Explore KSACs by Pathway
Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.
3. Vulnerabilities and Threats
| Label | KSAC Description | Bloom's Taxonomy Level | Cross-Cutting | |
|---|---|---|---|---|
| a | Mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware) using tools. | skill | 4 | |
| b | Use identification techniques and understand identification technologies (IOCs). | knowledge | 3 | |
| c | Demonstrate and recognize common cyber-attack mechanisms. | knowledge | 3 | |
| d | Describe and discover vulnerabilities. | ability | 3 | |
| e | Mitigate network attacks (e.g., Man-inthe-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks). | skill | 3 | |
| f | Configure defenses for Password attacks (e.g., Brute Force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables). | knowledge | 2 | |
| g | Describe attack techniques (cyber kill chain and its components). | knowledge | 2 | |
| h | Describe and understand Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole). | knowledge | 2 | |
| i | Understand concepts and tools of penetration testing. | knowledge | 2 | |
| j | Identify threats using discovery tools and utilities (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner). | knowledge | 3 |
Credentials
Entry
- Security+
- Network+
- Cloud+
- CEH
- GSEC
- CAP
Mid-level
- CCNA
- CYSA+
Advanced
- CASP
- CISSP
- CISA
- CISM
- CRISC
- CCSP