Type Number

CLAIM 1.0
CS 1.1
TLO 1
ELO 1.1
ELO 1.2
ELO 1.3
TLO 2
ELO 2.1
ELO 2.2
TLO 3
ELO 3.1
ELO 3.2
ELO 3.3
ELO 3.4
TLO 4
ELO 4.1
ELO 4.2
ELO 4.3
ELO 4.4
ELO 4.5
ELO 4.6
ELO 4.7
TLO 5
ELO 5.1
ELO 5.2
ELO 5.3
TLO 6
ELO 6.1
ELO 6.2
ELO 6.3
ELO 6.4
ELO 6.5
ELO 6.6
TLO 7
ELO 7.1
ELO 7.2
TLO 8
ELO 8.1
ELO 8.2
ELO 8.3
TLO 9
ELO 9.1
ELO 9.2
ELO 9.3
TLO 10
ELO 10.1
ELO 10.2
ELO 10.3
ELO 10.4
ELO 10.5
ELO 10.6
TLO 11
ELO 11.1
ELO 11.2
TLO 12
ELO 12.1
ELO 12.2
ELO 12.3
TLO 13
ELO 13.1
ELO 13.2
TLO 14
ELO 14.1
ELO 14.2
ELO 14.3
TLO 15
ELO 15.1
ELO 15.2
TLO 16
ELO 16.1
ELO 16.2
ELO 16.3
TLO 17
ELO 17.1
ELO 17.2
TLO 18
ELO 18.1
ELO 18.2
TLO 19
ELO 19.1
ELO 19.2
TLO 20
ELO 20.1
ELO 20.2
TLO 21
ELO 21.1
ELO 21.2
ELO 21.3
ELO 21.4
ELO 21.5
TLO 22
ELO 22.1
ELO 22.2
ELO 22.3
ELO 22.4
TLO 23
ELO 23.1
ELO 23.2
ELO 23.3
ELO 23.4
TLO 24
ELO 24.1

ELO 24.2

TLO 25
ELO 25.1
ELO 25.2
ELO 25.3
TLO 26
ELO 26.1
ELO 26.2
TLO 27
ELO 27.1

ELO 27.2
ELO 27.3
TLO 28
ELO 28.1
ELO 28.2
ELO 28.3
ELO 28.4
Text Weight

Claim for Entire Course

Component Skill for Course
Explain why networks and data are attacked. 3%
Outline features of cybersecurity incidents.
Explain the motivations of the threat actors behind specific security incidents.
Explain the potential impact of network security attacks.
Explain how to prepare for a career in Cybersecurity operations. 2%
Explain the mission of the security operations center (SOC).
Describe resources available to prepare for a career in Cybersecurity operations.
Explain the security features of the Windows operating system. 3%
Describe the history of the Windows Operating System.
Explain the architecture of Windows and its operation.
Explain how to configure and monitor Windows.
Explain how Windows can be kept secure.
Implement basic Linux security. 3%
Explain why Linux skills are essential for network security monitoring and investigation.
Use the Linux shell to manipulate text files.
Explain how client-server networks function.
Explain how a Linux administrator locates and manipulates security log files.
Manage the Linux file system and permissions.
Explain the basic components of the Linux GUI.
Use tools to detect malware on a Linux host.
Explain how protocols enable network operations. 3%
Explain the basic operation of data networked communications.
Explain how protocols enable network operations.
Explain how data encapsulation allows data to be transported across the network.
Explain how the Ethernet and IP protocols support network communication. 3%
Explain how Ethernet supports network communication.
Explain how the IPv4 protocol supports network communications.
Explain how IP addresses enable network communication.
Explain the type of IPv4 addresses that enable network communication.
Explain how the default gateway enables network communication.
Explain how the IPv6 protocol supports network communications.
Use ICMP connectivity verification tools. 3%
Explain how ICMP is used to test network connectivity.
Use Windows tools, ping and traceroute utilities to test network connectivity.
Analyze address resolution protocol PDUs on a network. 3%
Compare the roles of the MAC address and the IP address.
Analyze ARP by examining Ethernet frames.
Explain how ARP requests impact network and host performance.
Explain how transport layer protocols support network functionality. 3%
Explain how transport layer protocols support network communication.
Explain how the transport layer establishes communication sessions.
Explain how the transport layer establishes reliable communications.
Explain how network services enable network functionality. 3%
Explain how DHCP services enable network functionality.
 Explain how DNS services enable network functionality.
Explain how NAT services enable network functionality.
Explain how file transfer services enable network functionality.
Explain how email services enable network functionality.
Explain how HTTP services enable network functionality.
Explain how network devices enable wired and wireless network communication. 3%
Explain how network devices enable network communication.
Explain how wireless devices enable network communication.
Explain how devices and services are used to enhance network security. 5%
Explain how network services enhance network security.
Explain how specialized devices are used to enhance network security.
Explain how network designs influence the flow of traffic through the network.
Explain how networks are attacked. 3%
Describe the various types of attack tools used by threat actors.
Explain how network threats have evolved.
Explain the various types of threats and attacks. 5%
Describe types of malware.
Explain reconnaissance, access, and social engineering network attacks.
Explain Denial of Service, buffer overflow, and evasion attacks.
Explain network traffic monitoring. 3%
Explain the importance of network monitoring.
Explain how network monitoring is conducted.
Explain how TCP/IP vulnerabilities enable network attacks. 5%
Explain how IP vulnerabilities enable network attacks.
Explain how TCP and UDP vulnerabilities enable network attacks.
Explain the IPv4 and IPv6 header structure.
Explain how common network applications and services are vulnerable to attack. 3%
Explain IP service vulnerabilities.
Explain how network application vulnerabilities enable network attacks.
Explain approaches to network security defense. 3%
Explain how the defense-in-depth strategy is used to protect networks.
Explain security policies, regulations, and standards.
Explain access control as a method of protecting a network. 3%
Explain how access control protects network data.
Explain how AAA is used to control network access.
Explain how various intelligence sources locate current security threats. 3%
Describe information sources used to communicate emerging network security.
Describe various threat intelligence services.
Explain how the public key infrastructure (PKI) supports network security. 5%
Explain the role of cryptography in ensuring the integrity and authenticity of data.
Explain how cryptographic approaches enhance data confidentiality.
Explain public key cryptography.
Explain how the public key infrastructure functions.
Explain how the use of cryptography affects cybersecurity operations.
Explain how a malware analysis website generates a malware analysis report. 3%
Explain methods of mitigating malware.
Explain host-based IPS/IDS log entries.
Use virustotal.com to generate a malware analysis report.
 Explain how a sandbox is used to analyze malware.
Explain how endpoint vulnerabilities are assessed and managed. 5%
Explain the value of network and server profiling.
Explain how CVSS reports are used to describe security vulnerabilities.
Explain how secure device management techniques are used to protect data and
assets.
Explain how information security management systems are used to protect assets.
Explain how security technologies affect security monitoring. 3%
Explain the behavior of common network protocols in the context of security
monitoring.
Explain how security technologies affect the ability to monitor common network
protocols.
Explain the types of network security data used in security monitoring. 3%
Describe the types of data used in security monitoring.
Describe the elements of an end device log file.
Describe the elements of a network device log file.
Explain the process of evaluating alerts. 3%
Identify the structure of alerts.
Explain how alerts are classified.
Interpret data to determine the source of an alert. 3%
Explain how data is prepared for use in a Network Security Monitoring (NSM) system.

Use Security Onion tools to investigate network security events.

Describe network monitoring tools that enhance workflow management.
Explain how the CyberOps Associate responds to cybersecurity incidents. 3%
Explain the role of digital forensic processes.
Identify the steps in the Cyber Kill Chain.
Classify an intrustion event using the Diamond Model.
Apply the NIST 800-61r2 incident handling procedures to a given incident scenario.

Totals 100%
Number of
items

2
2

2
3

60