NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs



Similar documents
Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Fundamentals of Network Security - Theory and Practice-

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

INFORMATION SECURITY TRAINING CATALOG (2015)

CS5008: Internet Computing

BM482E Introduction to Computer Security

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

A Systems Engineering Approach to Developing Cyber Security Professionals

CEH Version8 Course Outline

CYBERTRON NETWORK SOLUTIONS

information security and its Describe what drives the need for information security.

BUY ONLINE FROM:

Certified Ethical Hacker Exam Version Comparison. Version Comparison

CompTIA Security+ (Exam SY0-410)

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CMPT 471 Networking II

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Security + Certification (ITSY 1076) Syllabus

Topics in Network Security

ICANWK406A Install, configure and test network security

Protecting Your Organisation from Targeted Cyber Intrusion

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

What is Web Security? Motivation

Information Technology Career Cluster Advanced Cybersecurity Course Number:

The Trivial Cisco IP Phones Compromise

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Network Security Fundamentals

Global Partner Management Notice

A Decision Maker s Guide to Securing an IT Infrastructure

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

Network Security Administrator

Securing Data on Microsoft SQL Server 2012

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Description: Objective: Attending students will learn:

Information Security. Training

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Linux Network Security

Introduction to Cyber Security / Information Security

Detailed Description about course module wise:

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

IINS Implementing Cisco Network Security 3.0 (IINS)


EC Council Certified Ethical Hacker V8

MS-55096: Securing Data on Microsoft SQL Server 2012

Securing Cisco Network Devices (SND)

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

How To Pass A Credit Course At Florida State College At Jacksonville

Bachelor of Information Technology (Network Security)

Network Security Policy

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Networking: EC Council Network Security Administrator NSA

Network System Design Lesson Objectives

Information and Communications Technology Courses at a Glance

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

IT Networking and Security

Payment Card Industry (PCI) Data Security Standard

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

2016 TÜBİTAK BİLGEM Cyber Security Institute

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Implementing Cisco IOS Network Security

Security Controls for the Autodesk 360 Managed Services

INFORMATION SECURITY TRAINING CATALOG (2016)

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Windows Remote Access

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

13 Ways Through A Firewall

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Web App Security Audit Services

Client Server Registration Protocol

INTRUSION DETECTION SYSTEMS and Network Security

Weighted Total Mark. Weighted Exam Mark

Directory and File Transfer Services. Chapter 7

Thick Client Application Security

EXAM questions for the course TTM Information Security May Part 1

INFORMATION TECHNOLOGY

QuickBooks Online: Security & Infrastructure

ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

SECURITY. Risk & Compliance Services

SCP - Strategic Infrastructure Security

Sitefinity Security and Best Practices

Transcription:

Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary Statistics Graphing / Charts Spreadsheet Functions Problem solving 1.1. 2 Outcomes Apply standard statistical inference procedures to draw conclusions from data. 1.2 Basic Scripting or Introductory Programming The intent of this Knowledge Unit is to provide students with the ability to create simple scripts/programs to automate and perform simple operations. This knowledge should include basic security practices in developing scripts/programs (e.g., bounds checking, input validation). 1.2.1 Topics *Basic Security Bounds checking, input validation Program Commands Program Control Structures Variable Declaration Debugging Scripting Language (e.g. PERL, Python, BASH, VB Scripting, Powershell) *Basic Boolean logic/operations AND / OR / XOR / NOT 1.2.2 Outcomes Demonstrate their proficiency in the use of scripting languages to write simple scripts (e.g., to automate system administration tasks). Write simple and compound conditions within a programming language or similar environment (e.g., scripts, macros, SQL). Write simple linear and looping scripts. 1.3 Cyber Defense The intent of this Knowledge Unit is to provide students with a basic awareness of the options available to mitigate threats within a system. 1.3.1 Topics: Network mapping (enumeration and identification of network components) *Network security techniques and components Access controls, flow control, cryptography, firewalls, intrusion detection systems, etc. Applications of Cryptography Page 1 of 9

Malicious activity detection / forms of attack Appropriate Countermeasures Trust relationships *Defense in Depth Layering of security mechanisms to achieve desired security *Patching OS and Application Updates Vulnerability Scanning Vulnerability Windows (0-day to patch availability) 1.3.2 Outcomes: Describe potential system attacks and the actors that might perform them Describe cyber defense tools, methods and components Apply cyber defense methods to prepare a system to repel attacks Describe appropriate measures to be taken should a system compromise occur. 1.4 Cyber Threats The intent of this Knowledge Unit is to provide students with basic information about the threats that may be present in the cyber realm. 1.4.1 Topics: Adversaries and targets Motivations and Techniques The Adversary Model (resources, capabilities, intent, motivation, risk aversion, access) *Types of Attacks Password guessing / cracking Backdoors / trojans / viruses / wireless attacks Sniffing / spoofing / session hijacking Denial of service / distributed DOS / BOTs MAC spoofing / web app attacks / 0-day exploits Vulnerabilities that enable attacks Attack Timing (within x minutes of being attached to the net) Social Engineering Events that indicate an attack is/has happened Legal Issues Attack surfaces / vectors Attack trees Insider problem Covert Channels Threat Information Sources (e.g., CERT) 1.4.2 Outcomes: Identify the bad actors in cyberspace and compare and contrast their resources, capabilities/techniques, motivations, aversion to risk Describe different types of attacks and their characteristics Page 2 of 9

1.5 Fundamental Security Design Principles The intent of this Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted. 1.5.1 Topics: Separation (of domains) Isolation Encapsulation Least Privilege Simplicity (of design) Minimization (of implementation) Fail Safe Defaults / Fail Secure Modularity Layering Least Astonishment Open Design Usability 1.5.1 Outcomes: List the first principles of security Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies Analyze common security failures and identify specific design principles that have been violated Identify the needed design principle when given a specific scenario Describe why good human machine interfaces are important to system use Understand the interaction between security and system usability and the importance for minimizing the affects of security mechanisms 1.6 Information Assurance Fundamentals The intent of this Knowledge Unit is to provide students with basic concepts of information assurance fundamentals. 1.6.1 Topics Threats and Adversaries Vulnerabilities and Risks Basic Risk Assessment Security Life-Cycle Intrusion Detection and Prevention Systems Cryptography Data Security (in transmission, at rest, in processing) Security Models Access Control Models (MAC, DAC, RBAC) Confidentiality, Integrity, Availability, Access, Authentication, Authorization, Non- Repudiation, Privacy Security Mechanisms (e.g., Identification/Authentication, Audit) Page 3 of 9

1.6.2 Outcomes List the fundamental concepts of the Information Assurance / Cyber Defense discipline Describe how the fundamental concepts of cyber defense can be used to provide system security Examine the architecture of a typical, complex system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed 1.7 Introduction to Cryptography The intent of this Knowledge Unit is to provide students with a basic ability to understand where and how cryptography is used. 1.7.1 Topics Symmetric Cryptography (DES, Twofish) *Public Key Cryptography Public Key Infrastructure Certificates *Hash Functions (MD4, MD5, SHA-1, SHA-2, SHA-3) For integrity For protecting authentication data Collision resistance Digital Signatures (Authentication) Key Management (creation, exchange/distribution) Cryptographic Modes (and their strengths and weaknesses) Types of Attacks (brute force, chosen plaintext, known plaintext, differential and linear cryptanalysis, etc.) Common Cryptographic Protocols DES -> AES (evolution from DES to AES) Security Functions (data protection, data integrity, authentication) 1.7.2 Outcomes Identify the elements of a cryptographic system Describe the differences between symmetric and asymmetric algorithms Describe which cryptographic protocols, tools and techniques are appropriate for a given situation Describe how crypto can be used, strengths and weaknesses, modes, and the issues that must be addressed in an implementation (e.g., key management), etc 1.8 Information Technology System Components The intent of this Knowledge Unit is to provide students with an understanding of the basic components in an information technology system and their roles in system operation. 1.8.1Topics Workstations Servers Network Storage Devices Routers / Switches / Gateways Page 4 of 9

Guards / CDSes / VPNs / Firewalls IDSes, IPSes Mobile Devices Peripheral Devices / Security Peripherals 1.8.2 Outcomes Describe the hardware components of modern computing environments and their individual functions 1.9 Networking Concepts The intent of this Knowledge Unit is to provide students with basic understanding of network components and how they interact. 1.9.1 Topics Overview of Networking (OSI Model) Network Media Network architectures (LANs, WANs) Network Devices (Routers, Switches, VPNs, Firewalls) Network Services Network Protocols (TCP/IP, HTTP, DNS, SMTP, UDP) Network Topologies Overview of Network Security Issues 1.9.2 Outcomes Describe the fundamental concepts, technologies, components and issues related to communications and data networks. Describe a basic network architecture given a specific need and set of hosts/clients. Track and identify the packets involved in a simple TCP connection (or a trace of such a connection). Use a network monitoring tool (e.g., WireShark). Use a network mapping tool (e.g., Nmap). 1.10 Policy, Legal, Ethics and Compliance The intent of this Knowledge Unit is to provide students with and understanding of information assurance in context and the rules and guidelines that control them. 1.10.1 Topics HIPAA / FERPA Computer Security Act Sarbanes Oxley Gramm Leach Bliley Privacy (COPPA) Payment Card Industry Data Security Standard (PCI DSS) State, US and international standards / jurisdictions Laws and Authorities US Patriot Act BYOD issues Page 5 of 9

Americans with Disabilities Act, Section 508 1.10.2 Outcomes List the applicable laws and policies related to cyber defense and describe the major components of each pertaining to the storage and transmission of data Describe their responsibilities related to the handling of information about vulnerabilities Describe how the type of legal dispute (civil, criminal, private) affects the evidence used to resolve it 1.11 Systems Administration The intent of this Knowledge Unit is to provide students with skill to perform basic operations involved in system administration. 1.11.1 Topics OS Installation User accounts management Password policies Authentications Methods Command Line Interfaces Configuration Management Updates and patches Access Controls Logging and Auditing (for performance and security) Managing System Services Virtualization Backup and Restoring Data File System Security Network Configuration (port security) Host (Workstation/Server) Intrusion Detection Security Policy Development 1.11.2 Outcomes Apply the knowledge gained to successfully install and securely configure, operate and maintain a commodity OS, to include: setting up user accounts, configuring appropriate authentication policies, configuring audit capabilities, performing back-ups, installing patches and updates, reviewing security logs, and restoring the system from a backup 2.0 Core to 4 year + only 2.1 Database Management Systems The intent of this Knowledge Unit is to provide students with the skills to utilize database management system to solve specific problems. 2.1.1 Topics Overview of database types (e.g., flat, relational, network, object-oriented) SQL (for queries) Advanced SQL (for DBMS administration e.g., user creation/deletion, permissions and access controls) Page 6 of 9

Indexing, Inference, Aggregation, Polyinstantiation How to protect data (confidentiality, integrity and availability in a DBMS context) Vulnerabilities (e.g., SQL injection) 2.1.2 Outcomes List the most common structures for storing data in a database management system Configure a commodity DBMS for secure access Describe alternatives to relational DBMSs and their unique security issues Describe the role of a database, a DBMS, and a database server within a complex system supporting multiple applications Demonstrate basic SQL proficiency for table creation, data insertion and data query Describe DBMS access controls and privilege levels and apply them to a simple database Develop a DB structure for a specific system/problem. 2.2 Network Defense The intent of this Knowledge Unit is to teach students the techniques that can be taken to protect a network and communication assets from cyber threats. 2.2.1 Topics Implementing IDS/IPS Implementing Firewalls and VPNs Defense in Depth Honeypots and Honeynets Network Monitoring Network Traffic Analysis Minimizing Exposure (Attack Surface and Vectors) Network Access Control (internal and external) DMZs / Proxy Servers Network Hardening Mission Assurance Network Policy Development and Enforcement Network Operational Procedures Network Attacks (e.g., session hijacking, Man-in-the-Middle) 2.1.2 Outcomes Describe the various concepts in network defense. Apply their knowledge to implement network defense measures. Use a network monitoring tools (e.g., WireShark). Use a network mapping tool (e.g., Nmap). 2.3 Network Technology and Protocols The intent of this Knowledge Unit is to provide students with an understanding of the components in a network environment, their roles, and communication methods. 2.3.1 Topics Network Architectures Networks Infrastructure Page 7 of 9

Network Services Network Protocols (TCP/IP v4 and v6, DNS, HTTP, SSL, TLS) Network Address Translation and Sub-netting Network Analysis/Troubleshooting Network Evolution (Change Management, BYOD) Remote and Distributed Management 2.3.2 Outcomes Apply their knowledge of network technologies to design and construct a working network Analyze a trace of packets to identify the establishment of a TCP connection Demonstrate the use of a network monitor to display packets 2.4 Operating Systems Concepts The intent of this Knowledge Unit is to provide students with an understanding of the roles of an operating system, its basic functions, and the services provided by the operating system. 2.4.1 Topics Privileged and non-privileged states Processes and Threads (and their management) Memory (real, virtual, and management) Files Systems *Access Controls (Models and Mechanisms) Access control lists Virtualization / Hypervisors How does the an OS protect itself from attack? *Fundamental Security Design Principles as applied to an OS Domain separation, process isolation, resource encapsulation, least privilege 2.4.2 Outcomes Identify the major concepts in modern operating systems and the basic security issues in OS design and implementation (how the first principles of security apply to operating systems) 2.5 Probability and Statistics The intent of this Knowledge Unit is to provide students with the ability to use basic statistics to analyze and attach meaning to datasets. 2.5.1 Topics Probability as a concept Random variables/events Odds of an event happening Data Interpretation Statistical Problem Solving Probability Distributions 2.5.2 Outcomes Evaluate probabilities to solve applied problems Describe how basic statistics and statistical methods can be applied in a given situation Page 8 of 9

2.6 Programming The intent of this Knowledge Unit is to provide students with the skills necessary to implement algorithms using programming languages to solve problems. 2.6.1 Topics Programming Language, such as: C Programming constructs and concepts variables, strings, assignments, sequential execution, loops, functions Security issues, such as type checking and parameter validation *Basic Boolean logic/operations AND / OR / XOR / NOT 2.6.2 Outcomes Demonstrate proficiency in the use of a programming language to solve complex problems in a secure and robust manner Write simple and compound conditions within a programming language or similar environment (e.g., scripts, macros, SQL) Demonstrate the ability to design and develop basic programs for modern computing platforms (e.g., PC, cloud, mobile, web) Page 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information