Explore KSACs by Pathway
In late 2025, the Partnership pulled together members of industry from across tech to share how the in-demand skillsets for entry-level roles in their fields have changed in the last two years. The Knowledge, Skills & Abilities and Credentials (KSACs) below reflect their feedback on entry-level expectations, especially in a tech workplace increasingly shaped by AI.
5. Cybersecurity Basics
| Label | KSAC Description | Bloom's Taxonomy Level | |
|---|---|---|---|
| a | Examine and employ principles of cybersecurity including its goals, objectives, and purposes | ability | 2 |
| b | Describe the need for security and identify security risks and ssociated security safeguards and methodologies (e.g., auditing). | knowledge | 2 |
| c | Explain the need for confidentiality, integrity, and availability (CIA) and identify types of controls (e.g., deterrent, preventative, detective, compensating, technical and administrative) | knowledge | 1 |
| d | Explain security in terms of authentication, authorization, and accounting (AAA) as well as access | knowledge | 3 |
| e | Understand the purpose and function of cybersecurity technology so identifying and implementing the various tools necessary to improve an organization's resiliency and reduce the possibility of data breaches | ability | 3 |
| f | Describe, recognize, and mitigate major security threats (e.g., adware, viruses, spyware, trojans, rootkits, logic bombs, worms, spyware, ransomware, spoofing, hacking, phishing, and ploymorphic polymorphic malware), using the tools standard in the industry | skill | 4 |
| g | Describe the components of the physical environment (e.g., wiring closets, server rooms, data centers) and physical security systems. | knowledge | 2 |
| h | Describe the need for security in networking (e.g., firewalls, access controls, encryption, demilitarized zone). | knowledge | 2 |
| i | Understand the indicators of compromise (IOCs) and their use in determining whether an attack has happened or is in progress | knowledge | 3 |
| j | Track and catalog computing assets through inventory management, devices and software | ability | 2 |
| k | Describe the need for security in application development. | knowledge | 2 |
| l | Describe computer forensic techniques, their importance in incident response, and their relevance to law enforcement | knowledge | 2 |
| m | Recognize and describe industry threat models (CVE, CWE, threat intel feed, etc). | skill | 2 |
| n | Demonstrate and recognize common cyber-attack techniques such as the cyber kill chain and the MiTRE ATT&CK framework | knowledge | 3 |
| o | Describe attackers (black hat, white hat, nation states, etc.) and techniques (cybercriminals, APTs). | knowledge | 2 |
| p | Describe and understand social engineering attacks (e.g., shoulder surfing, dumpster diving, tailgating, impersonation, hoaxes, phishing, spear phishing, whaling, vishing), | knowledge | 2 |
| q | Understand the issues with passwords and the tools and techniques available to crack passwords (e.g. brute force, dictionary attacks, birthday attacks, rainbow attacks and other hybrid attacks). | knowledge | 2 |
| r | Desctribe and discover vulnerabilities, understanding concepts and tools of vulnerability assessment, scanning, and penetration testing, and the work of red .purple and blue teams. | knowledge | 2 |
| s | Demonstrate an understanding of adversarial thinking using capture the flag (CTF) and other techniques. | skill | 3 |
| t | Understand the concept of digital trust computing and the Zero Trust principles | knowledge | 2 |
| u | Describe cyber threat intelligence (CTI) and its role in cybersecurity | knowledge | 2 |
| v | Recognize that an enterprise security requires a holistics strategy that considers people, process, and technology. | knowledge | 2 |
| w | Categorize system contrils in compliance with government and industry standards including NIST Cybersecurity Framework, FISMA, FEDRAMP, PCI/DSS, HIPAA (as relevant depending on industry), and ISO standards | knowledge | 4 |