•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Cyber Threats

The intent of the Cyber Threats Knowledge Unit is to provide students with basic information about the threats that may be present in the cyber realm.

Topics

  1. Types of Attacks (and vulnerabilities that enable them) a. Password guessing / cracking b. Backdoors / trojans / viruses / wireless attacks c. Sniffing / spoofing / session hijacking d. Denial of service / distributed e. DOS / BOTs f. MAC spoofing / web app attacks / 0-day exploits g. Advanced Persistent Threat (APT)
  2. Types of Attacks (and vulnerabilities that enable them) a. Password guessing / cracking b. Backdoors / trojans / viruses / wireless attacks c. Sniffing / spoofing / session hijacking d. Denial of service / distributed e. DOS / BOTs f. MAC spoofing / web app attacks / 0-
  3. Insider problem
  4. Motivations and Techniques
  5. The Adversary Model (resources, capabilities, intent, motivation, risk aversion, access)
  6. Types of Attacks (and vulnerabilities that enable them)
  7. Events that indicate an attack is/has happened
  8. Attack Timing (within x minutes of being attached to the net)
  9. Attack surfaces / vectors, and trees
  10. Covert Channels
  11. Social Engineering
  12. Threat Information Sources (e.g., CERT)
  13. Threat Information Sources (e.g., CERT)
  14. Backdoors / trojans / viruses / wireless attacks
  15. Password guessing / cracking
  16. Sniffing / spoofing / session hijacking
  17. Denial of service / distributed
  18. DOS / BOTs
  19. MAC spoofing / web app attacks / 0-day exploits
  20. Advanced Persistent Threat (APT)

Outcomes

  1. Identify the bad actors in cyberspace and compare and contrast their resources, capabilities/techniques, motivations and aversion to risk.
  2. Describe different types of attacks and their characteristics.
  3. Motivations and Techniques
  4. The Adversary Model (resources, capabilities, intent, motivation, risk aversion, access)
  5. Types of Attacks (and vulnerabilities that enable them)
  6. Events that indicate an attack is/has happened
  7. Attack Timing (within x minutes of being attached to the net)
  8. Attack surfaces / vectors, and trees
  9. Covert Channels
  10. Social Engineering
  11. Insider problem
  12. Threat Information Sources (e.g., CERT)
  13. Legal Issues associated with cyber threats

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0106 Knowledge of what constitutes a network attack and a network attack??s relationship to both threats and vulnerabilities.
K0161 Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
K0162 Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
K0005 Knowledge of cyber threats and vulnerabilities.
K0344 Knowledge of an organization??s threat environment.
K0107 Knowledge of Insider Threat investigations, reporting, investigative tools and laws/regulations.
K0110 Knowledge of adversarial tactics, techniques, and procedures.
K0603 Knowledge of the ways in which targets or threats use the Internet.
K0040 Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins).
K0009 Knowledge of application vulnerabilities.
K0151 Knowledge of current and emerging threats/threat vectors.
K0375 Knowledge of wireless applications vulnerabilities.
K0362 Knowledge of attack methods and techniques (DDoS, brute force, spoofing, etc.).
K0147 Knowledge of emerging security issues, risks, and vulnerabilities.
K0309 Knowledge of emerging technologies that have potential for exploitation.
K0053 Knowledge of measures or indicators of system performance and availability.
K0453 Knowledge of indications and warning.
K0160 Knowledge of the common attack vectors on the network layer.
K0179 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
K0209 Knowledge of covert communication techniques.
K0409 Knowledge of cyber intelligence/information collection capabilities and repositories.
K0446 Knowledge of how modern wireless communications systems impact cyber operations.
ID DESCRIPTION
S0078 Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
S0144 Skill in correcting physical and technical problems that impact system/server performance.
S0153 Skill in identifying and anticipating system/server performance, availability, capacity, or configuration problems.
S0155 Skill in monitoring and optimizing system/server performance.
S0052 Skill in the use of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
S0357 Skill to anticipate new security threats.
ID DESCRIPTION
ID DESCRIPTION