Florida Computer and Network Security Fundamentals
170 Standards
19.01
Define cybersecurity.
19.02
Describe how information security evolved into cybersecurity and the impact of the Internet on the pace and nature of the evolution.
19.03
Describe the individual elements that comprise the CIA triad (i.e., Confidentiality, Integrity, Availability).
19.04
Define and explain the various types of hackers and the role each plays in cybersecurity.
19.05
Describe various methodologies used by hackers and the basis for their employment.
19.06
Describe the individual elements of the AAA model (Authentication, Authorization and Accounting).
20.01
Describe the role of the National Security Agency.
20.02
Describe current trends in cyberattacks and strategies for combating them.
20.03
Describe the legal implications of computer hacking and other forms of cyberattacks.
20.04
Understand the importance of the weekly bulletins distributed by the United States Computer Emergency Readiness Team (US-CERT).
20.05
Determine if any software or hardware on a given network has vulnerabilities outlined in the most recent US-CERT bulletin.
21.01
Differentiate between cybersecurity and information assurance.
21.02
Define confidentiality and give examples of security breaches.
21.03
Define integrity and give examples of security breaches.
21.04
Define authenticity and give examples of security breaches.
21.05
Define accountability (non-repudiation) and give examples of security breaches.
22.01
Describe the internal components of a computer (e.g., power supply, hard drive, mother board, I/O cards/ports, cabling).
22.02
Demonstrate and understanding of common computer and programming terminology.
22.03
Explain the physical and logical architecture of a microcomputer system.
22.04
Describe the file types used in the operation of a computer.
22.05
Compare and contrast memory technologies (e.g., RAM, ROM, virtual memory, memory management).
23.01
Compare operating system file naming conventions.
23.02
Describe the common elements that comprise the architecture of an operating system (e.g., kernel, file manager, memory manager, device manager, network manager).
23.03
Demonstrate proficiency with file management and structure (e.g., folder creation, file creation, backup, copy, delete, open, save).
23.04
Demonstrate a working knowledge of standard file formats.
23.05
Describe the purpose of various operating systems (e.g., Windows, Mac, iOS, Android and Linux).
23.06
Describe the difference between client and network operating systems.
23.07
Differentiate between different operating systems and applications and Macros.
23.08
Explain the basics of boot sequences, methods and startup utilities.
23.09
Compare and contrast open source and proprietary software.
23.10
Describe common system utilities used in performing computer maintenance.
24.01
Explain the interrelations of the seven layers of the Open Systems Interconnection (OSI) as it relates to hardware and software.
24.02
Describe the purpose of the OSI model and each of its layers.
24.03
Explain specific functions belonging to each OSI model layer.
24.04
Understand how two network nodes communicate through the OSI model.
24.05
Discuss the structure and purpose of data packets and frames.
24.06
Describe the two types of addressing covered by the OSI model.
25.01
Explain the interrelations of the four layers of the TCP/IP model as it relates to hardware and software.
25.02
Describe the purpose of the TCP/IP model and each of its layers.
25.03
Explain specific functions belonging to each TCP/IP model layer.
25.04
Understand how two network nodes communicate through the TCP/IP model.
25.05
Describe the two types of addressing covered by the TCP/IP model.
26.01
Describe the services and protocols used in the OSI Application Layer (i.e., DHCP, DNS, FTP, HTTP, SMTP, Telnet, IMAP).
26.02
Describe the services and protocols used in the OSI Transport Layer (i.e., TCP, TLS/SSL, UDP).
26.03
Describe the services and protocols used in the OSI Network Layer (i.e., IP, ICMP, IGMP, IPsec).
26.04
Describe the services and protocols used in the OSI Data Link Layer (i.e., ARP, OSPF, L2TP, PPP).
27.01
Define networking and describe the purpose of a network.
27.02
Describe the conceptual background of digital networks and cloud computing including terminology and basics.
27.03
Describe various types of networks and the advantages and disadvantages of each (e.g., peer to peer, client/server, server/thin client, ROI).
27.04
Describe the use, advantages, and disadvantages of various network media (e.g. coaxial, twisted pair, fiber optics).
27.05
Describe the function of various network devices (e.g., managed switch, switched hub or switch, router, bridge, gateway, access points, modem).
27.06
Describe how network devices are identified (i.e., IP addressing).
27.07
Explain the protocols commonly used in a network environment.
27.08
Differentiate between public and private IP addresses.
27.09
Describe the common ports and corresponding protocols used in a network.
27.10
Describe the difference between the Internet and intranet.
27.11
Compare and contrast IPv4 and IPv6.
27.12
Compare and contrast the different methods for network connectivity (e.g., broadband, wireless, Bluetooth, cellular).
27.13
Discuss the differences between Local Area Network (LAN), Wide Area Network (WAN), Metropolitan Area Network (MAN), Virtual Local Area Network (VLAN), and Virtual Private Network (VPN).
28.01
Describe the various types of cloud computing (IaaS, PaaS, SaaS) and modes of delivery (Public, Private, Community, Hybrid).
28.02
Describe practices that aid in protecting the Hybrid cloud model.
28.03
Describe the challenges and solutions associated with securing embedded devices.
29.01
Distinguish between vulnerability and a threat.
29.02
Discuss the different types of attacks (e.g., active, passive).
29.03
Define security policy and explain its role in cybersecurity.
29.04
Describe the basic methods of authentication (e.g., password, biometrics, smart cards. two-factor authentication, multifactor authentication).
29.05
Describe the various forms of encryption methodologies (e.g., symmetric, asymmetric, block cipher, stream cipher).
29.06
Describe hash functions and their role in authentication.
29.07
Describe various method of access control used in computer security (e.g., policies, groups, Access Control List (ACL)).
29.08
Understand the concept of malware (i.e., ransomware, worms, viruses, adware) and how attackers use it to steal sensitive or confidential information.
30.01
Define cybercrime and discuss the challenges facing law enforcement.
30.02
Identify the key legislative acts that impact cybersecurity.
30.03
Describe the Federal criminal code related to computers and give examples of cybercrimes and penalties, particularly those involving inappropriate access.
30.04
Discuss the concept of digital forensics and its place in cybercrime investigations and incident response.
30.05
Distinguish among the Intellectual Property Rights of trademark, patent, and copyright.
30.06
Explain digital rights management and the implications of the Digital Millennium Copyright Act (DMCA).
30.07
Describe the implications of various social media on the safeguarding of personal or sensitive information.
30.08
Describe various safeguards that can be employed to help ensure that sensitive or confidential information is not inadvertently divulged or obtained.
31.01
Define virtual computing.
31.02
Explain the benefits of virtual computing.
31.03
Differentiate between guest and host operating systems.
31.04
Install desktop virtualization software.
31.05
Describe the role of the hypervisor.
31.06
Create and upgrade a virtual machine.
31.07
Optimize the performance of a virtual machine.
31.08
Preserve the state of a virtual machine.
31.09
Clone, move and share virtual machines.
31.10
Use basic (static) and dynamic virtual disks and disk drives.
31.11
Configure a virtual network.
31.12
Connect devices to a virtual machine.
31.13
Enable security settings on a virtual machine.
32.01
Configure 802.1x authentication for a given scenario.
32.02
Connect clients to a VPN.
32.03
Understand Authentication, Authorization and Accounting (AAA) management.
32.04
Differentiate between TACACS+ (Terminal Access Controller Access Control System) and RADIUS.
32.05
Differentiate between Layer 2 Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) protocols as they apply to VPN options.
32.06
Implement the use of SSH (Secure Shell).
32.07
Implement the use of IPsec (Internet Protocol Security).
32.08
Identify vulnerabilities associated with authentication.
32.09
Understand ways to implement VoIP technologies.
32.10
Demonstrate the use and purpose of Kerberos.
33.01
Configure access controls including biometric devices, keypads and security tokens.
33.02
Recognize social engineering attempts.
33.03
Evaluate environmental controls (e.g., EMI shielding, temperature, humidity and fire suppression).
33.04
Develop a method of training users to recognize, report, and avoid social engineering attempts.
33.05
Identify components of physical security, including mantraps, motion detection, alarm systems, locks, video surveillance, and fences/barricades.
33.06
Install a camera for a video surveillance system.
33.07
Configure an alarm system including a keypad and motion detector.
33.08
Recognize vulnerabilities associated with physical security.
33.09
Explain how a mantrap is used as a counter measure against tailgating.
34.01
Configure and maintain software and hardware firewalls.
34.02
Configure and secure routers.
34.03
Apply security settings to switches.
34.04
Configure and secure wireless devices.
34.05
Secure a LAN connected to a DSL/cable modem.
34.06
Configure a RAS (Remote Access Server) for remote connectivity.
34.07
Securely deploy a PBX (Private Branch Exchange).
34.08
Explain the benefits of implementing a VPN (Virtual Private Network).
34.09
Deploy IDS (intrusion detection system) and IPS (intrusion prevention systems).
34.1
Analyze the performance, efficiency and security of the network based on network monitoring and diagnostic software.
34.11
Employ techniques used to lock down workstations.
34.12
Configure and secure servers for a given scenario.
34.13
Understand and assess the security of mobile devices including but not limited to those using the Android, iOS and Windows platforms.
35.01
Explain the security implications of the Internet of Things (IoT) (i.e., understand the efforts to address authentication and updates to IoT devices).
35.02
Explain societal and security challenges associated with robotics.
35.03
Explain security challenges associated with serverless computing.
35.04
Explain societal and security challenges associated with the implementation of 5G.
35.05
Describe and explain the security challenges of Autonomous vehicles (i.e., the significance of vehicular cybersecurity and its relation to: computer vision, artificial intelligence, machine learning and deep learning).
36.01
Understand access control as it applies to MAC (Mandatory Access Control).
36.02
Understand access control as it applies to DAC (Discretionary Access Control).
36.03
Understand access control as it applies to RBAC (Role Based Access Control).
37.01
Understand and identify security concerns with the use of Coaxial Cable.
37.02
The student should be able to identify and understand security concerns for UTP/STP (Unshielded Twisted Pair / Shielded Twisted Pair).
37.03
Identify and understand security concerns fiber optic cable.
37.04
Identify security concerns associated with removable media.
37.05
Address pitfalls associated with tape backups.
37.06
Apply drive encryption to hard drives.
37.07
Secure flash drives.
37.08
Smartcards and secure USB memory.
38.01
Determine Security Zones.
38.02
Point out vulnerabilities on a DMZ (Demilitarized Zone).
38.03
Explain the security benefits of using an intranet.
38.04
Explain the security benefits of using an extranet.
38.05
Secure a VLAN (Virtual Local Area Network).
38.06
Describe the security benefits associated with NAT (Network Address Translation).
38.07
Justify the implementation of tunneling, for security purpose.
39.01
Select and employ appropriate communication concepts and strategies to enhance oral and written communication in the workplace.
39.02
Locate, organize and reference written information from various sources.
39.03
Design, develop and deliver formal and informal presentations using appropriate media to engage and inform diverse audiences.
39.04
Interpret verbal and nonverbal cues/behaviors that enhance communication.
39.05
Apply active listening skills to obtain and clarify information.
39.06
Develop and interpret tables and charts to support written and oral communications.
39.07
Exhibit public relations skills that aid in achieving customer satisfaction.
40.01
Employ critical thinking skills independently and in teams to solve problems and make decisions.
40.02
Employ critical thinking and interpersonal skills to resolve conflicts.
40.03
Identify and document workplace performance goals and monitor progress toward those goals.
40.04
Conduct technical research to gather information necessary for decision-making.
41.01
Use personal information management (PIM) applications to increase workplace efficiency.
41.02
Employ technological tools to expedite workflow including word processing, databases, reports, spreadsheets, multimedia presentations, electronic calendar, contacts, email, and internet applications.
41.03
Employ computer operations applications to access, create, manage, integrate, and store information.
41.04
Employ collaborative/groupware applications to facilitate group work.
42.01
Describe the nature and types of business organizations.
42.02
Explain the effect of key organizational systems on performance and quality.
42.03
List and describe quality control systems and/or practices common to the workplace.
42.04
Explain the impact of the global economy on business organizations.
43.01
Evaluate and justify decisions based on ethical reasoning.
43.02
Evaluate alternative responses to workplace situations based on personal, professional, ethical, legal responsibilities, and employer policies.
43.03
Identify and explain personal and long-term consequences of unethical or illegal behaviors in the workplace.
43.04
Interpret and explain written organizational policies and procedures.
43.05
Display proficiency in using team-oriented collaboration and video teleconferencing software (e.g. Teams, Zoom).