Explore KSACs by Pathway

Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.

8. Network Security

Label KSAC Description Bloom's Taxonomy Level Cross-Cutting
a Apply networking fundamentals to infrastructure systems. skill 3
a.1 Select network storage techniques (e.g., fiber channel, Internet Small Computer System Interface [iSCSI], Fiber Channel over Ethernet [FCoE], Serial Attached SCSI [SAS], Network File Systems [NFS], Network Attached Storage/Server Message Blocks [NAS/SMB]). knowledge 3
b Setup and maintain secure roles and system management techniques (e.g., password, group, and user privilege policies and monitoring). skill 4
c Apply secure network protocols (e.g., IPSec, SNMP, SSH, DNS, TLS, SSL, TCP/IP, FTPS, HTTPS, SCP, ICMP). skill 3
d Apply principles of IPv4 and IPv6 securely. skill 2
e Apply wireless security configurations (e.g., Disable SSID broadcast, TKIP, CCMP, Antenna placement, Power level controls). skill 2
f Manage PKI and certificates (Transport encryption, Non-repudiation, Hashing, Key escrow, Steganography, Digital signatures). skill 2
g Install and configure network devices (firewalls, switches, load balancers, proxies, web security gateways, VPN concentrators). skill 3
h Install and configure network security devices. (Protocol analyzers, Spam filter, UTM security appliances, URL filter, Content inspection, Malware inspection). skill 2
i Implement port security. skill 2
j Demonstrate an understanding of port scanning and network traffic monitoring. knowledge 2
k Monitor and manage network Unified Threat Management. skill 3
l Understand how to mitigate network threats (e.g., Flood guards, Loop protection, Implicit deny, Network separation, Log analysis, Unified threat management, peripheral and removable media). knowledge 2
m Apply the principles of secure Network Design (e.g., DMZ, Subnetting, NAT/PAT, Remote access, Telephony, Virtualization). skill 3
n Understand and apply the principles of Defense in Depth. knowledge 2
o Understand and use basic network assessment tools (e.g. Wireshark, NMAP, port scanner, …). knowledge 3
p Design and secure small office/home office (SOHO) network. skill 3
q Demonstrate an understanding of network security devices (IDS, IPS, FW, NGFW, WAF, CDN,..). knowledge 3
r Understand, setup and maintain user roles and system management techniques (e.g., password, groups, user privilege policies and monitoring). knowledge 2
s Monitor and manage a network using Unified Threat Management (UTM) skill 3
t Manage PKI and certificates (transport encryption, non-repudiation, hashing, digital signatures). skill 2
u Understand the concept of opening/extending the network perimeter and the role of a cloud access security broker (CASB). knowledge 2 Networking 1i
v Identify threats using discovery tools and utilities (e.g., protocol analyzer, vulnerability scanner, honeypots, honeynets, port scanner). ability 3



  1. Security+
  2. Network+
  3. Cloud+
  4. CEH
  5. GSEC
  6. CAP


  1. CCNA
  2. CYSA+


  1. CASP
  2. CISSP
  3. CISA
  4. CISM
  5. CRISC
  6. CCSP