cybok mapping framework for ncsc certi ed degrees guidance ...€¦ · certication. table (.) is...
TRANSCRIPT
CyBOK MappingFramework for NCSCCerti�ed DegreesGuidance Document for UKHigher EducationLata Nautiyal University of Bristol
Awais Rashid University of Bristol
The Cyber Security Body Of Knowledgewww.cybok.org
� STEP BY STEP IMPLEMENTATION OF MAPPINGPROCESS BY TAKING EXAMPLE OF ONE MODULEDESCRIPTION FROM MIT UNIVERSITY, USA
Applied Cyber Security (MIT-USA)
Introduction to Information Security Fundamentals and Best Practices
• Protecting Your Computer and its Contents
• Securing Computer Networks–Basics of Networking
• Compromised Computers
• Secure Communications and Information Security Best Practices
• Privacy Guidelines
• Safe Internet Usage
Ethics in Cybersecurity & Cyber Law
• Privacy
• Intellectual Property
• Professional Ethics
• Freedom of Speech
• Fair User and Ethical Hacking
• Trademarks
• Internet Fraud
• Electronic Evidence
• Cybercrimes
Forensics
• Forensic Technologies
• Digital Evidence Collection
• Evidentiary Reporting
Network Assurance
• Layered Defense
• Surveillance and Reconnaissance
• Outsider Threat Protection
Secure Software & Browser Security
• Software Construction
• Software Design and Architecture
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
• Software Testing
• Methodologies
• The New Universal Client
• The Web Model
• Cookies and Browser Storage
• HTML� Security
Business Information Continuity
• Managing a Business Information Continuity Plan
• Vulnerabilities and Controls
• The Law and Business Information Continuity Plan
Information Risk Management
• Asset Evaluation and Business Impact Analysis
• Risk Identi�cation
• Risk Quanti�cation
• Risk Response Development and Control
• Security Policy, Compliance, and Business Continuity
Cyber Incident Analysis and Response
• Incident Preparation
• Incident Detection and Analysis
• Containment, Eradication, and Recovery
• Proactive and Post-Incident Cyber Services
�.� Formation Phase:Applied Cyber Security (MIT-USA)
Introduction to Information Security Fundamentals and Best Practices
• Protecting Your Computer and its Contents
• Securing Computer Networks–Basics of Networking
• Compromised Computers
• Secure Communications and Information Security Best Practices
• Privacy Guidelines
• Safe Internet Usage
Ethics in Cybersecurity & Cyber Law
• Privacy
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
• Intellectual Property
• Professional Ethics
• Freedom of Speech
• Fair User and Ethical Hacking
• Trademarks
• Internet Fraud
• Electronic Evidence
• Cybercrimes
Forensics
• Forensic Technologies
• Digital Evidence Collection
• Evidentiary Reporting
Network Assurance
• Layered Defense
• Surveillance and Reconnaissance
• Outsider Threat Protection
Secure Software & Browser Security
• Software Construction
• Software Design and Architecture
• Software Testing
• Methodologies
• The New Universal Client
• The Web Model
• Cookies and Browser Storage
• HTML� Security
Business Information Continuity
• Managing a Business Information Continuity Plan
• Vulnerabilities and Controls
• The Law and Business Information Continuity Plan
Information Risk Management
• Asset Evaluation and Business Impact Analysis
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
• Risk Identi�cation
• Risk Quanti�cation
• Risk Response Development and Control
• Security Policy, Compliance, and Business Continuity
Cyber Incident Analysis and Response
• Incident Preparation
• Incident Detection and Analysis
• Containment, Eradication, and Recovery
• Proactive and Post-Incident Cyber Services
�.� Connecting Phase:Searching for those highlighted keywords or a set of keywords using the resources in the“CyBOK Mapping Structure Guide”. This phase is comprised of � steps (Steps A to E).
Step A: – Mapping with an alphabetical version of the CyBOK’s knowledge areas indicativematerial from NCSC’s certi�cation document: –
Start your search with this document. If your Highlighted/Underlined keywords or a setof keywords are found in this part, then record these in the table and move on to the next key-words or a set of keywords. Repeat the process until the last keywords or a set of keywords.(Move to step B)
S.No. Broad Category KA Topic IndicativeMaterial
Keyword or a Setof Keywords
Mapping with analphabeticalversion of the
CyBOKknowledge areas
indicativematerial
�Protecting YourComputer and its
ContentsNot Found
�
Securingcomputer
networks - Basicsof networking
Not Found
� CompromisedComputers Not Found
�
SecureCommunicationsand InformationSecurity BestPractices
Not Found
� PrivacyGuidelines Not Found
6 Privacy Not Found
� IntellectualProperty Not Found
8 ProfessionalEthics Not Found
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
� Freedom ofSpeech Not Found
�� Ethical Hacking Not Found�� Trademarks Not Found�� Internet Fraud Not Found
�� ElectronicEvidence Not Found
�� Cybercrimes Not Found
�� Attacks anddefences F
De�nition andconceptualmodels
Forensicscience
ForensicTechnologies
(Forensicscience)
Found andRecorded
�6 Digital EvidenceCollection Not Found
�� EvidentiaryReporting Not Found
�8 Layered Defense Not Found�� Reconnaissance Not Found
�� Outsider ThreatProtection Not Found
�� SoftwareConstruction Not Found
�� Software Designand Architecture Not Found
�� Software Testing Not Found�� Methodologies Not Found�� The Web Model Not Found
�6 Software andPlatform Security WAM
Fundamentalconcepts andapproaches
Cookies Cookies Found andRecorded
�� HTML� Security Not Found
�8
Managing aBusiness
InformationContinuity Plan
Not Found
�� Vulnerabilitiesand control Not Found
�� Continuity Plan Not Found
��Asset Evaluationand Business
Impact AnalysisNot Found
�� Risk Identi�cation Not Found
�� RiskQuanti�cation Not Found
��Risk Response
development andcontrol
Not Found
�� Security Policy Not Found
�6Compliance, and
BusinessContinuity
Not Found
�� Attacks andDefences SOIM
Human Factors:Incident
Management
Prepare:Incident
managementplanning
Incidentpreparation(incident
managementplanning)
Found andRecorded
�8 Attacks andDefences SOIM
Human Factors:Incident
Management
Prepare:incident
managementplanning
IncidentDetection and
Analysis (Incidentmanagementplanning)
Found andRecorded
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
��Containment,
Eradication, andRecovery
Not Found
�� Attacks andDefences SOIM
Human Factors:Incident
Management
Follow up -Post-incident
activities
Post-incidentcyber services(Follow up
:post-incidentactivities)
Found andRecorded
Step B: – Mapping with CyBOK Mapping Reference �.�: –
Continue your search with this document. If your remaining (Not Found) keywords or aset of keywords are found in this part, then record these in the table and move on to thenext keywords or a set of keywords. Repeat the process until the last keywords or a set ofkeywords. (Move to step C)
S.No. Broad Category KA Keyword or a Set of Keywords Mapping with CyBOKMapping Reference �.�
� Protecting Your Computer and itsContents Not Found
� Infrastructure Security NS Securing Computer Networks -Basics of networking Found and Recorded
� Software and PlatformSecurity SS, NS
Compromised Computers (CVEs,CWEs), Or (Common network
attacks)
Found and Recorded,(Selected SS as relevant)
� Systems Security CSecure Communications and
Information Security Best Practices(Secure Communication Channel)
Found and Recorded
� Privacy Guidelines Not Found
6 Human, Organisational andRegulatory Aspects POR Privacy Found and Recorded
� Human, Organisational andRegulatory Aspects LR Intellectual Property Found and Recorded
8 Human, Organisational andRegulatory Aspects LR Professional Ethics (Ethics) Found and Recorded
� Human, Organisational andRegulatory Aspects POR Freedom of Speech Found and Recorded
�� Infrastructure SecurityNS,
SOIM,SSL
Ethical Hacking, (Penetrationtesting) or (Penetration testing -DNS) Or (Penetration testing –
active penetration) Or (Penetrationtesting – software tool)
Found and Recorded,(Selected NS as relevant)(But Multiple mappings are
possible)
�� Human, Organisational andRegulatory Aspects LR Trademarks Found and Recorded
�� Internet Fraud Not Found
�� Attacks and Defences F Electronic Evidence (Forensicevidence) Found and Recorded
�� Human, Organisational andRegulatory Aspects LR, F Cybercrimes Found and Recorded
(Selected LR as relevant)�6 Attacks and Defences F Digital Evidence Collection Found and Recorded�� Evidentiary Reporting Not Found
�8 Systems SecurityAAA,RMG,SSL
Layered Defense, (Security Policies)Or (Defence in depth)
Found and Recorded,(Selected AAA as relevant)
�� Reconnaissance Found (Not recorded, notrelevant as per the context)
�� Attacks and DefencesSOIM,AB,RMG
Outsiders Threat Protection(Threats External)
Found and Recorded,(Selected SOIM as relevant)
�� Software and PlatformSecurity SSL Software Construction, (Software
Development) Found and Recorded
�� Software Design and Architecture Not Found
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page 6
The Cyber Security Body Of Knowledgewww.cybok.org
�� Software Testing Not Found
�� Software and PlatformSecurity SSL Methodologies (Software
Development methods) Found and Recorded
�� The Web Model Not Found�� HTML� Security Not Found
�8 Attacks and Defences RMG,SOIM
Managing a Business InformationContinuity Plan, (Business
continuity management/planning)
Found and Recorded,(Selected RMG as relevant)
�� Software and PlatformSecurity
SS,CPS Vulnerabilities and control Found and Recorded,
(Selected SS as relevant)
�� Human, Organisational andRegulatory Aspects RMG Continuity plan (Continuity
management) Found and Recorded
�� Human, Organisational andRegulatory Aspects RMG
Asset Evaluation and BusinessImpact Analysis (Business impactanalysis - in information asset
classi�cation)
Found and Recorded
�� Human, Organisational andRegulatory Aspects RMG Risk Identi�cation Analysis Found and Recorded
�� Human, Organisational andRegulatory Aspects RMG Risk Quanti�cation (Risk –
measuring) Found and Recorded
�� Human, Organisational andRegulatory Aspects RMG Risk Response development and
control Found and Recorded
�� Human, Organisational andRegulatory Aspects RMG Security Policy Found and Recorded
�6 Human, Organisational andRegulatory Aspects RMG Compliance and Business
Continuity Found and Recorded
�� Attacks and Defences SOIMContainment, Eradication and
Recovery (Containment in Incidentresponse plan)
Found and Recorded
Step C: – Complete the missing Topics and Indicative Material from CyBOK KnowledgeTrees for all the recorded keywords or a set of keywords found through CyBOK Mappingreference �.�: –
Searching topics and indicative materials from CyBOK Knowledge Trees for all the recordedkeywords or a set of keywords found through CyBOK Mapping reference �.� as CyBOK Map-ping reference �.� provides relevant CyBOK knowledge areas but not the topic and indicativematerial, therefore CyBOK Knowledge Trees are used. (Move to step D)
S.No. Broad Category KA Topic IndicativeMaterial
Keyword or a setof Keywords
Mapping missingTopics andIndicative
Material fromCyBOK
Knowledge Trees
� InfrastructureSecurity NS Network Defence
Tools ***
SecuringComputerNetworks -Basics ofnetworking
Found andRecorded(Multiple
mappings arepossible)
Mapping to NS isjust an
interpretation asper our viewpoint
� Software andPlatform Security SS, NS Categories of
vulnerability CVEs and CWEs
CompromisedComputers
(CVEs, CWEs), Or(Common
network attacks)
Found andRecorded,
(Selected SS asrelevant)
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
� Systems Security C Public keycryptography ***
SecureCommunicationsand InformationSecurity Best
Practices (SecureCommunication
Channel)
Found andRecorded
6
Human,Organisationaland Regulatory
Aspects
POR Control *** Privacy Found andRecorded
�
Human,Organisationaland Regulatory
Aspects
LR IntellectualProperty
Understandingintellectualproperty ORCatalogue ofintellectual
property rights
IntellectualProperty
Found andRecorded
8
Human,Organisationaland Regulatory
Aspects
LR Ethics Codes of conduct ProfessionalEthics (Ethics)
Found andRecorded
�
Human,Organisationaland Regulatory
Aspects
POR
Privacytechnologies and
democraticvalues
Censorshipresistance andfreedom ofspeech
Freedom ofSpeech
Found andRecorded
�� InfrastructureSecurity
NS,SOIM,SSL
Networkprotocols andvulnerability
Common networkattacks
Ethical Hacking(Penetrationtesting) or
(Penetrationtesting - DNS) Or
(Penetrationtesting – activepenetration) Or(Penetrationtesting –
software tool)
Found andRecorded,
(Selected NS asrelevant)(But
Multiplemappings are
possible)
��
Human,Organisationaland Regulatory
Aspects
LR IntellectualProperty
Catalogue ofintellectual
property rightsTrademarks Found and
Recorded
�� Attacks andDefences F
De�nition andconceptual
model
Digital (forensic)trace
ElectronicEvidence(Forensicevidence)
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
LR, F Computer CrimeCrimes againstinformationsystems
Cybercrimes
Found andRecorded
(Selected LR asrelevant)
�6 Attacks andDefences F
Main MemoryForensics OR
Operating SystemAnalysis OR
Cloud ForensicsOR Artifact
Analysis It couldbe any of these
depending on thecontext.
*** Digital EvidenceCollection
Found andRecorded
�8 Systems SecurityAAA,RMG,SSL
Authorisation Access Control
Layered Defense(Security Policies)Or (Defence in
depth)
Found andRecorded,
(Selected AAA asrelevant)
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page 8
The Cyber Security Body Of Knowledgewww.cybok.org
�� Attacks andDefences
SOIM,AB,RMG
Knowledge:intelligence and
analytics
Cyber-threatintelligence
Outsiders ThreatProtection
(Threats External)
Found andRecorded,
(Selected SOIMas relevant)
�� Software andPlatform Security SSL Prescriptive
Processes SAFECode
SoftwareConstruction,(Software
Development)
Found andRecorded
�� Software andPlatform Security SSL Prescriptive
Processes SAFECode
Methodologies(Software
Developmentmethods)
Found andRecorded
�8 Attacks andDefences
RMG,SOIM
BusinessContinuity:Incident
Response andRecoveryPlanning
***
Managing aBusiness
InformationContinuity Plan
(Businesscontinuitymanage-
ment/planning)
Found andRecorded,
(Selected RMG asrelevant)
�� Software andPlatform Security
SS,CPS
Categories ofVulnerabilities
(SS) ORPrevention ofVulnerabilities
*** Vulnerabilitiesand control
Found andRecorded
(Selected SS asrelevant)
��
Human,Organisationaland Regulatory
Aspects
RMG
Businesscontinuity:
incident responseand recovery
planning
***Continuity plan
(Continuitymanagement)
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
RMGRisk Assessmentand Management
Principles
Risk assessmentand management
methods
Asset Evaluationand Business
Impact Analysis(Business impact
analysis - ininformation assetclassi�cation)
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
RMG Risk De�nition Risk assessment Risk Identi�cationAnalysis
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
RMGRisk Assessmentand Management
PrinciplesSecurity metrics
RiskQuanti�cation
(Risk –measuring)
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
RMG
Businesscontinuity:
incident responseand recovery
planning
***Risk Response
development andcontrol
Found andRecorded
��
Human,Organisationaland Regulatory
Aspects
RMG Risk Governance Enacting securitypolicy Security Policy Found and
Recorded
�6
Human,Organisationaland Regulatory
Aspects
RMG
Businesscontinuity:
incident responseand recovery
planning
***Compliance and
BusinessContinuity
Found andRecorded
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page �
The Cyber Security Body Of Knowledgewww.cybok.org
�� Attacks andDefences SOIM
Human factors:incident
management
Handle: actualincident response
Containment,Eradication and
Recovery(Containment inIncident response
plan)
Found andRecorded
Step D:– Mapping with CyBOK Knowledge Trees: –
Continue your search with this document. If your remaining (Not Found) keywords or aset of keywords are found in this part, then record these in the table and move on to thenext keywords or a set of keywords. Repeat the process until the last keywords or a set ofkeywords. (Move to step E)
S.No. Broad Category KA Topic IndicativeMaterial
Keyword or a setof Keywords
Mapping withCyBOK
Knowledge Trees
� CyBOKIntroduction CI Foundational
ConceptsDe�nition ofcyber security
Protecting YourComputer and its
Contents
Found andRecorded
�
Human,Organisationaland Regulatory
Aspects
POR Control ***
PrivacyGuidelines
(privacy policyinterpretability)
Found andRecorded
�� Attacks andDefences AB, LR Characterisation
of Adversaries
cyber-enabledcrime vs
cyber-dependentcrime OR
interpersonalcrimes OR
cyber-enabledorganised crime
ORcyber-dependentorganised crime
Internet Fraud
Found andRecorded
(Selected AB asrelevant)
�� Attacks andDefences F
De�nitions andconceptualmodels
Legal Concernsand the Daubert
Standard
EvidentiaryReporting
Found andRecorded
�� Attacks andDefences SOIM
Knowledge:Intelligence and
analytics*** Reconnaissance Found and
Recorded
�� Software andPlatform Security SSL Prescriptive
Processes SAFECode Software Designand Architecture
Found andRecorded
�� Software andPlatform Security SSL Prescriptive
Processes SAFECode Software Testing Found andRecorded
�� Software andPlatform Security WAM
Fundamentalconcepts andapproaches
Webi�cation The Web Model Found andRecorded
�� Software andPlatform Security WAM
Fundamentalconcepts andapproaches
Webi�cation HTML� Security Found andRecorded
Step E:– Complete �nalmissing keywords using the Tabular representation of CyBOK broadcategories, knowledge areas and their description: –
If the keywords or a set of keywords are not found in any of the materials provided to supportthe mapping process then identify the most relevant knowledge area using this documentand then record the relevant KA.
Not Applicable - All the keywords have been mapped by using Step A to D
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page ��
The Cyber Security Body Of Knowledgewww.cybok.org
�.� Finalising Phase:This phase is a result of the mapping process; the results are transferred from the varioustables to the Final table. It will be helpful to �ll Table (�.�) in the application for NCSCcerti�cation. Table (�.�) is required as a part of the application for NCSC certi�cation.
Broad Category KA Topic Indicative MaterialKeyword/ Set ofKeywords/Course
keywords
CyBOK Introduction CI Foundational Concepts De�nition of cybersecurity
Protecting YourComputer and its
Contents
Infrastructure Security NS Network Defence Tools ***Securing computernetworks - Basics of
networkingSoftware and Platform
Security SS Categories ofvulnerability CVEs and CWEs Compromised
Computers
System Security C Public key cryptography ***Secure Communicationsand Information Security
Best PracticesHuman, Organisationaland Regulatory Aspects POR Control *** Privacy Guidelines
Human, Organisationaland Regulatory Aspects POR Control *** Privacy
Human, Organisationaland Regulatory Aspects LR Intellectual Property
Understandingintellectual property ORCatalogue of intellectual
property rights
Intellectual Property
Human, Organisationaland Regulatory Aspects LR Ethics Codes of conduct Professional Ethics
Human, Organisationaland Regulatory Aspects POR Privacy technologies
and democratic valuesCensorship resistanceand freedom of speech Freedom of Speech
Infrastructure Security NS Network protocols andvulnerability
Common networkattacks Ethical Hacking
Human, Organisationaland Regulatory Aspects LR Intellectual Property Catalogue of intellectual
property rights Trademarks
Attackafe and Defences AB Characterisation ofAdversaries
cyber-enabled crime vscyber-dependent crimeOR interpersonal crimes
OR cyber-enabledorganised crime ORcyber-dependentorganised crime
Internet Fraud
Attacks and Defences F De�nition andconceptual model Digital (forensic) trace Electronic Evidence
Human, Organisationaland Regulatory Aspects LR Computer Crime Crimes against
information systems Cybercrimes
Attacks and Defences F De�nition andconceptual model Forensic science Forensic Technologies
Attacks and Defences F
Main Memory ForensicsOR Operating SystemAnalysis OR Cloud
Forensics
*** Digital EvidenceCollection
Attacks and Defences F De�nitions andconceptual models
Legal Concerns and theDaubert Standard Evidentiary Reporting
Systems Security AAA Authorisation Access Control Layered Defense
Attacks and Defences SOIM Knowledge: Intelligenceand analytics *** Reconnaissance
Attacks and Defences SOIM Knowledge: Intelligenceand analytics Cyber-threat intelligence Outsider Threat
ProtectionSoftware and Platform
Security SSL Prescriptive Processes SAFECode Software Construction
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page ��
The Cyber Security Body Of Knowledgewww.cybok.org
Software and PlatformSecurity SSL Prescriptive Processes SAFECode Software Design and
ArchitectureSoftware and Platform
Security SSL Prescriptive Processes SAFECode Software Testing
Software and PlatformSecurity SSL Prescriptive Processes SAFECode Methodologies
Software and PlatformSecurity WAM Fundamental concepts
and approaches Webi�cation The Web Model
Software and PlatformSecurity WAM Fundamental concepts
and approaches Cookies Cookies
Software and PlatformSecurity WAM Fundamental concepts
and approaches Webi�cation HTML� Security
Attacks and Defences RMGBusiness Continuity:
Incident Response andRecovery Planning
***Managing a BusinessInformation Continuity
Plan
Software and PlatformSecurity SS
Categories ofVulnerabilities (SS) OR
Prevention ofVulnerabilities,
*** Vulnerabilities andcontrol
Human, Organisationaland Regulatory Aspects RMG
Business continuity:incident response and
recovery planning*** Continuity Plan
Human, Organisationaland Regulatory Aspects RMG Risk Assessment and
Management PrinciplesRisk assessment andmanagement methods
Asset Evaluation andBusiness Impact
AnalysisHuman, Organisationaland Regulatory Aspects RMG Risk De�nition Risk assessment Risk Identi�cation
Human, Organisationaland Regulatory Aspects RMG Risk Assessment and
Management Principles Security metrics Risk Quanti�cation
Human, Organisationaland Regulatory Aspects RMG
Business continuity:incident response and
recovery planning*** Risk Response
development and control
Human, Organisationaland Regulatory Aspects RMG Risk Governance Enacting security policy Security Policy
Human, Organisationaland Regulatory Aspects RMG
Business continuity:incident response and
recovery planning*** Compliance and
Business Continuity
Attacks and Defences SOIM Human Factors: IncidentManagement
Prepare: incidentmanagement planning Incident preparation
Attacks and Defences SOIM Human Factors: IncidentManagement
Prepare: incidentmanagement planning
Incident Detection andAnalysis
Attacks and Defences SOIM Human factors: incidentmanagement
Handle: actual incidentresponse
Containment,Eradication, and
Recovery
Attacks and Defences SOIM Human Factors: IncidentManagement
Follow up - Post-incidentactivities
Post-incident cyberservices
Note :- Some topics are too broad to be covered in a single KA, therefore if terms are sobroad, they can’t be mapped without more context. It is better to consider the context andthen record the appropriate Indicate Material, Topic, Knowledge Areas and Broad Category.*** Indicated that there is no direct mapping of keyword with Indicative material but with Topiccoverage.
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page ��
The Cyber Security Body Of Knowledgewww.cybok.org
� SOURCE OF MODULE CONTENTShttps://professional.mit.edu/course-catalog/applied-cybersecurity
CyBOK Mapping Framework for NCSC Certi�ed Degrees | June ���� Page ��