Standards in this Framework
| Standard | Description |
|---|---|
| 1.1 | Explain network security (e.g., the protection of data that is stored on the network or which is in transit across, into, and out of the network) |
| 2.1 | Identify hazards and unsafe practices that can lead to serious accidents or injuries (i.e., electrostatic discharge hazards, poor ergonomic practices, etc.) |
| 2.3 | Explain environmental considerations when disposing of computer/network components (i.e., disposing of batteries, devices with lithium batteries, etc.) |
| 3.6 | Use basic Boolean logic for actions such as Google searches and scripting (e.g., and, not, and or) |
| 4.1 | Define a computer and describe its components and their basic functions (i.e., OSI Model and TCP/IP Model; Input Unit, Output Unit, and Central Processing Unit; displaying data, coding, transferring and processing data; programming programs; etc.) |
| 4.2 | Discuss the evolution of computers and future trends in computer networking (i.e., ARPANET, Internet of Things (IoT), privacy, etc.) and societal impacts |
| 4.4 | Explain an information system’s structure and components (e.g., applications, media, network devices, operating systems, and servers) |
| 4.5 | Discuss recent advancements in cybersecurity technologies, threats, and the basics of artificial intelligence (AI) concerning network security |
| 5.2 | Define network threats to data availability, confidentiality, and integrity |
| 5.3 | Discuss and give examples of the severity of data loss to an individual and to an organization |
| 5.4 | Identify security threats related to computer data, hardware, and software (e.g., denial of service, eavesdropping, intrusion, unauthorized access, spoofing, tampering, etc.) |
| 5.5 | Explain the importance of physical security of computer and network hardware following best practices (e.g., cameras, locks, USB port blocking, encryption, bit-locker for Windows, and LBM for Linux) |
| 5.6 | Describe network threats (e.g., denial of service, email spoofing, hacking/cracking, intrusion, malware, phishing, social engineering, spamming, etc.) |
| 5.8 | Describe password best practices (e.g., authentication, authorization, accountability, passphrases, physical keys, password managers, complexity, etc.) |
| 5.9 | Analyze authentication methods used to secure access to the network (e.g., biometrics, key cards, multi-factor authentication (MFA), single sign-on (SSO), two-factor authentication (2FA), etc.) |
| 5.10 | Identify best practices for access control (e.g., changing default passwords, disabling unused accounts, least privileges, role-based access control, etc.) |
| 6.1 | Explain the purpose of and types of network media (e.g., fiber optic cable, coaxial cable, ethernet, etc.) |
| 6.4 | Identify appropriate connectors, media types, and uses for various networks |
| 6.5 | Compare physical and virtual networks (e.g., SD-WAN, VLAN, etc.) |
| 6.7 | Specify the characteristics of wireless network technologies including frequency, speed, topology, and transmission (e.g., 5G, Bluetooth, IoT, etc.) |
| 6.8 | Describe the structure of the internet (network of networks) |
| 6.9 | Identify the features, functions, and purpose of commonly used network components (e.g., routers, modems, switches, NIC, etc.) |
| 7.1 | Define a network protocol and explain how it works (e.g., routing protocols) |
| 7.2 | Describe the characteristics and use of the four-layer TCP/IP model (e.g., Media Access Control (MAC)) |
| 7.4 | Explain the concept of ports and identify the port ranges used in networking services and protocols (e.g., dynamic/private, system, user) |
| 7.6 | Describe standard network ports and protocols (e.g., DNS, DHCP, FTP, HTTP, POP, SMTP, HTTPS, SFTP, VPN, SSH, ICMP/ARP, etc.) |
| 7.7 | Describe the applications and characteristics of TCP and UDP |
| 7.8 | Differentiate IPv4/IPv6 addresses and their corresponding subnet masks (e.g., classful networks, CIDR, private vs. public IP) |
| 8.1 | Design a network map with virtual and physical segments (e.g., logical network map) |
| 8.4 | Describe the components needed and purpose to build fault tolerance into a network |
| 8.9 | Identify and use tools for diagnostic tasks or network repair (e.g., Traceroute, ipconfig, Ping, etc.) |
| 9.1 | Explain how to harden the network against unauthorized access and abuse |
| 9.2 | Explain the difference among hardening, patching, and types of vulnerabilities (e.g., social, cognitive, environmental, etc.) |
| 9.8 | Explain the principles of firewall rules and their importance in network hardening |
| 10.3 | Describe the purpose and benefits of network utilities (e.g., netstat, nslookup, Ping, Traceroute, etc.) |
| 11.1 | Research issues regarding intellectual property rights including software licensing and software duplication (e.g., Business Software Alliance, Creative Commons, Digital Right Management, EFF, and Intellectual Property Watch) |
| 11.2 | Differentiate among freeware, open source, proprietary, and shareware software relative to legal and ethical issues |
| 11.3 | Identify issues, laws, and trends affecting data and privacy (e.g., CNP, GDPR, HIPAA, PCI-DSS, SOX, FCC, FERPA) |
| 11.4 | Describe acceptable use of industry-related data, private and public networks, and social networking |
| 11.5 | Research how data privacy laws and regulations influence network security business practices |
| 11.6 | Discuss the responsibilities of network security professionals (e.g., protecting organizational assets, and maintaining consistent and equitable cyber practices) and explore consequences of unethical behavior to include personal legal liability |
