Standards in this Framework
| Standard | Description |
|---|---|
| 1 | Drawing from various resources, analyze current legislation that governs computer related crimes. For example, create a presentation discussing common computer crimes, terms of use, and legal issues such as copyright laws, fair use laws, and trademark ethics pertaining to images, videos, and recorded sounds. |
| 2 | Using news articles, research and report on current legal cases involving acts of computer crime. For example, research and report on a recent case of computer fraud, piracy, and abuse. |
| 3 | Consult a variety of sources to analyze methods used to discover method of evidence collection to support legal cases involving computer related crime. Create a presentation highlighting methods used. |
| 4 | Conduct research to determine various forms of malware. Give specific examples and create an infographic highlighting the different types. |
| 5 | Analyze methods to handle malware, such as how to control access to secured resources and computer resources. Give specific examples of methods that a security analyst can use, like encryption techniques, basic input/output system (BIOS) features, and strategies for dealing with malware. |
| 6 | Analyze and differentiate among various types of attacks on systems and networks. Create a table or other graphic organizer that lists the following types of attacks and details their purposes and characteristics. Different types of attacks can include but are not limited to: a. Virus b. Worms c. Trojans d. Unpatched software e. Password cracking f. Advanced persistent threat g. Reconnaissance/footprinting h. Infiltration i. Network breach j. Network exploitation k. Attack for effects (e.g., deceive, disrupt, degrade, and destroy) l. DoS/DDoS, session hijacking m. HTTP spoofing n. DNS attacks o. Switch attacks p. Man-in-the-middle (MITM) attacks q. Cross site scripting r. Drive-by-attacks |
| 7 | Consult a variety of sources to research attack methods and create a report on at least two events. For example, show how social engineering (e.g., baiting, phishing/spear phishing, pretexting/ blagging, tailgating, quid pro quo, etc.) led to the breach of an organization. |
| 8 | Research and create an information artifact (e.g., brochure, fact sheet, or narrative) analyzing cryptographic tools, procedures for use, and products including but not limited to: PKI, Certificates, PGP, and Certificate authorities. |
| 9 | In teams, examine trade journals and research literature from product vendors to develop a simple public key infrastructure to be used by a small business. For example, show how an organization can use digital certificates, encrypted file transfers and email utilizing encryption. |
| 10 | Investigate and demonstrate the creation of a self-signed certificate for use on a web server by using command line or online tools. For example, create, install, secure, backup, and restore a certificate. |
| 11 | Analyze attack methods on wireless networks. Read and interpret trade journals, assessing the usefulness of each source, to describe the different methods used. For example, cite evidence from trade journals to explain man in the middle, sniffing, and wireless SSID spoofing to explain their unique attack methods. |
| 12 | Demonstrate the use of wireless security protocols. Drawing on evidence from textbooks and other resources, evaluate the capabilities of WPA, WPA-2, and WEP and the effectiveness of the security protocols and demonstrate how to use them appropriately. |
| 13 | Consult a variety of sources to analyze, define, and demonstrate the use of environmental controls. Instructional material may include textbooks, manuals, websites, video tutorials, and more. For example, show how BIOS sets controls on a system. |
| 14 | As a class, work collaboratively to develop simple policies that support the operations of security in an organization. For example, create an email security policy that outlines rules regarding responsible technology use. |
| 15 | Research and analyze security awareness in an organization. Create a table or other graphic organizer that lists the following examples of how to manage user habits and expectations: a. Security policy training and procedures b. Personally identifiable information c. Information classifications d. Data labeling, handling, and disposal e. Compliance with laws, best practices, and standards f. User habits g. Threat awareness h. Use of social networking |
| 16 | Synthesize information from a range of sources to analyze and define the impact of security incidents on an organization. For example, describe the various types of incidents including but not limited to malware, intrusion, and other forms of compromise. |
| 17 | Research and define what is disaster recovery (DR) plan is and how to develop one. For example, develop a step by step guide on how an organization would recover from an incident. The disaster recovery plan should highlight three key aspects: preventive measures, detective measures, and corrective measures. Write a justification that explains to a client why a disaster recovery plan is important. |
| 18 | Explore and identify various assessment methods including but not limited to network penetration and vulnerability testing. Create a chart to define how these systems are designed to help identify weak links in a company’s cyber security chain and how they provide feedback and recommendations needed in order to address them. |
| 19 | Identify and explain the uses for security testing tools. Demonstrate and compare the effectiveness of Nessus and Nmap. Write and explanation and justify conclusions by citing supporting evidence from technical manuals vendor resources. |
| 20 | Demonstrate each of the following concepts: a. Evaluate the patch status of a machine. b. Demonstrate knowledge of packet-level analysis in order to install and view packets. c. Perform secure data destruction (e.g., Secure Erase, BCWipe). |
| 21 | Utilizing prior fundamentals, demonstrate proper secure network configuration and administration. For example, use common tools and design a network utilizing secure protocols, and evaluate the network upon completion. The plan should address, but is not limited, to the following: a. Applying and implementing secure network administration principles. b. Demonstrating knowledge of how network services and protocols interact to provide network communications in order to securely implement and use common protocols. c. Identifying commonly used default network ports. d. Setting up a Network Address Translation (NAT) device. e. Configuring a Virtual Private Network (VPN). f. Configuring a remote access policy Layer 2 Tunneling Protocol (L2TP) and Point-toPoint Tunneling Protocol (PPTP). g. Demonstrating knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol (TCP/IP), Dynamic Host Configuration Protocol (DHCP) and directory services (e.g., Domain Name System (DNS) by setting up common protocols, e.g., Secure Shell (SSH), netstat, Simple Mail Transfer Protocol (SMTP), nslookup, Telnet, DNS/Bind, FTP, IIS/Web Pages, DHCP/DNS server. h. Locating open ports by completing a port scan. i. Demonstrating the knowledge and use of network statistics (netstat) |
