Please enable JavaScript to use CodeHS

Texas Cybersecurity Capstone Framework


Standard Description
127.770.1A (A) identify and demonstrate employable work behaviors such as regular attendance, punctuality, maintenance of a professional work environment, and effective written and verbal communication; Lessons
127.770.1B (B) identify and demonstrate positive personal qualities such as authenticity, resilience, initiative, and a willingness to learn new knowledge and skills; Lessons
127.770.1C (C) solve problems and think critically; Lessons
127.770.1D (D) demonstrate leadership skills and function effectively as a team member; and Lessons
127.770.1E (E) demonstrate an understanding of ethical and legal responsibilities in relation to the field of cybersecurity. Lessons
127.770.2A (A) develop a personal career plan along with the education, job skills, and experience necessary to achieve career goals; Lessons
127.770.2B (B) develop a resume or a portfolio appropriate to a chosen career plan; and Lessons
127.770.2C (C) illustrate interview skills for successful job placement. Lessons
127.770.3A (A) analyze and apply to a scenario local, state, national, and international cyber law such as David's Law and Digital Millennium Copyright Act; Lessons
127.770.3B (B) evaluate historic cases or events regarding cyber; and Lessons
127.770.3C (C) explore compliance requirements such as Section 508 of the Rehabilitation Act of 1973, Family Educational Rights and Privacy Act of 1974 (FERPA), Health Insurance Portability and Accountability Act of 1996 (HIPAA), and Gramm-Leach-Bliley Act (GLBA). Lessons
127.770.4A (A) debate the relationship between privacy and security; and Lessons
127.770.4B (B) identify ethical or unethical behavior when presented with various scenarios related to cyber activities. Lessons
127.770.5A (A) define the phases of penetration testing, including plan, discover, attack, and report; Lessons
127.770.5B (B) develop a plan to gain authorization for penetration testing; Lessons
127.770.5C (C) identify commonly used vulnerability scanning tools such as port scanning, packet sniffing, and password crackers; Lessons
127.770.5D (D) develop a list of exploits based on results of scanning tool reports; and Lessons
127.770.5E (E) prioritize a list of mitigations based on results of scanning tool reports. Lessons
127.770.6A (A) evaluate symmetric and asymmetric algorithms such as substitution cipher, Advanced Encryption Standard (AES), Diffie-Hellman, and Rivest-Shamir-Adleman (RSA); Lessons
127.770.6B (B) explain the purpose of hashing algorithms, including blockchain; Lessons
127.770.6C (C) explain the function of password salting; Lessons
127.770.6D (D) explain and create a digital signature; and Lessons
127.770.6E (E) explain steganography. Lessons
127.770.7A (A) explain the purpose of establishing system baselines; Lessons
127.770.7B (B) evaluate the role of physical security; Lessons
127.770.7C (C) evaluate the functions of network security devices such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and intrusion detection prevention systems (IDPS); Lessons
127.770.7D (D) analyze log files for anomalies; and Lessons
127.770.7E (E) develop a plan demonstrating the concept of defense in depth. Lessons
127.770.8A (A) explain the benefits of network segmentation, including sandboxes, air gaps, and virtual local area networks (VLAN); Lessons
127.770.8B (B) investigate the role of software-managed networks, including virtualization; Lessons
127.770.8C (C) discuss the role of honeypots and honeynets in networks; and Lessons
127.770.8D (D) create an incoming and outgoing network policy for a firewall. Lessons
127.770.9A (A) identify cyberattacks by their signatures; Lessons
127.770.9B (B) explain proper data acquisition; Lessons
127.770.9C (C) examine evidence from devices for suspicious activities; and Lessons
127.770.9D (D) research current cybercrime cases involving digital forensics. Lessons
127.770.10A (A) describe the integration of artificial intelligence and machine learning in cybersecurity; Lessons
127.770.10B (B) investigate impacts made by predictive analytics on cybersecurity; and Lessons
127.770.10C (C) research other emerging trends such as augmented reality and quantum computing. Lessons
127.770.11A (A) issue commands via the command line interface (CLI) such as ls, cd, pwd, cp, mv, chmod, ps, sudo, and passwd; Lessons
127.770.11B (B) describe the file system structure for multiple operating systems; Lessons
127.770.11C (C) manipulate and edit files within the CLI; and Lessons
127.770.11D (D) determine network status using the CLI with commands such as ping, ifconfig/ipconfig, traceroute/tracert, and netstat. Lessons
127.770.12A (A) collaborate with others to create a technical report; Lessons
127.770.12B (B) create, review, and edit a report summarizing technical findings; and Lessons
127.770.12C (C) present technical information to a non-technical audience. Lessons
127.770.13A (A) differentiate types of attacks, including operating systems, software, hardware, network, physical, social engineering, and cryptographic; Lessons
127.770.13B (B) explain blended threats such as combinations of software, hardware, network, physical, social engineering, and cryptographic; Lessons
127.770.13C (C) discuss risk response techniques, including accept, transfer, avoid, and mitigate; Lessons
127.770.13D (D) develop a plan of preventative measures to address cyberattacks; Lessons
127.770.13E (E) describe common web vulnerabilities such as cross-site scripting, buffer overflow, injection, spoofing, and denial of service; Lessons
127.770.13F (F) describe common data destruction and media sanitation practices such as wiping, shredding, and degaussing; and Lessons
127.770.13G (G) develop an incident response plan for a given scenario or recent attack. Lessons
127.770.14A (A) describe various access control methods such as mandatory access control (MAC), role-based access control (RBAC), and discretionary access control (DAC); Lessons
127.770.14B (B) develop and defend a plan for multi-factor access control using components such as biometric verification systems, key cards, tokens, and passwords; and Lessons
127.770.14C (C) review a disaster recovery plan (DRP) that includes backups, redundancies, system dependencies, and alternate sites. Lessons
127.770.15A (A) explain commonly used physical security controls, including lock types, fences, barricades, security doors, and mantraps; and Lessons
127.770.15B (B) describe the role of embedded systems such as fire suppression; heating, ventilation, and air conditioning (HVAC) systems; security alarms; and video monitoring. Lessons