Advanced Cybersecurity (2020 - 2021)

Employability Skills

Legal Issues

Malware

Threats and Attacks

Cryptology

Wireless

Security

Response and Recovery`

Testing

Risk Management

Student Organizations

demonstrate employability skills required by business and industry

explore concepts of cybersecurity related to legal and ethical decisions

investigate concepts of malware threats

demonstrate how to analyze and react to various threats and vulnerabilities

apply advanced principles of cryptology

apply advanced communications and wireless security techniques

implement organizational security techniques

implement contingency planning (incident response and disaster recovery) techniques

perform security analysis, as well as testing and evaluation

implement risk management techniques for personal computer and network systems

demonstrate how to work with advanced methods of cybersecurity

explore how related student organizations are integral parts of career and technology education courses through leadership development, school and community service projects, entrepreneurship development, and competitive events

communicate effectively through writing, speaking, listening, reading, and interpersonal abilities

demonstrate creativity by asking challenging questions and applying innovative procedures and methods

exhibit critical thinking and problem solving skills to locate, analyze, and apply information in career planning and employment situations

model work readiness traits required for success in the workplace including integrity, honesty, accountability, punctuality, time management, and respect for diversity

apply the appropriate skill sets to be productive in a changing, technological, diverse workplace to be able to work independently and apply team work skills

present a professional image through appearance, behavior, and language

describe the threats to a computer network, methods of avoiding attacks, and options in dealing with virus attacks

investigate potential abuse and unethical uses of computers and networks

explain the consequences of illegal, social, and unethical uses of information technologies (e.g., piracy; illegal downloading; licensing infringement; inappropriate uses of software, hardware, and mobile devices)

differentiate between freeware, shareware, and public domain software copyrights

discuss computer crimes, terms of use, and legal issues such as copyright laws, fair use laws, and ethics pertaining to scanned and downloaded clip art images, photographs, documents, video, recorded sounds and music, trademarks, and other elements for use in Web publications

identify netiquette including the use of e-mail, social networking, blogs, texting, and chatting

explain proper netiquette, including the use of e-mail, social networking, blogs, texting, and chatting

discuss the importance of cyber safety and the impact of cyber bullying

analyze and differentiate among types of malware

identify malware code, including strings

demonstrate skill in handling malware [NICE 153]

demonstrate skill in preserving evidence integrity according to standard operating procedures or national standards [NICE 217]

analyze and differentiate among types of network attacks (e.g., virus, worms, trojans, unpatched software, password cracking, advanced persistent threats, etc.)

distinguish between different social engineering attacks (e.g., baiting, phishing/spear phishing, pretexting/ blagging, tailgating, quid pro quo, etc.)

distinguish between reconnaissance/footprinting, infiltration, network breach, network exploitation, and attack for effects (e.g., deceive, disrupt, degrade, and destroy)

demonstrate an understanding of DoS/DDoS, session hijacking, HTTP spoofing, DNS attacks, switch attacks, man-in the-middle (MITM) attacks, and cross site scripting, and drive-by-attacks

use and apply appropriate cryptographic tools and products

explain the core concepts of Public Key Infrastructure

demonstrate knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]) and implement PKI, certificate management, and associated components [NICE 79]

install and configure Pretty Good Privacy (PGP) and send/receive PGP encrypted email

install and view a digital certificate

understand and master process to enroll for digital certificates

renew, revoke, backup, and restore public and private key certificates

install and secure a Certificate Authority (CA)

backup and restore a Certificate Authority (CA)

implement wireless networks in a secure manner

analyze and differentiate among types of wireless attacks

configure a wireless Access Point (WPA, WPA-2)

demonstrate use of InSSIDer and Netstumbler on wireless communications

change the power level of a Wireless Local Area Network (WLAN) Access Point

demonstrate knowledge of Virtual Private network (VPN) security and configure Virtual Private Network (VPN) [NICE 148]

demonstrate knowledge of remote access policy Layer 2 Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP)

explain the impact and proper use of environmental controls

explain the importance of security-related awareness and training

install environmental controls through Basic Input/Output System (BIOS)

write organizational security policies (e.g., email, wireless, etc.)

demonstrate knowledge of incident response and handling methodologies [NICE 61]

demonstrate knowledge of incident categories, incident responses, and timeliness for responses and compare and contrast aspects of business continuity [NICE 60]

execute disaster recovery plans and procedures

demonstrate the ability to capture volatile memory contents

 perform imaging functions, such as operating system, network, and software configurations

restore a machine from a known good backup

analyze and differentiate among types of mitigation and deterrent techniques

implement assessment tools and techniques to discover security threats and vulnerabilities

explain the proper use of penetration testing versus vulnerability scanning in the context of vulnerability assessments

demonstrate skill in conducting vulnerability scans and recognizing vulnerabilities in security systems (e.g., Nessus, Nmap, Retina) [NICE 3]

conduct a security audit

view and modify an Address Resolution Protocol (ARP) table

evaluate the patch status of a machine

demonstrate knowledge of pack-level analysis in order to install and view packet sniffer [NICE 93]

perform secure data destruction (e.g., Secure Erase, BCWipe)

explain risk-related concepts

perform a risk assessment

identify mitigations for risks from risk assessment

conduct appropriate risk mitigation strategies

apply and implement secure network administration principles

demonstrate knowledge of how network services and protocols interact to provide network communications in order to securely implement and use common protocols [NICE 50]

identify commonly used default network ports

set up a Network Address Translation (NAT) device

spoof a Media Access Control (MAC) address

configure Virtual Private Network (VPN)

demonstrate creativity by asking challenging questions and applying innovative procedures and methods

demonstrate knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol (TCP/IP), Dynamic Host Configuration Protocol (DHCP) and directory services (e.g., Domain Name System [DNS] by setting up common protocols, e.g., Secure Shell [SSH], netstat, Simple Mail Transfer Protocol [SMTP], nslookup, Telnet, DNS/Bind, FTP, IIS/Web pages, DHCP/DNS server) [NICE 81]

locate open ports by completing a port scan

demonstrate the knowledge and use of network statistics (netstat)

explore the impact and opportunities a student organization can develop to bring business and education together in a positive working relationship through innovative leadership and career development programs

explore the local, state, and national opportunities available to students through participation in related student organization including but not limited to conferences, competitions, community service, philanthropy, and other activities

explain how participation in career and technology education student organizations can promote lifelong responsibility for community service and professional development

explore the competitive events related to the content of this course and the required competencies, skills, and knowledge for each related event for individual, team, and chapter competitions