Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional, and physical attributes with its requirements, design, and operational information throughout its life.
The Internet of Things consist of environments of smart devices. These devices include sensors, actuators, cameras, micro controllers and micro or credit card size computers. The proper management of these devices is a critical responsibility for IoT security technicians.
The term Systems Integration refers to integrating IoT devices from different manufacturers into a common environment. System Integration is highly dependent upon industry standards and protocols in collaboration between product vendors.
1.5 Device Management - Systems Testing and Evaluation
IoT environments can be fluid and experience continuing change. These changes require highly dependable systems that need to be tested and evaluated on a regular basis. Testing would include evaluating the proper installation and configuration.
2.1 Information Communication Technologies - Computer Forensics
Computer Forensics is the process and practices of collecting and analyzing data. As an IoT security technician computer forensics may be used to investigate a security incident, attack or data breach. Computer Forensics requires the knowledge of many special tools, hardware and programs.
2.2 Information Communication Technologies - Network Defense
Network Defense refers to the processes and devices used to protect a network from internal and external threats. The first level of network defense starts with perimeter protection including firewalls and access control lists.
2.3 Information Communication Technologies - Computers and Electronics
Computers and Electronics can be defined as the basic electronic principles including voltage, electrical current, resistance, power, frequency, inductance and capacitance. The IoT security technician must have a working knowledge of these principles and the ability to measure and troubleshoot electronics and electrical circuits.
2.4 Information Communication Technologies - Cryptography/Cryptoanalysis
Cryptography/Cryptoanalysis can be defined as the practice and study of techniques for securing communications and stored information. Cryptography/Cryptoanalysis consists of the use of encoding and decoding algorithms.They are used to protect the confidentiality of sensitive data from adversaries and unauthorized individuals.
2.5 Information Communication Technologies - Data Management
Data Management can be defined as the concepts and practices needed to properly manage an organization’s information. These practices include the data bases, data architecture, data handling policies and practices and procedures needed to properly manage the full data life cycle needs of an enterprise.
2.7 Information Communication Technologies - Information Security Principles
Information Security Principles are the overriding philosophies that guide an organization’s information security management plan. These principles include availability, integrity and confidentiality of the organization’s information systems.
2.9 Information Communication Technologies - Internal Controls
Internal Controls refers to the security countermeasures that an organization takes to manage the threats and vulnerabilities to their information systems. Security controls consists of policy, procedures, technologies and products used to mitigate the risk to the enterprise.
2.10 Information Communication Technologies - Modeling and Simulation
System Modeling and Simulation refers to the process of building model environments that replicate an organization’s actual infrastructure. This process is performed in order to analyze and measure the impact of failures, attacks and natural and manmade disasters. Modeling and simulation is a critical aspect of managing disaster recovery and business continuity
2.11 Information Communication Technologies - Network Management
Network Management refers to the concepts and processes used to protect an organizations communication network. Network Management includes protection of the LANs, WANs, wireless networks, peripheral networks and virtual networks.
2.12 Information Communication Technologies - Operating Systems
Operating Systems refers to the installation, implementation configuration, operations and troubleshooting of today’s most popular operating systems. These operating systems would include Windows, Work Station and Server systems, Unix/Linux and the Android systems.
2.13 Information Communication Technologies - Surveillance
Surveillance refers to the technologies and processes used to monitor the information technology devices and systems. Surveillance can range from guards, cameras, intrusion detection systems and local logs on hosting devices.
2.14 Information Communication Technologies - Security Awareness
Security Awareness refers to the organizations efforts to make all personnel familiar with the organizations policies, processes and technologies used to protect the organizations information systems. Organizations must heavily invest in technologies and procedures that protect the organizations information infrastructure.
2.15 Information Communication Technologies - Vulnerability Assessment
Vulnerability Assessment is the process of identifying and analyzing vulnerabilities within an organization’s information management systems. Vulnerability assessment can include scanning for network, host, operating systems, applications and services vulnerabilities.
2.16 Information Communication Technologies - Web Technologies
Web Technology includes web based systems that enable an organization to deploy, authenticate, control and collect data from their IoT devices. The growth of web based technologies in the IoT field has grown exponentially and understanding of the underlying technology is a critical skill for the IoT security technician.
3.1 Information / Data Assurance - Database Administration
Database Administration refers to the design, creation and management of databases used to collect and control devices in an IoT or ICS environment. The IoT security technician must have an understanding of database creation and structures