Cybersecurity Program Objectives

Data Security (Competencies)

An ability to demonstrate competency in Data Security

  • Learning Outcomes
    DAT-E1 [Essential] Implement data security by selecting appropriate cryptographic procedures, algorithms, and tools based on security policy and level of risk in an organization. [Applying]
    DAT-E2 [Essential] Discuss forensically sound collection and acquisition of digital evidence. [Understanding]
    DAT-E3 [Essential] Apply principles, processes, tools and techniques used in mitigating security threats and responding to security incidents. [Applying]
    DAT-E4 [Essential] Use appropriate levels of authentication, authorization, and access control to ensure data integrity and security for information systems and networks. [Applying]
    DAT-E5 [Essential] Infer gaps in data security considering current and emerging technologies and the current state and prevailing trends in cybercrime. [Understanding]
    DAT-S1 [Supplemental] Perform a forensic analysis on a local network, on stored data within a system as well as mobile devices for an enterprise environment. [Applying]
    DAT-S2 [Supplemental] Outline complex technical concepts to technical and non-technical audiences as they relate to data security. [Analyzing]

Data Security - Cryptography (Learning Outcomes)

An ability to demonstrate competency in Data Security - Cryptography

  • Learning Outcomes
    DAT-LO-E01 [Essential] Analyze which cryptographic protocols, tools, and techniques are appropriate for providing confidentiality, data protection, data integrity, authentication, non-repudiation, and obfuscation. [Analyzing]
    DAT-LO-E02 [Essential] Apply symmetric and asymmetric algorithms as appropriate for a given scenario. [Applying]
    DAT-LO-E03 [Essential] Investigate hash functions for checking integrity and protecting authentication data. [Applying]
    DAT-LO-E04 [Essential] Use historical ciphers, such as shift cipher, affine cipher, substitution cipher, Vigenere cipher, ROT-13, Hill cipher, and Enigma machine simulator, to encrypt and decrypt data. [Applying]
    DAT-LO-S01 [Supplemental] Compare the benefits and drawbacks of applying cryptography in hardware vs software. [Analyzing]
    DAT-LO-S02 [Supplemental] Demonstrate the importance of mathematical theory in the application of cryptography. [Understanding]
    DAT-LO-S03 [Supplemental] Deduce minimum key strength for symmetric algorithms to be effective. [Analyzing]
    DAT-LO-S04 [Supplemental] Contrast trust models in PKI, such as hierarchical, distributed, bridge,and web of trust. [Analyzing]
    DAT-LO-S05 [Supplemental] Explain how symmetric and asymmetric encryption are used in tandem to secure electronic communications and transactions, such as cryptocurrencies and other crypto assets. [Understanding]
    DAT-LO-S06 [Supplemental] Apply symmetric and asymmetric cryptography, such as DES, Twofish, AES, RSA, ECC, and DSA for a given scenario. [Applying]

Data Security - Digital Forensics (Learning Outcomes)

An ability to demonstrate competency in Data Security - Cryptography

  • Learning Outcomes
    DAT-LO-E05 [Essential] Discuss the concept, need, and value of digital forensics. [Understanding]
    DAT-LO-E06 [Essential] Describe components of a digital investigation, sources of digital evidence, limitations of forensics, and ethical considerations. [Understanding]
    DAT-LO-E07 [Essential] Discuss key rules, laws, policies, and procedures that impact digital forensics. [Understanding]
    DAT-LO-E08 [Essential] Explain how to preserve the chain of custody for digital evidence. [Understanding]
    DAT-LO-E09 [Essential] Perform fundamental incident response functions including detecting, responding, and recovering from security incidents. [Applying]
    DAT-LO-S07 [Supplemental] Demonstrate the benefits of digital forensic readiness and planning. [Understanding]
    DAT-LO-S08 [Supplemental] Examine legal issues, authorities, and processes related to digital evidence. [Analyzing]
    DAT-LO-S09 [Supplemental] Describe the role and ethical responsibilities of a forensic examiner. [Understanding]
    DAT-LO-S10 [Supplemental] Outline a variety of digital forensic tools (open source vs. closed source) and their limits. [Analyzing]
    DAT-LO-S11 [Supplemental] Describe digital forensics investigative procedures, such as identification of evidence, collection and preservation of evidence, timelines, reporting, chain of custody, and authentication of evidence. [Understanding]
    DAT-LO-S12 [Supplemental] Carry out forensically sound acquiring and handling of digital evidence following chain of custody best practices. [Applying]
    DAT-LO-S13 [Supplemental] Analyze digital evidence from non-PC devices, such as smartphones, tablets, GPS, game consoles, Smart TVs, and IoT devices. [Analyzing]
    DAT-LO-S14 [Supplemental] Apply documentation techniques and reporting of findings using industry standard and technically accurate terminology and format. [Applying]
    DAT-LO-S15 [Supplemental] Outline complex technical concepts and processes so that they are easily understood by non-technical audiences. [Analyzing]
    DAT-LO-S16 [Supplemental] Carry out verification and validation of evidence during forensic acquisition, preservation, and analysis, including the use of hashes. [Applying]
    DAT-LO-S17 [Supplemental] Summarize the best practices in collecting and isolating mobile devices when part of digital evidence. [Understanding]

Software Security (Competencies)

An ability to demonstrate competency in Software Security

  • Learning Outcomes
    SOF-E1 [Essential] Write secure code with appropriate documentation for a software system and its related data. [Applying]
    SOF-E2 [Essential] Analyze security and ethical considerations at each phase of the software development lifecycle. [Analyzing]
    SOF-S1 [Supplemental] Implement isolation to secure a process or application. [Applying]

Software Security - Fundamental Principles (Learning Outcomes)

An ability to demonstrate competency in Software Security - Fundamental Principles

  • Learning Outcomes
    SOF-LO-E02 [Essential] Execute access decisions and permissions based on explicit need. [Applying]
    SOF-LO-E01 [Essential] Apply fundamental design principles, including least privilege, open design, and abstraction, to system and application software. [Applying]
    SOF-LO-S01 [Supplemental] Test authorization and access control for a given class. [Applying]