engineering attempts. |
|
|
33.05
Identify components of physical security, including mantraps, motion detection, alarm systems, locks, video surveillance, and fences/barricades. |
|
|
33.06
Install a camera for a video surveillance system. |
|
|
33.07
Configure an alarm system including a keypad and motion detector. |
|
|
33.08
Recognize vulnerabilities associated with physical security. |
|
|
33.09
Explain how a mantrap is used as a counter measure against tailgating. |
|
|
34.01
Configure and maintain software and hardware firewalls. |
|
|
34.02
Configure and secure routers. |
|
|
34.03
Apply security settings to switches. |
|
|
34.04
Configure and secure wireless devices. |
|
|
34.05
Secure a LAN connected to a DSL/cable modem. |
|
|
34.06
Configure a RAS (Remote Access Server) for remote connectivity. |
|
|
34.07
Securely deploy a PBX (Private Branch Exchange). |
|
|
34.08
Explain the benefits of implementing a VPN (Virtual Private Network). |
|
|
34.09
Deploy IDS (intrusion detection system) and IPS (intrusion prevention systems). |
|
|
34.1
Analyze the performance, efficiency and security of the network based on network monitoring and diagnostic software. |
|
|
34.11
Employ techniques used to lock down workstations. |
|
|
34.12
Configure and secure servers for a given scenario. |
|
|
34.13
Understand and assess the security of mobile devices including but not limited to those using the Android, iOS and Windows platforms. |
|
|
35.01
Explain the security implications of the Internet of Things (IoT) (i.e., understand the efforts to address authentication and updates to IoT devices). |
|
|
35.02
Explain societal and security challenges associated with robotics. |
|
|
35.03
Explain security challenges associated with serverless computing. |
|
|
35.04
Explain societal and security challenges associated with the implementation of 5G. |
|
|
35.05
Describe and explain the security challenges of Autonomous vehicles (i.e., the significance of vehicular cybersecurity and its relation to: computer vision, artificial intelligence, machine learning and deep learning). |
|
|
36.01
Understand access control as it applies to MAC (Mandatory Access Control). |
|
|
36.02
Understand access control as it applies to DAC (Discretionary Access Control). |
|
|
36.03
Understand access control as it applies to RBAC (Role Based Access Control). |
|
|
37.01
Understand and identify security concerns with the use of Coaxial Cable. |
|
|
37.02
The student should be able to identify and understand security concerns for UTP/STP (Unshielded Twisted Pair / Shielded Twisted Pair). |
|
|
37.03
Identify and understand security concerns fiber optic cable. |
|
|
37.04
Identify security concerns associated with removable media. |
|
|
37.05
Address pitfalls associated with tape backups. |
|
|
37.06
Apply drive encryption to hard drives. |
|
|
37.07
Secure flash drives. |
|
|
37.08
Smartcards and secure USB memory. |
|
|
38.01
Determine Security Zones. |
|
|
38.02
Point out vulnerabilities on a DMZ (Demilitarized Zone). |
|
|
38.03
Explain the security benefits of using an intranet. |
|
|
38.04
Explain the security benefits of using an extranet. |
|
|
38.05
Secure a VLAN (Virtual Local Area Network). |
|
|
38.06
Describe the security benefits associated with NAT (Network Address Translation). |
|
|
38.07
Justify the implementation of tunneling, for security purpose. |
|
|
39.01
Select and employ appropriate communication concepts and strategies to enhance oral and written communication in the workplace. |
|
|
39.02
Locate, organize and reference written information from various sources. |
|
|
39.03
Design, develop and deliver formal and informal presentations using appropriate media to engage and inform diverse audiences. |
|
|
39.04
Interpret verbal and nonverbal cues/behaviors that enhance communication. |
|
|
39.05
Apply active listening skills to obtain and clarify information. |
|
|
39.06
Develop and interpret tables and charts to support written and oral communications. |
|
|
39.07
Exhibit public relations skills that aid in achieving customer satisfaction. |
|
|
40.01
Employ critical thinking skills independently and in teams to solve problems and make decisions. |
|
|
40.02
Employ critical thinking and interpersonal skills to resolve conflicts. |
|
|
40.03
Identify and document workplace performance goals and monitor progress toward those goals. |
|
|
40.04
Conduct technical research to gather information necessary for decision-making. |
|
|
41.01
Use personal information management (PIM) applications to increase workplace efficiency. |
|
|
41.02
Employ technological tools to expedite workflow including word processing, databases, reports, spreadsheets, multimedia presentations, electronic calendar, contacts, email, and internet applications. |
|
|
41.03
Employ computer operations applications to access, create, manage, integrate, and store information. |
|
|
41.04
Employ collaborative/groupware applications to facilitate group work. |
|
|
42.01
Describe the nature and types of business organizations. |
|
|
42.02
Explain the effect of key organizational systems on performance and quality. |
|
|
42.03
List and describe quality control systems and/or practices common to the workplace. |
|
|
42.04
Explain the impact of the global economy on business organizations. |
|
|
43.01
Evaluate and justify decisions based on ethical reasoning. |
|
|
43.02
Evaluate alternative responses to workplace situations based on personal, professional, ethical, legal responsibilities, and employer policies. |
|
|
43.03
Identify and explain personal and long-term consequences of unethical or illegal behaviors in the workplace. |
|
|
43.04
Interpret and explain written organizational policies and procedures. |
|
|
43.05
Display proficiency in using team-oriented collaboration and video teleconferencing software (e.g. Teams, Zoom). |
|
