1. Assist in the selection of appropriate design solutions to ensure compatibility of system components
2. Assist in developing security policies and protocols, including network security policies and protocols
3. Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs
4. Perform risk assessments and execute tests of data processing system to ensure functioning of data processing activities and security measures
5. Develop computer or information security policies or procedures

1. Monitor current reports of computer viruses to determine when to update virus protection systems
2. Encrypt data transmissions and erect firewalls to conceal confidential information as it is being transmitted and to keep out tainted digital transfers
3. Monitor use of data files and regulate access to safeguard information in computer files
4. Use Intrusion Detection Systems (IDS), firewalls, and honeypots

1. Communicate with customers to identify and scope issues
2. Analyze security requirements
3. Implement security configuration parameters on network devices and other technologies

1. Modify computer security files to incorporate new software, correct errors, or change individual access status
2. Test computer system operations
3. Monitor and configure access control systems
4. Monitor and configure authentication systems
5. Monitor and configure cryptographic systems
6. Coordinate with engineering team for more complex issues requiring escalation
7. Monitor current reports of computer viruses to determine when to update virus protection systems

1. Implement security measures
2. Conduct security assessments
3. Conduct risk assessments
4. Conduct system audits

1. Confer with users to discuss issues such as computer data access needs, security violations, and programming changes
2. Develop incident response plan
3. Implement incident response plan
4. Develop and implement a business continuity plan

Completion of the CompTIA Network+ Certification or comparable training as agreed to by employer.

Completion of the CompTIA Security+ Certification or comparable training as agreed to by employer.

Completion of an advanced cybersecurity certification (CySA+, PenTest+, CEH) or comparable training as agreed to by employer.

1. Network Architecture a. Explain the functions and applications of various network devices b. Compare and contrast the use of networking services and applications c. Install and configure networking services & applications d. Explain the characteristics and benefits of WAN (Wide area Network) solutions e. Install and terminate various cable types and connectors using appropriate tools f. Differentiate between common network topologies g. Differentiate between network infrastructure implementations h. Given a scenario, implement and configure the appropriate addressing schema i. Explain the basics of routing concepts and protocols j. Identify the basic elements of unified communication technologies k. Compare and contrast technologies that support cloud and virtualization l. Given a set of requirements, implement a network 2. Network Operations a. Given a scenario, use appropriate monitoring tools b. Given a scenario, analyze metrics and reports from monitoring and tracking performance tools c. Given a scenario, use appropriate resources to support configuration management d. Explain the importance of implementing network segmentation e. Given a scenario, install and apply patches and updates f. Given a scenario, configure a switch using proper features g. Install and configure wireless LAN (Local Area Network) infrastructure and implement the appropriate technologies in support of wireless capable devices 3. Network Security a. Compare and contrast risk related concepts b. Compare and contrast common network vulnerabilities and threats c. Given a scenario, implement network hardening techniques d. Compare and contrast physical security controls e. Given a scenario, install and configure a basic firewall f. Explain the purpose of various network access control models g. Summarize basic forensic concepts 4. Troubleshooting a. Given a scenario: i. Properly implement network troubleshooting methodology ii. Analyze and interpret the output of troubleshooting tools iii. Troubleshoot and resolve common wireless issues iv. Troubleshoot and resolve common copper cable issues v. Troubleshoot and resolve common fiber cable issues vi. Troubleshoot and resolve common network issues vii. Troubleshoot and resolve common security issues viii. Troubleshoot and resolve common WAN issues 5. Industry Standards, Practices and Network Theory a. Analyze a Scenario and determine the corresponding OSI (Open Systems Interconnection) layer b. Explain the basics of network theory and concepts c. Deploy the appropriate wireless standard d. Deploy the appropriate wired connectivity standard e. Implement the appropriate policies and procedures f. Summarize safety practices g. Install and configure equipment in the appropriate location using best practices h. Explain the basics of change management procedures i. Compare and contrast the following ports and protocols j. Configure and apply the appropriate ports and protocols

1. Network Security a. Implement security configuration parameters on network devices and other technologies b. Given a scenario, use secure network administration principles c. Explain network design elements and components d. Given a scenario, implement common protocols and services e. Given a scenario, troubleshoot security issues related to wireless networking 2. Compliance and Operational Security a. Explain the importance of risk related concepts b. Summarize the security implications of integrating systems and data with third parties c. Given a scenario, implement appropriate risk mitigation strategies d. Given a scenario, implement basic forensic procedures e. Summarize common incident response procedures f. Explain the importance of security related awareness and training g. Compare and contrast physical security and environmental control h. Summarize risk management best practices i. Given a scenario, select the appropriate control to meet the goals of security 3. Threats and Vulnerabilities a. Explain types of malware b. Summarize various types of attacks c. Summarize social engineering attacks and the associated effectiveness with each attack d. Explain types of wireless attacks e. Explain types of application attacks f. Analyze a scenario and select the appropriate type of mitigation and deterrent techniques g. Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities h. Explain the proper use of penetration testing versus vulnerability scanning 4. Application, Data and Host Security a. Explain the importance of application security controls and techniques b. Summarize mobile security concepts and technologies c. Given a scenario, select the appropriate solution to establish host security d. Implement the appropriate controls to ensure data recovery e. Compare and contrast alternative methods to mitigate security risks in static environments 5. Access Control and Identity Management a. Compare and contrast the function and purpose of authentication services b. Given a scenario, select the appropriate authentication, authorization or access control c. Install and configure security controls when performing account management, based on best practices  6. Cryptography a. Given a scenario, utilize general cryptography concepts b. Given a scenario, use appropriate cryptographic methods c. Given a scenario, use appropriate PKI, certificate management and associated components

1. Introduction to ethical hacking a. “White hat” vs. “black hat” concepts b. Key issues plaguing the information security world c. Hacking methodology d. Steganography and steganalysis attacks 2. Footprinting and reconnaissance a. Investigation and profiling of users and systems b. Search engines and accidental exposure 3. Scanning networks 4. Enumeration a. Gathering data and querying systems and how this information creates or exacerbates system vulnerabilities b. Usernames, machine names, network resources, shares, and services c. Blocking malicious enumeration attempts 5. Vulnerability analysis a. Assessment tools b. Patch management c. Understanding scan results 6. System hacking a. Malware (trojans, viruses, worms) b. Sniffing c. Denial of service attacks (DoS, Distributed DoS, botnets) d. Session hijacking e. Social engineering 7. Using Intrusion Detection Systems (IDS), firewalls, and honeypots 8. Hacking over the web a. Web servers b. Web applications c. SQL injection d. Cloud computing vulnerabilities 9. Hacking wireless networks a. Internet of Things (IoT) vulnerabilities b. Wi-fi encryption mechanisms c. Packet inspection/injection d. War-dialing/war-driving 10. Mobile platform hacking a. Cellular network vulnerabilities b. Physical intrusion risks of mobile devices 11. Cryptography a. Ciphers b. Public key infrastructure (PKI) c. Private key encryption techniques d. Cryptoanalysis tools 12. Incident Management a. Processes and techniques b. Risk management vs. mitigation c. Reporting requirements d. Regulatory issues e. Preventative measures