for South Carolina Advanced Cybersecurity — South Carolina Advanced Cybersecurity (NEW)
Total Standards: 75Mapped: 67Completion: 89%
A.1
Review school safety policies and procedures.
22.4 Personal Safety
A.2
Review classroom safety rules and procedures.
22.4 Personal Safety
A.3
Review safety procedures for using equipment in the classroom.
22.4 Personal Safety
A.4
Identify major causes of work-related accidents in office environments.
22.4 Personal Safety
A.5
Demonstrate safety skills in an office/work environment.
22.4 Personal Safety
B.1
Identify the purpose and goals of a Career and Technology Student Organization (CTSO).
22.1 Student Organizations
B.2
Explain how CTSOs are integral parts of specific clusters, majors, and/or courses.
22.1 Student Organizations
B.3
Explain the benefits and responsibilities of being a member of a CTSO.
22.1 Student Organizations
B.4
List leadership opportunities that are available to students through participation in CTSO conferences, competitions, community service, philanthropy, and other activities.
22.1 Student Organizations
B.5
Explain how participation in CTSOs can promote lifelong benefits in other professional and civic organizations.
22.1 Student Organizations
C.1
Demonstrate proficiency and skills associated with the use of technologies that are common to a specific occupation.
1.2 Hash Functions
1.3 Hash Function Development
13.1 Databases and Cybersecurity
14.2 Printing in Python
C.2
Identify proper netiquette when using e-mail, social media, and other technologies for communication purposes.
12.2 Level 2: User Training
12.3 Level 3: Incident Response
12.5 Level 5: Change Management
C.3
Identify potential abuse and unethical uses of laptops, tablets, computers, and/or networks.
3.6 Internal Threats
4.4 Network Protocol Defense
10.1 Identifying Risks
10.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
C.4
Explain the consequences of social, illegal, and unethical uses of technology (e.g., piracy; cyberbullying, illegal downloading; licensing infringement; inappropriate uses of software, hardware, and mobile devices in the work environment).
3.1 Network Attacks
3.3 Common Network Attacks
3.4 Additional Attacks
4.3 Security Breaches
7.2 Operating Systems Security
C.5
Discuss legal issues and the terms of use related to copyright laws, fair use laws, Creative Commons, and ethics pertaining to downloading of images, photographs, documents, video, sounds, music, trademarks, and other elements for personal use.
12.4 Level 4: Data and Licenses
C.6
Describe ethical and legal practices of safeguarding the confidentiality of business-related information.
12.4 Level 4: Data and Licenses
C.7
Describe possible threats to a laptop, tablet, computer, and/or network and methods of avoiding attacks.
3.2 Malware Types and Prevention
3.3 Common Network Attacks
3.4 Additional Attacks
10.1 Identifying Risks
10.2 Assessing Risks
10.4 Project: Coffee Shop Consultant
D.1
Demonstrate creativity and innovation.
2.1 Project: Steganography
16.1 Engineering Design Process
D.2
Demonstrate critical thinking and problem-solving skills.
10.3 Risk Response
13.8 Joining Tables
14.5 Mathematical Operators
16.1 Engineering Design Process
D.3
Demonstrate initiative and self-direction.
16.1 Engineering Design Process
D.4
Demonstrate integrity.
16.1 Engineering Design Process
D.5
Demonstrate work ethic.
16.1 Engineering Design Process
D.6
Demonstrate conflict resolution skills.
12.5 Level 5: Change Management
16.1 Engineering Design Process
D.7
Demonstrate listening and speaking skills.
16.1 Engineering Design Process
D.8
Demonstrate respect for diversity.
11.3 Caught on Camera
16.2 Research and Analyze
D.9
Demonstrate customer service orientation.
D.10
Demonstrate teamwork.
4.2 Cyber Case Investigation
16.1 Engineering Design Process
E.1
Demonstrate global or "big picture" thinking.
16.1 Engineering Design Process
E.2
Demonstrate career and life management skills and goal-making.
22.2 Alternative Learning Opportunities
22.3 Resume and Interview Prep
E.3
Demonstrate continuous learning and adaptability skills to changing job requirements.
22.2 Alternative Learning Opportunities
22.3 Resume and Interview Prep
E.4
Demonstrate time and resource management skills.
16.1 Engineering Design Process
E.5
Demonstrates information literacy skills.
4.1 Always Connected
4.3 Security Breaches
E.6
Demonstrates information security skills.
3.6 Internal Threats
6.4 Mobile Devices
6.5 Access Control
12.2 Level 2: User Training
12.3 Level 3: Incident Response
E.7
Demonstrates information technology skills.
1.5 Digital Certificates
12.4 Level 4: Data and Licenses
E.8
Demonstrates knowledge and use of job-specific tools and technologies.
5.1 Digital Forensics
6.1 Network Administrator
7.3 Network Design
10.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
13.1 Databases and Cybersecurity
14.2 Printing in Python
E.9
Demonstrate job-specific mathematics skills.
1.2 Hash Functions
1.3 Hash Function Development
13.8 Joining Tables
14.5 Mathematical Operators
E.10
Demonstrates professionalism in the workplace.
16.1 Engineering Design Process
E.11
Demonstrate reading and writing skills.
4.2 Cyber Case Investigation
4.5 Security Baseline
16.1 Engineering Design Process
E.12
Demonstrates workplace safety.
22.4 Personal Safety
F.1
Compare and contrast different types of social engineering techniques (e.g., Phishing, Spam, Spear phishing, Identity fraud).
3.3 Common Network Attacks
3.4 Additional Attacks
F.2
Given a scenario, analyze potential indicators to determine the type of attack (e.g., Malware, Password attacks, Physical attacks, Cryptographic attacks).
3.1 Network Attacks
3.2 Malware Types and Prevention
4.3 Security Breaches
4.4 Network Protocol Defense
F.3
Given a scenario, analyze potential indicators associated with application attacks (e.g., Error handling, Race conditions, Integer overflow, Memory leaks).
10.1 Identifying Risks
10.2 Assessing Risks
F.4
Given a scenario, analyze potential indicators associated with network attacks (e.g., Wireless, On-path attack, Domain Name System (DNS), Malicious code).
F.5
Explain different threat actors, vectors, and intelligence sources (e.g., Actors and threats, Vectors, Attributes of actors).
10.1 Identifying Risks
10.4 Project: Coffee Shop Consultant
F.6
Explain the security concerns associated with various types of vulnerabilities (e.g., Third-party risks, Weak configurations, Zero-day, Legacy platform).
3.3 Common Network Attacks
3.4 Additional Attacks
F.7
Summarize the techniques used in security assessments (e.g.,Threat hunting, Vulnerability scans, Syslog/Security information).
10.1 Identifying Risks
10.2 Assessing Risks
F.8
Explain the techniques used in penetration testing (e.g., Penetration testing, Passive and active reconnaissance, Exercise Types).
10.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
G.1
Explain the importance of security concepts in an enterprise environment (e.g., Configuration management, Data protection, Hashing, Site resiliency).
1.2 Hash Functions
1.3 Hash Function Development
1.5 Digital Certificates
12.4 Level 4: Data and Licenses
G.2
Summarize virtualization and cloud computing concepts (e.g., Cloud models, Cloud service providers, Containers, Microservices/API).
Summarize authentication and authorization design concepts (e.g., Biometrics, Multifactor authentication, Cloud vs on-premises requirements).
6.5 Access Control
G.5
Given a scenario, implement cybersecurity resilience (e.g., Redundancy, Network, Power, Replication, Diversity).
G.6
Explain the security implications of embedded and specialized systems (e.g., Voice over IP(VoIP), System on Chip (SoC), Constraints, Surveillance systems).
11.3 Caught on Camera
G.7
Explain the importance of physical security controls (e.g., Badges, Alarms, Cameras, Locks, Secure Areas).
11.2 Layers of Protection in the Physical World
11.3 Caught on Camera
11.4 Who's Getting In?
G.8
Summarize the basics of cryptographic concepts (e.g., Digital signatures, Key length, Symmetric vs asymmetric, Limitations).
1.1 Advanced Cryptography
1.4 Asymmetric Encryption
1.5 Digital Certificates
H.1
Given a scenario, implement secure protocols (e.g., Protocols, Use cases).
4.4 Network Protocol Defense
6.2 Protocols and Standards
H.2
Given a scenario, implement host or application security solutions (e.g., Endpoint protection, Boot integrity, BIOS, Database, Application security, Hardening, Self-encrypting drive (SED), Full-disk encryption (FDE), Hardware root of trust, Trusted Platform Module (TPM), sandboxing).
4.4 Network Protocol Defense
7.5 Build and Secure a Network
H.3
Given a scenario, implement secure network designs (e.g., Load balancing, Network segmentation, virtual private network (VPN), DNS, network access control (NAC), Out-of-band management, port security, network appliances, Access control list (ACL), route security, Quality of service (QoS), implications of IPv6, Port spanning/port mirroring, monitoring services, file integrity monitors).
6.3 Private Networks
7.3 Network Design
7.4 Networking Services
7.5 Build and Secure a Network
H.4
Given a scenario, install and configure wireless security settings (e.g., Cryptographic protocols, Authentication protocols, Methods, Installation considerations).
1.2 Hash Functions
1.3 Hash Function Development
1.4 Asymmetric Encryption
1.5 Digital Certificates
H.5
Given a scenario, implement secure mobile solutions (e.g., connection methods and receivers, Mobile Device Management (MDM), mobile devices, enforcement and monitoring, deployment models).
6.4 Mobile Devices
H.6
Given a scenario, implement secure mobile solutions (e.g., cloud security controls, solutions, cloud native controls vs. third-party solutions).
H.7
Given a scenario, implement identity and account management controls (e.g., identity, account types, account policies).
6.5 Access Control
H.8
Given a scenario, implement authentication and authorization solutions (e.g., Authentication management, authentication/authorization, access control schemes).
6.5 Access Control
H.9
Given a scenario, implement public key infrastructure (e.g., Public Key Infrastructure (PKI), types of certificates, certificate formats, concepts).
1.4 Asymmetric Encryption
1.5 Digital Certificates
I.1
Given a scenario, use the appropriate tool to assess organizational security (e.g., forensics, file manipulation, network reconnaissance and discovery, password crackers).
5.2 Forensic Case 1: Logs
5.3 Forensic Case 2: File Metadata
5.4 Forensic Case 3: Exit Data
I.2
Summarize the importance of policies, processes, and procedures for incident response (e.g., incident response plans and process, exercises, attack frameworks, communication plan).
12.3 Level 3: Incident Response
I.3
Given an incident, utilize appropriate data sources to support an investigation (e.g., log files, protocol analyzer output, bandwidth monitors, metadata).
12.3 Level 3: Incident Response
I.4
Given an incident, apply mitigation techniques or controls to secure an environment (e.g., configuration changes, isolation, containment, segmentation).
12.3 Level 3: Incident Response
I.5
Explain the key aspects of digital forensics (e.g., documentation/evidence, acquisition, Integrity, data recovery, preservation).
5.1 Digital Forensics
I.6
Perform secure data destruction (e.g., Secure Erase, BCWipe).
J.1
Compare and contrast various types of controls (e.g., managerial, preventative, corrective, deterrent).
11.1 Building Strong Cyber Defenses
11.2 Layers of Protection in the Physical World
J.2
Explain the importance of applicable regulation standards or frameworks that impact organization security posture (e.g., General Data Protection Regulation (GDPR), - Center for Internet Security (CIS), International Organization for Standardization (ISO) 27001/27002/27701/31000, platform/vendor-specific guides).
J.3
Explain the importance of policies to organizational security (e.g., personnel, diversity of training techniques, third-party risk management, data, credential policies, organizational policies).
12.2 Level 2: User Training
12.3 Level 3: Incident Response
12.4 Level 4: Data and Licenses
12.5 Level 5: Change Management
J.4
Summarize risk management processes and concepts (e.g., risk types, risk management strategies, risk analysis, disasters, business impact analysis).
10.1 Identifying Risks
10.2 Assessing Risks
10.3 Risk Response
10.4 Project: Coffee Shop Consultant
J.5
Explain privacy and sensitive data concepts in relation to security (e.g., organizational consequences of privacy and data breaches, notifications of breaches, data types, privacy enhancing technologies, roles and responsibilities).
