Please enable JavaScript to use CodeHS

Ohio Cyber Testing and Response Standards Framework

67 Standards in this Framework


Standard Description
1.12.3. Interpret security policies through job specific training and training updates.
1.12.4. Apply secure password behavior.
1.12.5. Apply physical and virtual situational awareness (e.g., clean desk policies, shoulder surfing, social engineering, tailgating).
2.1.1. Explain the need for confidentiality, integrity, and availability (CIA) of information.
2.1.2. Describe authentication, authorization, and auditing.
2.1.3. Describe multilevel security.
2.1.4. Identify security risks and describe associated safeguards and methodologies (e.g., auditing).
2.1.5. Describe major threats to computer systems (e.g., insider threats, viruses, worms, spyware, ransomware, spoofing, hacking, social engineering, phishing).
2.1.10. Describe computer forensics, its importance in information security and cybersecurity, and its relevance to law enforcement.
2.1.11. Identify the need for personal security in digital information and describe how personal information can be safeguarded.
2.1.13. Describe privacy security compliance on systems (e.g., Health Insurance Portability and Accountability Act [HIPAA], Payment Card Industry [PCI], Sarbanes Oxley Act [SOX], Americans with Disabilities Act [ADA], General Data Protection Regulation [GDPR], European Union Data Protection Regulation [EUDPR]).
2.4.1. Investigate the scope and the impact of mobile computing environments on society.
2.4.2. Describe the differences, advantages, and limitations of cloud computing (e.g., public cloud, private cloud, hybrid cloud) and on-premises computing.
2.4.4. Describe emerging technologies (e.g., Bring your Own Device [BYOD], Services Virtualization, Augmented Reality [AR], SMART Devices, Additive Manufacturing [3D Printing]).
3.1.1. Differentiate between authentication and authorization.
3.1.2. Compare authentication techniques (e.g. single factor, multifactor, passwords, biometrics, certificates, Radio Frequency Identification [RFID] cards).
3.1.4. Describe Virtual Private Networks (VPNs) using tunneling protocols (e.g., Layer 2 Tunneling Protocol [L2TP], Secure Socket Tunneling Protocol [SSTP], Point-to-Point Tunneling Protocol [PPTP] and encrypting techniques).
3.2.1. Identify and implement data and application security.
3.2.8. Identify the need for disaster recovery policies and procedures.
3.3.1. Describe network security policies (e.g., acceptable use policy).
3.3.5. Assess risks based on vulnerability of the organization, likelihood of risk, and impact on the organization.
3.3.6. Describe the functions and uses of patch management.
3.4.3. Compare network analysis software (e.g., network analyzer) and hardware tools to identify security risks and vulnerabilities.
3.4.4. Identify the components of human security (e.g., social engineering) and techniques to mitigate human security threats (e.g., policies, procedures, training).
3.5.1. Describe wireless security risks (e.g., unauthorized access) and how to mitigate them.
3.5.2 Compare methods of increasing the security of wireless networks and devices (e.g., Media Access Control [MAC] address filtering, Wi-Fi Protected Access [WPA], 802.1x, Remote Authentication Dial In User Service [RADIUS]).
3.5.3 Research security enhancements provided by Institute of Electrical and Electronics Engineers (IEEE).
3.5.4 Describe practices and policies for preventing and detecting installation of rogue networks.
3.5.5. Describe security practices and policies for personal devices.
3.5.6. Implement and test the security of a wireless network.
4.1.1. Determine the basic point-to-point (PTP) and point-to-multipoint (PTMP) network topologies (e.g., star, ring, tree, mesh, hybrid) and identify broadband and baseband (e.g., Ethernet) transmission methods and standards.
4.1.4. Identify standard and emerging network technologies (e.g., broadband, satellite, optic, cellular, Local-Area Network (LAN) and WiFi).
4.1.6. Configure and build a network. (e.g., server, switch, router)
4.2.3. Compare the seven layers of the Open Systems Interconnection stack to the four layers of the Transmission Control Protocol/Internet Protocol (TCP/IP) stack.
4.2.5. Describe actions to be performed at each of the Open Systems Interconnection physical layers.
4.3.1. Identify the criteria used in selecting media (e.g., physical properties, transmission technologies, transmission span, bandwidth, topology, security, noise immunity, installation considerations, cost).
4.3.2. Differentiate between media types (e.g., coaxial, twisted pair, fiber optic) and interfaces.
4.3.3. Compare media categories (e.g., single mode, multimode, CAT5, CAT5E, CAT6+).
4.3.4. Describe types of media connectors (e.g., Bayonet Neill-Concelman [BNC], Registered Jack [RJ]-45, LC, ST) and grounding techniques.
4.3.6. Identify the advantages and disadvantages of cabling systems.
4.4.1. Compare wireless standards in common use (e.g., Institute of Electrical and Electronics Engineers [IEEE] 802.11, Cellular, Bluetooth, Worldwide Interoperability for Microwave Access [WiMAX], Radio Frequency Identification [RFID], Near Field Communication [NFC]).
4.5.3. Describe the Service Set Identifier (SSID) as used in wireless communications.
4.5.4. Select and install access points, wireless Network Interface Cards (NICs), antennas, and other hardware and software components to provide a wireless networking solution as determined by a site and customer survey.
4.5.6. Secure the wireless network.
9.1.1. Identify the goals, objectives and purposes of cybersecurity.
9.1.2. Describe the concepts of malware attack vectors.
9.1.5. Identify types of controls (e.g., Deterrent, Preventive, Detective, Compensating, Technical, and Administrative).
9.3.1. Identify application vulnerabilities (e.g., Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, Buffer overflow, Integer overflow, Zero-day, Cookies and attachments, Locally Shared Objects (LSOs), Flash cookies, Malicious add-ons, Session hijacking, Header manipulation, Arbitrary code execution/remote code execution).
9.3.5 Discover and mitigate common database vulnerabilities and attacks.
9.3.6. Differentiate between Server-side vs. client-side validation.
9.5.1. Describe, locate, and mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware).
9.5.2. Describe and discover vulnerabilities to and mitigate network attacks. (e.g., Man-in-the-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks).
9.5.4. Describe, appraise for, and mitigate Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole).
9.5.5. Perform penetration testing.
9.7.1. Recognize digital reconnaissance techniques (e.g., packet capture, OS fingerprinting, topology discovery, DNS harvesting).
9.7.2. Use tools and procedures for digital reconnaissance (e.g., host scanning, network mapping, NMAP, packet analyzer, vulnerability scanner).
9.7.3. Analyze reconnaissance results (data correlation, data analytics, point-in-time, data logs, packet captures).
9.7.4. Collect digital evidence according to established policies and protocols (e.g., system image, packet captures).
9.7.5. Maintain chain of custody on evidence.
9.7.6. Generate file hash.
9.8.2. Differentiate between detection controls and prevention controls (e.g., IDS vs. IPS, Camera vs. guard).
9.8.3. Use discovery tools and utilities to identify threats (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner).
9.8.9 Interpret alarms and alert trends.
9.8.10 Apply Incident response procedures (e.g., Preparation, Incident identification, Escalation and notification, Mitigation steps, Lessons learned, Reporting, Recovery procedures, First responder, Incident isolation, Quarantine, Device removal, Data breach).
9.8.11 Differentiate between types of Penetration testing (e.g., Black box, White box, Gray box).
9.10.1 Enforce concepts related to threat vectors and probability/threat likelihood.
9.10.2 Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF).