Cybersecurity Program Objectives

Cross-Cutting Concepts

An ability to demonstrate competency in Cross-Cutting Concepts

CC-01 [Essential] Outline via appropriate methods, and using industry-standard terminology, cybersecurity-related issues within an organization as they pertain to Confidentiality, Integrity, and Availability. [Analyzing]
CC-02 [Essential] Assess and respond appropriately to various risks which can affect the expected operation of information systems. [Evaluating]
CC-03 [Essential] Investigate current and emerging cyberthreats and incorporate best practices to mitigate them. [Applying]
CC-04 [Essential] Apply appropriate countermeasures to help protect organizational resources based on an understanding of how bad actors think and operate. [Applying]
CC-05 [Essential] Discuss how changes in one part of a system may impact other parts of a cybersecurity ecosystem. [Understanding]

Data Security

An ability to demonstrate competency in Data Security

DAT-E01 [Essential] Implement data security by selecting appropriate cryptographic procedures, algorithms, and tools based on security policy and level of risk in an organization. [Applying]
DAT-E02 [Essential] Discuss forensically sound collection and acquisition of digital evidence. [Understanding]
DAT-E03 [Essential] Apply principles, processes, tools and techniques used in mitigating security threats and responding to security incidents. [Applying]
DAT-E04 [Essential] Use appropriate levels of authentication, authorization, and access control to ensure data integrity and security for information systems and networks. [Applying]
DAT-E05 [Essential] Infer gaps in data security considering current and emerging technologies and the current state and prevailing trends in cybercrime. [Understanding]
DAT-S01 [Supplemental] Perform a forensic analysis on a local network, on stored data within a system as well as mobile devices for an enterprise environment. [Applying]
DAT-S02 [Supplemental] Outline complex technical concepts to technical and non-technical audiences as they relate to data security. [Analyzing]

Data Security - Cryptography

An ability to demonstrate competency in Data Security - Cryptography

Learning Outcomes
DAT-LO-E01 [Essential] Analyze which cryptographic protocols, tools, and techniques are appropriate for providing confidentiality, data protection, data integrity, authentication, non-repudiation, and obfuscation. [Analyzing]
DAT-LO-E02 [Essential] Apply symmetric and asymmetric algorithms as appropriate for a given scenario. [Applying]
DAT-LO-E03 [Essential] Investigate hash functions for checking integrity and protecting authentication data. [Applying]
DAT-LO-E04 [Essential] Use historical ciphers, such as shift cipher, affine cipher, substitution cipher, Vigenere cipher, ROT-13, Hill cipher, and Enigma machine simulator, to encrypt and decrypt data. [Applying]
DAT-LO-S01 [Supplemental] Compare the benefits and drawbacks of applying cryptography in hardware vs software. [Analyzing]
DAT-LO-S02 [Supplemental] Demonstrate the importance of mathematical theory in the application of cryptography. [Understanding]
DAT-LO-S03 [Supplemental] Deduce minimum key strength for symmetric algorithms to be effective. [Analyzing]
DAT-LO-S04 [Supplemental] Contrast trust models in PKI, such as hierarchical, distributed, bridge,and web of trust. [Analyzing]
DAT-LO-S05 [Supplemental] Explain how symmetric and asymmetric encryption are used in tandem to secure electronic communications and transactions, such as cryptocurrencies and other crypto assets. [Understanding]
DAT-LO-S06 [Supplemental] Apply symmetric and asymmetric cryptography, such as DES, Twofish, AES, RSA, ECC, and DSA for a given scenario. [Applying]

Data Security - Digital Forensics

An ability to demonstrate competency in Data Security - Cryptography

Learning Outcomes
DAT-LO-E05 [Essential] Discuss the concept, need, and value of digital forensics. [Understanding]
DAT-LO-E06 [Essential] Describe components of a digital investigation, sources of digital evidence, limitations of forensics, and ethical considerations. [Understanding]
DAT-LO-E07 [Essential] Discuss key rules, laws, policies, and procedures that impact digital forensics. [Understanding]
DAT-LO-E08 [Essential] Explain how to preserve the chain of custody for digital evidence. [Understanding]
DAT-LO-E09 [Essential] Perform fundamental incident response functions including detecting, responding, and recovering from security incidents. [Applying]
DAT-LO-S07 [Supplemental] Demonstrate the benefits of digital forensic readiness and planning. [Understanding]
DAT-LO-S08 [Supplemental] Examine legal issues, authorities, and processes related to digital evidence. [Analyzing]
DAT-LO-S09 [Supplemental] Describe the role and ethical responsibilities of a forensic examiner. [Understanding]
DAT-LO-S10 [Supplemental] Outline a variety of digital forensic tools (open source vs. closed source) and their limits. [Analyzing]
DAT-LO-S11 [Supplemental] Describe digital forensics investigative procedures, such as identification of evidence, collection and preservation of evidence, timelines, reporting, chain of custody, and authentication of evidence. [Understanding]
DAT-LO-S12 [Supplemental] Carry out forensically sound acquiring and handling of digital evidence following chain of custody best practices. [Applying]
DAT-LO-S13 [Supplemental] Analyze digital evidence from non-PC devices, such as smartphones, tablets, GPS, game consoles, Smart TVs, and IoT devices. [Analyzing]
DAT-LO-S14 [Supplemental] Apply documentation techniques and reporting of findings using industry standard and technically accurate terminology and format. [Applying]
DAT-LO-S15 [Supplemental] Outline complex technical concepts and processes so that they are easily understood by non-technical audiences. [Analyzing]
DAT-LO-S16 [Supplemental] Carry out verification and validation of evidence during forensic acquisition, preservation, and analysis, including the use of hashes. [Applying]
DAT-LO-S17 [Supplemental] Summarize the best practices in collecting and isolating mobile devices when part of digital evidence. [Understanding]

Data Security - Data Integrity and Authentication

An ability to demonstrate competency in Data Security - Data Integrity and Authentication

Learning Outcomes
DAT-LO-E10 [Essential] Contrast the concepts and techniques to achieve data integrity, authentication, authorization, and access control. [Analyzing]
DAT-LO-E11 [Essential] Summarize the benefits and challenges of multifactor authentication. [Understanding]
DAT-LO-E12 [Essential] Execute one or more password attack techniques, such as dictionary attacks, brute force attacks, rainbow table attacks, phishing and social engineering, malware-based attacks, spidering, off-line analysis, and password cracking tools. [Applying]
DAT-LO-E13 [Essential] Apply basic functions associated with storing sensitive data, such as cryptographic hash functions, salting, iteration count, password-based key derivation, and password managers. [Applying]
DAT-LO-S18 [Supplemental] Implement multifactor authentication using tools and techniques, such as cryptographic tokens, cryptographic devices, biometric authentication, one-time passwords, and knowledge-based authentication. [Applying]
DAT-LO-S19 [Supplemental] Illustrate the use of cryptography to provide data integrity, such as message authentication codes, digital signatures, authenticated encryption, and hash trees. [Applying]

Data Security - Access Control

An ability to demonstrate competency in Data Security - Access Control

Learning Outcomes
DAT-LO-E14 [Essential] Describe access control best practices, such as separation of duties, job rotation, and clean desk policy. [Understanding]
DAT-LO-E15 [Essential] Discuss physical security controls, such as keyed access, man traps, key cards and video surveillance, rack-level security, and data destruction. [Understanding]
DAT-LO-E16 [Essential] Implement data access control to manage identities, credentials, privileges, and related access. [Applying]
DAT-LO-E17 [Essential] Differentiate among the different types of identities, such as federated identities. [Understanding]
DAT-LO-E18 [Essential] Differentiate access control models, including role-based, rule-based, and attribute-based. [Understanding]
DAT-LO-S20 [Supplemental] Investigate access control models, such as role-based, rule-based, and attribute-based. [Applying]
DAT-LO-S21 [Supplemental] Illustrate the fundamental value and benefits of security architectures used to protect information in computer systems. [Applying]

Data Security - Secure Communications Protocols

An ability to demonstrate competency in Data Security - Secure Communications Protocols

Learning Outcomes
DAT-LO-E19 [Essential] Explain end-to-end data security. [Understanding]
DAT-LO-E20 [Essential] Illustrate important application and transport layer protocols, such as HTTP, HTTPS, SSH, SSL/TLS, IPsec and VPN technologies. [Applying]
DAT-LO-S22 [Supplemental] Explain security threats and mitigations to data at the data link layer. [Understanding]
DAT-LO-S23 [Supplemental] Illustrate attacks and countermeasures on TLS, such as downgrade attacks, certificate forgery, implications of stolen root certificates, and certificate transparency. [Applying]
DAT-LO-S24 [Supplemental] Explain security threats and mitigations to data at the data link layer. [Understanding]
DAT-LO-S25 [Supplemental] Investigate privacy preserving protocols, such as Mixnet, Tor, Off-the-record message, and Signal. [Applying]

Data Security - Crytanalysis

An ability to demonstrate competency in Data Security - Crytanalysis

Learning Outcomes
DAT-LO-E21 [Essential] Classify various cryptanalysis attacks, such as ciphertext only, chosen plaintext, chosen ciphertext, man-in-the-middle, and brute force. [Understanding]
DAT-LO-S26 [Supplemental] Contrast different well-known cryptanalysis attacks. [Analyzing]
DAT-LO-S27 [Supplemental] Demonstrate timing attacks and their effects on well-known algorithms such as RSA, ElGamal, and the Digital Signature Algorithm. [Understanding]
DAT-LO-S28 [Supplemental] Describe how man-in-the-middle attacks affect the privacy aspect of data. [Understanding]
DAT-LO-S29 [Supplemental] Categorize in terms of complexity different techniques for attacks against public key ciphers, such as Pollard's p-1 and rho methods, quadratic sieve, and number field sieve. [Analyzing]

Data Security - Data Privacy

An ability to demonstrate competency in Data Security - Data Privacy

Learning Outcomes
DAT-LO-E22 [Essential] Examine various ways that privacy can be jeopardized by using contemporary technology, including social media. [Analyzing]

Data Security - Information Storage Security

An ability to demonstrate competency in Data Security - Information Storage Security

Learning Outcomes
DAT-LO-E23 [Essential] Discuss storage device encryption implemented at the hardware and software levels. [Understanding]
DAT-LO-E24 [Essential] Contrast techniques for data erasure and their limitations in implementation. [Analyzing]

Software Security

An ability to demonstrate competency in Software Security

SOF-E01 [Essential] Write secure code with appropriate documentation for a software system and its related data. [Applying]
SOF-E02 [Essential] Analyze security and ethical considerations at each phase of the software development lifecycle. [Analyzing]
SOF-E03 [Essential] Use documentation, such as third-party library documentation, in a given secure computing scenario. [Applying]
SOF-S01 [Supplemental] Implement isolation to secure a process or application. [Applying]
SOF-S02 [Supplemental] Discuss the relationship between an organization’s mission and secure software design. [Understanding]
SOF-S03 [Supplemental] Write software specifications, including security specifications, for a given process or application. [Applying]
SOF-S04 [Supplemental] Assess a given test plan, from a security perspective. Evaluating [Evaluating]
SOF-S05 [Supplemental] Examine social and legal aspects of software development from a security perspective. [Analyzing]
SOF-S06 [Supplemental] Develop user documentation for software installation with security appropriately included. [Creating]

Software Security - Fundamental Principles

An ability to demonstrate competency in Software Security - Fundamental Principles

Learning Outcomes
SOF-LO-E02 [Essential] Execute access decisions and permissions based on explicit need. [Applying]
SOF-LO-E01 [Essential] Apply fundamental design principles, including least privilege, open design, and abstraction, to system and application software. [Applying]
SOF-LO-S01 [Supplemental] Test authorization and access control for a given class. [Applying]

Component Security

An ability to demonstrate competency in Component Security

COM-E01 [Essential] Discuss vulnerabilities and mitigations of system components throughout their lifecycle. [Understanding]
COM-E02 [Essential] Perform security testing for given components within a system. [Applying]
COM-S01 [Supplemental] Analyze how component security features impact systems, such as software and firmware updates. [Analyzing]

Connection Security

An ability to demonstrate competency in Connection Security

CON-E01 [Essential] Illustrate the construction and proper configuration of computer networks which adhere to current industry standards and organizational guidelines. [Applying]
CON-E02 [Essential] Investigate the impact of various connection and transmission attacks on network hardware and software. [Applying]
CON-S01 [Supplemental] Examine characteristics of commonly used physical networking media and interfaces. [Analyzing]
CON-S02 [Supplemental] Distinguish vulnerabilities and example exploits as they apply to network services, architectures, and protocols. [Analyzing]
CON-S03 [Supplemental] Implement appropriate defenses throughout an enterprise to harden the network against attackers. [Applying]
CON-S04 [Supplemental] Construct and properly configure computer networks which adhere to current industry standards and organizational guidelines. [Creating]

System Security

An ability to demonstrate competency in System Security

SYS-E01 [Essential] Discuss security aspects of system management in common system architectures. [Understanding]
SYS-E02 [Essential] Contrast various methods for authentication and access control in an enterprise, and why one might choose one over another. [Analyzing]
SYS-E03 [Essential] Perform system security testing with an understanding of normal, secure operation, and document results. [Applying]
SYS-S01 [Supplemental] Critique security throughout the system lifecycle, including security requirements, system management, system testing, and system disposal. Evaluating [Evaluating]
SYS-S02 [Supplemental] Outline a security threat model and how system monitoring tools and mechanisms can be used. [Analyzing]
SYS-S03 [Supplemental] Examine appropriate models for managing authentication, access control and authorization across systems in an organization. [Analyzing]
SYS-S04 [Supplemental] Apply cyber defense methods to prepare a system against attacks, including penetration testing, log analysis, resilience mechanisms, and the use of intrusion detection systems. [Applying]
SYS-S05 [Supplemental] Discuss legal aspects of system and network requirements, such as support for litigation holds and forensic analysis. [Understanding]
SYS-S06 [Supplemental] Construct virtual environments including disk and memory structures to meet organization needs. [Creating]

Human Security

An ability to demonstrate competency in Human Security

HUM-E01 [Essential] Discuss identity management in the context of attacks and mitigations. [Understanding]
HUM-E02 [Essential] Analyze the security of an individual’s data and privacy in the context of an organization and in their personal lives. [Analyzing]
HUM-E03 [Essential] Describe trends in human behavior which pose risks to individual and organizational privacy and security. [Understanding]
HUM-S01 [Supplemental] Analyze a variety of physical access controls. [Analyzing]
HUM-S02 [Supplemental] Use a variety of tools and techniques to detect and mitigate social engineering threats. [Applying]
HUM-S03 [Supplemental] Examine techniques to encourage personal compliance with cybersecurity rules, policies, and ethical norms. [Analyzing]

Organizational Security

An ability to demonstrate competency in Organizational Security

ORG-E01 [Essential] Describe policies, procedures, and ethical considerations to protect information security. [Understanding]
ORG-E02 [Essential] Describe security features in operating system and database administration in a local or cloud environment. [Understanding]
ORG-E03 [Essential] Summarize the components of a business continuity plan that ensures minimal down time and quick recovery in the face of cybersecurity incidents or natural disasters. [Understanding]
ORG-E04 [Essential] Describe physical security features to protect an organization’s computing and information resources. [Understanding]
ORG-S01 [Supplemental] Analyze risks to information assets in an organization and communicate them to stakeholders. [Analyzing]
ORG-S02 [Supplemental] Assess administrative procedures for protecting systems from attack and ensuring the availability of system access and functions in an organization. Evaluating [Evaluating]
ORG-S03 [Supplemental] Analyze the meaning and use of various security metrics and data with the aid of tools, to ensure quality control and security of data. [Analyzing]
ORG-S04 [Supplemental] Discuss issues related to personnel security in an organization, including the protection of personally identifiable information, and proper use or avoidance of fear, uncertainty, and doubt (FUD) as an awareness tool. [Understanding]

Societal Security

An ability to demonstrate competency in Societal Security

SOC-E01 [Essential] Interpret applicable cyber policies and ethics for a given scenario. [Understanding]
SOC-E02 [Essential] Summarize applicable national, international, and global security policies and legislation. [Understanding]
SOC-E03 [Essential] Distinguish social dynamics of computer attackers in a global context. [Analyzing]
SOC-S01 [Supplemental] Attribute specific cyber laws and potential economic impact for a given cybercrime scenario. [Analyzing]
SOC-S02 [Supplemental] Compare different cyber ethics theories that impact on individuals and society. [Analyzing]