for South Carolina Advanced Cybersecurity — South Carolina Advanced Cybersecurity (NEW)
Total Standards: 75Mapped: 71Completion: 94%
A.1
Review school safety policies and procedures.
22.4 Personal Safety
A.2
Review classroom safety rules and procedures.
22.4 Personal Safety
A.3
Review safety procedures for using equipment in the classroom.
22.4 Personal Safety
A.4
Identify major causes of work-related accidents in office environments.
22.4 Personal Safety
A.5
Demonstrate safety skills in an office/work environment.
22.4 Personal Safety
B.1
Identify the purpose and goals of a Career and Technology Student Organization (CTSO).
22.1 Student Organizations
B.2
Explain how CTSOs are integral parts of specific clusters, majors, and/or courses.
22.1 Student Organizations
B.3
Explain the benefits and responsibilities of being a member of a CTSO.
22.1 Student Organizations
B.4
List leadership opportunities that are available to students through participation in CTSO conferences, competitions, community service, philanthropy, and other activities.
22.1 Student Organizations
B.5
Explain how participation in CTSOs can promote lifelong benefits in other professional and civic organizations.
22.1 Student Organizations
C.1
Demonstrate proficiency and skills associated with the use of technologies that are common to a specific occupation.
1.2 Hash Functions
1.3 Hash Function Development
7.1 Databases and Cybersecurity
14.2 Printing in Python
C.2
Identify proper netiquette when using e-mail, social media, and other technologies for communication purposes.
13.2 Level 2: User Training
13.3 Level 3: Incident Response
13.5 Level 5: Change Management
C.3
Identify potential abuse and unethical uses of laptops, tablets, computers, and/or networks.
6.6 Network Protocol Defense
8.11 Internal Threats
11.1 Identifying Risks
11.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
C.4
Explain the consequences of social, illegal, and unethical uses of technology (e.g., piracy; cyberbullying, illegal downloading; licensing infringement; inappropriate uses of software, hardware, and mobile devices in the work environment).
3.2 Operating Systems Security
6.5 Security Breaches
8.1 Network Attacks
8.3 Common Network Attacks
8.8 Additional Attacks
C.5
Discuss legal issues and the terms of use related to copyright laws, fair use laws, Creative Commons, and ethics pertaining to downloading of images, photographs, documents, video, sounds, music, trademarks, and other elements for personal use.
13.4 Level 4: Data and Licenses
C.6
Describe ethical and legal practices of safeguarding the confidentiality of business-related information.
13.4 Level 4: Data and Licenses
C.7
Describe possible threats to a laptop, tablet, computer, and/or network and methods of avoiding attacks.
8.2 Malware Types and Prevention
8.3 Common Network Attacks
8.8 Additional Attacks
11.1 Identifying Risks
11.2 Assessing Risks
11.4 Project: Coffee Shop Consultant
D.1
Demonstrate creativity and innovation.
2.1 Project: Steganography
16.1 Engineering Design Process
D.2
Demonstrate critical thinking and problem-solving skills.
7.8 Joining Tables
11.3 Risk Response
14.5 Mathematical Operators
16.1 Engineering Design Process
D.3
Demonstrate initiative and self-direction.
16.1 Engineering Design Process
D.4
Demonstrate integrity.
16.1 Engineering Design Process
D.5
Demonstrate work ethic.
16.1 Engineering Design Process
D.6
Demonstrate conflict resolution skills.
13.5 Level 5: Change Management
16.1 Engineering Design Process
D.7
Demonstrate listening and speaking skills.
16.1 Engineering Design Process
D.8
Demonstrate respect for diversity.
12.3 Caught on Camera
16.2 Research and Analyze
D.9
Demonstrate customer service orientation.
D.10
Demonstrate teamwork.
6.3 Cyber Case Investigation
16.1 Engineering Design Process
E.1
Demonstrate global or "big picture" thinking.
16.1 Engineering Design Process
E.2
Demonstrate career and life management skills and goal-making.
22.2 Alternative Learning Opportunities
22.3 Resume and Interview Prep
E.3
Demonstrate continuous learning and adaptability skills to changing job requirements.
22.2 Alternative Learning Opportunities
22.3 Resume and Interview Prep
E.4
Demonstrate time and resource management skills.
16.1 Engineering Design Process
E.5
Demonstrates information literacy skills.
6.1 Always Connected
6.5 Security Breaches
E.6
Demonstrates information security skills.
4.4 Mobile Devices
4.5 Access Control
8.11 Internal Threats
13.2 Level 2: User Training
13.3 Level 3: Incident Response
E.7
Demonstrates information technology skills.
1.5 Digital Certificates
13.4 Level 4: Data and Licenses
E.8
Demonstrates knowledge and use of job-specific tools and technologies.
3.3 Network Design
4.1 Network Administrator
7.1 Databases and Cybersecurity
9.1 Digital Forensics
11.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
14.2 Printing in Python
E.9
Demonstrate job-specific mathematics skills.
1.2 Hash Functions
1.3 Hash Function Development
7.8 Joining Tables
14.5 Mathematical Operators
E.10
Demonstrates professionalism in the workplace.
16.1 Engineering Design Process
E.11
Demonstrate reading and writing skills.
6.3 Cyber Case Investigation
6.7 Security Baseline
16.1 Engineering Design Process
E.12
Demonstrates workplace safety.
22.4 Personal Safety
F.1
Compare and contrast different types of social engineering techniques (e.g., Phishing, Spam, Spear phishing, Identity fraud).
8.3 Common Network Attacks
8.8 Additional Attacks
F.2
Given a scenario, analyze potential indicators to determine the type of attack (e.g., Malware, Password attacks, Physical attacks, Cryptographic attacks).
6.5 Security Breaches
6.6 Network Protocol Defense
8.1 Network Attacks
8.2 Malware Types and Prevention
F.3
Given a scenario, analyze potential indicators associated with application attacks (e.g., Error handling, Race conditions, Integer overflow, Memory leaks).
11.1 Identifying Risks
11.2 Assessing Risks
F.4
Given a scenario, analyze potential indicators associated with network attacks (e.g., Wireless, On-path attack, Domain Name System (DNS), Malicious code).
8.4 How Network Traffic Moves (need to update lesson plan once AP is done))
8.5 Traffic in the Wrong Hands (need to update lesson plan once AP is done)
8.6 Misdirected and Overwhelmed (need to update lesson plan once AP is done)
8.7 How Adversaries Get Into Your Network (need to update lesson plan once AP is done)
F.5
Explain different threat actors, vectors, and intelligence sources (e.g., Actors and threats, Vectors, Attributes of actors).
6.3 Cyber Case Investigation
6.4 Adversary Types
8.8 Additional Attacks
11.1 Identifying Risks
11.4 Project: Coffee Shop Consultant
F.6
Explain the security concerns associated with various types of vulnerabilities (e.g., Third-party risks, Weak configurations, Zero-day, Legacy platform).
8.3 Common Network Attacks
8.8 Additional Attacks
F.7
Summarize the techniques used in security assessments (e.g.,Threat hunting, Vulnerability scans, Syslog/Security information).
11.1 Identifying Risks
11.2 Assessing Risks
F.8
Explain the techniques used in penetration testing (e.g., Penetration testing, Passive and active reconnaissance, Exercise Types).
11.5 (MOVE SOMEWHERE ELSE?) Penetration Testing
G.1
Explain the importance of security concepts in an enterprise environment (e.g., Configuration management, Data protection, Hashing, Site resiliency).
1.2 Hash Functions
1.3 Hash Function Development
1.5 Digital Certificates
13.4 Level 4: Data and Licenses
G.2
Summarize virtualization and cloud computing concepts (e.g., Cloud models, Cloud service providers, Containers, Microservices/API).
Summarize authentication and authorization design concepts (e.g., Biometrics, Multifactor authentication, Cloud vs on-premises requirements).
4.5 Access Control
G.5
Given a scenario, implement cybersecurity resilience (e.g., Redundancy, Network, Power, Replication, Diversity).
11.3 Risk Response
11.4 Project: Coffee Shop Consultant
12.2 Layers of Protection in the Physical World
G.6
Explain the security implications of embedded and specialized systems (e.g., Voice over IP(VoIP), System on Chip (SoC), Constraints, Surveillance systems).
6.2 Security of Connected and Embedded Systems
12.3 Caught on Camera
G.7
Explain the importance of physical security controls (e.g., Badges, Alarms, Cameras, Locks, Secure Areas).
12.2 Layers of Protection in the Physical World
12.3 Caught on Camera
12.4 Who's Getting In?
G.8
Summarize the basics of cryptographic concepts (e.g., Digital signatures, Key length, Symmetric vs asymmetric, Limitations).
1.1 Advanced Cryptography
1.4 Asymmetric Encryption
1.5 Digital Certificates
H.1
Given a scenario, implement secure protocols (e.g., Protocols, Use cases).
4.2 Protocols and Standards
6.6 Network Protocol Defense
H.2
Given a scenario, implement host or application security solutions (e.g., Endpoint protection, Boot integrity, BIOS, Database, Application security, Hardening, Self-encrypting drive (SED), Full-disk encryption (FDE), Hardware root of trust, Trusted Platform Module (TPM), sandboxing).
3.6 Build and Secure a Network
6.6 Network Protocol Defense
H.3
Given a scenario, implement secure network designs (e.g., Load balancing, Network segmentation, virtual private network (VPN), DNS, network access control (NAC), Out-of-band management, port security, network appliances, Access control list (ACL), route security, Quality of service (QoS), implications of IPv6, Port spanning/port mirroring, monitoring services, file integrity monitors).
3.3 Network Design
3.4 Networking Services
3.6 Build and Secure a Network
4.3 Private Networks
H.4
Given a scenario, install and configure wireless security settings (e.g., Cryptographic protocols, Authentication protocols, Methods, Installation considerations).
1.2 Hash Functions
1.3 Hash Function Development
1.4 Asymmetric Encryption
1.5 Digital Certificates
H.5
Given a scenario, implement secure mobile solutions (e.g., connection methods and receivers, Mobile Device Management (MDM), mobile devices, enforcement and monitoring, deployment models).
4.4 Mobile Devices
H.6
Given a scenario, implement secure mobile solutions (e.g., cloud security controls, solutions, cloud native controls vs. third-party solutions).
H.7
Given a scenario, implement identity and account management controls (e.g., identity, account types, account policies).
4.5 Access Control
H.8
Given a scenario, implement authentication and authorization solutions (e.g., Authentication management, authentication/authorization, access control schemes).
4.5 Access Control
H.9
Given a scenario, implement public key infrastructure (e.g., Public Key Infrastructure (PKI), types of certificates, certificate formats, concepts).
1.4 Asymmetric Encryption
1.5 Digital Certificates
I.1
Given a scenario, use the appropriate tool to assess organizational security (e.g., forensics, file manipulation, network reconnaissance and discovery, password crackers).
9.2 Forensic Case 1: Logs
9.3 Forensic Case 2: File Metadata
9.4 Forensic Case 3: Exit Data
I.2
Summarize the importance of policies, processes, and procedures for incident response (e.g., incident response plans and process, exercises, attack frameworks, communication plan).
13.3 Level 3: Incident Response
I.3
Given an incident, utilize appropriate data sources to support an investigation (e.g., log files, protocol analyzer output, bandwidth monitors, metadata).
13.3 Level 3: Incident Response
I.4
Given an incident, apply mitigation techniques or controls to secure an environment (e.g., configuration changes, isolation, containment, segmentation).
13.3 Level 3: Incident Response
I.5
Explain the key aspects of digital forensics (e.g., documentation/evidence, acquisition, Integrity, data recovery, preservation).
9.1 Digital Forensics
I.6
Perform secure data destruction (e.g., Secure Erase, BCWipe).
J.1
Compare and contrast various types of controls (e.g., managerial, preventative, corrective, deterrent).
12.1 Building Strong Cyber Defenses
12.2 Layers of Protection in the Physical World
J.2
Explain the importance of applicable regulation standards or frameworks that impact organization security posture (e.g., General Data Protection Regulation (GDPR), - Center for Internet Security (CIS), International Organization for Standardization (ISO) 27001/27002/27701/31000, platform/vendor-specific guides).
J.3
Explain the importance of policies to organizational security (e.g., personnel, diversity of training techniques, third-party risk management, data, credential policies, organizational policies).
13.2 Level 2: User Training
13.3 Level 3: Incident Response
13.4 Level 4: Data and Licenses
13.5 Level 5: Change Management
J.4
Summarize risk management processes and concepts (e.g., risk types, risk management strategies, risk analysis, disasters, business impact analysis).
11.1 Identifying Risks
11.2 Assessing Risks
11.3 Risk Response
11.4 Project: Coffee Shop Consultant
J.5
Explain privacy and sensitive data concepts in relation to security (e.g., organizational consequences of privacy and data breaches, notifications of breaches, data types, privacy enhancing technologies, roles and responsibilities).
