Standards in this Framework
| Standard | Description |
|---|---|
| CYBI.1 | Analyze ethical security practices, including but not limited to the issues of a) Data security, b) Confidentiality, c) Integrity, d) Availability, e) Authentication, f) Nonrepudiation, g) Physical security, h) HIPPA Laws, i) Payment Card Industry (PCI) Compliance |
| CYBI.2 | Understand the importance of ISO27000 standards |
| CYBI.3 | Research current events on breaches with focus on particular Information Assurance (IA) areas that were compromised |
| CYBI.4 | Analyze security threats, vulnerabilities, and exploits a) Explain how they impact an organization |
| CYBI.5 | Read and interpret technical information to define risk management and how it applies to information security |
| CYBI.6 | Perform a simulated risk assessment by using the common industry framework from ISO |
| CYBI.7 | Explain the core concepts of access control as they relate to authentication and authorization |
| CYBI.8 | Analyze the use of administrative, logical (technical) and physical controls applied to systems and organizations |
| CYBI.9 | Demonstrate the use of access controls that apply to user account management, including basic and advanced techniques |
| CYBI.10 | Identify and describe common Local Area Network (LAN) methodologies |
| CYBI.11 | Analyze the various LAN topologies including perimeter networks which may include the use of a Demilitarized zone (DMZ) |
| CYBI.12 | Indicate and explain the standards of Ethernet |
| CYBI.13 | Describe the characteristics of LAN cabling |
| CYBI.14 | Explain industry standards used in wireless networks including security protocols used to protect the wireless network |
| CYBI.15 | Describe how routing protocols are used in the differences between static and dynamic methods of routing |
| CYBI.16 | Explain how to install and configure Routing and Remote Access Service (RRAS) to function as a network router and how to install and configure Routing Information Protocols |
| CYBI.17 | Choose between technologies and topologies used for wide area networks (WAN) |
| CYBI.18 | Explain how the different types of personal and small business internet connectivity has changed throughout history and identify current internet systems most commonly used |
| CYBI.19 | Summarize the common OSI model and the function used by each layer |
| CYBI.20 | Analyze and describe the differences between the Transmission Control Protocol/Internet Protocol (TCP/IP) and OSI models for networking |
| CYBI.21 | Define and describe the various services used by networks for the transmission of data such as DNS, NAT, and DHCP |
| CYBI.22 | Analyze the differences among the addressing techniques used by networks, including IPv4 and basic IPv6 |
| CYBI.23 | Demonstrate the use of subnets in an organization's network environment |
| CYBI.24 | Research the features and requirements of a working model of a client-server network and how services function in a networked Windows environment |
| CYBI.25 | Compare and contrast the differences and uses of the Internet, Intranets, and Extranets |
| CYBI.26 | Research and describe the most common methods and technology used to secure networks |
| CYBI.27 | Investigate and distinguish among the following common methods to secure a network a) VPNs for remote access b) Firewalls c) Perimeter network designs d) Preventative technologies |
| CYBI.28 | Research the different applications of network security devices a) Optical drives b) Combo drives and burners c) Connection types d) Hard drives e) Solid state/flash drives f) RAID types g) Floppy drive h) Tape drive i) Media capacity |
| CYBI.29 | Demonstrate secure networking techniques by designing a simple secure network |
| CYBI.30 | Analyze the various networking commands used to test and examine networks |
| CYBI.31 | Research the features and uses of command line utilities to configure and examine networking services and construct a flow chart that a security analyst could reference |
| CYBI.32 | Explore various operating and file systems used in networks |
| CYBI.33 | Identify the pros and cons of how systems are designed to provide the security necessary in a multiuser environment |
| CYBI.34 | Describe the most common security threats to computer systems, such as social engineering, malware, phishing, viruses, etc. |
| CYBI.35 | Distinguish among the following common prevention methods to secure a computer system a) Physical security (e.g., lock doors, tailgating, biometrics, badges, key fobs, retinal, etc.) b) Digital security (e.g., antivirus, firewalls, antispyware, user authentication, etc.) c) User education d) Principles of least privilege |
| CYBI.36 | Report on recent threats and vulnerabilities to systems in networking environments |
| CYBI.37 | Differentiate between threats and vulnerabilities and what constitutes a network attack |
| CYBI.38 | Identify how to differentiate between the different types of applications attacks |
| CYBI.39 | Explain ways to install and configure antivirus software |
| CYBI.40 | Research the features and requirements of common security procedures used to protect system resources on a network |
| CYBI.41 | Describe the differences among various methods to create baseline security measures |
| CYBI.42 | Research storage devices and backup media outlining their purpose, characteristics, proper maintenance, and methods used to back up and protect data from unauthorized use and access of data a) Optical drives b) Combo drives and burners c) Connection types d) Hard drives e) Solid state/flash drives f) RAID types g) Floppy drive h) Tape drive i) Media capacity |
| CYBI.43 | Demonstrate the methods used to protect against unauthorized use of files |
| CYBI.44 | Configure file and folder permissions |
| CYBI.45 | Analyze various protocols and services used by systems for securing them in a network environment |
| CYBI.46 | Illustrate cryptology’s historical evolution including but not limited to public key infrastructures, asymmetric and symmetric encryptions |
| CYBI.47 | Analyze common methods and use of cryptology to protect data |
