Cyber Security
Subtopics
1. Identify basic security risks and issues to computer hardware, software, and data. |
2. Define the various virus types and describe the common symptoms caused by viruses and their potential effects. |
3. Define concepts such as phishing, social engineering, spoofing, identify theft, and spamming. |
4. Describe importance and process of incidence reporting. |
5. Implement security preventive maintenance techniques such as installing service packs and patches. |
6. Assess security threats, diagnose, and troubleshoot hardware, software, and data security issues. |
7. Implement virus protection and removal procedures to recover information from failures and security breaches (e.g., malware and viral infection). |
8. Explain the impact of malware protection, including antivirus software, spam, adware, spyware filtering, and patch management. |
9. Scan storage devices and equipment for viruses and spyware and disinfect as needed. |
10. Install and configure anti-X software (e.g., anti-virus, anti-spyware, and anti-spam). |
11. Identify potential sources of virus infection and describe methods of preventing the spread of computer virus. |
12. Identify how to protect privacy and personal security online (e.g., to avoid fraud, identity theft and other hazards). |
13. Explain the benefits and demonstrate the use of privacy, password, and protection utilities. |
1. Explain the importance of network security (e.g., ethics and rights). |
2. Explain principles of basic network security (e.g., IP spoofing, packet sniffing, password compromise, and encryption). |
3. Determine threats and analyze risks to network perimeters. |
4. Determine the impact on network functionality of a particular security implementation (e.g., port blocking/filter, authentication, and encryption). |
5. Identify the following security protocols and describe their purpose and function: IPSEC, L2TP, SSL, WEP, WPA, and 802.1x. |
6. Identify specific access levels that need to be accommodated. |
7. Match security system design to identified security requirements. |
8. Develop, document and implement a network security plan (e.g., install, configure, upgrade, and optimize security). |
9. Train users about malicious software prevention technologies. |
10. Diagnose and troubleshoot hardware, software, and data security issues. |
11. Implement hardware and software network security solutions (e.g., VPN, SSL, and firewall). |
12. Identify the purposes and characteristics of access control and permissions, auditing and event logging. |
13. Know and implement user security policies and procedures to maintain, monitor, and support the security and integrity of a network. |
14. Implement secured access to network resources. |
15. Describe the importance and demonstrate forms of network security (e.g., password strategies and user accounts). |
16. Illustrate fundamental legal issues involved with security management. |
17. Design an audit policy and incident response procedures. |
18. Manage and distribute critical software updates that resolve known security vulnerabilities and other stability issues. |
19. Explain the importance of educating users and supervisors in regard to network security. |
20. Implement security controls such as MAC or DAC to ensure user policies are enabled. |
21. Implement server and Web-based services security features. |
22. Describe what a firewall is, its uses, and how it works. |
23. Explain the characteristics, uses, and benefits of software firewalls and hardware firewalls. |
24. Install and update a firewall. |
25. Configure personal firewall protection. |
26. Describe the four basic firewall techniques (e.g., proxy server, packet filter, application gateway, and circuit-level gateway). |
27. Implement global, domain, and local account policies. |
28. Distinguish among the following security methods: DMX (including dual-homed and triple-homed firewalls), VLan, intranet, extranet, PKI |
1. Identify common problems associated with electronic communication (e.g., delivery failure, junk mail, fraud hoaxes, phishing, and viruses) and recommend mitigation strategies. |
2. Define E-Mail and Instant Messaging protocol. |
3. Recognize social engineering and address social engineering situations. |
4. Identify netiquette including the use of e-mail, social networking, blogs, texting, and chatting. |
5. Explain the benefits and demonstrate the use of privacy, password, and protection utilities. |
6. Discuss security issues and guidelines for legal and responsible electronic communications and Internet use for business (e.g., includes copyright, netiquette, privacy issues, and ethics). |
7. Scan e-mail messages and attachments received to ensure they are not spam. |
8. Establish and manage spam/junk mail folders. |
9. Identify issues regarding unsolicited e-mail (spam) and how to minimize or control unsolicited mail. |
10. Identify contamination protection strategies for e-mail. |
1. Explain concepts such as denial of service, hacking/cracking, intrusion, and intellectual property. |
2. Assess security threats and develop plan to address. |
3. Analyze and inspect the system’s configuration and vulnerabilities to detect inadvisable settings. |
4. Inspect the password files to detect inadvisable passwords. |
5. Inspect other system areas to detect policy violations. |
6. Assess system and file integrity. |
7. Recognize patterns typical of attacks. |
8. Analyze abnormal activity patterns. |
9. Track user policy violations. |
10. Demonstrate an understanding of Internet use and security issues. |
11. Investigate security issues related to Internet technology (e.g., virus, firewalls, spam, system backup, passwords, wireless, and data encryption). |
12. Identify types of intrusion detection and recommend tools to protect against each type. |
1. Define public key infrastructure. |
2. Describe the advantages and risks associated with a public key infrastructure. |
3. Identify and analyze precautions included in programs used on networks (e.g., self-metering, security keys, and required configuration settings). |
4. Explain the purpose of temporary certificates and single sign-on. |
5. Describe Web of Trust and when it is appropriate to use. |
6. Describe certificate authority and its role in security. |
7. Distinguish between public key encryption and digital signatures. |
8. Describe cryptographic protocols and applications, like digital cash, password-authenticated key agreement, multi-party key agreement, and time stamping service. |
1. Describe authentication process to network devices for users. |
2. Discuss the need for authentication and non-repudiation of information (e.g., PKI). |
3. Describe the steps to achieve authentication and confidentiality. |
4. Provide for user authentication (e.g., assign passwords and access level). |
5. Identify and resolve a network configuration with incorrect protocols, client software misconfiguration, authentication misconfiguration, and insufficient rights/permissions. |
6. Evaluate electronic sources of information for authenticity. |
7. Identify authentication protocols (e.g., CHAP, MS-CHAP, PAP, RADIUS, Kerbero, and EAP.) |
8. Explain and implement Secure Sockets Layer (SSL) authentication. |
9. Explain and install a certificate. |
10. Describe concepts related to logon authentication. |
11. Educate employees on how to properly handle passwords. |
12. Establish policies on choosing a secure password. |
13. Describe the biometrics authentication method. |
14. Give an example of a two-factor authentication security process. |
15. Discuss the need for dual-role authentication |
1. Identify possible effects of natural disasters on computer. |
2. Describe the purpose and characteristics of disaster recovery: backup/restore, offsite storage, hot and cold spares, and hot, warm, and cold sites. |
3. Differentiate between disaster recovery and business continuity. |
4. Design a disaster recovery plan. |
5. Compare different options of backing up and securing data and restoring a system and perform system backup. |
6. Select and test a disaster recovery plan against several disaster scenarios. |
7. Demonstrate the ability to recover operating systems (e.g., boot methods, recovery console, ASR, and ERD). |
8. Backup and restore files and directories. |
9. Implement procedures used to recover information from failures and security breaches (e.g., malware and viral infection). |
10. Identify method for avoiding common computer system disasters (e.g., UPS and RAID). |
11. Compare/contract streaming file-by-file backup systems. |
12. Establish process for archiving files. |
13. Use the features of a server operating system to prevent a disaster or recover when one occurs. |
14. Identify and maintain battery backup equipment. |
15. Install surge suppression protection. |
16. Develop and document a plan to avoid data loss, including backups and remote storage. |
1. Define physical security. |
2. Identify names, purposes, and characteristics of hardware and software security issues including wireless, data, and physical security. |
3. |
4. Describe basic physical security risks inherent to computer hardware and software. |
5. Describe physical security best practices for enterprises. |
6. Describe risk-mitigation techniques (e.g., policies, procedures, hardware, and software). |
7. Establish and implement controls for physical site access and security. |
8. Identify and analyze environmental hazards (e.g., fire, flood, moisture, temperature, electricity,) and establish environmental security controls to protect and restore. |
9. Perform a physical configuration audit. |
10. Train and test employees in area of physical security awareness. |
11. Describe the physical security components of a Disaster Recovery/Business Continuity Plan |
1. Explain the purpose of cryptography. |
2. Identify levels of encryption. |
3. Describe the types of cryptography algorithms (e.g., secret key, public key, and hash functions). |
4. Describe trust models such as web of trust, Kerberos, and certificates. |
5. Identify cryptography applications used for password protection and private communication. (IP security protocol, clipper, Identify Base Encryption, Internet Security Association and Key Management Protocol, and Secure sockets Layer). |
6. Illustrate concepts of data encryption and its use with protecting network resources. |
7. Identify uses for VPN and network data encryption. |
8. Define the advantages and risks associated with passwords. |
9. Explain how passwords are stored. |
10. Describe DES (Data Encryption Standards) and explain how it operates. |
11. Explain the purpose and use of AES (Advanced Encryption Standard). |
12. Explain export controls associated with cryptography. |
1. Review incident responses, priorities, and requirements. |
2. Identify recoverable evidence in computer hardware and mobile devices. |
3. Preserve evidence in an acceptable forensically manner. |
4. Review time line of computer files based on the creation, file modification, and file access. |
5. Identify past Internet browsing, downloads, and e-mail communications. |
6. Examine and analyze evidence. |
7. Differentiate between operating systems from a forensics standpoint. |
8. Use computer forensics software tools to cross validate findings in computer evidence-related cases. |
9. Prepare a report of findings. |
10. Identify forensic analysis tools and their uses |
11. Describe Legislative Acts governing Digital Forensics |
1. Identify national legislative initiatives that affect cyber security |
2. Identify Executive Orders that affect cyber security |