Scribd
Upload
37 views2 pages

CyBOK Tabular Representation of Broad Categories and Knowledge Areas

Uploaded by

EdnaRocioUnivioAmaya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views2 pages

CyBOK Tabular Representation of Broad Categories and Knowledge Areas

Uploaded by

EdnaRocioUnivioAmaya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

The Cyber Security

Body of Knowledge
Tabular representation of CyBOK Broad
Categories, Knowledge Areas and their
descriptions
June ����
http://www.cybok.org
The Cyber Security Body Of Knowledge
www.cybok.org

S.NO 1- Human, Organizational, and Regulatory Aspects

Risk Management Security management systems and organizational security controls, including standards, best practices,
1
and Governance and approaches to risk assessment and mitigation.
International and national statutory and regulatory requirements, compliance obligations, and security
2 Law and Regulation
ethics, including data protection and developing doctrines on cyber warfare.
Usable security, social and behavioural factors impacting security, security culture and awareness as well
3 Human Factors
as the impact of security controls on user behaviours.
Techniques for protecting personal information, including communications, applications, and inferences
Privacy and Online from databases and data processing. It also includes other systems supporting online rights touching on
4
Rights censorship and circumvention, covertness, electronic elections, and privacy in payment and identity
systems.
2- Attacks and Defences
Malware and Attack Technical details of exploits and distributed malicious systems, together with associated discovery and
5
Technologies analysis approaches.

Adversarial The motivations, behaviours, and methods used by attackers, including malware supply chains, attack
6
Behaviours vectors, and money transfers.

Security Operations
The configuration, operation, and maintenance of secure systems including the detection of and
7 and Incident
response to security incidents and the collection and use of threat intelligence.
Management

8 Forensics The collection, analysis, and reporting of digital evidence in support of incidents or criminal events.

3- Systems Security
Core primitives of cryptography as presently practiced and emerging algorithms, techniques for analysis
9 Cryptography
of these, and the protocols that use them.
Operating Systems Operating systems protection mechanisms, implementing secure abstraction of hardware, and sharing of
10 and Virtualization resources, including isolation in multiuser systems, secure virtualization, and security in database
Security systems.
Security mechanisms relating to larger-scale coordinated distributed systems, including aspects of secure
Distributed Systems
11 consensus, time, event systems, peer-to-peer systems, clouds, multitenant data centers, and distributed
Security
ledgers.
Authentication,
All aspects of identity management and authentication technologies, and architectures and tools to
12 Authorization, and
support authorization and accountability in both isolated and distributed systems.
Accountability
4- Software and Platform Security
Known categories of programming errors resulting in security bugs, and techniques for avoiding these
13 Software Security errors—both through coding practice and improved language design—and tools, techniques, and
methods for detection of such errors in existing systems.
Web and Mobile Issues related to web applications and services distributed across devices and frameworks, including the
14
Security diverse programming paradigms and protection models.
Secure Software The application of security software engineering techniques in the whole systems development lifecycle
15
Lifecycle resulting in software that is secure by default.
5- Infrastructure Security
Security aspects of networking and telecommunication protocols, including the security of routing,
16 Network Security
network security elements, and specific cryptographic protocols used for network security.
Security in the design, implementation, and deployment of general-purpose and specialist hardware,
17 Hardware Security
including trusted computing technologies and sources of randomness.
Cyber-Physical Security challenges in cyber-physical systems, such as the Internet of Things and industrial control
18
Systems Security systems, attacker models, safe-secure designs, and security of large-scale infrastructures.

Physical Layer and


Security concerns and limitations of the physical layer including aspects of radio frequency encodings and
19 Telecommunications
transmission techniques, unintended radiation, and interference.
Security

| June ���� Page �

You might also like