| (D) critique current cybercrime cases involving digital
forensics.
(10) Cybersecurity skills. The student explores expanding
and emerging technology. The student is expected to:
(A) describe the concept of Security as a Service and
the role of managed security service providers (MSSP);
(B) describe the integration of artificial intelligence
and machine learning in cybersecurity;
(C) investigate impacts made by predictive analytics
on cybersecurity; and
(D) research and investigate other emerging trends
such as augmented reality and quantum computing.
(11) Cybersecurity skills. The student uses various
operating system environments. The student is expected to:
(A) select and execute appropriate commands via the
command line interface (CLI) such as ls, cd, pwd, cp, mv, chmod, ps,
sudo, and passwd;
(B) describe the file system structure for multiple
operating systems;
(C) manipulate and edit files within the CLI; and
(D) determine network status using the CLI with commands
such as ping, ifconfig/ipconfig, traceroute/tracert, and netstat.
(12) Cybersecurity skills. The student clearly and
effectively communicates technical information. The student is expected
to:
(A) collaborate with others to create a technical report;
(B) create, review, and edit a report summarizing technical
findings; and
(C) present technical information to a non-technical
audience.
(13) Risk assessment. The student understands risk
and how risk assessment and risk management defend against attacks.
The student is expected to:
(A) differentiate types of attacks, including operating
systems, software, hardware, network, physical, social engineering,
and cryptographic;
(B) explain blended threats such as combinations of
software, hardware, network, physical, social engineering, and cryptographic;
(C) discuss types of risk, including business, operational,
security, and financial;
(D) discuss risk response techniques, including accept,
transfer, avoid, and mitigate;
(E) develop a plan of preventative measures based on
discovered vulnerabilities and the likelihood of a cyberattack;
(F) identify and discuss common vulnerability disclosure
websites;
(G) describe common web vulnerabilities such as cross-site
scripting, buffer overflow, injection, spoofing, and denial of service;
(H) describe common data destruction and media sanitation
practices such as wiping, shredding, and degaussing; and
(I) develop an incident response plan for a given scenario
or attack.
(14) Risk assessment. The student understands risk
management processes and concepts. The student is expected to:
(A) describe Zero Trust, least privilege, and various
access control methods such as mandatory access control (MAC), role-based
access control (RBAC), and discretionary access control (DAC);
(B) develop and defend a plan for multi-factor access
control using components such as biometric verification systems, key
cards, tokens, and passwords; and
(C) review and appraise a disaster recovery plan (DRP)
that includes backups, redundancies, system dependencies, and alternate
sites.
(15) Risk assessment. The student investigates the
role and effectiveness of environmental controls. The student is expected
to:
(A) explain commonly used physical security controls,
including lock types, fences, barricades, security doors, and mantraps;
and
(B) describe the role of embedded systems such as fire
suppression; heating, ventilation, and air conditioning (HVAC) systems;
security alarms; and video monitoring.
|
