Textbook Mapping

The following textbook has been mapped to the course modules. Instructors may want to assign specific chapters in addition to the texts listed as Required Reading. Supplemental PowerPoint slides and videos to accompany Critical Infrastructure Protection in Homeland Security are available online here: http://www.wiley.com//legacy/wileychi/lewis/.

Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation
2nd Ed.
Ted G. Lewis
Wiley Publishing
978-1-118-81763-6
Module # Concepts Chapter
Module 1 – Introduction to Critical Infrastructure
  • Define critical infrastructure, protection, and resilience in the context of the National Infrastructure Protection Plan (NIPP).
  • Describe critical infrastructure in communities and the impact Lifeline sector assets have on a community’s resiliency.
  • Describe the processes that support critical infrastructure security and resilience.
  • Identify strategies and methods for achieving results through critical infrastructure partnerships.
  • Describe the roles and responsibilities of entities such as the DHS, sector-specific agencies, and state, local, tribal, and territorial governments.
  • Discuss common standards bodies, such as the North American Electricity Reliability Council (NAERC) and the National Institute of Standards and Technology (NIST).
  • Understand which certifications are required to protect critical infrastructure.
Chapter 1
Module 2 – Introduction to Control Systems & SCADA
  • Describe the components and applications of industrial control systems.
  • Describe the purpose and use of SCADA, DCS, and PCS systems.
  • Describe the configuration and use of field devices used to measure critical infrastructure processes, such as flow rate, pressure, temperature, level, density, etc.
  • Describe the use and application of Programmable Logic Controllers (PLCs) in automation.
Chapter 10
Module 3 – Technologies
  • List several types of networking hardware and explain the purpose of each.
  • List and describe the functions of common communications protocols and network standards used within CI.
  • Identify new types of network applications and how they can be secured.
  • Identify and understand the differences between IPv4 and IPv6.
  • Discuss the unique challenges/characteristics of devices associated with industrial control systems.
  • Explain how existing network administration principles can be applied to secure CIKR.
Chapter 6
Module 4 – Risk Management
  • Describe basic security service principles (confidentiality, integrity, availability, and authentication) and their relative importance to CI systems.
  • Explain basic risk management principles.
  • Identify various risk management frameworks and standards, such as the NIST Cybersecurity Framework and the North American Electricity Reliability Council (NERC).
  • Describe how to use the framework core process.
  • Describe how to use the Framework Implementation Tiers to identify cybersecurity risk and the processes necessary to effectively manage that risk.
  • Describe the Cybersecurity Framework Assessment Process Model.
  • Demonstrate an understanding of how the framework process holistically manages risk.
Chapter 2
Module 5 – Threats
  • Define threats and threat agents, and explain how risk assessment relates to understanding threats.
  • Identify how different threats—including hijacking, denial-of-service attacks, malicious software, SMTP spam engines, Man-in-the-Middle (MITM) attacks, and social engineering—would apply to critical infrastructure.
  • Identify different types of malware and their intended payloads.
  • Describe social engineering psychological attacks.
  • List and explain the different types of server-side web application and client-side attacks relevant to critical infrastructure.
  • Describe overflow attacks and provide examples of the impact on CI systems.
  • Provide examples of malware attacks, such as Flame, Stuxnet, BlackEnergy, Havex, and Duqu, and discuss their functionality and impact on critical infrastructure systems.
Chapter 7
Module 6 – Vulnerabilities
  • Identify the common vulnerabilities associated with Control Systems (CS).
  • Identify SCADA cyber vulnerabilities.
  • Describe how an attacker may gain control of the SCADA system.
  • Define vulnerability assessment and explain why it is important.
  • Identify vulnerability assessment techniques and tools, such as CSET, Nessus, and other assessment tools.
  • Explain the differences between vulnerability scanning and penetration testing.
Module 7 – Risk Assessments
  • Identify the different risk assessment frameworks.
  • Discuss Supply Chain Risk Management (SCRM) principles.
  • Explain how regulatory requirements are used in determining additional items to review in a risk assessment.
  • Demonstrate an understanding of the CSET tool risk assessment functions.
  • Apply the CSET tool to an IT general risk assessment.
  • Develop a report using CSET.
  • Apply the standard available in the CSET tool to an IT general risk assessment.
Chapter 12
Module 8 – Remediation
  • Describe how risk management techniques control risk.
  • Explain the concept of the Security Design Life Cycle (SDLC).
  • List the types of security policies and how these relate to remediation.
  • Describe how awareness and training can provide increased security.
  • Identify remediation techniques in an ICS network, including routers, firewall technology, and tools for configuring firewalls and routers.
  • Describe intrusion detection and prevention systems and web-filtering technologies.
  • Explain the importance of digitally signed code for pushes of firmware and other updates to automated devices.
  • Demonstrate the ability to evaluate and assess vulnerabilities in ICS networks.
  • Explain and make recommendations for remediation strategies in an ICS network.
  • Describe the hazards (do and don’ts) of the corporate network process vs. ICS network process.
Module 9 – Incident Response
  • List some common types of incidents that may occur in SCADA/ICS systems.
  • Identify the phases of an Incident Response (IR), as described in the NIST SP 800-61.
  • Define incident containment and describe how it is applied to an incident.
  • Discuss the IR reaction strategies unique to each category of incident.
  • Explain the components of an Incident Response Plan.
  • Identify the 14 response core capabilities covered in the National Response Framework.
Module 10 – Policy & Governance
  • Identify information-sharing strategies and initiatives as established by the Department of Homeland Security (DHS).
  • Describe threat intelligence information sharing among public and private partners, including Information Sharing and Analysis Centers (ISACs).
  • Explain the roles that DHS’s National Cybersecurity and Communications Integration Center (NCCIC) and National Infrastructure Coordinating Center (NICC) play in infrastructure protection.
  • Describe issues relevant to specific critical infrastructure sectors, such as HIPAA and other regulations and laws.
Module 11 – Trends
  • Identify emerging trends and demonstrate an understanding of emerging technologies.
  • Understand the Internet of Things (IoT) and how it expands the cyber “attack surface.”
  • Be able to make educated predictions of what the future might look like for the cybersecurity critical infrastructure framework.
  • Discuss ethical issues that can arise in relation to new technology and new defense strategies.

License

Icon for the Creative Commons Attribution 4.0 International License

Critical Infrastructure Cybersecurity by Whatcom Community College and CyberWatch West is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

Share This Book