Developing Your Cybersecurity Career: Resources for Students by Michael Erbschloe - HTML preview

PLEASE NOTE: This is an HTML preview only and some elements such as links or page numbers may be incorrect.
Download the book in PDF, ePub, Kindle for a complete version.

 

CORE Knowledge Units (2 year programs)

Basic Data Analysis

Basic Scripting or Introductory Programming (4 yr core)

Cyber Defense

Cyber Threats

Fundamental Security Design Principles

IA Fundamentals

Intro to Cryptography

IT Systems Components

Networking Concepts

Policy, Legal, Ethics, and Compliance

System Administration

CORE Knowledge Units (4+year programs + 2 year core)

Databases

Network Defense

Networking Technology and Protocols

Operating Systems Concepts

Probability and Statistics

Programming

Optional Knowledge Units

Advanced Cryptography

Advanced Network Technology and Protocols

Algorithms

Analog Telecommunications

Cloud Computing

Cybersecurity Planning and Management

Data Administration

Data Structures

Database Management Systems

Digital Communications

Digital Forensics

Device Forensics

Host Forensics

Media Forensics

Network Forensics

Embedded Systems

Forensic Accounting

Formal Methods

Fraud Prevention and Management

Hardware Reverse Engineering

Hardware/Firmware Security

IA Architectures

IA Compliance

IA Standards

Independent/Directed Study/Research

Industrial Control Systems

Intro to Theory of Computation

Intrusion Detection

Life-Cycle Security

Low Level Programming

Mobile Technologies

Network Security Administration

Operating Systems Hardening

Operating Systems Theory

Overview of Cyber Operations

Penetration Testing

QA / Functional Testing

RF Principles

Secure Programming Practices

Security Program Management

Security Risk Analysis

Software Assurance

Software Reverse Engineering

Software Security Analysis

Supply Chain Security

Systems Programming

Systems Certification and Accreditation

Systems Security Engineering

Virtualization Technologies

Vulnerability Analysis

Wireless Sensor Networks

Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. Topics:

Summary Statistics

Graphing / Charts

Spreadsheet Functions

Problem solving

Basic Scripting The intent of this Knowledge Unit is to provide students with the ability to create simple scripts/programs to automate and perform simple operations. This knowledge should include basic security practices in developing scripts/programs (e.g., bounds checking, input validation). Topics:

Basic Security, Bounds checking, input validation

Program Commands

Program Control Structures

Variable Declaration

Debugging

Scripting Language (e.g. PERL, Python, BASH, VB Scripting, Powershell)

Basic Boolean logic/operations. AND / OR / XOR / NOT

Cyber Defense The intent of this Knowledge Unit is to provide students with a basic awareness of the options available to mitigate threats within a system. Topics:

Network mapping (enumeration and identification of network components)

Network security techniques and components, Access controls, flow control, cryptography, firewalls, intrusion detection systems, etc.

Applications of Cryptography

Malicious activity detection/forms of attack

Appropriate Countermeasures

Trust relationships

Defense in Depth, Layering of security mechanisms to achieve desired security

Patching, OS and Application Updates

Vulnerability Scanning

Vulnerability Windows (0-day to patch availability)

Cyber Threats The intent of this Knowledge Unit is to provide students with basic information about the threats that may be present in the cyber realm. Topics:

Adversaries and targets

Motivations and Techniques

The Adversary Model (resources, capabilities, intent, motivation, risk aversion, access)

Types of Attacks, Password guessing/cracking, Backdoors/Trojans/viruses/wireless attacks, Sniffing/spoofing/session hijacking, Denial of service/distributed DOS/BOTs, MAC spoofing/web app attacks/0-day exploits and the vulnerabilities that enable them

Attack Timing (within x minutes of being attached to the net)

Social Engineering

Events that indicate an attack is/has happened

Legal Issues

Attack surfaces/vectors

Attack trees

Insider problem

Covert Channels

Threat Information Sources (e.g., CERT)

Fundamental Security Design Principles The intent of this Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted. Topics:

Separation (of domains)

Isolation

Encapsulation

Least Privilege

Simplicity (of design)

Minimization (of implementation)

Fail Safe Defaults / Fail Secure

Modularity

Layering

Least Astonishment

Open Design

Usability

IA Fundamentals The intent of this Knowledge Unit is to provide students with basic concepts of information assurance fundamentals. Topics:

Threats and Adversaries

Vulnerabilities and Risks

Basic Risk Assessment

Security Life-Cycle

Intrusion Detection and Prevention Systems

Cryptography

Data Security (in transmission, at rest, in processing)

Security Models

Access Control Models (MAC, DAC, RBAC)

Confidentiality, Integrity, Availability, Access, Authentication, Authorization, Non-Repudiation, Privacy

Security Mechanisms (e.g., Identification/Authentication, Audit)

Intro to Cryptography The intent of this Knowledge Unit is to provide students with a basic ability to understand where and how cryptography is used. Topics:

Symmetric Cryptography (DES, Twofish)

Public Key Cryptography, Public Key Infrastructure, Certificates

Hash Functions (MD4, MD5, SHA-1, SHA-2, SHA-3), For integrity, For protecting authentication data, Collision resistance

Digital Signatures (Authentication)

Key Management (creation, exchange/distribution)

Cryptographic Modes (and their strengths and weaknesses)

Types of Attacks (brute force, chosen plaintext, known plaintext, differential and linear cryptanalysis, etc.)

Common Cryptographic Protocols

DES -> AES(evolution from DES to AES)

Security Functions (data protection, data integrity, authentication)

IT System Components The intent of this Knowledge Unit is to provide students with an understanding of the basic components in an information technology system and their roles in system operation. Topics:

Workstations

Servers

Network Storage Devices

Routers / Switches / Gateways

Guards / CDSes / VPNs / Firewalls

IDSes, IPSes

Mobile Devices

Peripheral Devices / Security Peripherals

Networking Concepts The intent of this Knowledge Unit is to provide students with basic understanding of network components and how they interact. Topics:

Overview of Networking (OSI Model)

Network Media

Network architectures (LANs, WANs)

Network Devices (Routers, Switches, VPNs, Firewalls)

Network Services

Network Protocols (TCP/IP, HTTP, DNS, SMTP, UDP)

Network Topologies

Overview of Network Security Issues

Policy, Legal, Ethics and Compliance The intent of this Knowledge Unit is to provide students with and understanding of information assurance in context and the rules and guidelines that control them. Topics:

HIPAA / FERPA

Computer Security Act

Sarbanes –Oxley

Gramm –Leach –Bliley

Privacy (COPPA)

Payment Card Industry Data Security Standard (PCI DSS)

State, US and international standards / jurisdictions

Laws and Authorities

US Patriot Act

BYOD issues

Americans with Disabilities Act, Section 508

Systems Administration The intent of this Knowledge Unit is to provide students with skill to perform basic operations involved in system administration. Topics:

OS Installation

User accounts management

Password policies

Authentications Methods

Command Line Interfaces

Configuration Management

Updates and patches

Access Controls

Logging and Auditing (for performance and security)

Managing System Services

Virtualization

Backup and Restoring Data

File System Security

Network Configuration (port security)

Host (Workstation/Server) Intrusion Detection

Security Policy Development

Databases The intent of this Knowledge Unit is to teach students how database systems are used, managed, and issues associated with protecting the associated data assets. Topics:

Relational Databases

No SQL Databases

Object Based vs. Object Oriented

Overview of Database Vulnerabilities

Overview of Database topics/issues (indexing, inference, aggregation, polyinstantiation)

Hashing and Encryption

Database access controls (DAC, MAC, RBAC, Clark-Wilson)

Information flow between databases/servers and applications

Database security models

Security issues of inference and aggregation

Common DBMS vulnerabilities

Network Defense The intent of this Knowledge Unit is to teach students the techniques that can be taken to protect a network and communication assets from cyber threats. Topics:

Implementing IDS/IPS

Implementing Firewalls and VPNs

Defense in Depth

Honeypots and Honeynets

Network Monitoring

Network Traffic Analysis

Minimizing Exposure (Attack Surface and Vectors)

Network Access Control (internal and external)

DMZs / Proxy Servers

Network Hardening

Mission Assurance

Network Policy Development and Enforcement

Network Operational Procedures

Network Attacks (e.g., session hijacking, Man-in-the-Middle)

Network Technology and Protocols The intent of this Knowledge Unit is to provide students with an understanding of the components in a network environment, their roles, and communication methods. Topics:

Network Architectures

Networks Infrastructure

Network Services

Network Protocols (TCP/IP –v4 and v6, DNS, HTTP, SSL, TLS)

Network Address Translation and Sub-netting

Network Analysis/Troubleshooting

Network Evolution (Change Management, BYOD)

Remote and Distributed Management

Operating Systems Concepts The intent of this Knowledge Unit is to provide students with an understanding of the roles of an operating system, its basic functions, and the services provided by the operating system. Topics:

Privileged and non-privileged states

Processes and Threads (and their management)

Memory (real, virtual, and management)

Files Systems

Access Controls (Models and Mechanisms), Access control lists

Virtualization / Hypervisors

Fundamental Security Design Principles as applied to an OS, Domain separation, process isolation, resource encapsulation, least privilege

Probability and Statistics The intent of this Knowledge Unit is to provide students with the ability to use basic statistics to analyze and attach meaning to datasets. Topics:

Probability as a concept

Random variables/events

Odds of an event happening

Data Interpretation

Statistical Problem Solving

Probability Distributions

Programming The intent of this Knowledge Unit is to provide students with the skills necessary to implement algorithms using programming languages to solve problems. Topics:

Programming Language, such as: C

Programming constructs and concepts variables, strings, assignments, sequential execution, loops, functions.

Security issues, such as type checking and parameter validation.

Basic Boolean logic/operations. AND/OR/XOR/NOT

Optional Knowledge Units

Advanced Cryptography The intent of this Knowledge Unit is to provide students with knowledge of cryptographic algorithms, protocols, and their uses in the protection of information in various states. Topics:

Number Theory

Probability and Statistics

Understanding of the major algorithms (AES, RSA, EC)

Suite B Algorithms

Understanding of the families of attacks (differential, man-in-the-middle, linear, etc.)

Hashing and Signatures

Key Management

Modes and appropriate uses

Classical Cryptanalysis (a la Konheim)

Identity-based Cryptography

Digital Signatures

Virtual Private Networks

Quantum Key Cryptography

Advanced Network Technology & Protocols The intent of this Knowledge Unit is to provide students with an understanding of the latest network technologies and more complex security issues involved in network communications. Examples include (but not limited to) software defined networking, converged voice/data networking. Topics:

Routing algorithms and protocols

Software Defined Networking, Principles, protocols, implications

IPv6 Networking Suite

BGP

Quality of Service

Network Services

Social Networks

Network Topologies

Voice over IP (VoIP)

Multicasting

Advanced Network Security Topics, Secure DNS, Network Address Translation, Deep Packet Inspection, Transport Layer Security

Algorithms The intent of this Knowledge Unit is to provide students with the ability to select and apply algorithms to solve specific problems and to analyze the effectiveness of algorithms in context. Topics:

Algorithm Analysis

Computational Complexity

Best/Worst/Average Case Behavior

Optimization

Searching/Sorting

Analog Telecommunications Systems The intent of this Knowledge Unit is to provide students with a basic knowledge of the architectures and issues associated with analog communications systems. Topics:

Signaling Methods

Architecture

Trunks, Switching

Grade of Service

Blocking

Call Arrival Models

Interference Issues

Cloud Computing The intent of this Knowledge Unit is to provide students with a basic understanding of the technologies and services that enable cloud computing, different types of cloud computing models and the security and legal issues associated with cloud computing. Topics:

Virtualization platforms

Cloud Services, SaaS, PaaS, DaaS, IaaS

Service Oriented Architectures

Deployment Models private, public, community, hybrid

Security

Storage

Legal/Privacy Issues

Cybersecurity Planning and Management The intent of this Knowledge Unit is to provide students with the ability to develop plans and processes for a holistic approach to cybersecurity for an organization. Topics:

CBK

Operational, Tactical, Strategic Plan and Management

Business Continuity / Disaster Recovery

C-Level Functions

Making Cybersecurity a strategy (part of core organizational strategy)

Change control

Data Administration The intent of this Knowledge Unit is to provide students with methods to protect the confidentiality, integrity, and availability of data throughout the data life cycle. Topics:

Big Data

Hadoop/Mongo DB/HBASE

Data Policies

Data Quality

Data Ownership

Data Warehousing

Long Term Archival

Data Validation

Data Security (access control, encryption)

Data Structures The intent of this Knowledge Unit is to provide students with an understanding of the basic abstract data types, associated operations and applying them to solve problems. Topics:

Strings, Lists, Vectors, Arrays

Heaps, Queues, Stacks, Buffers

Searching and Sorting

Trees

Data Formats

Database Management Systems The intent of this Knowledge Unit is to provide students with the skills to utilize database management system to solve specific problems. Topics:

Overview of database types (e.g., flat, relational, network, object-oriented)

SQL (for queries)

Advanced SQL (for DBMS administration –e.g., user creation/deletion, permissions and access controls)

Indexing, Inference, Aggregation, Polyinstantiation

How to protect data (confidentiality, integrity and availability in a DBMS context)

Vulnerabilities (e.g., SQL injection)

Digital Communications The intent of this Knowledge Unit is to provide students with knowledge of the protocols and methodologies used in modern digital communications systems. Topics:

Components of a digital communications system

Digital Signaling

Spread Spectrum Signals

Multi-User Communication Access Techniques, CDMA, TDMA, FDMA, SDMA, PDMA

Digital Forensics The intent of this Knowledge Unit is to provide students with the skills to apply forensics techniques throughout an investigation life cycle with a focus on complying with legal requirements. Topics:

Legal Compliance, Applicable Laws, Affidavits, How to Testify, Case Law, Chain of custody

Digital Investigations, E-Discovery, Authentication of Evidence, Chain of Custody Procedures, Metadata, Root Cause Analysis, Using Virtual Machines for Analysis

Host Forensics The intent of this Knowledge Unit is to provide students with the ability to apply forensics techniques to investigate and analyze a host in a network. Topics:

File Systems and File System Forensics

Hypervisor Analysis

Registry Analysis

Cryptanalysis

Rainbow Tables

Steganography

Networking Concepts, Services, Protocols

Operating Systems Concepts

Live System Investigations

(Must include hands-on activities)

Device Forensics The intent of this Knowledge Unit is to provide students with the ability to apply forensics techniques to investigate and analyze a device. Topics:

Mobile Device Analysis

Tablets

SmartPhones

GPS

(Must include hands-on activities)

Media Forensics The intent of this Knowledge Unit is to provide students with the ability to apply forensics techniques to investigate and analyze a particular media in context. Topics:

Drive Acquisition

Authentication of Evidence, Verification and Validation, Hashes

Metadata

Live vs. Static Acquisition

Sparse vs. Full Imaging

Slack Space

Hidden Files/clusters/partitions

(Must include hands-on activities)

Network Forensics The intent of this Knowledge Unit is to provide students with the ability apply forensics techniques to investigate and analyze network traffic. Topics:

Packet Capture and Analysis

Intrusion Detection and Prevention

Interlacing of device and network forensics

Log-file Analysis

Forensic Imaging and Analysis

(Must include hands-on activities)

Embedded Systems The intent of this Knowledge Unit is to provide students with the ability to develop applications that run on embedded devices while complying with device constraints. Topics:

Real-time Operating Systems

Microcontroller architectures

Interrupt handling and timing issues

Resource management in real time systems

C Programming

Java, JavaScript or some other runtime programming environment

Forensic Accounting The intent of this Knowledge Unit is to provide students with the ability to apply forensics techniques to respond to and investigate financial incidents. Topics:

Investigative Accounting

Fraudulent Financial Reporting

Misappropriation of Assets

Indirect Methods of Reconstructing Income

Money Laundering

Transnational financial flows

Litigation services

Evidence Management

Economic Damages and Business Valuations

Formal Methods The intent of this Knowledge Unit is to provide students with a basic understanding of how mathematical logic can be applied to the design of secure systems. Topics:

Concept of Formal Methods

Mathematical Logic

Applications, Role in system design, Role in software engineering

Limitations

Bell-LaPadula (as an example formal model)

Automated Reasoning Tools

System Modeling and Specification

Proofs and Verification

Fraud Prevention and Management The intent of this Knowledge Unit is to provide students with the necessary knowledge to develop plans and processes for a holistic approach to preventing and mitigating fraud throughout the system lifecycle. Topics:

Symptom Recognition

Data Driven Detection

Investigation ofTheft

Concealment

Conversion Methods

Inquiry and Reporting

Financial, Revenue and Inventory

Liability and inadequate disclosure

Consumer fraud

Hardware Reverse Engineering The intent of this Knowledge Unit is to provide students with an introduction to the basic procedures necessary to perform reverse engineering of hardware components to determine their functionality, inputs, outputs, and stored data. Topics:

Principles of Reverse Engineering, Stimulus, Data Collection, Data Analysis, Specification development, Capability Enhancement/Modification Techniques, Detecting Modification

Stimulation Methods/Instrumentation (probing and measurement)

JTAG IEEE 1149.1

Defining and Enumerating Interfaces

Functional Decomposition

Hardware/Firmware Security The intent of this Knowledge Unit is to provide students with an understanding of the diverse components in hardware/firmware, their roles, and the associated security concerns. Topics:

Microcode

Firmware

Hardware Abstraction Layers

Virtualization Layers

IA Architectures The intent of this Knowledge Unit is to provide students with an understanding of common security architectures for the protection of information systems and data. Topics:

Defense in Depth

DMZs

Proxy Servers

Composition and Security

Cascading

Emergent Properties

Dependencies

TCB Subsets

Enterprise Architectures / Security Architectures

Secure network design

IA Compliance The intent of this Knowledge Unit is to provide students with an understanding of the rules, regulations and issues related to compliance with applicable laws and regulations. Topics:

HIPAA

Sarbanes Oxley

FERPA

Data Breach Disclosure Laws

FISMA

Gramm Leach Bliley

PCI DSS

IA Standards The intent of this Knowledge Unit is to provide students with an understanding of the common standards related to information assurance. Topics:

HIPAA

FERPA

Sarbanes-Oxley

Understanding appropriate commercial standards

Knowing which standards apply to specific situations

Rainbow Series

Independent Study Directed Study Special Topics Advanced Topics The intent of this Knowledge Unit is to provide credit for courses that address emerging issues related to information assurance and cyber defense. Courses focused on emerging technologies and their security relevant issues or new Tools, Techniques and Methods related to IA/Cyber Defense (this “wild-card” Knowledge Unit allows any school to submit an IA/Cyber Defense course for credit towards satisfying the academic requirements to be designated as a CAE. It will be up to the on-site review process to validate if the course is worthy of credit.)

Industrial Control Systems The intent of this Knowledge Unit is to provide students with an understanding of the basics of industrial control systems, where they are likely to be found, and vulnerabilities they are likely to have. Topics:

SCADA Firewalls

Hardware Components

Programmable Logic Controllers (PLCs)

Protocols (MODBUS, PROFINET, DNP3, OPC, ICCP, SERIAL)

Networking (RS232/485, ZIGBEE, 900MHz, BlueTooth, X.25)

Types of ICSs (e.g., power distribution systems, manufacturing)

Models of ICS systems (time driven vs. event driven)

Common Vulnerabilities in Critical Infrastructure Systems

Ladder Logic

Intro to Theory of Computation The intent of this Knowledge Unit is to provide students with the basic knowledge of finite automata and their application to computation. Topics:

Computability

Complexity

Turing machines

Deterministic and non-deterministic finite automata

Intrusion Detection / Prevention Systems The intent of this Knowledge Unit is to provide students with knowledge and skills related to detecting and analyzing vulnerabilities and threats and taking steps to mitigate associated risks. Topics:

Deep Packet Inspection

Log File Analysis

Log Aggregation

Cross Log Comparison and Analysis

Anomaly Detection

Misuse Detection (Signature Detection)

Specification-based Detection

Host-based Intrusion Detection and Prevention

Network-based Intrusion Detection and Prevention

Distributed Intrusion Detection

Hierarchical IDSes

Honeynets/Honeypots

Life-Cycle Security The intent