•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Cybersecurity Foundations

The intent of the Cybersecurity Foundations Knowledge Unit is to provide students with a basic understanding of the fundamental concepts behind cybersecurity. This is a high level introduction or familiarization of the Topics, not a deep dive into specifics.

Topics

  1. Threats and Adversaries (threat actors, malware, natural phenomena)
  2. Vulnerabilities and Risk management (include backups and recovery)
  3. Common Attacks
  4. Basic Risk Assessment
  5. Security Life-Cycle
  6. Applications of Cryptography and PKI
  7. Data Security (in transmission, at rest, in processing)
  8. Security Models (Bell-La Padula, Biba, Clark Wilson, Brewer Nash, Multi-level security)
  9. Access Control Models (MAC, DAC, RBAC, Lattice)
  10. Confidentiality, Integrity, Availability, Access, Authentication, Authorization, Non-Repudiation, Privacy
  11. Session Management
  12. Exception Management
  13. Identification/Authentication, Audit)
  14. Malicious activity detection / forms of attack
  15. Appropriate Countermeasures
  16. Legal issues
  17. Ethics (Ethics associated with cybersecurity profession)
  18. Security Mechanisms (e.g., Identification/Authentication, Audit)
  19. Confidentiality, Integrity, Availability, Access, Authentication, Authorization, Non-Repudiation, Privacy
  20. Appropriate Countermeasures
  21. Describe potential system attacks and the actors that might perform them.

Outcomes

  1. Describe the fundamental concepts of the cyber security discipline and use to provide system security.
  2. Describe potential system attacks and the actors that might perform them.
  3. Describe cyber defense tools, methods and components and apply cyber defense methods to prepare a system to repel attacks.
  4. Describe appropriate measures to be taken should a system compromise occur.
  5. Properly use the Vocabulary associated with cyber security.
  6. Describe the fundamental concepts of the cybersecurity discipline and use to provide system security.
  7. Describe potential system attacks and the actors that might perform
  8. Describe appropriate measures to be taken should a system compro
  9. Vulnerabilities and Risk management (include backups and recovery)
  10. Applications of Cryptography and PKI

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0005 Knowledge of cyber threats and vulnerabilities.
K0259 Knowledge of malware analysis concepts and methodologies.
K0162 Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
K0612 Knowledge of what constitutes a ??threat?? to a network.
K0392 Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
K0408 Knowledge of cyber actions (i.e. cyber defense, information gathering, environment preparation, cyber-attack) principles, capabilities, limitations, and effects.
K0436 Knowledge of fundamental cyber operations concepts, terminology/lexicon (i.e., environment preparation, cyber-attack, cyber defense), principles, capabilities, limitations, and effects.
K0073 Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
K0527 Knowledge of risk management and mitigation strategies.
K0149 Knowledge of organization's risk tolerance and/or risk management approach.
K0210 Knowledge of data backup and restoration concepts.
K0165 Knowledge of risk/threat assessment.
K0263 Knowledge of information technology (IT) risk management policies, requirements, and procedures.
K0009 Knowledge of application vulnerabilities.
K0021 Knowledge of data backup and recovery.
K0287 Knowledge of an organization's information classification program and procedures for information compromise.
K0042 Knowledge of incident response and handling methodologies.
K0121 Knowledge of information security program management and project management principles and techniques.
K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
K0161 Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
K0065 Knowledge of policy-based and risk adaptive access controls.
K0004 Knowledge of cybersecurity and privacy principles.
K0285 Knowledge of implementing enterprise key escrow systems to support data-at-rest encryption.
K0056 Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
K0019 Knowledge of cryptography and cryptographic key management concepts
K0336 Knowledge of access authentication methods.
K0622 Knowledge of controls related to the use, processing, storage, and transmission of data.
K0203 Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
K0240 Knowledge of multi-level security systems and cross domain solutions.
K0033 Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
K0007 Knowledge of authentication, authorization, and access control methods.
K0044 Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
K0295 Knowledge of confidentiality, integrity, and availability principles.
K0211 Knowledge of confidentiality, integrity, and availability requirements.
K0299 Knowledge in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
K0105 Knowledge of web services (e.g., service-oriented architecture, Simple Object Access Protocol, and web service description language).
K0070 Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
K0089 Knowledge of systems diagnostic tools and fault identification techniques.
K0143 Knowledge of front-end collection systems, including traffic collection, filtering, and selection.
K0297 Knowledge of countermeasure design for identified security risks.
K0059 Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
K0474 Knowledge of key cyber threat actors and their equities.
K0480 Knowledge of malware.
ID DESCRIPTION
S0003 Skill of identifying, capturing, containing, and reporting malware.
S0079 Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
S0171 Skill in performing impact/risk assessments.
S0138 Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
S0007 Skill in applying host/network access controls (e.g., access control list).
S0031 Skill in developing and applying security system access controls.
S0367  Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
S0006 Skill in applying confidentiality, integrity, and availability principles.
S0367 Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
S0022 Skill in designing countermeasures to identified security risks.
S0085 Skill in conducting audits or reviews of technical systems.
ID DESCRIPTION
A0119 Ability to understand the basic concepts and issues related to cyber and its organizational impact.
A0049 Ability to apply secure system design tools, methods and techniques.
A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
A0123 Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
ID DESCRIPTION