Author: csed

Defense

csed Leave a comment

Learning Outcome (LO) Summary: Demonstrate an understanding of network security by identifying firewall functions at system gateways, comparing the strengths and limitations of defense solutions like firewalls, intrusion detection systems, and antivirus software, and explaining how “defense in depth” is achieved through network architecture.

Component Learning Outcomes

ID Component Learning Outcomes Cross-Cutting Concepts
NS12 Identify the functions provided by a firewall at the gateway to a system. Defense in Depth
NS13 Compare and summarize the strengths and limitations of representative defense solutions such as firewalls, intrusion detection systems, anti-virus systems, etc.  

 

Defense in Depth
NS14 Give an example of a network architecture that provides “defense in depth” and explain how it does so. Defense in Depth

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this topic area. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Attacks

csed Leave a comment

Learning Outcome (LO) Summary: Explain how adversaries implement transmission attacks by targeting network components and services that relay information, viewing attacks on data in transit as connection attacks on physical or software network components, and describe how these methods enable cyber- attacks across physical and geographical boundaries.

Component Learning Outcomes

ID Component Learning Outcomes Cross-Cutting Concepts
NS9 Describe how data transmission attacks are implemented as attacks on components that provide the service of relaying data. Adversarial thinking
NS10 Explain why attacks on data being sent can often be viewed as connection attacks on network components (physical or software). Adversarial thinking
NS11 Describe how adversaries leverage network services to execute cyber- attacks, overcoming physical and geographical boundaries. Adversarial thinking

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this topic area. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Network Architecture

csed Leave a comment

Learning Outcome (LO) Summary: Explain how software applications and physical hardware interact to operate network services, including the roles of interfaces, bridges, routing, and packet traversal using models like TCP/IP, and identify components and interfaces within networking standards and hardware architectures.

Component Learning Outcomes

ID Component Learning Outcomes Cross-Cutting Concepts
NS1 Describe how network services operate through software applications running on physical hardware, enabling communication and data exchange over the network. Systems thinking
NS2 Explain the relationship between a given physical interface and its corresponding software component(s). Systems thinking
NS3 Explain the role of a gateway between two networks. Systems thinking
NS4 Interpret how a network packet traverses the Internet using the TCP/IP 5- layer network model. Systems thinking
NS5 Describe routing including path selection and its importance in networking. Systems thinking
NS6 Describe common hardware architectures and components that perform network services within a layer model, highlighting their specific functions and interactions. Systems thinking
NS7 List several network standards that define models consisting of systems of components and interfaces. Systems thinking
NS8 Given a networking standard, identify the components and interfaces of that standard. Systems thinking

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this topic area. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Network Architecture

csed Leave a comment

This knowledge unit introduces the concepts typically covered in a computer networking course. It provides the foundation for the more specialized knowledge units.

Topics

  1. General concepts: This topic should cover the ideas of nodes and edges with the names of the various topologies and the transmission characteristics of the topologies.
  2. Common architectures: This topic covers the IEEE 802 network architecture and how the various networks are named based on the physical characteristics (LANs, MANs, etc.).
  3. Forwarding: This topic covers packet forwarding in general. Since similar switching silicone is now used in routers and switches, and SDN treats forwarding separate from building the forwarding table, this is its own topic.
  4. Routing: This topic covers routing algorithms and explains how forwarding tables are built using graph analysis algorithms such as link-state and distance vector.
  5. Switching/Bridging: This topic covers learning algorithms and IEEE 802.1 bridging along with Spanning Tree Protocol and its relationship to routing. It is not currently clear how this topic will evolve with STP being replaced through the emergence of Trill and STP.
  6. Emerging trends: This topic covers emerging technologies and their impact as they emerge. Currently the impact of SDN and adding routing to layer 2 with enhanced learning bridges would be the content. This is evolving rapidly.
  7.  Virtualization and virtual hypervisor architecture: Virtualization has provided ways to design architecture using either native virtualization (type 1) or virtualization under the control of a host operating system (type 2).

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this knowledge unit. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Connection Security

csed Leave a comment

The Connection Security knowledge area focuses on the security of the connections between components including both physical and logical connections.

It is critical that every cybersecurity professional have a basic knowledge of digital communications and networking. Connections are how components interact. Much of this material could be introduced through examples, and then abstracting to the essentials and introducing the appropriate vocabulary. Together with the Component Security and System Security KAs, the Connection Security KA addresses the security issues of connecting components and using them within larger systems.

Knowledge Units

  • Physical Media
  • Physical Interfaces and Connectors
  • Hardware Architecture
  • Distributed Systems Architecture
  • Network Architecture
  • Network Implementations
  • Network Services
  • Network Defense

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this knowledge unit. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Component Design

csed Leave a comment

This knowledge unit introduces the principles that underlie both design and implementation. The first five are restrictiveness principles, the next three are simplicity principles, and the rest are methodology principles.

Topics

  1. Component design security:  This topic covers threats to the security of component design artifacts (e.g., schematics, netlists, and masks) such as hardware Trojans, intellectual property piracy, reverse engineering, tampering, side-channel analysis and counterfeiting. It also introduces techniques for protecting components from unauthorized access and use.
  2. Principles of secure component design: This topic covers principles such as establishing a sound security policy, treating security as an integral part of system design, trusted computing platforms, chain of trust, reducing risk, layered security, simplicity of design, minimizing system elements to be trusted, and avoiding unnecessary security mechanisms.
  3. Component identification: This topic covers techniques such as watermarking, fingerprinting, metering, encrypted IDs, and physical unclonable functions for protecting components against intellectual property theft and ensuring component authenticity.
  4. Anti-reverse engineering techniques: This topic covers techniques such as design obfuscation and camouflaging for making component designs and implementations difficult to reverse engineer.
  5. Side-channel attack mitigation: This topic covers techniques for defending against side-channel attacks primarily targeted at cryptographic algorithms. Defensive techniques include leakage reduction, noise injection, frequent key updates, physical random functions, and secure scan chains.
  6.  Anti-tamper technologies: This topic covers techniques for making components resistant to physical and electronic attacks including physical protection techniques, tamper evident systems and tamper responding systems.

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this knowledge unit. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Component Security

csed Leave a comment

The Component Security knowledge area focuses on the design, procurement, testing, analysis and maintenance of components integrated into larger systems.

The security of a system depends, in part, on the security of its components. The security of a component depends on how it is designed, fabricated, procured, tested, connected to other components, used and maintained. This knowledge area is primarily concerned with the security aspects of the design, fabrication, procurement, testing and analysis of components. Together with the Connection Security and System Security KAs, the Component Security KA addresses the security issues of connecting components and using them within larger systems.

Knowledge Units

  • Component Design
  • Component Procurement
  • Component Testing
  • Component Reverse Engineering

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this knowledge unit. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Cryptography

csed Leave a comment

Learning Outcome (LO) Summary: Understand and apply the fundamental principles of cryptography to ensure the confidentiality, integrity, availability, and non-repudiation of data, while recognizing and utilizing cryptographic methods and secure protocols in practical scenarios.

Component Learning Outcomes

ID Component Learning Outcomes (LOs) Cross-Cutting Concepts
DS1 Explain cryptography including its relationship to confidentiality, integrity, and availability of data. [Guidance] CIA
DS2 Encrypt a small data set using a simple encryption algorithm. [Guidance] CIA
DS3 Describe basic cryptography terms, including ciphers, cryptographic keys, encrypt, decrypt, cryptanalysis, cryptographic hashing, non-repudiation, and cryptology. [Guidance] CIA
DS4 Use symmetric ciphers with a shared secret key to transform plaintext to ciphertext. [Guidance] CIA
DS5 Use asymmetric ciphers with a public key to transform plaintext to ciphertext. [Guidance] CIA
DS6 Use cryptographic hash functions to create one-way transformations that convert data of arbitrary length into fixed-length hash values. [Guidance] CIA
DS7 Recognize secure protocols, like HTTPS and SSH, which use cryptography to protect communication. [Guidance] CIA

Systems thinking

Adversarial thinking
DS8 Recognize the critical role of key management and public key infrastructure (PKI) for ensuring the secure generation, distribution, and storage of cryptographic keys. [Guidance] CIA

Systems thinking

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this topic area. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.

Software Security

csed Leave a comment

Topic Areas 

  • Defense
  • Attacks

Suggestions Accepted for consideration for the next Edition:

Please provide your suggestions about this knowledge area. All submitted comments will be reviewed at the end of the month. Comments accepted for inclusion will be listed above.