• Course Number: CTS0094
    		•

    Information Technology Security Specialist – 600 Hours – SOC Code 15-1122




    Download 0.66 Mb.
    bet5/11
    Sana04.01.2022
    Hajmi0.66 Mb.
    #4963
    1   2   3   4   5   6   7   8   9   10   11
    Information Technology Security Specialist – 600 Hours – SOC Code 15-1122

    1. Demonstrate an understanding of Network Security. ̶ The student will be able to:

      1. Implement security configuration parameters on network devices and other technologies.

      1. Given a scenario, use secure network administration principles (VLANs, Firewalls).

      1. Explain various career options within the IT enterprise.

      1. Given a scenario, implement common protocols and services (FTPS, DNS, Ports – 21-22-25).

      1. Given a scenario, troubleshoot security issues related to wireless networking.

    1. Demonstrate Compliance and Operational Security. ̶ The student will be able to:

      1. Explain the importance of risk related concepts.

      1. Summarize the security implications of integrating systems and data with third parties.

      1. Given a scenario, implement appropriate risk mitigation strategies.

      1. Given a scenario, implement basic forensic procedures.

      1. Summarize common incident response procedures.

      1. Explain the importance of security related awareness and training.

      1. Compare and contrast physical security and environmental controls.

      1. Summarize risk management best practices.

      1. Given a scenario, select the appropriate control to meet the goals of security (Encryption, Hashing).

    1. Demonstrate an understanding of threats and vulnerabilities. ̶ The student will be able to:

      1. Explain types of malware (Viruses, Adware).

      1. Summarize various types of attacks (DoS, DDoS, Smurf attack).

      1. Summarize social engineering attacks and the associated effectiveness with each attack.

      1. Explain types of wireless attacks.

      1. Explain types of application attacks.

      1. Analyze a scenario and select the appropriate type of mitigation and deterrent techniques.

      1. Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.

      1. Explain the proper use of penetration testing versus vulnerability scanning.

    1. Demonstrate Use of Application, Data and Host Security. ̶ The student will be able to:

      1. Explain the importance of application security controls and techniques.

      1. Summarize mobile security concepts and technologies.

      1. Given a scenario, select the appropriate solution to establish host security.

      1. Implement the appropriate controls to ensure data security.

      1. Compare and contrast alternative methods to mitigate security risks in static environments.

    1. Demonstrate proficiency and understanding of Access Control and Identity Management. ̶ The student will be able to:

      1. Compare and contrast the function and purpose of authentication services (RADIUS, TACACAS+, LDAP).

      1. Given a scenario, select the appropriate authentication, authorization or access control.

      1. Install and configure security controls when performing account management, based on best practices.

    1. Demonstrate proficiency and understanding in Cryptography. ̶ The student will be able to:

      1. Given a scenario, utilize general cryptography concepts.

      1. Given a scenario, use appropriate cryptographic methods.

      1. Given a scenario, use appropriate PKI, certificate management and associated components.

    1. Demonstrate use of Ethical Hacking. ̶ The student will be able to:

      1. Demonstrate security fundamentals.

      1. Perform security testing.

      1. Differentiate between hackers and crackers.

      1. Identify ethical hackers.

      1. Explain and implement testing plans.

      1. Demonstrate proficiency with ethics and legality.

    1. Demonstrate proficiency in Understanding the technical foundations of hacking. ̶ The student will be able to:

      1. Explain the Attacker’s process.

      1. Explain the ethical hacker process.

      1. Compare the relationship between security and the OSI model.

    1. Demonstrate an understanding of foot printing and scanning. ̶ The student will be able to:

      1. Explain the seven-step information gathering process.

      1. Identify active machines.

      1. Demonstrate proficiency in finding open ports and access points.

      1. Demonstrate use of OS fingerprinting.

      1. Demonstrate proficiency in mapping the network attack surface.

    1. Demonstrate proficiency and understanding of enumeration and system hacking. ̶ The student will be able to:

      1. Define enumeration.

      1. Demonstrate proficiency in system hacking.

    1. Demonstrate proficiency Linux and automated assessment tools. ̶ The student will be able to:

      1. Manage Linux OS.

      1. Demonstrate proficiency in hacking Linux.

      1. Demonstrate proficiency in hardening Linux.

      1. Explain use of automated exploit tools.

    1. Demonstrate understanding of Trojans and backdoors. ̶ The student will be able to:

      1. Explain the characteristics of Trojans.

      1. Demonstrate proficiency in covert communication.

      1. Explain keystroke logging and spyware characteristics.

      1. Demonstrate understanding and proficiency in Trojan and backdoor countermeasures.

    1. Demonstrate understanding of Sniffers, session hijacking, and denial of service. ̶ The student will be able to:

      1. Explain the functions and types of sniffers.

      1. Explain session hijacking.

      1. Demonstrate understanding of DoS, DDoS and Botnets.

    1. Demonstrate understanding and proficiency in web server hacking, web application and database attack. ̶ The student will be able to:

      1. Explain webserver hacks.

      1. Explain web application hacking.

      1. Explain database hacking.

    1. Demonstrate understanding and proficiency in wireless technologies, mobile security and attacks. ̶ The student will be able to:

      1. Explain different wireless technologies and attacks.

      1. Understand and explain different wireless LANs technologies.

    1. Demonstrate understanding and proficiency in configuring IDS, Firewalls, and Honeypots. ̶ The student will be able to:

      1. Explain and configure different types of IDSs.

      1. Explain and configure different types of firewalls.

      1. Explain and configure different types of honeypots.

    1. Explain use of buffer overflows, viruses, and worms. ̶ The student will be able to:

      1. Explain buffer overflows, buffer overflows attacks, and prevention.

      1. Define the use of viruses and worms.

    1. Employing cryptographic attacks and defenses. ̶ The student will be able to:

      1. Explain functions of cryptography.

      1. Report the history of cryptography.

      1. Identify different algorithms.

      1. Identify digital signature.

      1. Explain steganography operation.

      1. Use steganographic tools.

      1. Create a digital watermark.

      1. Use digital certificates.

      1. Explain public key infrastructure.

      1. Define protocols, standards, and applications.

    24.11 Use encryption-cracking tools.

    1. Demonstrate use of physical security and social engineering. ̶ The student will be able to:

      1. Apply physical security measures.

      1. Define social engineering types, attacks and preventive measures.



    Course Number: CTS0094

    Occupational Completion Point: B




    Download 0.66 Mb.
    1   2   3   4   5   6   7   8   9   10   11




    Download 0.66 Mb.
    Bosh sahifa
    Aloqalar
        Bosh sahifa
    Dərs
    Mühazirə
    Qaydalar
    Referat
    Xülasə
    Yazı


    Information Technology Security Specialist – 600 Hours – SOC Code 15-1122

    Download 0.66 Mb.