19 Tex. Admin. Code § 127.792

Current through Reg. 49, No. 50; December 13, 2024
Section 127.792 - Foundations of Cybersecurity (One Credit), Adopted 2022
(a) Implementation. The provisions of this section shall be implemented by school districts beginning with the 2023-2024 school year.
(1) No later than August 1, 2023, the commissioner of education shall determine whether instructional materials funding has been made available to Texas public schools for materials that cover the essential knowledge and skills identified in this section.
(2) If the commissioner makes the determination that instructional materials funding has been made available this section shall be implemented beginning with the 2023-2024 school year and apply to the 2023-2024 and subsequent school years.
(3) If the commissioner does not make the determination that instructional materials funding has been made available under this subsection, the commissioner shall determine no later than August 1 of each subsequent school year whether instructional materials funding has been made available. If the commissioner determines that instructional materials funding has been made available, the commissioner shall notify the State Board of Education and school districts that this section shall be implemented for the following school year.
(b) General requirements. This course is recommended for students in Grades 9-12. Students shall be awarded one credit for successful completion of this course.
(c) Introduction.
(1) Career and technical education instruction provides content aligned with challenging academic standards, industry and relevant technical knowledge, and college and career readiness skills for students to further their education and succeed in current and emerging professions.
(2) The Science, Technology, Engineering, and Mathematics (STEM) Career Cluster focuses on planning, managing, and providing scientific research and professional and technical services such as laboratory and testing services and research and development services.
(3) Cybersecurity is a critical discipline concerned with safeguarding computers, networks, programs, and data from unauthorized access. As a field, it has gained prominence with the expansion of a globally connected society. As computing has become more sophisticated, so too have the abilities of adversaries looking to penetrate networks and access systems and sensitive information. Cybersecurity professionals prevent, detect, and respond to minimize disruptions to governments, organizations, and individuals.
(4) In the Foundations of Cybersecurity course, students will develop the knowledge and skills needed to explore fundamental concepts related to the ethics, laws, and operations of cybersecurity. Students will examine trends and operations of cyberattacks, threats, and vulnerabilities. Students will review and explore security policies designed to mitigate risks. The skills obtained in this course prepare students for additional study in cybersecurity. A variety of courses are available to students interested in this field. Foundations of Cybersecurity may serve as an introductory course in this field of study.
(5) Students are encouraged to participate in extended learning experiences such as career and technical student organizations and other leadership or extracurricular organizations.
(6) Statements that contain the word "including" reference content that must be mastered, while those containing the phrase "such as" are intended as possible illustrative examples.
(d) Knowledge and skills.
(1) Employability skills. The student demonstrates necessary skills for career development and successful completion of course outcomes. The student is expected to:
(A) identify and demonstrate employable work behaviors such as regular attendance, punctuality, maintenance of a professional work environment, and effective written and verbal communication;
(B) identify and demonstrate positive personal qualities such as authenticity, resilience, initiative, and a willingness to learn new knowledge and skills;
(C) solve problems and think critically;
(D) demonstrate leadership skills and function effectively as a team member; and
(E) demonstrate an understanding of ethical and legal responsibilities and ramifications in relation to the field of cybersecurity.
(2) Professional awareness. The student identifies various employment opportunities and requirements in the cybersecurity field. The student is expected to:
(A) identify job and internship opportunities and accompanying job duties and tasks;
(B) research careers in cybersecurity and information security and develop professional profiles that match education and job skills required for obtaining a job in both the public and private sectors;
(C) identify and discuss certifications for cybersecurity-related careers; and
(D) explain the different types of services and roles found within a cybersecurity functional area such as a security operations center (SOC).
(3) Ethics and laws. The student understands ethical and current legal standards, rights and restrictions governing technology, technology systems, digital media, and the use of social media. The student is expected to:
(A) demonstrate and advocate for ethical and legal behaviors both online and offline among peers, family, community, and employers;
(B) investigate and analyze local, state, national, and international cybersecurity laws such as the USA PATRIOT Act of 2001, General Data Protection Regulation, Digital Millennium Copyright Act, Computer Fraud and Abuse Act, and Health Insurance Portability and Accountability Act of 1996 (HIPAA);
(C) investigate and analyze noteworthy incidents or events regarding cybersecurity;
(D) communicate an understanding of ethical and legal behavior when presented with various scenarios related to cybersecurity activities;
(E) define and identify tactics used in an incident such as social engineering, malware, denial of service, spoofing, and data vandalism; and
(F) identify and use appropriate methods for citing sources.
(4) Ethics and laws. The student differentiates between ethical and malicious hacking. The student is expected to:
(A) identify motivations and perspectives for hacking;
(B) distinguish between types of threat actors such as hacktivists, criminals, state-sponsored actors, and foreign governments;
(C) identify and describe the impact of cyberattacks on the global community, society, and individuals;
(D) differentiate between industry terminology for types of hackers such as black hats, white hats, and gray hats; and
(E) determine and describe possible outcomes and legal ramifications of ethical versus malicious hacking practices.
(5) Ethics and laws. The student identifies and defines cyberterrorism and counterterrorism. The student is expected to:
(A) define cyberterrorism, state-sponsored cyberterrorism, and hacktivism;
(B) compare and contrast physical terrorism and cyberterrorism, including domestic and foreign actors;
(C) define and explain intelligence gathering;
(D) explain the role of cyber defense in protecting national interests and corporations;
(E) explain the role of cyber defense in society and the global economy; and
(F) explain the importance of protecting public infrastructures such as electrical power grids, water systems, pipelines, transportation, and power generation facilities from cyberterrorism.
(6) Digital citizenship. The student understands and demonstrates the social responsibility of end users regarding significant issues related to digital technology, digital hygiene, and cyberbullying. The student is expected to:
(A) identify and understand the nature and value of privacy;
(B) analyze the positive and negative implications of a digital footprint and the maintenance and monitoring of an online presence;
(C) discuss the role and impact of technology on privacy;
(D) identify the signs, emotional effects, and legal consequences of cyberbullying and cyberstalking; and
(E) identify and discuss effective ways to deter and report cyberbullying.
(7) Digital citizenship. The student understands the implications of sharing information and access with others. The student is expected to:
(A) define personally identifiable information (PII);
(B) evaluate the risks and benefits of sharing PII;
(C) describe the impact of granting applications unnecessary permissions such as mobile devices accessing camera and contacts;
(D) describe the risks of granting third parties access to personal and proprietary data on social media and systems; and
(E) describe the risks involved with accepting Terms of Service (ToS) or End User License Agreements (EULA) without a basic understanding of the terms or agreements.
(8) Cybersecurity skills. The student understands basic cybersecurity concepts and definitions. The student is expected to:
(A) define cybersecurity and information security;
(B) identify basic risk management and risk assessment principles related to cybersecurity threats and vulnerabilities, including the Zero Trust model;
(C) explain the fundamental concepts of confidentiality, integrity, and availability (CIA triad);
(D) describe the trade-offs between convenience and security;
(E) identify and analyze cybersecurity breaches and incident responses;
(F) identify and analyze security challenges in domains such as physical, network, cloud, and web;
(G) define and discuss challenges faced by cybersecurity professionals such as internal and external threats;
(H) identify indicators of compromise such as common risks, warning signs, and alerts of compromised systems;
(I) explore and discuss the vulnerabilities of network-connected devices such as Internet of Things (IoT);
(J) use appropriate cybersecurity terminology;
(K) explain the concept of penetration testing, including tools and techniques; and
(L) explore and identify common industry frameworks such as MITRE ATT&CKT, MITRE EngageT, and Cyber Kill Chain, and the Diamond Model.
(9) Cybersecurity skills. The student understands and explains various types of malicious software (malware). The student is expected to:
(A) define malware, including spyware, ransomware, viruses, and rootkits;
(B) identify the transmission and function of malware such as trojan horses, worms, and viruses;
(C) discuss the impact of malware and the model of "as a service";
(D) explain the role of reverse engineering for the detection of malware and viruses; and
(E) describe free and commercial antivirus and anti-malware software also known as Endpoint Detection and Response software.
(10) Cybersecurity skills. The student understands and demonstrates knowledge of techniques and strategies to prevent a system from being compromised. The student is expected to:
(A) define system hardening;
(B) use basic system administration privileges;
(C) explain the importance of patching operating systems;
(D) explain the importance of software updates;
(E) describe standard practices to configure system services;
(F) explain the importance of backup files;
(G) research and explain standard practices for securing computers, networks, and operating systems, including the concept of least privilege; and
(H) identify vulnerabilities caused by a lack of cybersecurity awareness and training such as weaknesses posed by individuals within an organization.
(11) Cybersecurity skills. The student understands basic network operations. The student is expected to:
(A) identify basic network devices, including routers and switches;
(B) define network addressing;
(C) analyze incoming and outgoing rules for traffic passing through a firewall;
(D) identify well known ports by number and service provided, including port 22 (Secure Shell Protocol/ssh), port 80 (Hypertext Transfer Protocol/http), and port 443 (Hypertext Transfer Protocol Secure/https);
(E) identify commonly exploited ports and services, including ports 20 and 21 (File Transfer Protocol/ftp), port 23 (telnet protocol), and port 3389 (Remote Desktop Protocol/rdp); and
(F) identify common tools for monitoring ports and network traffic.
(12) Cybersecurity skills. The student identifies standard practices of system administration. The student is expected to:
(A) define what constitutes a secure password;
(B) create a secure password policy, including length, complexity, account lockout, and rotation;
(C) identify methods of password cracking such as brute force and dictionary attacks; and
(D) examine and configure security options to allow and restrict access based on user roles.
(13) Cybersecurity skills. The student demonstrates necessary steps to maintain user access on the system. The student is expected to:
(A) identify different types of user accounts and groups on an operating system;
(B) explain the fundamental concepts and standard practices related to access control, including authentication, authorization, and auditing;
(C) compare methods for single- and multi-factor authentication such as passwords, biometrics, personal identification numbers (PINs), secure tokens, and other passwordless authentication methods;
(D) define and explain the purpose and benefits of an air-gapped computer; and
(E) explain how hashes and checksums may be used to validate the integrity of transferred data.
(14) Cybersecurity skills. The student explores the field of digital forensics. The student is expected to:
(A) explain the importance of digital forensics to organizations, private citizens, and the public sector;
(B) identify the role of chain of custody in digital forensics;
(C) explain the four steps of the forensics process, including collection, examination, analysis, and reporting;
(D) identify when a digital forensics investigation is necessary;
(E) identify information that can be recovered from digital forensics investigations such as metadata and event logs; and
(F) analyze the purpose of event logs and identify suspicious activity.
(15) Cybersecurity skills. The student explores the operations of cryptography. The student is expected to:
(A) explain the purpose of cryptography and encrypting data;
(B) research historical uses of cryptography;
(C) review and explain simple cryptography methods such as shift cipher and substitution cipher;
(D) define and explain public key encryption; and
(E) compare and contrast symmetric and asymmetric encryption.
(16) Vulnerabilities, threats, and attacks. The student understands vulnerabilities, threats, and attacks. The student is expected to:
(A) explain how computer vulnerabilities leave systems open to cyberattacks;
(B) explain how users are the most common vehicle for compromising a system at the application level;
(C) define and describe vulnerability, payload, exploit, port scanning, and packet sniffing;
(D) identify internal threats to systems such as logic bombs and insider threats;
(E) define and describe cyberattacks, including man-in-the-middle, distributed denial of service, spoofing, and back-door attacks;
(F) differentiate types of social engineering techniques such as phishing; web links in email, instant messaging, social media, and other online communication with malicious links; shoulder surfing; and dumpster diving; and
(G) identify various types of application-specific attacks such as cross-site scripting and injection attacks.
(17) Vulnerabilities, threats, and attacks. The student evaluates the vulnerabilities of networks. The student is expected to:
(A) compare vulnerabilities associated with connecting devices to public and private networks;
(B) explain device vulnerabilities and security solutions on networks such as supply chain security and counterfeit products;
(C) compare and contrast protocols such as HTTP versus HTTPS;
(D) debate the broadcasting or hiding of a wireless service set identifier (SSID); and
(E) research and discuss threats such as mandatory access control (MAC) spoofing and packet sniffing.
(18) Vulnerabilities, threats, and attacks. The student analyzes threats to computer applications. The student is expected to:
(A) define application security;
(B) identify methods of application security such as secure development policies and practices;
(C) explain the purpose and function of vulnerability scanners;
(D) explain how coding errors may create system vulnerabilities such as buffer overflows and lack of input validation; and
(E) analyze the risks of distributing insecure programs.
(19) Risk assessment. The student understands risk and how risk assessment and risk management defend against attacks. The student is expected to:
(A) define commonly used risk assessment terms, including risk, asset, and inventory;
(B) identify risk management strategies, including acceptance, avoidance, transference, and mitigation; and
(C) compare and contrast risks based on an industry accepted rubric or metric such as Risk Assessment Matrix.

19 Tex. Admin. Code § 127.792

Adopted by Texas Register, Volume 47, Number 30, July 29, 2022, TexReg 4523, eff. 8/1/2022