Standards in this Framework
| Standard | Description |
|---|---|
| 9-12.CS.COMP | Create a diagram of a network utilizing appropriate network components. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of diagrams that include various network components such as access points, hubs/switches, routers, and user devices. |
| 9-12.CS.CC | Evaluate the risks and benefits of cloud computing. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of various risks and benefits of cloud computing. Examples of cloud computing include various “aaS” (as a service) references, such as IaaS (infrastructure as a service), PaaS (platform as a service), and SaaS (software as a service). Examples of benefits of cloud computing can include distributed storage to prevent data loss from environmental disasters, easily working with peers over long distances, and the ability to save costs by not purchasing servers that are not utilized (i.e. only pay for what is needed). Examples of risks of cloud computing can include unauthorized access through breach of cloud provider, permissions incorrectly granted to users, and data being inadvertently shared publicly. |
| 9-12.CS.HARD | Identify methods of mitigating risk associated with connecting devices. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of risk such as compromised network security or data loss due to malicious incidents. |
| 9-12.CS.OS | Create a plan for hardening an operating system. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of how hardening an operating system can include shutting down unnecessary services and ports, installing updates and/ or patches, removing unused programs, and reviewing user privileges. |
| 9-12.CS.APPS | Discuss how software that exists on and across various platforms can be used to monitor, collect, and analyze information from those platforms. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate software examples such as firewalls, packet sniffers and analyzers, and network monitors. Discussions may also include SIEM (security information and event management) software. |
| 9-12.DC.IP | Debate the importance of intellectual property laws. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of ideas around who owns content on video games with transferrable goods, copyright when content is remixed or parodied, and how fair use can help protect an author/creator’s rights while promoting the sharing of ideas. |
| 9-12.SEC.AUTH | Evaluate authentication and authorization methods and the risks associated with failure. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of authentication and authorization methods, such as certificate, tokenbased, two-factor, multifactor, and biometric. |
| 9-12.SEC.PHYS | Analyze the different types of attacks that affect physical security. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of physical security attacks, such as social engineering, poor security policies, and malicious actors. |
| 9-12.SEC.CTRL | Justify the use of Defense in Depth and the need for physical access controls. Clarification statement: At this level, student discussions should focus on previous standards as well as grade-appropriate examples of various physical access controls, such as proximity badges, PIN codes, and man traps. |
