Texas Administrative Code
Title 19 - EDUCATION
Part 2 - TEXAS EDUCATION AGENCY
Chapter 127 - TEXAS ESSENTIAL KNOWLEDGE AND SKILLS FOR CAREER DEVELOPMENT AND CAREER AND TECHNICAL EDUCATION
Subchapter O - SCIENCE, TECHNOLOGY, ENGINEERING, AND MATHEMATICS
Section 127.792 - Foundations of Cybersecurity (One Credit), Adopted 2022
Universal Citation: 19 TX Admin Code ยง 127.792
Current through Reg. 49, No. 38; September 20, 2024
(a) Implementation. The provisions of this section shall be implemented by school districts beginning with the 2023-2024 school year.
(1) No later than August 1, 2023,
the commissioner of education shall determine whether instructional materials
funding has been made available to Texas public schools for materials that
cover the essential knowledge and skills identified in this section.
(2) If the commissioner makes the
determination that instructional materials funding has been made available this
section shall be implemented beginning with the 2023-2024 school year and apply
to the 2023-2024 and subsequent school years.
(3) If the commissioner does not make the
determination that instructional materials funding has been made available
under this subsection, the commissioner shall determine no later than August 1
of each subsequent school year whether instructional materials funding has been
made available. If the commissioner determines that instructional materials
funding has been made available, the commissioner shall notify the State Board
of Education and school districts that this section shall be implemented for
the following school year.
(b) General requirements. This course is recommended for students in Grades 9-12. Students shall be awarded one credit for successful completion of this course.
(c) Introduction.
(1) Career and technical education
instruction provides content aligned with challenging academic standards,
industry and relevant technical knowledge, and college and career readiness
skills for students to further their education and succeed in current and
emerging professions.
(2) The
Science, Technology, Engineering, and Mathematics (STEM) Career Cluster focuses
on planning, managing, and providing scientific research and professional and
technical services such as laboratory and testing services and research and
development services.
(3)
Cybersecurity is a critical discipline concerned with safeguarding computers,
networks, programs, and data from unauthorized access. As a field, it has
gained prominence with the expansion of a globally connected society. As
computing has become more sophisticated, so too have the abilities of
adversaries looking to penetrate networks and access systems and sensitive
information. Cybersecurity professionals prevent, detect, and respond to
minimize disruptions to governments, organizations, and individuals.
(4) In the Foundations of Cybersecurity
course, students will develop the knowledge and skills needed to explore
fundamental concepts related to the ethics, laws, and operations of
cybersecurity. Students will examine trends and operations of cyberattacks,
threats, and vulnerabilities. Students will review and explore security
policies designed to mitigate risks. The skills obtained in this course prepare
students for additional study in cybersecurity. A variety of courses are
available to students interested in this field. Foundations of Cybersecurity
may serve as an introductory course in this field of study.
(5) Students are encouraged to participate in
extended learning experiences such as career and technical student
organizations and other leadership or extracurricular organizations.
(6) Statements that contain the word
"including" reference content that must be mastered, while those containing the
phrase "such as" are intended as possible illustrative examples.
(d) Knowledge and skills.
(1) Employability skills. The student
demonstrates necessary skills for career development and successful completion
of course outcomes. The student is expected to:
(A) identify and demonstrate employable work
behaviors such as regular attendance, punctuality, maintenance of a
professional work environment, and effective written and verbal
communication;
(B) identify and
demonstrate positive personal qualities such as authenticity, resilience,
initiative, and a willingness to learn new knowledge and skills;
(C) solve problems and think
critically;
(D) demonstrate
leadership skills and function effectively as a team member; and
(E) demonstrate an understanding of ethical
and legal responsibilities and ramifications in relation to the field of
cybersecurity.
(2)
Professional awareness. The student identifies various employment opportunities
and requirements in the cybersecurity field. The student is expected to:
(A) identify job and internship opportunities
and accompanying job duties and tasks;
(B) research careers in cybersecurity and
information security and develop professional profiles that match education and
job skills required for obtaining a job in both the public and private
sectors;
(C) identify and discuss
certifications for cybersecurity-related careers; and
(D) explain the different types of services
and roles found within a cybersecurity functional area such as a security
operations center (SOC).
(3) Ethics and laws. The student understands
ethical and current legal standards, rights and restrictions governing
technology, technology systems, digital media, and the use of social media. The
student is expected to:
(A) demonstrate and
advocate for ethical and legal behaviors both online and offline among peers,
family, community, and employers;
(B) investigate and analyze local, state,
national, and international cybersecurity laws such as the USA PATRIOT Act of
2001, General Data Protection Regulation, Digital Millennium Copyright Act,
Computer Fraud and Abuse Act, and Health Insurance Portability and
Accountability Act of 1996 (HIPAA);
(C) investigate and analyze noteworthy
incidents or events regarding cybersecurity;
(D) communicate an understanding of ethical
and legal behavior when presented with various scenarios related to
cybersecurity activities;
(E)
define and identify tactics used in an incident such as social engineering,
malware, denial of service, spoofing, and data vandalism; and
(F) identify and use appropriate methods for
citing sources.
(4)
Ethics and laws. The student differentiates between ethical and malicious
hacking. The student is expected to:
(A)
identify motivations and perspectives for hacking;
(B) distinguish between types of threat
actors such as hacktivists, criminals, state-sponsored actors, and foreign
governments;
(C) identify and
describe the impact of cyberattacks on the global community, society, and
individuals;
(D) differentiate
between industry terminology for types of hackers such as black hats, white
hats, and gray hats; and
(E)
determine and describe possible outcomes and legal ramifications of ethical
versus malicious hacking practices.
(5) Ethics and laws. The student identifies
and defines cyberterrorism and counterterrorism. The student is expected to:
(A) define cyberterrorism, state-sponsored
cyberterrorism, and hacktivism;
(B)
compare and contrast physical terrorism and cyberterrorism, including domestic
and foreign actors;
(C) define and
explain intelligence gathering;
(D)
explain the role of cyber defense in protecting national interests and
corporations;
(E) explain the role
of cyber defense in society and the global economy; and
(F) explain the importance of protecting
public infrastructures such as electrical power grids, water systems,
pipelines, transportation, and power generation facilities from
cyberterrorism.
(6)
Digital citizenship. The student understands and demonstrates the social
responsibility of end users regarding significant issues related to digital
technology, digital hygiene, and cyberbullying. The student is expected to:
(A) identify and understand the nature and
value of privacy;
(B) analyze the
positive and negative implications of a digital footprint and the maintenance
and monitoring of an online presence;
(C) discuss the role and impact of technology
on privacy;
(D) identify the signs,
emotional effects, and legal consequences of cyberbullying and cyberstalking;
and
(E) identify and discuss
effective ways to deter and report cyberbullying.
(7) Digital citizenship. The student
understands the implications of sharing information and access with others. The
student is expected to:
(A) define personally
identifiable information (PII);
(B)
evaluate the risks and benefits of sharing PII;
(C) describe the impact of granting
applications unnecessary permissions such as mobile devices accessing camera
and contacts;
(D) describe the
risks of granting third parties access to personal and proprietary data on
social media and systems; and
(E)
describe the risks involved with accepting Terms of Service (ToS) or End User
License Agreements (EULA) without a basic understanding of the terms or
agreements.
(8)
Cybersecurity skills. The student understands basic cybersecurity concepts and
definitions. The student is expected to:
(A)
define cybersecurity and information security;
(B) identify basic risk management and risk
assessment principles related to cybersecurity threats and vulnerabilities,
including the Zero Trust model;
(C)
explain the fundamental concepts of confidentiality, integrity, and
availability (CIA triad);
(D)
describe the trade-offs between convenience and security;
(E) identify and analyze cybersecurity
breaches and incident responses;
(F) identify and analyze security challenges
in domains such as physical, network, cloud, and web;
(G) define and discuss challenges faced by
cybersecurity professionals such as internal and external threats;
(H) identify indicators of compromise such as
common risks, warning signs, and alerts of compromised systems;
(I) explore and discuss the vulnerabilities
of network-connected devices such as Internet of Things (IoT);
(J) use appropriate cybersecurity
terminology;
(K) explain the
concept of penetration testing, including tools and techniques; and
(L) explore and identify common industry
frameworks such as MITRE ATT&CKT, MITRE EngageT, and Cyber Kill Chain, and
the Diamond Model.
(9)
Cybersecurity skills. The student understands and explains various types of
malicious software (malware). The student is expected to:
(A) define malware, including spyware,
ransomware, viruses, and rootkits;
(B) identify the transmission and function of
malware such as trojan horses, worms, and viruses;
(C) discuss the impact of malware and the
model of "as a service";
(D)
explain the role of reverse engineering for the detection of malware and
viruses; and
(E) describe free and
commercial antivirus and anti-malware software also known as Endpoint Detection
and Response software.
(10) Cybersecurity skills. The student
understands and demonstrates knowledge of techniques and strategies to prevent
a system from being compromised. The student is expected to:
(A) define system hardening;
(B) use basic system administration
privileges;
(C) explain the
importance of patching operating systems;
(D) explain the importance of software
updates;
(E) describe standard
practices to configure system services;
(F) explain the importance of backup
files;
(G) research and explain
standard practices for securing computers, networks, and operating systems,
including the concept of least privilege; and
(H) identify vulnerabilities caused by a lack
of cybersecurity awareness and training such as weaknesses posed by individuals
within an organization.
(11) Cybersecurity skills. The student
understands basic network operations. The student is expected to:
(A) identify basic network devices, including
routers and switches;
(B) define
network addressing;
(C) analyze
incoming and outgoing rules for traffic passing through a firewall;
(D) identify well known ports by number and
service provided, including port 22 (Secure Shell Protocol/ssh), port 80
(Hypertext Transfer Protocol/http), and port 443 (Hypertext Transfer Protocol
Secure/https);
(E) identify
commonly exploited ports and services, including ports 20 and 21 (File Transfer
Protocol/ftp), port 23 (telnet protocol), and port 3389 (Remote Desktop
Protocol/rdp); and
(F) identify
common tools for monitoring ports and network traffic.
(12) Cybersecurity skills. The student
identifies standard practices of system administration. The student is expected
to:
(A) define what constitutes a secure
password;
(B) create a secure
password policy, including length, complexity, account lockout, and
rotation;
(C) identify methods of
password cracking such as brute force and dictionary attacks; and
(D) examine and configure security options to
allow and restrict access based on user roles.
(13) Cybersecurity skills. The student
demonstrates necessary steps to maintain user access on the system. The student
is expected to:
(A) identify different types
of user accounts and groups on an operating system;
(B) explain the fundamental concepts and
standard practices related to access control, including authentication,
authorization, and auditing;
(C)
compare methods for single- and multi-factor authentication such as passwords,
biometrics, personal identification numbers (PINs), secure tokens, and other
passwordless authentication methods;
(D) define and explain the purpose and
benefits of an air-gapped computer; and
(E) explain how hashes and checksums may be
used to validate the integrity of transferred data.
(14) Cybersecurity skills. The student
explores the field of digital forensics. The student is expected to:
(A) explain the importance of digital
forensics to organizations, private citizens, and the public sector;
(B) identify the role of chain of custody in
digital forensics;
(C) explain the
four steps of the forensics process, including collection, examination,
analysis, and reporting;
(D)
identify when a digital forensics investigation is necessary;
(E) identify information that can be
recovered from digital forensics investigations such as metadata and event
logs; and
(F) analyze the purpose
of event logs and identify suspicious activity.
(15) Cybersecurity skills. The student
explores the operations of cryptography. The student is expected to:
(A) explain the purpose of cryptography and
encrypting data;
(B) research
historical uses of cryptography;
(C) review and explain simple cryptography
methods such as shift cipher and substitution cipher;
(D) define and explain public key encryption;
and
(E) compare and contrast
symmetric and asymmetric encryption.
(16) Vulnerabilities, threats, and attacks.
The student understands vulnerabilities, threats, and attacks. The student is
expected to:
(A) explain how computer
vulnerabilities leave systems open to cyberattacks;
(B) explain how users are the most common
vehicle for compromising a system at the application level;
(C) define and describe vulnerability,
payload, exploit, port scanning, and packet sniffing;
(D) identify internal threats to systems such
as logic bombs and insider threats;
(E) define and describe cyberattacks,
including man-in-the-middle, distributed denial of service, spoofing, and
back-door attacks;
(F)
differentiate types of social engineering techniques such as phishing; web
links in email, instant messaging, social media, and other online communication
with malicious links; shoulder surfing; and dumpster diving; and
(G) identify various types of
application-specific attacks such as cross-site scripting and injection
attacks.
(17)
Vulnerabilities, threats, and attacks. The student evaluates the
vulnerabilities of networks. The student is expected to:
(A) compare vulnerabilities associated with
connecting devices to public and private networks;
(B) explain device vulnerabilities and
security solutions on networks such as supply chain security and counterfeit
products;
(C) compare and contrast
protocols such as HTTP versus HTTPS;
(D) debate the broadcasting or hiding of a
wireless service set identifier (SSID); and
(E) research and discuss threats such as
mandatory access control (MAC) spoofing and packet sniffing.
(18) Vulnerabilities, threats, and
attacks. The student analyzes threats to computer applications. The student is
expected to:
(A) define application
security;
(B) identify methods of
application security such as secure development policies and
practices;
(C) explain the purpose
and function of vulnerability scanners;
(D) explain how coding errors may create
system vulnerabilities such as buffer overflows and lack of input validation;
and
(E) analyze the risks of
distributing insecure programs.
(19) Risk assessment. The student understands
risk and how risk assessment and risk management defend against attacks. The
student is expected to:
(A) define commonly
used risk assessment terms, including risk, asset, and inventory;
(B) identify risk management strategies,
including acceptance, avoidance, transference, and mitigation; and
(C) compare and contrast risks based on an
industry accepted rubric or metric such as Risk Assessment Matrix.
Disclaimer: These regulations may not be the most recent version. Texas may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google
Privacy Policy and
Terms of Service apply.
