127.770.1A |
(A) identify and demonstrate employable work behaviors such as regular attendance, punctuality, maintenance of a professional work environment, and effective written and verbal communication; |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
-
9.1 The Game of Risk
|
127.770.1B |
(B) identify and demonstrate positive personal qualities such as authenticity, resilience, initiative, and a willingness to learn new knowledge and skills; |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
-
9.1 The Game of Risk
|
127.770.1C |
(C) solve problems and think critically; |
-
2.1 Project: Steganography
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
-
9.1 The Game of Risk
|
127.770.1D |
(D) demonstrate leadership skills and function effectively as a team member; and |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
-
9.1 The Game of Risk
|
127.770.1E |
(E) demonstrate an understanding of ethical and legal responsibilities in relation to the field of cybersecurity. |
-
7.4 Level 4: Data and Licenses
-
8.4 Penetration Testing
|
127.770.2A |
(A) develop a personal career plan along with the education, job skills, and experience necessary to achieve career goals; |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
|
127.770.2B |
(B) develop a resume or a portfolio appropriate to a chosen career plan; and |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
|
127.770.2C |
(C) illustrate interview skills for successful job placement. |
|
127.770.3A |
(A) analyze and apply to a scenario local, state, national, and international cyber law such as David's Law and Digital Millennium Copyright Act; |
|
127.770.3B |
(B) evaluate historic cases or events regarding cyber; and |
-
1.2 Encryption Algorithms
-
8.2 Assessing Risks
|
127.770.3C |
(C) explore compliance requirements such as Section 508 of the Rehabilitation Act of 1973, Family Educational Rights and Privacy Act of 1974 (FERPA), Health Insurance Portability and Accountability Act of 1996 (HIPAA), and Gramm-Leach-Bliley Act (GLBA). |
-
7.4 Level 4: Data and Licenses
|
127.770.4A |
(A) debate the relationship between privacy and security; and |
-
5.1 Network Attacks
|
127.770.4B |
(B) identify ethical or unethical behavior when presented with various scenarios related to cyber activities. |
-
7.3 Level 3: Incident Response
-
8.4 Penetration Testing
|
127.770.5A |
(A) define the phases of penetration testing, including plan, discover, attack, and report; |
-
8.4 Penetration Testing
|
127.770.5B |
(B) develop a plan to gain authorization for penetration testing; |
-
8.4 Penetration Testing
|
127.770.5C |
(C) identify commonly used vulnerability scanning tools such as port scanning, packet sniffing, and password crackers; |
-
8.1 Identifying Risks
|
127.770.5D |
(D) develop a list of exploits based on results of scanning tool reports; and |
-
8.1 Identifying Risks
-
8.2 Assessing Risks
|
127.770.5E |
(E) prioritize a list of mitigations based on results of scanning tool reports. |
-
8.3 Risk Response
|
127.770.6A |
(A) evaluate symmetric and asymmetric algorithms such as substitution cipher, Advanced Encryption Standard (AES), Diffie-Hellman, and Rivest-Shamir-Adleman (RSA); |
-
1.2 Encryption Algorithms
|
127.770.6B |
(B) explain the purpose of hashing algorithms, including blockchain; |
-
1.4 Hash Functions
-
1.5 Hash Function Development
|
127.770.6C |
(C) explain the function of password salting; |
-
1.2 Encryption Algorithms
|
127.770.6D |
(D) explain and create a digital signature; and |
-
1.7 Digital Certificates
|
127.770.6E |
(E) explain steganography. |
-
2.1 Project: Steganography
|
127.770.7A |
(A) explain the purpose of establishing system baselines; |
|
127.770.7B |
(B) evaluate the role of physical security; |
-
3.2 Environmental Controls
|
127.770.7C |
(C) evaluate the functions of network security devices such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and intrusion detection prevention systems (IDPS); |
-
3.1 Advanced Devices
|
127.770.7D |
(D) analyze log files for anomalies; and |
|
127.770.7E |
(E) develop a plan demonstrating the concept of defense in depth. |
-
7.1 Level 1: Entry Event
|
127.770.8A |
(A) explain the benefits of network segmentation, including sandboxes, air gaps, and virtual local area networks (VLAN); |
|
127.770.8B |
(B) investigate the role of software-managed networks, including virtualization; |
|
127.770.8C |
(C) discuss the role of honeypots and honeynets in networks; and |
-
8.2 Assessing Risks
|
127.770.8D |
(D) create an incoming and outgoing network policy for a firewall. |
-
3.4 Private Networks
|
127.770.9A |
(A) identify cyberattacks by their signatures; |
|
127.770.9B |
(B) explain proper data acquisition; |
|
127.770.9C |
(C) examine evidence from devices for suspicious activities; and |
|
127.770.9D |
(D) research current cybercrime cases involving digital forensics. |
|
127.770.10A |
(A) describe the integration of artificial intelligence and machine learning in cybersecurity; |
|
127.770.10B |
(B) investigate impacts made by predictive analytics on cybersecurity; and |
-
8.2 Assessing Risks
|
127.770.10C |
(C) research other emerging trends such as augmented reality and quantum computing. |
|
127.770.11A |
(A) issue commands via the command line interface (CLI) such as ls, cd, pwd, cp, mv, chmod, ps, sudo, and passwd; |
|
127.770.11B |
(B) describe the file system structure for multiple operating systems; |
|
127.770.11C |
(C) manipulate and edit files within the CLI; and |
|
127.770.11D |
(D) determine network status using the CLI with commands such as ping, ifconfig/ipconfig, traceroute/tracert, and netstat. |
|
127.770.12A |
(A) collaborate with others to create a technical report; |
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
|
127.770.12B |
(B) create, review, and edit a report summarizing technical findings; and |
-
6.1 Project Security Assessment Report
-
7.1 Level 1: Entry Event
|
127.770.12C |
(C) present technical information to a non-technical audience. |
-
4.1 Communication is Key!
-
4.2 Building a Knowledge Base
-
4.3 Star in a Video!
|
127.770.13A |
(A) differentiate types of attacks, including operating systems, software, hardware, network, physical, social engineering, and cryptographic; |
-
5.1 Network Attacks
-
5.2 Malware Types and Prevention
-
5.3 Common Network Attacks
-
5.4 Additional Attacks
-
5.6 Internal Threats
-
8.2 Assessing Risks
|
127.770.13B |
(B) explain blended threats such as combinations of software, hardware, network, physical, social engineering, and cryptographic; |
-
5.4 Additional Attacks
-
8.2 Assessing Risks
|
127.770.13C |
(C) discuss risk response techniques, including accept, transfer, avoid, and mitigate; |
-
8.3 Risk Response
|
127.770.13D |
(D) develop a plan of preventative measures to address cyberattacks; |
-
8.3 Risk Response
|
127.770.13E |
(E) describe common web vulnerabilities such as cross-site scripting, buffer overflow, injection, spoofing, and denial of service; |
-
5.5 Cross-site Scripting
-
8.2 Assessing Risks
|
127.770.13F |
(F) describe common data destruction and media sanitation practices such as wiping, shredding, and degaussing; and |
|
127.770.13G |
(G) develop an incident response plan for a given scenario or recent attack. |
-
7.3 Level 3: Incident Response
|
127.770.14A |
(A) describe various access control methods such as mandatory access control (MAC), role-based access control (RBAC), and discretionary access control (DAC); |
|
127.770.14B |
(B) develop and defend a plan for multi-factor access control using components such as biometric verification systems, key cards, tokens, and passwords; and |
-
3.2 Environmental Controls
-
3.6 Access Control
|
127.770.14C |
(C) review a disaster recovery plan (DRP) that includes backups, redundancies, system dependencies, and alternate sites. |
-
7.3 Level 3: Incident Response
|
127.770.15A |
(A) explain commonly used physical security controls, including lock types, fences, barricades, security doors, and mantraps; and |
-
3.2 Environmental Controls
|
127.770.15B |
(B) describe the role of embedded systems such as fire suppression; heating, ventilation, and air conditioning (HVAC) systems; security alarms; and video monitoring. |
-
3.2 Environmental Controls
|