•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Cybersecurity Principles

The intent of the Cybersecurity Principles Knowledge Unit is to provide students with basic security design fundamentals that help create systems that are worthy of being trusted.

Topics

  1. Principles
  2. Principles a. Separation (of domains/duties)
  3. Principles a. Separation (of domains/duties) b. Isolation c. Encapsulation d. Modularity e. Simplicity of design (Economy of Mechanism) f. Minimization of implementation (Least Common Mechanism) g. Open Design h. Complete Mediation i. Layering (Defense in depth) j. Least Privilege k. Fail Safe Defaults / Fail Secure l. Least Astonishment (Psychological Acceptability) m. Minimize Trust Surface (Reluctance to trust) n. Usability o. Trust relationships
  4. Principles SUBTOPICS
  5. Principles
  6. Fail Safe Defaults / Fail Secure
  7. Principles (must cover all of the sub-Topics)
  8. Principles- Separation (of domains/duties), Isolation, Encapsulation, Modularity, Minimization of implementation (Least Common Mechanism), Open Design, Complete Mediation, Layering (Defense in depth), Least Privilege, Fail Safe Defaults / Fail Secure, Least Astonishment (Psychological Acceptability), Minimize Trust Surface (Reluctance to trust), Usability, Trust relationships

Outcomes

  1. Define the principles of cybersecurity.
  2. Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies.
  3. Analyze common security failures and identify specific design principles that have been violated.
  4. Given a specific scenario, identify the design principles involved or needed.
  5. Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.
  6. Given a specific scenario, identify the design principles involved or needed.
  7. Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.
  8. Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies
  9. Analyze common security failures and identify specific design principles that have been violated
  10. Given a specific scenario, identify the design principles involved or needed

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0004 Knowledge of cybersecurity and privacy principles.
K0152 Knowledge of software related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, simplicity/minimization).
K0179 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
K0289 Knowledge of system/server diagnostic tools and fault identification techniques.
K0049 Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
K0112 Knowledge of defense-in-depth principles and network security architecture.
K0045 Knowledge of information security systems engineering principles (NIST SP 800-160).
K0038 Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
K0044 Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
ID DESCRIPTION
S0157 Skill in recovering failed systems/servers. (e.g., recovery software, failover clusters, replication, etc.).
S0023 Skill in designing security controls based on cybersecurity principles and tenets.
S0367  Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
ID DESCRIPTION
A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). 
ID DESCRIPTION