Outputs #
- A physical demonstration of a security test of a provided network as set out in the KSBs listed.
- A written justification for the approach taken (a 1,000 word +/- 100 words written document).
KSBs #
| Type | Index | Name | Pass Description |
|---|---|---|---|
| TC | 9 | Analyse malware & identify its mechanisms. | Analyse examples of malware and identify the mechanisms used by the malware. |
| TC | 12 | Discover, identify and analyse threats, attack techniques, vulnerabilities and mitigations. | Discover through a mix of research and practical exploration vulnerabilities in a system and determine their impact. Research and investigate common and complex attack techniques including making use of relevant external sources of vulnerabilities, threat intelligence and advice. (For example. a national cyber authority, OWASP.) Combine different sources to create an enriched view. Demonstrate application of attack techniques in a lab setting (in a legal and ethical manner). |
| TC | 20 | Architect, analyse & justify a secure system. | Apply interpretation of security policy and risk profiles to design secure architectural solutions that meet security objectives, mitigate the risks and conform to legislation in a representative business scenario. Critically analyse secure architectural solutions and security controls against defined security objectives to assess how effectively risks are mitigated, legal requirements and business requirements are met. Identify and describe the means by which the risk owner can have confidence that the solution mitigates the risks to an acceptable level. |
| TC | 25 | Organise testing & investigation work in accordance with legal & ethical requirements. | Organise cyber security testing work within a legal and ethical framework (under English jurisdiction). Organise cyber security incident investigation work within a legal and ethical framework (under English jurisdiction). Secure evidence appropriately to support legal proceedings. |
| TKU | 9 | Malware, reverse engineering, obfuscation. | Understand the low-level mechanisms used by current malware: machine level instruction set; reverse engineering techniques; reverse engineering for malware analysis; de-obfuscation of obfuscated code; anti-debugging mechanisms. |
| TKU | 12 | Threats, vulnerabilities, impacts and mitigations in ICT systems and the enterprise environment. | Explain how cyber security concepts apply to ICT infrastructure. Describe the fundamental building blocks and typical architectures and identify some common vulnerabilities in networks and systems. Understand vulnerabilities in computer networks and systems (for example un-secure coding and unprotected networks) and how they can be exploited. Understand the impact of identified vulnerabilities in the organisation’s context. Understand the human dimension of cyber security the need to adopt an adversarial thinking approach to system development and analysis. Analyse how an employee may enable a successful attack chain without realising it. Describe some things that may increase or decrease risks related to an organisation’s ‘cyber culture’. Identify the vulnerabilities in organisations security management system. Identify the links between physical, logical, personal and procedural security. Describe ways to defend against cyber-attack techniques. Describe the existing threat landscape. Understand how to apply relevant techniques for horizon scanning, including use of recognised sources of threat intelligence, to keep the view of the threat landscape up to date. Describe threat trends and the significance of identified trends. Understand the threat intelligence lifecycle and the concepts of threat actors and attribution. Evaluate and describe the significance, value and limitations of a given threat analysis. |
| TKU | 21 | Assurance concepts & approaches. | Explain the difference between ‘trusted’ and ‘trustworthy’ and explain what assurance is for in security. Describe the main approaches to assurance (intrinsic, extrinsic, design & implementation, operational policy & process) and give examples of how these might be applied at different stages in the lifecycle of a system. Describe at least one current system of extrinsic assurance (e.g. red teaming, security testing, supply chain assurance, Common Criteria) explaining the benefits and limitations. Explain what 3rd party testing (e.g. ‘ethical hacking’) is and how it contributes to assurance. Describe at least 2 ways an organisation can provide intrinsic assurance. |
| TKU | 25 | Applicability of laws, regulations & ethical standards. | Understand applicability of laws and regulations to security testing of 3rd parties (‘ethical hacking’, ‘pen-testing’). Describe by reference to at least 1 generally recognised and relevant professional body the ethical responsibilities of a cyber-security professional. Understand applicability of laws and regulation to intelligence collection and analysis, and the relationship to data protection, human rights and privacy. |
| UPIBKS | Fluent in written communications and able to articulate complex issues. | Produce well-structured and concise written work that sets out complex technical matters in ways which that would be accessible to non-technical recipients as well as technical staff (as appropriate). | |
| UPIBKS | Analytical and critical thinking skills for Technology Solutions development and can systematically analyse and apply structured problem-solving techniques to complex systems and situations. | Evaluate information and then make a rational decision on the approach to take to solve the problem, based on their findings; spot trends in data and articulate the implications. | |
| UPIBKS | Can conduct effective research, using literature and other media. | Put into practice sound research techniques (using literature and other media) and articulate in writing and/or verbally how they have utilised the findings in their work. | |
| UPIBKS | Logical thinking and creative approach to problem solving. | Observe and analyse phenomena, reactions and feedback, and draw logical conclusions based on that input. | |
| UPIBKS | Able to demonstrate a ‘security mind-set’ (how to break as well as make). | Think about how things can be made to fail, as well as about how things can be made to work. | |
| Bh | Demonstrates business disciplines, ethics and courtesies, demonstrating timeliness and focus when faced with distractions and the ability to complete tasks to a deadline with high quality. | Act in a professional way as required in the cyber security context. | |
| Bh | Flexible attitude and ability to perform under pressure. | Deliver the best project outcomes against goals, re-prioritising as necessary, even in challenging circumstances. |