Cyber Security

Subtopics

Defend and Attack (virus, spam, spyware, Trojans, hijackers, worms) - 15%

1. Identify basic security risks and issues to computer hardware, software, and data.

2. Define the various virus types and describe the common symptoms caused by viruses and their potential effects.

3. Define concepts such as phishing, social engineering, spoofing, identify theft, and spamming.

4. Describe importance and process of incidence reporting.

5. Implement security preventive maintenance techniques such as installing service packs and patches.

6. Assess security threats, diagnose, and troubleshoot hardware, software, and data security issues.

7. Implement virus protection and removal procedures to recover information from failures and security breaches (e.g., malware and viral infection).

8. Explain the impact of malware protection, including antivirus software, spam, adware, spyware filtering, and patch management.

9. Scan storage devices and equipment for viruses and spyware and disinfect as needed.

10. Install and configure anti-X software (e.g., anti-virus, anti-spyware, and anti-spam).

11. Identify potential sources of virus infection and describe methods of preventing the spread of computer virus.

12. Identify how to protect privacy and personal security online (e.g., to avoid fraud, identity theft and other hazards).

13. Explain the benefits and demonstrate the use of privacy, password, and protection utilities.

Network Security - 15%

1. Explain the importance of network security (e.g., ethics and rights).

2. Explain principles of basic network security (e.g., IP spoofing, packet sniffing, password compromise, and encryption).

3. Determine threats and analyze risks to network perimeters.

4. Determine the impact on network functionality of a particular security implementation (e.g., port blocking/filter, authentication, and encryption).

5. Identify the following security protocols and describe their purpose and function: IPSEC, L2TP, SSL, WEP, WPA, and 802.1x.

6. Identify specific access levels that need to be accommodated.

7. Match security system design to identified security requirements.

8. Develop, document and implement a network security plan (e.g., install, configure, upgrade, and optimize security).

9. Train users about malicious software prevention technologies.

10. Diagnose and troubleshoot hardware, software, and data security issues.

11. Implement hardware and software network security solutions (e.g., VPN, SSL, and firewall).

12. Identify the purposes and characteristics of access control and permissions, auditing and event logging.

13. Know and implement user security policies and procedures to maintain, monitor, and support the security and integrity of a network.

14. Implement secured access to network resources.

15. Describe the importance and demonstrate forms of network security (e.g., password strategies and user accounts).

16. Illustrate fundamental legal issues involved with security management.

17. Design an audit policy and incident response procedures.

18. Manage and distribute critical software updates that resolve known security vulnerabilities and other stability issues.

19. Explain the importance of educating users and supervisors in regard to network security.

20. Implement security controls such as MAC or DAC to ensure user policies are enabled.

21. Implement server and Web-based services security features.

22. Describe what a firewall is, its uses, and how it works.

23. Explain the characteristics, uses, and benefits of software firewalls and hardware firewalls.

24. Install and update a firewall.

25. Configure personal firewall protection.

26. Describe the four basic firewall techniques (e.g., proxy server, packet filter, application gateway, and circuit-level gateway).

27. Implement global, domain, and local account policies.

28. Distinguish among the following security methods: DMX (including dual-homed and triple-homed firewalls), VLan, intranet, extranet, PKI

Email Security - 10%

1. Identify common problems associated with electronic communication (e.g., delivery failure, junk mail, fraud hoaxes, phishing, and viruses) and recommend mitigation strategies.

2. Define E-Mail and Instant Messaging protocol.

3. Recognize social engineering and address social engineering situations.

4. Identify netiquette including the use of e-mail, social networking, blogs, texting, and chatting.

5. Explain the benefits and demonstrate the use of privacy, password, and protection utilities.

6. Discuss security issues and guidelines for legal and responsible electronic communications and Internet use for business (e.g., includes copyright, netiquette, privacy issues, and ethics).

7. Scan e-mail messages and attachments received to ensure they are not spam.

8. Establish and manage spam/junk mail folders.

9. Identify issues regarding unsolicited e-mail (spam) and how to minimize or control unsolicited mail.

10. Identify contamination protection strategies for e-mail.

Intrusion Detection - 10%

1. Explain concepts such as denial of service, hacking/cracking, intrusion, and intellectual property.

2. Assess security threats and develop plan to address.

3. Analyze and inspect the system’s configuration and vulnerabilities to detect inadvisable settings.

4. Inspect the password files to detect inadvisable passwords.

5. Inspect other system areas to detect policy violations.

6. Assess system and file integrity.

7. Recognize patterns typical of attacks.

8. Analyze abnormal activity patterns.

9. Track user policy violations.

10. Demonstrate an understanding of Internet use and security issues.

11. Investigate security issues related to Internet technology (e.g., virus, firewalls, spam, system backup, passwords, wireless, and data encryption).

12. Identify types of intrusion detection and recommend tools to protect against each type.

Public Key - 5%

1. Define public key infrastructure.

2. Describe the advantages and risks associated with a public key infrastructure.

3. Identify and analyze precautions included in programs used on networks (e.g., self-metering, security keys, and required configuration settings).

4. Explain the purpose of temporary certificates and single sign-on.

5. Describe Web of Trust and when it is appropriate to use.

6. Describe certificate authority and its role in security.

7. Distinguish between public key encryption and digital signatures.

8. Describe cryptographic protocols and applications, like digital cash, password-authenticated key agreement, multi-party key agreement, and time stamping service.

Authentication - 10%

1. Describe authentication process to network devices for users.

2. Discuss the need for authentication and non-repudiation of information (e.g., PKI).

3. Describe the steps to achieve authentication and confidentiality.

4. Provide for user authentication (e.g., assign passwords and access level).

5. Identify and resolve a network configuration with incorrect protocols, client software misconfiguration, authentication misconfiguration, and insufficient rights/permissions.

6. Evaluate electronic sources of information for authenticity.

7. Identify authentication protocols (e.g., CHAP, MS-CHAP, PAP, RADIUS, Kerbero, and EAP.)

8. Explain and implement Secure Sockets Layer (SSL) authentication.

9. Explain and install a certificate.

10. Describe concepts related to logon authentication.

11. Educate employees on how to properly handle passwords.

12. Establish policies on choosing a secure password.

13. Describe the biometrics authentication method.

14. Give an example of a two-factor authentication security process.

15. Discuss the need for dual-role authentication

Disaster Recovery - 15%

1. Identify possible effects of natural disasters on computer.

2. Describe the purpose and characteristics of disaster recovery: backup/restore, offsite storage, hot and cold spares, and hot, warm, and cold sites.

3. Differentiate between disaster recovery and business continuity.

4. Design a disaster recovery plan.

5. Compare different options of backing up and securing data and restoring a system and perform system backup.

6. Select and test a disaster recovery plan against several disaster scenarios.

7. Demonstrate the ability to recover operating systems (e.g., boot methods, recovery console, ASR, and ERD).

8. Backup and restore files and directories.

9. Implement procedures used to recover information from failures and security breaches (e.g., malware and viral infection).

10. Identify method for avoiding common computer system disasters (e.g., UPS and RAID).

11. Compare/contract streaming file-by-file backup systems.

12. Establish process for archiving files.

13. Use the features of a server operating system to prevent a disaster or recover when one occurs.

14. Identify and maintain battery backup equipment.

15. Install surge suppression protection.

16. Develop and document a plan to avoid data loss, including backups and remote storage.

Physical Security - 5%

1. Define physical security.

2. Identify names, purposes, and characteristics of hardware and software security issues including wireless, data, and physical security.

4. Describe basic physical security risks inherent to computer hardware and software.

5. Describe physical security best practices for enterprises.

6. Describe risk-mitigation techniques (e.g., policies, procedures, hardware, and software).

7. Establish and implement controls for physical site access and security.

8. Identify and analyze environmental hazards (e.g., fire, flood, moisture, temperature, electricity,) and establish environmental security controls to protect and restore.

9. Perform a physical configuration audit.

10. Train and test employees in area of physical security awareness.

11. Describe the physical security components of a Disaster Recovery/Business Continuity Plan

Cryptography - 5%

1. Explain the purpose of cryptography.

2. Identify levels of encryption.

3. Describe the types of cryptography algorithms (e.g., secret key, public key, and hash functions).

4. Describe trust models such as web of trust, Kerberos, and certificates.

5. Identify cryptography applications used for password protection and private communication. (IP security protocol, clipper, Identify Base Encryption, Internet Security Association and Key Management Protocol, and Secure sockets Layer).

6. Illustrate concepts of data encryption and its use with protecting network resources.

7. Identify uses for VPN and network data encryption.

8. Define the advantages and risks associated with passwords.

9. Explain how passwords are stored.

10. Describe DES (Data Encryption Standards) and explain how it operates.

11. Explain the purpose and use of AES (Advanced Encryption Standard).

12. Explain export controls associated with cryptography.

Forensics Security - 5%

1. Review incident responses, priorities, and requirements.

2. Identify recoverable evidence in computer hardware and mobile devices.

3. Preserve evidence in an acceptable forensically manner.

4. Review time line of computer files based on the creation, file modification, and file access.

5. Identify past Internet browsing, downloads, and e-mail communications.

6. Examine and analyze evidence.

7. Differentiate between operating systems from a forensics standpoint.

8. Use computer forensics software tools to cross validate findings in computer evidence-related cases.

9. Prepare a report of findings.

10. Identify forensic analysis tools and their uses

11. Describe Legislative Acts governing Digital Forensics

Cyber Security Policy - 5%

1. Identify national legislative initiatives that affect cyber security

2. Identify Executive Orders that affect cyber security