Explore KSACs by Pathway
Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.
3. Vulnerabilities and Threats
Label | KSAC Description | Bloom's Taxonomy Level | Cross-Cutting | |
---|---|---|---|---|
a | Mitigate security threats (e.g., Adware, Viruses, Spyware, Trojan, Rootkits, Logic bomb, Botnets, Ransomware, Polymorphic malware) using tools. | skill | 4 | |
b | Use identification techniques and understand identification technologies (IOCs). | knowledge | 3 | |
c | Demonstrate and recognize common cyber-attack mechanisms. | knowledge | 3 | |
d | Describe and discover vulnerabilities. | ability | 3 | |
e | Mitigate network attacks (e.g., Man-inthe-middle, DDoS, DoS, Replay, Smurf attack, Spoofing, Spam, Phishing, Spim, Spit and other attacks). | skill | 3 | |
f | Configure defenses for Password attacks (e.g., Brute Force, Dictionary attacks, Hybrid, Birthday attacks, Rainbow tables). | knowledge | 2 | |
g | Describe attack techniques (cyber kill chain and its components). | knowledge | 2 | |
h | Describe and understand Social Engineering attacks (e.g., Shoulder surfing, Dumpster diving, Tailgating, Impersonation, Hoaxes, Phishing, Spear Phishing, Whaling, Vishing, Principles, URL hijacking, Watering Hole). | knowledge | 2 | |
i | Understand concepts and tools of penetration testing. | knowledge | 2 | |
j | Identify threats using discovery tools and utilities (e.g., Protocol analyzer, Vulnerability scanner, Honeypots, Honeynets, Port scanner). | knowledge | 3 |
Credentials
Entry
- Security+
- Network+
- Cloud+
- CEH
- GSEC
- CAP
Mid-level
- CCNA
- CYSA+
Advanced
- CASP
- CISSP
- CISA
- CISM
- CRISC
- CCSP