•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

IT Systems Components

The intent of the IT Systems Components Knowledge Unit is to provide students with a basic understanding of the components in an information technology system and their roles in system operation. This is a high level introduction or familiarization of the Topics, not a deep dive into specifics.

Topics

  1. Endpoint protection
  2. Storage Devices
  3. System Architectures
  4. Alternative environments (SCADA, real time systems, critical infrastructures)
  5. Networks (Internet, LANs, wireless)
  6. Network mapping (enumeration and identification of network components)
  7. Network Security Components (Data Loss Prevention, VPNs / Firewalls)
  8. Intrusion Detection and Prevention Systems, Incident Response
  9. Managed Services
  10. Software Security (secure coding principles, software issues by type)
  11. Configuration Management
  12. Patching
  13. Vulnerability Scanning (core)
  14. People and security (social engineering)
  15. Physical and environmental security concerns
  16. Internet Of Things (IOT)
  17. Cyber Defense Partnerships (Federal, State, Local, Industry)
  18. Network Security Components (Data Loss Prevention, VPNs / Firewalls)
  19. Endpoint Protection a.Workstations, servers, appliances, mobile devices, peripheral devices (Printers, scanners, external storage)
  20. System Architectures - b. Cloud
  21. Endpoint protection a. Workstations, servers, appliances, mobile devices, peripheral devices (Printers, scanners, external storage)
  22. System Architectures a. Virtualization / Containers b. Cloud
  23. Patching a. OS and Application Updates
  24. Vulnerability Scanning (core) a. Vulnerability Windows (0-day to patch availability)
  25. Networks (Internet, LANs, wireless
  26. Intrusion Detection and Prevention Systems, Incident Response
  27. Vulnerablity Scanning (core)
  28. System Architectures
  29. Virtualization / Containers
  30. Workstations, servers, appliances, mobile devices, peripheral devices (Printers, scanners, external storage)
  31. Cloud
  32. OS and Application Updates
  33. Vulnerability Windows (0-day to patch availability)
  34. Configuration Management
  35. Patching
  36. Endpoint protection a. Workstations, servers, appliances, mobile devices, peripheral devices (Printers, scanners, external storage)
  37. Workstations, servers, appliances, mobile devices, peripheral devices (Printers, scanners, external, storage)
  38. SCADA Firewalls
  39. Vulnerability Scanning (core) a. Vulnerability Windows (0-day to patch availability)

Outcomes

  1. Describe the hardware components of modern computing environments and their individual functions.
  2. Describe the basic security implications of modern computing environments.
  3. Understand the Federal, State and Local Cyber Defense partners/structures.
  4. Properly use the Vocabulary associated with cyber security.
  5. Describe the hardware components of modern computing environments and their individual functions.
  6. Describe the basic security implications of modern computing environments.
  7. Properly use the Vocabulary associated with cybersecurity.
  8. Describe the basic security implications of modern computing environments

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0011 Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
K0246 Knowledge of relevant concepts, procedures, software, equipment, and technology applications.
K0530 Knowledge of security hardware and software options, including the network artifacts they induce and their effects on exploitation.
K0035 Knowledge of installation, integration, and optimization of system components.
K0227 Knowledge of various types of computer architectures.
K0047 Knowledge of information technology (IT) architectural concepts and frameworks.
K0194 Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
K0286 Knowledge of N-tiered typologies (e.g. including server and client operating systems).
K0267 Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
K0170 Knowledge of critical infrastructure systems with information communication technology that were designed without system security considerations.
K0437 Knowledge of general Supervisory control and data acquisition (SCADA) system components.
K0001 Knowledge of computer networking concepts and protocols, and network security methodologies.
K0050 Knowledge of local area and wide area networking principles and concepts including bandwidth management.
K0274 Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
K0446 Knowledge of how modern wireless communications systems impact cyber operations.
K0255 Knowledge of network architecture concepts including topology, protocols, and components.
K0600 Knowledge of the structure, architecture, and design of modern wireless communications systems.
K0111 Knowledge of network tools (e.g., ping, traceroute, nslookup)
K0300 Knowledge of network mapping and recreating network topologies.
K0268 Knowledge of forensic footprint identification.
K0292 Knowledge of the operations and processes for incident, problem, and event management.
K0317 Knowledge of procedures used for documenting and querying reported incidents, problems, and events.
K0041 Knowledge of incident categories, incident responses, and timelines for responses.
K0046 Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
K0230 Knowledge of cloud service models and how those models can limit incident response.
K0042 Knowledge of incident response and handling methodologies.
K0202 Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
K0029 Knowledge of organization's Local and Wide Area Network connections.
K0071 Knowledge of remote access technology concepts.
K0140 Knowledge of secure coding techniques.
K0060 Knowledge of operating systems.
K0065 Knowledge of policy-based and risk adaptive access controls.
K0076 Knowledge of server administration and systems engineering theories, concepts, and methods.
K0077 Knowledge of server and client operating systems.
K0088 Knowledge of systems administration concepts.
K0275 Knowledge of configuration management techniques.
K0224 Knowledge of system administration concepts for operating systems such as but not limited to Unix/Linux, IOS, Android, and Windows operating systems.
K0344 Knowledge of an organization??s threat environment.
K0608 Knowledge of Unix/Linux and Windows operating systems structures and internals (e.g., process management, directory structure, installed applications).
K0039 Knowledge of cybersecurity and privacy principles and methods that apply to software development.
K0073 Knowledge of secure configuration management techniques. (e.g., Security Technical Implementation Guides (STIGs), cybersecurity best practices on cisecurity.org).
K0178 Knowledge of secure software deployment methodologies, tools, and practices.
K0397 Knowledge of security concepts in operating systems (e.g., Linux, Unix.)
K0074 Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
K0103 Knowledge of the type and frequency of routine hardware maintenance.
K0465 Knowledge of internal and external partner cyber operations capabilities and tools.
K0508 Knowledge of organization policies and planning concepts for partnering with internal and/or external organizations.
K0104 Knowledge of Virtual Private Network (VPN) security.
K0114 Knowledge of electronic devices (e.g., computer systems/components, access control devices, digital cameras, digital scanners, electronic organizers, hard drives, memory cards, modems, network components, networked appliances, networked home control devices, printers, removable storage devices, telephones, copiers, facsimile machines, etc.).
K0130 Knowledge of virtualization technologies and virtual machine development and maintenance.
K0059 Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
K0269 Knowledge of mobile communications architecture.
ID DESCRIPTION
S0027 Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
S0184 Skill in analyzing traffic to identify network devices.
S0204 Skill in depicting source or collateral data on a network map.
S0365  Skill to design incident response for cloud service models. 
S0054 Skill in using incident handling methodologies.
S0148 Skill in designing the integration of technology processes and solutions, including legacy systems and modern programming languages.
S0172 Skill in applying secure coding techniques.
S0043 Skill in maintaining directory services. (e.g., Microsoft Active Directory, LDAP, etc.).
S0206 Skill in determining installed patches on various operating systems and identifying patch signatures.
S0001 Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
S0242 Skill in interpreting vulnerability scanner results to identify vulnerabilities.
S0111 Skill in interfacing with customers.
S0052 Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
S0059 Skill in using Virtual Private Network (VPN) devices and encryption.
S0073 Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).
ID DESCRIPTION
A0052 Ability to operate network equipment including hubs, routers, switches, bridges, servers, transmission media, and related hardware.
A0170 Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
A0121  Ability to design incident response for cloud service models. 
A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
A0058 Ability to execute OS command line (e.g., ipconfig, netstat, dir, nbtstat).
A0059 Ability to operate the organization's LAN/WAN pathways.
A0159 Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute).
A0055 Ability to operate common network tools (e.g., ping, traceroute, nslookup).
A0015 Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
A0018 Ability to prepare and present briefings.
ID DESCRIPTION