Home land
Essential Body of Knowledge (EBK):
A Competency and Functional Framework
for IT Security Workforce Development
Office of Cybersecurity and Communications
National Cyber Security Division
September 2008
United States Department of Homeland Security
Washington, D.C. 20528
Table of Contents
1
Introduction............................................................................................................... 1
1.1 Overview ............................................................................................................... 1
1.2 Background ........................................................................................................... 2
1.3 Purpose.................................................................................................................. 2
1.4 Scope ..................................................................................................................... 3
1.5 Review Cycle ........................................................................................................ 3
1.6 DocumentOrganization......................................................................................... 6
2
IT Security Competency Areas ................................................................................ 7
2.1 Data Security ......................................................................................................... 7
2.2 DigitalForensics.................................................................................................... 8
2.3 Enterprise Continuity .......................................................................................... 10
2.4 Incident Management .......................................................................................... 11
2.5 IT Security Training and Awareness .................................................................... 13
2.6 ITSystems Operations and Maintenance ............................................................ 14
2.7 Network and Telecommunications Security ........................................................ 16
2.8 Personnel Security ............................................................................................... 18
2.9 Physical and EnvironmentalSecurity.................................................................. 19
2.10 Procurement......................................................................................................... 20
2.11 Regulatory and Standards Compliance ............................................................... 22
2.12 Security Risk Management ................................................................................. 232.13 Strategic Security Management ........................................................................... 25
2.14 System and Application Security ........................................................................ 26
3
IT Security Key Terms and Concepts ................................................................... 28
3.1 Data Security....................................................................................................... 28
3.2 Digital Forensics.................................................................................................. 29
3.3 Enterprise Continuity .......................................................................................... 29
3.4 Incident Management.......................................................................................... 30
3.5 IT Security Training and Awareness .................................................................... 30
3.6 IT Systems Operations and Maintenance ............................................................ 31
3.7 Network and Telecommunications Security ........................................................ 32
3.8 Personnel Security...
Regístrate para leer el documento completo.