Please enable JavaScript to use CodeHS

Standards Framework

for Ohio Cyber Defense and Reinforcement

93

Standards in this Framework

Standard Description
1.12.2. Differentiate between appropriate and inappropriate information.
1.12.3. Interpret security policies through job specific training and training updates.
1.12.4. Apply secure password behavior.
1.12.5. Apply physical and virtual situational awareness (e.g., clean desk policies, shoulder surfing, social engineering, tailgating).
2.1.2. Describe authentication, authorization, and auditing.
2.1.4. Identify security risks and describe associated safeguards and methodologies (e.g., auditing).
2.1.5. Describe major threats to computer systems (e.g., insider threats, viruses, worms, spyware, ransomware, spoofing, hacking, social engineering, phishing).
2.1.10. Describe computer forensics, its importance in information security and cybersecurity, and its relevance to law enforcement.
2.1.11. Identify the need for personal security in digital information and describe how personal information can be safeguarded.
2.1.12. Practice information security per job requirements.
2.1.13. Describe privacy security compliance on systems (e.g., Health Insurance Portability and Accountability Act [HIPAA], Payment Card Industry [PCI], Sarbanes Oxley Act [SOX], Americans with Disabilities Act [ADA], General Data Protection Regulation [GDPR], European Union Data Protection Regulation [EUDPR]).
3.1.1. Differentiate between authentication and authorization.
3.1.2. Compare authentication techniques (e.g. single factor, multifactor, passwords, biometrics, certificates, Radio Frequency Identification [RFID] cards).
3.2.1. Identify and implement data and application security.
3.2.4 Provide user authentication (e.g., assign and reset user accounts and passwords).
3.2.5 Install, test, implement, and update virus and malware detection and protection software.
3.2.6 Identify sources of virus and malware infection and remove viruses and malware.
3.2.7 Provide documentation, training, and support to users on established security procedures.
3.3.1. Describe network security policies (e.g., acceptable use policy).
3.3.5. Assess risks based on vulnerability of the organization, likelihood of risk, and impact on the organization.
3.3.7 Train users in network security procedures
3.4.2 Analyze system log files to identify security risks.
3.4.4. Identify the components of human security (e.g., social engineering) and techniques to mitigate human security threats (e.g., policies, procedures, training).
3.5.1. Describe wireless security risks (e.g., unauthorized access) and how to mitigate them.
3.5.2 Compare methods of increasing the security of wireless networks and devices (e.g., Media Access Control [MAC] address filtering, Wi-Fi Protected Access [WPA], 802.1x, Remote Authentication Dial In User Service [RADIUS]).
3.5.3 Research security enhancements provided by Institute of Electrical and Electronics Engineers (IEEE).
3.5.4 Describe practices and policies for preventing and detecting installation of rogue networks.
3.5.5. Describe security practices and policies for personal devices.
3.5.6. Implement and test the security of a wireless network.
4.5.6. Secure the wireless network.
4.6.2 Identify the advantages of protocols (e.g., Domain Name System [DNS], File Transfer Protocol [FTP], Hypertext Transfer Protocol [HTTP], Telecommunications Network [Telnet], Remote Desktop Protocol [RDP]], Secure Shell [SSH] ) and associated port numbers.
4.6.7. Describe a Virtual Private Network (VPN) and identify associated protocols (e.g., Layer 2 Tunneling Protocol [L2TP], Point-to-Point Tunneling Protocol [PPTP]).
4.11.2 Provision cloud services (e.g., Software as a Service [SaaS], Platform as a Service [PaaS], Infrastructure as a Service [IaaS], Security as a Service).
4.13.1. Differentiate between disaster recovery and business continuity.
4.13.2. Identify common backup devices.
4.13.3. Identify the criteria for selecting a backup system.
4.13.4. Establish a process for archiving files.
4.13.5. Develop a disaster recovery plan
9.1.1. Identify the goals, objectives and purposes of cybersecurity.
9.1.2. Describe the concepts of malware attack vectors.
9.1.3 Maintain data security using data labeling, handling and, disposal as prescribed by policy and law.
9.1.4 Mitigate threats by remaining abreast of industry information.
9.1.5. Identify types of controls (e.g., Deterrent, Preventive, Detective, Compensating, Technical, and Administrative).
9.2.1 Perform authorization control (e.g., least privilege, separation of duties, mandatory access, discretionary access, rule-based access control, role-based access control, time of day restrictions, location distractions).
9.2.2 Implement authentication techniques (e.g., Tokens, Common access card, Smart card, Multifactor authentication, Single sign-on, Biometrics, Personal identification verification card, Username, Federation, Transitive trust/authentication).
9.2.3 Use authentication factors (e.g., Something you are, Something you have, Something you know).
9.2.4 Mitigate security implications of third party connectivity and access.
9.2.5 Implement Data Loss Prevention (DLP).
9.2.6 Implement perimeter security (e.g., Fencing, Proximity readers, Access list, Proper lighting, Mantraps, Video Surveillance, Signs, Guards, Barricades, Biometrics, Protected distribution (cabling), Alarms, Motion detection).
9.2.7 Inventory devices.
9.3.1. Identify application vulnerabilities (e.g., Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, Buffer overflow, Integer overflow, Zero-day, Cookies and attachments, Locally Shared Objects (LSOs), Flash cookies, Malicious add-ons, Session hijacking, Header manipulation, Arbitrary code execution/remote code execution).
9.3.2 Mitigate application attacks (e.g., SANS, OWASP).
9.3.3 Implement secure coding concepts (e.g., Error and exception handling, Input validation, Cross-site scripting prevention, Cross-site Request Forgery, (XSRF) prevention, OWASP).
9.3.4 Implement secure application configuration (e.g., Application hardening, Application patch management).
9.3.5 Discover and mitigate common database vulnerabilities and attacks.
9.3.6. Differentiate between Server-side vs. client-side validation.
9.4.1 Setup and maintain secure roles and system management techniques (e.g., password, group, and user privilege policies and monitoring).
9.4.2 Secure use of network Protocols (e.g., IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP).
9.4.3 Apply principles of IPv4 and IPv6 securely.
9.4.4 Apply wireless security configurations (e.g., Disable SSID broadcast, TKIP, CCMP, Antenna placement, Power level controls).
9.4.5 Manage PKI and certificates (Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures).
9.4.6 Use of algorithms/protocols with transport encryption (e.g., SSL, TLS, IPSec, SSH, HTTPS).
9.4.7 Install and configure network devices (firewalls, switches, load balancers, proxies, web security gateways, VPN concentrators).
9.4.8 Install and configure network security devices. (Protocol analyzers, Spam filter, UTM security appliances, URL filter, Content inspection, Malware inspection).
9.4.9 Implement port security.
9.4.10 Monitor and manage network Unified Threat Management.
9.4.11 Mitigate network threats (e.g., Flood guards, Loop protection, Implicit deny, Network separation, Log analysis, Unified threat management, peripheral and removable media).
9.4.12 Apply the principles of secure Network Design (e.g., DMZ, Subnetting, NAT/PAT, Remote access, Telephony, Virtualization).
9.5.1. Describe, locate, and mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware).
9.5.2. Describe and discover vulnerabilities to and mitigate network attacks. (e.g., Man-in-the-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks).
9.5.3 Configure defenses for Password attacks (e.g., Brute Force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables).
9.5.4. Describe, appraise for, and mitigate Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole).
9.6.1 Adhere to licensing and intellectual property laws (e.g., copyright, trademark, digital-rights management).
9.6.2 Adhere to regulatory and industry standards (e.g., PCIDSS, PADSS).
9.7.1. Recognize digital reconnaissance techniques (e.g., packet capture, OS fingerprinting, topology discovery, DNS harvesting).
9.7.4. Collect digital evidence according to established policies and protocols (e.g., system image, packet captures).
9.8.1 Design and implement network segmentation.
9.8.2. Differentiate between detection controls and prevention controls (e.g., IDS vs. IPS, Camera vs. guard).
9.8.3. Use discovery tools and utilities to identify threats (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner).
9.8.4 Create, edit and use roles and system management tools.
9.8.5 Implement endpoint security.
9.8.6 Implement Access Control Lists (ACL).
9.8.7 Deploy a server hardening plan.
9.8.8 Implement a Network Access Control (NAC) plan.
9.8.9 Interpret alarms and alert trends.
9.8.10 Apply Incident response procedures (e.g., Preparation, Incident identification, Escalation and notification, Mitigation steps, Lessons learned, Reporting, Recovery procedures, First responder, Incident isolation, Quarantine, Device removal, Data breach).
9.8.11 Differentiate between types of Penetration testing (e.g., Black box, White box, Gray box).
9.9.1 Describe the concepts of Risk Management (e.g., Business continuity concepts, Business impact analysis, Identification of critical systems and components, Removing single points of failure).
9.9.2 Describe the concepts of Risk assessment (e.g., Disaster recovery plan, IT contingency planning - Succession planning, Redundancy).
9.9.3 Describe and plan Fault tolerance (e.g., Hardware, RAID, Clustering, Load balancing, Disaster recovery concepts, Backup plans/policies, Backup execution/frequency).
9.10.1 Enforce concepts related to threat vectors and probability/threat likelihood.
9.10.2 Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF).
9.10.3 Implement Governance, risk management and Compliance Management processes (risk mitigation, govern compliance).