for Texas Foundations of Cybersecurity (NEW) — Fundamentals of Cybersecurity
Total Standards: 107Mapped: 79Completion: 73%
127.792.d.1.a
identify and demonstrate employable work behaviors such as regular attendance, punctuality, maintenance of a professional work environment, and effective written and verbal communication
7.1 Communication is Key!
7.2 Troubleshooting Methodology
7.3 Building a Knowledge Base
7.4 Star in a Video!
127.792.d.1.b
identify and demonstrate positive personal qualities such as authenticity, resilience, initiative, and a willingness to learn new knowledge and skills
7.1 Communication is Key!
127.792.d.1.c
solve problems and think critically
7.2 Troubleshooting Methodology
127.792.d.1.d
demonstrate leadership skills and function effectively as a team member
127.792.d.1.e
demonstrate an understanding of ethical and legal responsibilities and ramifications in relation to the field of cybersecurity
1.4 Cyber Ethics and Laws
1.5 Personal Data Security
127.792.d.2.a
identify job and internship opportunities and accompanying job duties and tasks
127.792.d.2.b
research careers in cybersecurity and information security and develop professional profiles that match education and job skills required for obtaining a job in both the public and private sectors
7.1 Communication is Key!
10.1 After Fundamentals of Cybersecurity
127.792.d.2.c
identify and discuss certifications for cybersecurity-related careers
10.1 After Fundamentals of Cybersecurity
127.792.d.2.d
explain the different types of services and roles found within a cybersecurity functional area such as a security operations center (SOC)
2.1 Cryptography: Then, Now, and Future
7.1 Communication is Key!
127.792.d.3.a
demonstrate and advocate for ethical and legal behaviors both online and offline among peers, family, community, and employers
1.1 Digital Footprint and Responsibility
1.4 Cyber Ethics and Laws
127.792.d.3.b
investigate and analyze local, state, national, and international cybersecurity laws such as the USA PATRIOT Act of 2001, General Data Protection Regulation, Digital Millennium Copyright Act, Computer Fraud and Abuse Act, and Health Insurance Portability and Accountability Act of 1996 (HIPAA)
1.5 Personal Data Security
127.792.d.3.c
investigate and analyze noteworthy incidents or events regarding cybersecurity
127.792.d.3.d
communicate an understanding of ethical and legal behavior when presented with various scenarios related to cybersecurity activities
1.2 Personal Data and Collection
1.4 Cyber Ethics and Laws
127.792.d.3.e
define and identify tactics used in an incident such as social engineering, malware, denial of service, spoofing, and data vandalism
1.7 Common Cyber Attacks and Prevention
127.792.d.3.f
identify and use appropriate methods for citing sources
127.792.d.4.a
identify motivations and perspectives for hacking
1.4 Cyber Ethics and Laws
1.7 Common Cyber Attacks and Prevention
127.792.d.4.b
distinguish between types of threat actors such as hacktivists, criminals, state-sponsored actors, and foreign governments
1.4 Cyber Ethics and Laws
127.792.d.4.c
identify and describe the impact of cyberattacks on the global community, society, and individuals
1.7 Common Cyber Attacks and Prevention
127.792.d.4.d
differentiate between industry terminology for types of hackers such as black hats, white hats, and gray hats
1.4 Cyber Ethics and Laws
127.792.d.4.e
determine and describe possible outcomes and legal ramifications of ethical versus malicious hacking practices
1.4 Cyber Ethics and Laws
127.792.d.5.a
define cyberterrorism, state-sponsored cyberterrorism, and hacktivism
1.4 Cyber Ethics and Laws
127.792.d.5.b
compare and contrast physical terrorism and cyberterrorism, including domestic and foreign actors
127.792.d.5.c
define and explain intelligence gathering
127.792.d.5.d
explain the role of cyber defense in protecting national interests and corporations
1.7 Common Cyber Attacks and Prevention
8.7 Risky Business
127.792.d.5.e
explain the role of cyber defense in society and the global economy
1.7 Common Cyber Attacks and Prevention
127.792.d.5.f
explain the importance of protecting public infrastructures such as electrical power grids, water systems, pipelines, transportation, and power generation facilities from cyberterrorism
127.792.d.6.a
identify and understand the nature and value of privacy
1.2 Personal Data and Collection
127.792.d.6.b
analyze the positive and negative implications of a digital footprint and the maintenance and monitoring of an online presence
1.1 Digital Footprint and Responsibility
127.792.d.6.c
discuss the role and impact of technology on privacy
1.2 Personal Data and Collection
127.792.d.6.d
identify the signs, emotional effects, and legal consequences of cyberbullying and cyberstalking
1.1 Digital Footprint and Responsibility
127.792.d.6.e
identify and discuss effective ways to deter and report cyberbullying
1.1 Digital Footprint and Responsibility
127.792.d.7.a
define personally identifiable information (PII)
1.2 Personal Data and Collection
127.792.d.7.b
evaluate the risks and benefits of sharing PII
1.2 Personal Data and Collection
127.792.d.7.c
describe the impact of granting applications unnecessary permissions such as mobile devices accessing camera and contacts
1.2 Personal Data and Collection
1.5 Personal Data Security
127.792.d.7.d
describe the risks of granting third parties access to personal and proprietary data on social media and systems
1.1 Digital Footprint and Responsibility
1.2 Personal Data and Collection
127.792.d.7.e
describe the risks involved with accepting Terms of Service (ToS) or End User License Agreements (EULA) without a basic understanding of the terms or agreements
1.4 Cyber Ethics and Laws
127.792.d.8.a
define cybersecurity and information security
1.6 Cybersecurity Essentials
127.792.d.8.b
identify basic risk management and risk assessment principles related to cybersecurity threats and vulnerabilities, including the Zero Trust model
8.6 Checking for Vulnerabilities
8.7 Risky Business
127.792.d.8.c
explain the fundamental concepts of confidentiality, integrity, and availability (CIA triad)
1.6 Cybersecurity Essentials
127.792.d.8.d
describe the trade-offs between convenience and security
1.5 Personal Data Security
127.792.d.8.e
identify and analyze cybersecurity breaches and incident responses
127.792.d.8.f
identify and analyze security challenges in domains such as physical, network, cloud, and web
1.7 Common Cyber Attacks and Prevention
4.10 System Administration
8.3 Security in Coding
8.5 Environmental Controls
8.7 Risky Business
127.792.d.8.g
define and discuss challenges faced by cybersecurity professionals such as internal and external threats
1.7 Common Cyber Attacks and Prevention
4.10 System Administration
8.3 Security in Coding
8.7 Risky Business
127.792.d.8.h
identify indicators of compromise such as common risks, warning signs, and alerts of compromised systems
6.11 Network Management
8.6 Checking for Vulnerabilities
8.7 Risky Business
127.792.d.8.i
explore and discuss the vulnerabilities of network-connected devices such as Internet of Things (IoT)
1.6 Cybersecurity Essentials
127.792.d.8.j
use appropriate cybersecurity terminology
1.6 Cybersecurity Essentials
127.792.d.8.k
explain the concept of penetration testing, including tools and techniques
8.6 Checking for Vulnerabilities
127.792.d.8.l
explore and identify common industry frameworks such as MITRE ATT&CK, MITRE Engage , and Cyber Kill Chain, and the Diamond Model
127.792.d.9.a
define malware, including spyware, ransomware, viruses, and rootkits
1.7 Common Cyber Attacks and Prevention
127.792.d.9.b
identify the transmission and function of malware such as trojan horses, worms, and viruses
1.7 Common Cyber Attacks and Prevention
127.792.d.9.c
discuss the impact of malware and the model of "as a service"
127.792.d.9.d
explain the role of reverse engineering for the detection of malware and viruses
127.792.d.9.e
describe free and commercial antivirus and anti-malware software also known as Endpoint Detection and Response software
4.8 Application Security
127.792.d.10.a
define system hardening
4.10 System Administration
127.792.d.10.b
use basic system administration privileges
4.10 System Administration
127.792.d.10.c
explain the importance of patching operating systems
4.1 Operating Systems
127.792.d.10.d
explain the importance of software updates
4.1 Operating Systems
127.792.d.10.e
describe standard practices to configure system services
4.9 Browser Configuration
4.10 System Administration
127.792.d.10.f
explain the importance of backup files
4.8 Application Security
127.792.d.10.g
research and explain standard practices for securing computers, networks, and operating systems, including the concept of least privilege
4.10 System Administration
127.792.d.10.h
identify vulnerabilities caused by a lack of cybersecurity awareness and training such as weaknesses posed by individuals within an organization
8.6 Checking for Vulnerabilities
8.7 Risky Business
127.792.d.11.a
identify basic network devices, including routers and switches
6.5 Network Devices
127.792.d.11.b
define network addressing
5.5 IP Addresses
127.792.d.11.c
analyze incoming and outgoing rules for traffic passing through a firewall
6.10 Network Communication
127.792.d.11.d
identify well known ports by number and service provided, including port 22 (Secure Shell Protocol/ssh), port 80 (Hypertext Transfer Protocol/http), and port 443 (Hypertext Transfer Protocol Secure/https)
6.10 Network Communication
8.6 Checking for Vulnerabilities
127.792.d.11.e
identify commonly exploited ports and services, including ports 20 and 21 (File Transfer Protocol/ftp), port 23 (telnet protocol), and port 3389 (Remote Desktop Protocol/rdp)
6.10 Network Communication
8.6 Checking for Vulnerabilities
127.792.d.11.f
identify common tools for monitoring ports and network traffic
6.10 Network Communication
6.11 Network Management
8.6 Checking for Vulnerabilities
127.792.d.12.a
define what constitutes a secure password
1.5 Personal Data Security
127.792.d.12.b
create a secure password policy, including length, complexity, account lockout, and rotation
1.5 Personal Data Security
127.792.d.12.c
identify methods of password cracking such as brute force and dictionary attacks
1.5 Personal Data Security
127.792.d.12.d
examine and configure security options to allow and restrict access based on user roles
4.10 System Administration
127.792.d.13.a
identify different types of user accounts and groups on an operating system
127.792.d.13.b
explain the fundamental concepts and standard practices related to access control, including authentication, authorization, and auditing
1.5 Personal Data Security
1.6 Cybersecurity Essentials
4.10 System Administration
127.792.d.13.c
compare methods for single- and multi-factor authentication such as passwords, biometrics, personal identification numbers (PINs), secure tokens, and other passwordless authentication methods
1.5 Personal Data Security
127.792.d.13.d
define and explain the purpose and benefits of an air-gapped computer
127.792.d.13.e
explain how hashes and checksums may be used to validate the integrity of transferred data
2.4 Authentication Methods
127.792.d.14.a
explain the importance of digital forensics to organizations, private citizens, and the public sector
127.792.d.14.b
identify the role of chain of custody in digital forensics;
127.792.d.14.c
explain the four steps of the forensics process, including collection, examination, analysis, and reporting
127.792.d.14.d
identify when a digital forensics investigation is necessary
127.792.d.14.e
identify information that can be recovered from digital forensics investigations such as metadata and event logs
127.792.d.14.f
analyze the purpose of event logs and identify suspicious activity
6.11 Network Management
127.792.d.15.a
explain the purpose of cryptography and encrypting data;
2.1 Cryptography: Then, Now, and Future
127.792.d.15.b
research historical uses of cryptography
2.1 Cryptography: Then, Now, and Future
127.792.d.15.c
review and explain simple cryptography methods such as shift cipher and substitution cipher
2.2 Symmetric Encryption
127.792.d.15.d
define and explain public key encryption
2.3 Asymmetric Encryption
127.792.d.15.e
compare and contrast symmetric and asymmetric encryption
2.3 Asymmetric Encryption
127.792.d.16.a
explain how computer vulnerabilities leave systems open to cyberattacks
4.10 System Administration
6.10 Network Communication
8.3 Security in Coding
8.6 Checking for Vulnerabilities
8.7 Risky Business
127.792.d.16.b
explain how users are the most common vehicle for compromising a system at the application level
127.792.d.16.c
define and describe vulnerability, payload, exploit, port scanning, and packet sniffing
8.6 Checking for Vulnerabilities
127.792.d.16.d
identify internal threats to systems such as logic bombs and insider threats
127.792.d.16.e
define and describe cyberattacks, including man-in-the-middle, distributed denial of service, spoofing, and back-door attacks
127.792.d.16.f
differentiate types of social engineering techniques such as phishing; web links in email, instant messaging, social media, and other online communication with malicious links; shoulder surfing; and dumpster diving
127.792.d.16.g
identify various types of application-specific attacks such as cross-site scripting and injection attacks
8.3 Security in Coding
127.792.d.17.a
compare vulnerabilities associated with connecting devices to public and private networks
127.792.d.17.b
explain device vulnerabilities and security solutions on networks such as supply chain security and counterfeit products
127.792.d.17.c
compare and contrast protocols such as HTTP versus HTTPS
5.7 How Do Websites Work?
127.792.d.17.d
debate the broadcasting or hiding of a wireless service set identifier (SSID)
6.4 Storage Options
127.792.d.17.e
research and discuss threats such as mandatory access control (MAC) spoofing and packet sniffing
127.792.d.18.a
define application security
4.8 Application Security
8.3 Security in Coding
127.792.d.18.b
identify methods of application security such as secure development policies and practices
8.3 Security in Coding
127.792.d.18.c
explain the purpose and function of vulnerability scanners
8.6 Checking for Vulnerabilities
127.792.d.18.d
explain how coding errors may create system vulnerabilities such as buffer overflows and lack of input validation
8.3 Security in Coding
127.792.d.18.e
analyze the risks of distributing insecure programs
127.792.d.19.a
define commonly used risk assessment terms, including risk, asset, and inventory
127.792.d.19.b
identify risk management strategies, including acceptance, avoidance, transference, and mitigation
127.792.d.19.c
compare and contrast risks based on an industry accepted rubric or metric such as Risk Assessment Matrix
