Explore KSACs by Pathway

Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.

3. Vulnerabilities and Threats

Label KSAC Description Bloom's Taxonomy Level Cross-Cutting
a Mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware) using tools. skill 4
b Use identification techniques and understand identification technologies (IOCs). knowledge 3
c Demonstrate and recognize common cyber-attack mechanisms. knowledge 3
d Describe and discover vulnerabilities. ability 3
e Mitigate network attacks (e.g., Man-inthe-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks). skill 3
f Configure defenses for Password attacks (e.g., Brute Force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables). knowledge 2
g Describe attack techniques (cyber kill chain and its components). knowledge 2
h Describe and understand Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole). knowledge 2
i Understand concepts and tools of penetration testing. knowledge 2
j Identify threats using discovery tools and utilities (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner). knowledge 3



  1. Security+
  2. Network+
  3. Cloud+
  4. CEH
  5. GSEC
  6. CAP


  1. CCNA
  2. CYSA+


  1. CASP
  2. CISSP
  3. CISA
  4. CISM
  5. CRISC
  6. CCSP