Standards in this Framework
Standard | Description |
---|---|
1.1.1 | Demonstrate the proper use of safety devices |
1.1.2 | Research the environmental impact of production |
1.1.3 | Research local, state, and federal regulations related to material handling |
1.1.4 | Demonstrate secure disposal of technology materials |
1.1.5 | Describe Material Safety Data Sheets (MSDS) |
1.1.6 | Explain the relationship between organization and safety |
1.1.7 | Demonstrate an organized work environment |
1.1.8 | Demonstrate electrical safety (e.g., grounding, ESD (static), etc.) |
1.1.9 | Apply installation safety (e.g., lifting, overhead movements, etc.) |
1.1.10 | Analyze emergency procedures (building layout, fire escape plan, safety/emergency exits, fail open/close, alert systems) |
1.2.1 | Explain common tools used in computer repair |
1.2.2 | Demonstrate the use of common networking and repair tools |
1.2.3 | Select the proper tool for diagnostic and troubleshooting procedures |
1.2.4 | Compare and contrast fire suppression systems in IT environments |
1.2.5 | Describe the purpose of Heating, Ventilation, and Air Conditioning (HVAC) systems for IT systems |
2.1.1 | Analyze legal issues in technology |
2.1.2 | Evaluate intellectual property laws |
2.1.3 | Explain differences between licensing, copyright, and infringement |
2.1.4 | Explain the differences between restricted content, prohibited or illegal content |
2.1.5 | Examine state, federal, and international regulations related to technology (e.g.; legal holds, disposal methods, data retention, discoverability, data protection, etc.) |
2.2.1 | Analyze acceptable use policies |
2.2.2 | Explain the difference between technology policies, privacy standards, and best practices |
2.2.3 | Explain data and privacy encryption issues related to using technology |
2.2.4 | Evaluate appropriate consent policies to monitoring various stakeholders |
2.2.5 | Explain appropriate data classification |
2.3.1 | Communicate with customers to ensure understanding of customer requirements, scope, and concerns |
2.3.2 | Utilize appropriate documentation systems |
2.3.3 | Explain the purpose of business agreements (i.e., memos of understanding, service level agreement, statement of work, master services agreement) |
3.1.1 | Categorize system unit components (e.g., power supply connectors, motherboard characteristics, form factors, CPU features, memory module attributes, and expansion business types) |
3.1.2 | Use industry standard vocabulary to identify components |
3.2.1 | Select and install appropriate system unit components to meet customer specifications |
3.2.2 | Interpret BIOS/UEFI settings for basic hardware components |
3.2.3 | Configure the settings of basic hardware components |
3.2.4 | Troubleshoot basic hardware components and resolve issues |
3.3.1 | Categorize audio and video device components, connectors, and cables |
3.3.2 | Install appropriate sound and video cards to match specifications and end-user requirements |
3.3.3 | Configure display and video settings |
3.3.4 | Manage sound card and audio device settings |
3.4.1 | Identify external device components, connectors, and cables |
3.4.2 | Connect external devices using the appropriate connectors and cables |
3.4.3 | Manage device driver updates and roll back drivers |
3.4.4 | Enable or disable devices |
3.4.5 | Install drivers for external devices |
3.4.6 | Prepare devices for safe removal |
3.4.7 | Manipulate system utilities to configure storage and external devices |
3.5.1 | Install SOHO multifunction device / printers and configure appropriate settings |
3.5.2 | Compare and contrast differences between the various print technologies and the associated imaging process |
3.5.3 | Perform appropriate printer maintenance |
4.1.1 | Use industry standard vocabulary in relation to operating systems (OS) |
4.1.2 | Compare and contrast Microsoft Windows Operating Systems |
4.1.3 | Install and secure operating systems |
4.1.4 | Install and configure Windows networking |
4.2.1 | Explain various features and tools of operating systems |
4.2.2 | Apply appropriate command line tools |
4.2.3 | Select appropriate operating system features and tools based on customer requirements |
4.2.4 | Configure Windows Update Settings |
4.2.5 | Configure local users and groups for a Windows networking system |
4.2.6 | Configure User Access Control (UAC) |
4.2.7 | Use Windows Control Panel utilities |
4.2.8 | Perform common preventive maintenance procedures using the appropriate Windows OS tools |
4.2.9 | Troubleshoot common PC security issues using best practices |
4.3.1 | Explain key terms and acronyms used in diagnostic testing and troubleshooting |
4.3.2 | Identify common symptoms for a given discrepancy |
4.3.3 | Develop a solution for a given discrepancy |
4.3.4 | Document the solution |
4.4.1 | Identify common features and functionality of the Mac OS and Linux operating systems |
4.4.2 | Set up and use client-side virtualization |
4.4.3 | Identify basic cloud concepts |
4.4.4 | Summarize the properties and purpose of services provided by networked hosts |
4.4.5 | Identify basic features of mobile operating systems |
4.4.6 | Install and configure basic mobile device network connectivity and email |
4.4.7 | Summarize methods and data related to mobile device synchronization |
4.4.8 | Compare and contrast methods to secure mobile devices |
4.4.9 | Explain the characteristics of various types of other mobile devices |
4.4.10 | Compare and contrast accessories, features, and ports of mobile and IoT devices |
4.4.11 | Troubleshoot common mobile OS and tablet software/hardware issues |
4.5.1 | Compare and contrast laptops, tablets, and computer form factors |
4.5.2 | Explain current trends in laptops and tablet applications |
4.5.3 | Compare laptop and tablet operating systems |
4.5.4 | Explain the function of components within the display of a laptop and tablet |
4.5.5 | Compare and contrast accessories, features, and ports of laptops and tablets |
5.1.1 | Describe the OSI model and relate to hardware in a network |
5.1.2 | Implement the appropriate industry policy and procedures |
5.1.3 | Compare and contrast the ports and protocols (HTTP, NetBIOS, SMTP, TCP, UDP, etc.) |
5.1.4 | Configure and apply appropriate ports and protocols (FTP, SSH, Telnet, DHCP, TFTP, etc.) |
5.1.5 | Utilize appropriate wired connections |
5.1.6 | Utilize appropriate wireless connections |
5.2.1 | Describe encapsulation/de-encapsulation |
5.2.2 | Explain modulation techniques |
5.2.3 | Apply numbering systems (e.g., binary, octal, hexadecimal) |
5.2.4 | Demonstrate addressing and subnetting techniques |
5.2.5 | Compare broadband/baseband |
5.2.6 | Compare and contrast bit rates vs. baud rates |
5.2.7 | Describe CDMA |
5.2.8 | Explain the difference between CSMA/CD-CSMA/CA |
5.2.9 | Describe wavelength |
5.2.10 | Apply TCP/IP suite (TCP, UDP, ICMP) |
5.3.1 | Compare Main (MDF) and intermediate distribution frame (IDF) |
5.3.2 | Implement a cable management solution |
5.3.3 | Analyze and create a power management plan (i.e., power converters, circuits, UPS {Power redundancy}, inverters, load capacity, etc.) |
5.3.4 | Determine proper airflow for optimal performance |
5.3.5 | Utilize correct rack systems for location and operation |
5.3.6 | Employ consistent labeling methodologies (port, system, circuit, patch panel) |
5.3.7 | Develop a plan to monitor rack security and environmental conditions |
6.1.1 | Categorize Ethernet wired network adapter components, features, and connectors |
6.1.2 | Categorize Ethernet wireless access point components, features, connectors, and cables |
6.1.3 | Describe common network connectivity devices and their roles |
6.1.4 | Analyze properties of basic network protocols |
6.1.5 | Apply appropriate networking utilities to view, test, and troubleshoot basic network configuration, topology, communicant, and connectivity problems |
6.2.1 | Deploy best practices to secure any device accessing a network |
6.2.2 | Compare and contrast physical security controls |
6.2.3 | Compare and contrast risk related concepts |
6.2.4 | Implement network hardening techniques |
6.2.5 | Configure a basic firewall |
6.2.6 | Explain the purpose of various network access control models |
6.2.7 | Secure SOHO wired and wireless networks |
6.2.8 | Identify common network vulnerabilities, threats, and risks |
6.2.9 | Analyze and implement security settings on figure BIOS/UEFI security settings |
6.3.1 | Implement various networking troubleshooting methodology |
6.3.2 | Analyze and interpret the output of troubleshooting tools |
6.3.3 | Troubleshoot and resolve common wireless issues |
6.3.4 | Troubleshoot and resolve common copper and fiber cable issues |
6.3.5 | Troubleshoot and resolve common network issues |
6.3.6 | Troubleshoot and resolve common security issues |
6.3.7 | Troubleshoot and resolve common WAN issues |
6.4.1 | Explain the functions and application of various network devices |
6.4.2 | Compare the use of networking services and applications |
6.4.3 | Install and configure networking services and applications |
6.4.4 | Explain the characteristics and benefits of various WAN technologies |
6.4.5 | Install and terminate various cable types and connectors using appropriate tools |
6.4.6 | Differentiate between network infrastructure implementations |
6.4.7 | Implement and configure the appropriate addressing schema |
6.4.8 | Explain the basics of routing |
6.4.9 | Describe the elements of unified communications technologies |
7.1.1 | Describe use of packet tracing tools and network analyzing tools |
7.1.2 | Demonstrate use of network monitoring tools |
7.1.3 | Demonstrate use of port and vulnerability scanning tools |
7.1.4 | Describe the use of SMTP monitoring software |
7.1.5 | Demonstrate understanding of security information and event management (SIEM) tools |
7.1.6 | Demonstrate use of environmental monitoring tools |
7.1.7 | Operate power monitoring tools |
7.1.8 | Demonstrate use of wireless survey tools |
7.2.1 | Analyze SYSLOG data |
7.2.2 | Demonstrate use of log management |
7.2.3 | Apply interface monitoring tools |
7.2.4 | Evaluate system performance metrics against baseline data |
7.2.5 | Evaluate system metrics and logs for resource depletion |
7.2.6 | Evaluate system metrics and logs for network connectivity |
7.3.1 | Prepare archives/backups |
7.3.2 | Build system baseline based on normal operations |
7.3.3 | Describe provisioning and de-provisioning of mobile devices (enterprise, BYOD) |
7.3.4 | Illustrate network access control (NAC) |
7.3.5 | Document a configuration management strategy |
7.4.1 | Compare and contrast protecting SCADA systems and industrial control systems (ICS) |
7.4.2 | Determine a plan to protect legacy systems |
7.4.3 | Explain how to separate private/public networks |
7.4.4 | Describe theft detection technologies (honeypot/honeynet) |
7.4.5 | Research the need for a testing lab (development ops/DevOps) |
7.4.6 | Determine a plan for load balancing the network |
7.4.7 | Creating a plan for performance optimization (tuning) |
7.5.1 | Install software and hardware patches and updates (OS, critical, non-critical, etc.) |
7.5.2 | Compare and contrast firmware and driver updates |
7.5.3 | Recognize the difference between feature releases/security updates |
7.5.4 | Develop rollout/rollback procedures |
7.6.1 | Setup, configure, and secure a VLAN |
7.6.2 | Configure a Spanning Tree Protocol (STP) (IEEE 802.1D) ensuring you do not create any loops |
7.6.3 | Setup an Ethernet Interface via the interface configuration file including demonstrating how to give your network card an IP address (DHCP), set up routing information, configure IP masquerading, and set default routes |
7.6.4 | Setup and configure a default gateway defining where to send packets for IP addresses for which they can determine no specific route |
7.6.5 | Describe and demonstrate several common techniques for transmitting power over Ethernet cabling (PoE and PoE+ 802.3af, 802.3at) |
7.6.6 | Compare and contrast managed vs. unmanaged switches |
8.1.1 | Describe the steps of the cybersecurity lifecycle (e.g., people, process and tools) |
8.1.2 | Write a set of principles, rules, and practices to provide guidance and direction |
8.1.3 | Follow appropriate decision-making model to determine correct response procedures |
8.2.1 | Plan, prepare, and develop scope for a Cyber Incident Response Plan |
8.2.2 | Determine correct detection, mitigation, and reporting processes |
8.2.3 | Evaluate assessment and decision-making steps when handling an incident or event |
8.2.4 | Determine correct investigative procedures |
8.2.5 | Gather intelligence from a variety of sources including open source and others |
8.2.6 | Document intelligence gathering efforts including who, what, when, where, why, and how |
8.2.7 | Determine extent of event or incident scope including severity |
8.2.8 | Determine correct containment steps based on the type of incident or event encountered |
8.2.9 | Implement the correct eradication response and processes |
8.2.10 | Determine next steps post investigation (post breach) from legal, HR, news media response |
8.3.1 | Determine the appropriate security control, technique or process based on the property, system or data you are protecting |
8.3.2 | Explain the importance of security controls, techniques, and threat risk assessments |
8.3.3 | Select the appropriate solution to eliminate vulnerabilities and establish a security baseline |
8.3.4 | Develop plans to protect a variety of property, systems, or data |
8.3.5 | Implement the appropriate controls to ensure security of property, systems, or data |
8.3.6 | Compare and contrast alternative methods to mitigate security risks for data in transit and data at rest |
8.4.1 | Describe the digital chain of custody process for tracking data and equipment (legal evidence) |
8.4.2 | Describe all steps to capture and maintain evidence |
8.4.3 | Follow chain of custody procedures |
8.4.4 | Maintain detailed records (e.g., chain of custody forms, evidence collection forms, etc.) |
8.4.5 | Track digital evidence (e.g., how it has been gathered, tracked, and protected) |
8.4.6 | Describe a chain of custody |
8.4.7 | Develop a plan for data transport, encryption to avoid alteration of data and legal holds |
8.4.8 | Develop a plan for recovery, disposal of evidence, and follow up |
8.4.9 | Write a forensics summary report |
9.1.1 | Summarize basic forensic concepts and practices including eDiscovery, documentation, chain of custody, and data transport |
9.1.2 | Determine a first responder’s logical approach during an investigation with objective, evidence-based research |
9.1.3 | Review the First Responder steps and processes for proper documentation |
9.1.4 | Explain what eDiscovery is including the contextual process for electronic evidence collection (Electronically Stored Information ESI) |
9.1.5 | Observe and discuss legal restrictions, stipulations, regulatory compliance, and confidentiality when gathering evidence |
9.1.6 | Summarize Chain of Custody processes during investigations |
9.2.1 | Explain the proper use of penetration testing versus vulnerability scanning |
9.2.2 | Explain the many types of vulnerabilities, exploits, and cyber threats a First Responder encounters |
9.2.3 | Discover the common types of cyber threat actors including Cybercriminals, Attention-Seekers, Hacktivists, Jihadi Hackers, and Nation States |
9.2.4 | Explain and summarize the common cybersecurity attacks including the preferred tactics, techniques, and procedures (TTPS) of threat actors |
9.2.5 | Examine and summarize the targets of cyber threat actors including governments, military agencies, non-profits, and businesses across sectors including retail, legal, energy, healthcare, technology, entertainment, and telecommunications |
9.2.6 | Review and examine geopolitical flashpoints (e.g., U.S.-China Relations, Iranian Nuclear Accord, Economic Sanctions on Russia, Syrian Conflict, ISIS-related Activity, North Korean Policy, StateSponsored Cyber Activity, Cybersecurity Regulations) |
9.3.1 | Describe and demonstrate various methods and tools for threat detection and eDiscovery |
9.3.2 | Describe and demonstrate vulnerability management methods, practices, and scanning tools |
9.3.3 | Describe and demonstrate various practices, methods, and tools for penetration testing |
9.3.4 | Identify encryption methods and demonstrate tools to decipher encrypted data |
9.3.5 | Review basic cryptography concepts, methods, and its relationship to forensics |
9.3.6 | Identify Web application exploits, vulnerabilities |
9.3.7 | Describe and demonstrate Web Application Security and Scanning methods and tools |
9.3.8 | Identify methods or tools to eliminate cloud exploits and vulnerabilities |
9.3.9 | Describe and demonstrate a working knowledge of phishing attacks and mitigation steps |
9.4.1 | Explain what malware is including its history |
9.4.2 | Review and define the most common malware terminologies |
9.4.3 | Describe the ways and methods malware is spread |
9.4.4 | Review the types of malware specifically examining viruses, worms, trojan horses, rootkits ransomware, keyloggers, and grayware attack |
9.4.5 | Choose one malware scenario and select the appropriate type of mitigation and deterrent techniques |
9.4.6 | Use appropriate tools and techniques to eliminate malware from spreading |
10.1.1 | Explain Artificial Intelligence (AI), potential applications, concerns, and opportunities in relation to security issues |
10.1.2 | Describe machine learning and potential applications, concerns, and opportunities |
10.1.3 | Explain the role of ethics as it relates to security and emerging technologies |
10.2.1 | Describe job skills needed for potential careers in new and emerging technologies |
10.2.2 | Explore potential uses for and industries that may use emerging technologies |