Standards in this Framework
Standards Mapped
Mapped to Course
Standard | Lessons |
---|---|
1.12.3.
Interpret security policies through job specific training and training updates. |
|
1.12.4.
Apply secure password behavior. |
|
1.12.5.
Apply physical and virtual situational awareness (e.g., clean desk policies, shoulder surfing, social engineering, tailgating). |
|
2.1.1.
Explain the need for confidentiality, integrity, and availability (CIA) of information. |
|
2.1.2.
Describe authentication, authorization, and auditing. |
|
2.1.3.
Describe multilevel security. |
|
2.1.4.
Identify security risks and describe associated safeguards and methodologies (e.g., auditing). |
|
2.1.5.
Describe major threats to computer systems (e.g., insider threats, viruses, worms, spyware, ransomware, spoofing, hacking, social engineering, phishing). |
|
2.1.10.
Describe computer forensics, its importance in information security and cybersecurity, and its relevance to law enforcement. |
|
2.1.11.
Identify the need for personal security in digital information and describe how personal information can be safeguarded. |
|
2.1.13.
Describe privacy security compliance on systems (e.g., Health Insurance Portability and Accountability Act [HIPAA], Payment Card Industry [PCI], Sarbanes Oxley Act [SOX], Americans with Disabilities Act [ADA], General Data Protection Regulation [GDPR], European Union Data Protection Regulation [EUDPR]). |
|
2.4.1.
Investigate the scope and the impact of mobile computing environments on society. |
|
2.4.2.
Describe the differences, advantages, and limitations of cloud computing (e.g., public cloud, private cloud, hybrid cloud) and on-premises computing. |
|
2.4.4.
Describe emerging technologies (e.g., Bring your Own Device [BYOD], Services Virtualization, Augmented Reality [AR], SMART Devices, Additive Manufacturing [3D Printing]). |
|
3.1.1.
Differentiate between authentication and authorization. |
|
3.1.2.
Compare authentication techniques (e.g. single factor, multifactor, passwords, biometrics, certificates, Radio Frequency Identification [RFID] cards). |
|
3.1.4.
Describe Virtual Private Networks (VPNs) using tunneling protocols (e.g., Layer 2 Tunneling Protocol [L2TP], Secure Socket Tunneling Protocol [SSTP], Point-to-Point Tunneling Protocol [PPTP] and encrypting techniques). |
|
3.2.1.
Identify and implement data and application security. |
|
3.2.8.
Identify the need for disaster recovery policies and procedures. |
|
3.3.1.
Describe network security policies (e.g., acceptable use policy). |
|
3.3.5.
Assess risks based on vulnerability of the organization, likelihood of risk, and impact on the organization. |
|
3.3.6.
Describe the functions and uses of patch management. |
|
3.4.3.
Compare network analysis software (e.g., network analyzer) and hardware tools to identify security risks and vulnerabilities. |
|
3.4.4.
Identify the components of human security (e.g., social engineering) and techniques to mitigate human security threats (e.g., policies, procedures, training). |
|
3.5.1.
Describe wireless security risks (e.g., unauthorized access) and how to mitigate them. |
|
3.5.2
Compare methods of increasing the security of wireless networks and devices (e.g., Media Access Control [MAC] address filtering, Wi-Fi Protected Access [WPA], 802.1x, Remote Authentication Dial In User Service [RADIUS]). |
|
3.5.3
Research security enhancements provided by Institute of Electrical and Electronics Engineers (IEEE). |
|
3.5.4
Describe practices and policies for preventing and detecting installation of rogue networks. |
|
3.5.5.
Describe security practices and policies for personal devices. |
|
3.5.6.
Implement and test the security of a wireless network. |
|
4.1.1.
Determine the basic point-to-point (PTP) and point-to-multipoint (PTMP) network topologies (e.g., star, ring, tree, mesh, hybrid) and identify broadband and baseband (e.g., Ethernet) transmission methods and standards. |
|
4.1.4.
Identify standard and emerging network technologies (e.g., broadband, satellite, optic, cellular, Local-Area Network (LAN) and WiFi). |
|
4.1.6.
Configure and build a network. (e.g., server, switch, router) |
|
4.2.3.
Compare the seven layers of the Open Systems Interconnection stack to the four layers of the Transmission Control Protocol/Internet Protocol (TCP/IP) stack. |
|
4.2.5.
Describe actions to be performed at each of the Open Systems Interconnection physical layers. |
|
4.3.1.
Identify the criteria used in selecting media (e.g., physical properties, transmission technologies, transmission span, bandwidth, topology, security, noise immunity, installation considerations, cost). |
|
4.3.2.
Differentiate between media types (e.g., coaxial, twisted pair, fiber optic) and interfaces. |
|
4.3.3.
Compare media categories (e.g., single mode, multimode, CAT5, CAT5E, CAT6+). |
|
4.3.4.
Describe types of media connectors (e.g., Bayonet Neill-Concelman [BNC], Registered Jack [RJ]-45, LC, ST) and grounding techniques. |
|
4.3.6.
Identify the advantages and disadvantages of cabling systems. |
|
4.4.1.
Compare wireless standards in common use (e.g., Institute of Electrical and Electronics Engineers [IEEE] 802.11, Cellular, Bluetooth, Worldwide Interoperability for Microwave Access [WiMAX], Radio Frequency Identification [RFID], Near Field Communication [NFC]). |
|
4.5.3.
Describe the Service Set Identifier (SSID) as used in wireless communications. |
|
4.5.4.
Select and install access points, wireless Network Interface Cards (NICs), antennas, and other hardware and software components to provide a wireless networking solution as determined by a site and customer survey. |
|
4.5.6.
Secure the wireless network. |
|
9.1.1.
Identify the goals, objectives and purposes of cybersecurity. |
|
9.1.2.
Describe the concepts of malware attack vectors. |
|
9.1.5.
Identify types of controls (e.g., Deterrent, Preventive, Detective, Compensating, Technical, and Administrative). |
|
9.3.1.
Identify application vulnerabilities (e.g., Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, Buffer overflow, Integer overflow, Zero-day, Cookies and attachments, Locally Shared Objects (LSOs), Flash cookies, Malicious add-ons, Session hijacking, Header manipulation, Arbitrary code execution/remote code execution). |
|
9.3.5
Discover and mitigate common database vulnerabilities and attacks. |
|
9.3.6.
Differentiate between Server-side vs. client-side validation. |
|
9.5.1.
Describe, locate, and mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware). |
|
9.5.2.
Describe and discover vulnerabilities to and mitigate network attacks. (e.g., Man-in-the-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks). |
|
9.5.4.
Describe, appraise for, and mitigate Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole). |
|
9.5.5.
Perform penetration testing. |
|
9.7.1.
Recognize digital reconnaissance techniques (e.g., packet capture, OS fingerprinting, topology discovery, DNS harvesting). |
|
9.7.2.
Use tools and procedures for digital reconnaissance (e.g., host scanning, network mapping, NMAP, packet analyzer, vulnerability scanner). |
|
9.7.3.
Analyze reconnaissance results (data correlation, data analytics, point-in-time, data logs, packet captures). |
|
9.7.4.
Collect digital evidence according to established policies and protocols (e.g., system image, packet captures). |
|
9.7.5.
Maintain chain of custody on evidence. |
|
9.7.6.
Generate file hash. |
|
9.8.2.
Differentiate between detection controls and prevention controls (e.g., IDS vs. IPS, Camera vs. guard). |
|
9.8.3.
Use discovery tools and utilities to identify threats (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner). |
|
9.8.9
Interpret alarms and alert trends. |
|
9.8.10
Apply Incident response procedures (e.g., Preparation, Incident identification, Escalation and notification, Mitigation steps, Lessons learned, Reporting, Recovery procedures, First responder, Incident isolation, Quarantine, Device removal, Data breach). |
|
9.8.11
Differentiate between types of Penetration testing (e.g., Black box, White box, Gray box). |
|
9.10.1
Enforce concepts related to threat vectors and probability/threat likelihood. |
|
9.10.2
Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF). |
|