9
|
|
3.5.14
|
Edge computing systems
|
9
|
|
3.5.15
|
Virtualized systems
|
9
|
|
3.6
|
Select and determine cryptographic solutions
|
6, 7
|
|
3.6.1
|
Cryptographic life cycle (e.g., keys, algorithm selection)
|
6, 7
|
|
3.6.2
|
Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves, quantum)
|
6, 7
|
|
3.6.3
|
Public Key Infrastructure (PKI)
|
7
|
|
3.6.4
|
Key management practices
|
7
|
|
3.6.5
|
Digital signatures and digital certificates
|
7
|
|
3.6.6
|
Non-repudiation
|
6, 7
|
|
3.6.7
|
Integrity (e.g., hashing)
|
6, 7
|
|
3.7
|
Understand methods of cryptanalytic attacks
|
7, 14, 21
|
|
3.7.1
|
Brute force
|
7
|
|
3.7.2
|
Ciphertext only
|
7
|
|
3.7.3
|
Known plaintext
|
7
|
|
3.7.4
|
Frequency analysis
|
7
|
|
3.7.5
|
Chosen ciphertext
|
7
|
|
3.7.6
|
Implementation attacks
|
7
|
|
3.7.7
|
Side-channel
|
7
|
|
3.7.8
|
Fault injection
|
7
|
|
3.7.9
|
Timing
|
7
|
|
3.7.10
|
Man-in-the-Middle (MITM)
|
7
|
|
3.7.11
|
Pass the hash
|
14
|
|
3.7.12
|
Kerberos exploitation
|
14
|
|
3.7.13
|
Ransomware
|
21
|
|
3.8
|
Apply security principles to site and facility design
|
10
|
|
3.9
|
Design site and facility security controls
|
10
|
|
3.9.1
|
Wiring closets/intermediate distribution facilities
|
10
|
|
3.9.2
|
Server rooms/data centers
|
10
|
|
3.9.3
|
Media storage facilities
|
10
|
|
3.9.4
|
Evidence storage
|
10
|
|
3.9.5
|
Restricted and work area security
|
|
