Explore KSACs by Pathway
Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.
8. Network Security
| Label | KSAC Description | Bloom's Taxonomy Level | Cross-Cutting | |
|---|---|---|---|---|
| a | Apply networking fundamentals to infrastructure systems. | skill | 3 | |
| a.1 | Select network storage techniques (e.g., fiber channel, Internet Small Computer System Interface [iSCSI], Fiber Channel over Ethernet [FCoE], Serial Attached SCSI [SAS], Network File Systems [NFS], Network Attached Storage/Server Message Blocks [NAS/SMB]). | knowledge | 3 | |
| b | Setup and maintain secure roles and system management techniques (e.g., password, group, and user privilege policies and monitoring). | skill | 4 | |
| c | Apply secure network protocols (e.g., IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP). | skill | 3 | |
| d | Apply principles of IPv4 and IPv6 securely. | skill | 2 | |
| e | Apply wireless security configurations (e.g., Disable SSID broadcast, TKIP, CCMP, Antenna placement, Power level controls). | skill | 2 | |
| f | Manage PKI and certificates (Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures). | skill | 2 | |
| g | Install and configure network devices (firewalls, switches, load balancers, proxies, web security gateways, VPN concentrators). | skill | 3 | |
| h | Install and configure network security devices. (Protocol analyzers, Spam filter, UTM security appliances, URL filter, Content inspection, Malware inspection). | skill | 2 | |
| i | Implement port security. | skill | 2 | |
| j | Demonstrate an understanding of port scanning and network traffic monitoring. | knowledge | 2 | |
| k | Monitor and manage network Unified Threat Management. | skill | 3 | |
| l | Understand how to mitigate network threats (e.g., Flood guards, Loop protection, Implicit deny, Network separation, Log analysis, Unified threat management, peripheral and removable media). | knowledge | 2 | |
| m | Apply the principles of secure Network Design (e.g., DMZ, Subnetting, NAT/PAT, Remote access, Telephony, Virtualization). | skill | 3 | |
| n | Understand and apply the principles of Defense in Depth. | knowledge | 2 | |
| o | Understand and use basic network assessment tools (e.g. Wireshark, NMAP, port scanner, …). | knowledge | 3 | |
| p | Design and secure small office/home office (SOHO) network. | skill | 3 | |
| q | Demonstrate an understanding of network security devices (IDS, IPS, FW, NGFW, WAF, CDN,..). | knowledge | 3 | |
| r | Understand, setup and maintain user roles and system management techniques (e.g., password, groups, user privilege policies and monitoring). | knowledge | 2 | |
| s | Monitor and manage a network using Unified Threat Management (UTM) | skill | 3 | |
| t | Manage PKI and certificates (transport encryption, non-repudiation, hashing, digital signatures). | skill | 2 | |
| u | Understand the concept of opening/extending the network perimeter and the role of a cloud access security broker (CASB). | knowledge | 2 | Networking 1i |
| v | Identify threats using discovery tools and utilities (e.g., protocol analyzer, vulnerability scanner, honeypots, honeynets, port scanner). | ability | 3 |
Credentials
Entry
- Security+
- Network+
- Cloud+
- CEH
- GSEC
- CAP
Mid-level
- CCNA
- CYSA+
Advanced
- CASP
- CISSP
- CISA
- CISM
- CRISC
- CCSP