Information Technology 2017 Final Curriculum Report

IT2017 2017 December 10

Appendix B: Performances

B.1 Essential IT Domains

ITE-CSP Cybersecurity Principles

ITE-CSP-01 Perspectives and impact
a. Make sense of the hard problem areas in cybersecurity that continue to make cybersecurity a challenge to implement.
b. Describe how a significant cybersecurity event has led to increased organizational focus on cybersecurity.
c. Tell a story of a significant cybersecurity advance.
d. Evaluate when the Confidentiality, Integrity and Availability (CIA) of information has been or could be violated with regards to
providing trust of information.
e. Compare and evaluate different approaches/implementations of digital currencies.

ITE-CSP-02 Policy goals and mechanisms

a. Recognize when an organization focus is on compliance with standards vs. state of the practice vs. state of the art.
b. Be aware of multiple definitions for the word “policy” within a cybersecurity context.
c. Consider vulnerability notification and the issues associated with fixing or not fixing vulnerabilities and disclosing or not disclosing
vulnerabilities.
d. Contrast the implications of relying on open design or the secrecy of design for security.
e. Express why cybersecurity is a societal imperative.

ITE-CSP-03 Security services, mechanisms, and countermeasures

a. Analyze the tradeoffs of balancing key security properties (Confidentiality, Integrity, and Availability).
b. Make sense of the concepts of risk, threats, vulnerabilities and attack vectors (including the fact that there is no such thing as perfect
security).
c. Document an example of “countermeasures” for specific threats.
d. Produce a list capabilities and tools that identify cybersecurity risks on an ongoing basis.
e. Show the concept of identity management and how it is important.
f. Make meaning of the concepts of authentication, authorization, and access control.
g. Argue for the benefit of multi-factor authentication.

ITE-CSP-04 Cyberattacks and detection

a. Contrast the roles of prevention, deterrence, and detection mechanisms.
b. Recognize password guessing, port scanning, SQL injection probes, and other cyberattacks in log files.
c. Make sense of the role and limitations of signature-based and behavioral-based anti-virus technology.
d. Contrast host-based and network-based intrusion detection systems.
e. Design several rules for a network-based intrusion detection system that will protect against specific known attacks.
f. Describe how the use of deception by malware is used to evade security mechanisms.

ITE-CSP-05 High assurance systems

a. Make sense of the concepts of trust and trustworthiness.
b. Describe how the principle of least privilege and isolation is applied to system design.
c. Describe how the principles of fail-safe and deny-by-default fit high assurance systems.
d. Describe how mediation and the Principle of Complete Mediation apply.
e. Make sense of the concept of trusted computing including trusted computing base and attack surface and the principle of minimizing
trusted computing base.
f. Describe how commercial approaches to delivering high-assurance services, including SE Linux, Security Enhanced hypervisors, role-
based access systems, and digital signatures are applied to code and data.
g. Document the role of formal methods in creating high assurance software and systems.
h. Describe how Trusted Platform Modules (TPMs) are used in creating high assurance systems.

ITE-CSP-06 Vulnerabilities, threats, and risk

a. Express the differences between vulnerabilities, threats, and risk.
b. Describe how security mechanisms can contain vulnerabilities.
c. Use a risk management framework.
d. Use penetration-testing tools to identify a vulnerability.
e. Derive several benefits of defense in depth, e.g., having multiple layers of defenses.
f. Describe how security issues arise at boundaries between components.
g. Use the National Vulnerability Database to determine if software installed on a server or network component has a known vulnerability.

Page 89 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

h. Recognize vulnerabilities, threats and risks that are distinct to network infrastructure, cloud computing servers, desktop computers, and
mobile devices.
i. Use a buffer-overflow attack against a server that reads an unbounded data into a fixed-size data structure.
j. Use a cross-site scripting attack against a server that does not properly sanitize user input prior to displaying the results in a browser.

ITE-CSP-07 Anonymity systems

a. Compare the limitations and strengths of anonymous communication and payment systems currently in use.
b. Propose legitimate and illicit uses of anonymity systems.
c. Model policies for prohibiting or using anonymity systems within an organization.
d. Use an anonymity system (e.g., Tor).
e. Document the kind of information not protected by an anonymous communication system.
f. Evaluate the impact of search queries on maintaining anonymity.
g. Evaluate the implications of DNS queries on maintaining anonymity.

ITE-CSP-08 Usable security

a. Describe how the concept of “psychological acceptability” and the importance of usability impact security mechanism design.
b. Make sense of research studies that consistently demonstrate that a trust-oriented interface design can facilitate the development of more
trustworthy systems.
c. Design a user interface for a security mechanism.
d. Analyze a security policy and/or procedure to show where it considers, or fails to consider, human factors.
e. Critique the ability of complex password policies to achieve the desired goal of preventing unauthorized access to sensitive systems.
f. Recognize the differences between erasing pointers to information and overwriting the information as they apply to file systems,
databases, and cloud storage.
g. Judge the effectiveness of an authentication mechanism from the perspective of a person who is visually impaired.
h. Design and develop software suite for a new digital currency.

ITE-CSP-09 Cryptography overview

a. Exhibit comprehension of the terms encryption, decryption, key, public key cryptography, symmetric cryptography, algorithm, key
length, key escrow, key recover, key splitting, random number generator, nonce, initialization vector, cryptographic mode, plaintext,
cipher text, S/MIME, PGP, IPsec, TLS.
b. Contrast encryption, digital signatures, and hash functions.
c. Compare encryption for data at rest and data in motion.
d. Make sense of block-level encryption, file-level encryption, and application-level encryption for encrypted storage.
e. Argue for why it is preferred to use validated, proven algorithms and implementations rather than developing new ones.

ITE-CSP-10 Malware fundamentals

a. Tell a story of how malware is concealed and the impact that malware might have on a system.
b. Use signature-based or behavior detection malware countermeasures to address malware infection mechanisms.
c. Propose where within the architectures of organization’s information systems it might be most effective to provide protection from
malware.
d. Debug a system (network, computer, or application) for the presence of malware.
e. Use techniques for safely isolating malware samples from infected systems and classifying the sample.

ITE-CSP-11 Mitigation and recovery

a. Discuss a risk mitigation and incident recovery plan.
b. Perform a mitigation of a malware infection on an enterprise client and an enterprise server.
c. Document the managerial and forensic steps for recovery after detecting a hostile insider.
d. Contrast backup and recovery plans designed to protect against natural disasters from those designed to protect against hostile actors.
e. Document examples of the steps taken after a credential is lost or compromised.
f. Describe how supply chain risks could be reduced.

ITE-CSP-12 Personal information

a. Make sense of the terms Personal Information, Personally Identifiable Information, De-Identification, Anonymization, Pseudonym,
Masking, and Unmasking.
b. Describe how the Fair Information Practices apply to personal information and how online entities collect and use personal information.
c. Classify several categories of personal information according to privacy and disclosure risk.
d. Contrast policies for collecting, processing, storing, sharing, and disposing of personal information.
e. Illustrate the role and limitations of encryption for protecting personal information.
f. Make sense of policies and technologies for isolating personal data from enterprise data.
g. Analyze approaches for controlling access to personal information.

ITE-CSP-13 Operational issues

a. Show how one determines the exposure and plans for the recovery of a lost laptop and mobile device.
b. Document standards that apply to an organization’s information security posture.
c. Evaluate potential vendors with respect to their security offerings.
d. Make meaning of emerging threats, vulnerabilities, and mitigations.
e. Design a continuing education program.
f. Make sense of the challenges of recruitment and retention of security personnel.
g. Suggest and implement digital currency extensions using relevant scripting techniques (colored coins paradigm)

Page 90 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITE-CSP-14 Reporting requirements

a. Document legal and regulatory requirements for sharing of threat and breach information.
b. Contrast different vulnerability disclosure policies, including “full disclosure,” and “responsible disclosure.”
c. Make sense of the concept of privacy breach versus security breach and the governing rules that apply to both types of breach.

ITE-GPP Global Professional Practice

ITE-GPP-01 Perspectives and impact
a. Describe the nature of professionalism and its place in the field of information technology.
b. Contrast ethical and legal issues as related to information technology.
c. Describe how IT uses or benefits from social and professional issues.

ITE-GPP-02 Professional issues and responsibilities

a. Contrast the professional context of information technology and computing and adherence to ethical codes of conduct.
b. Describe and critique several historical, professional, ethical, and legal aspects of computing.

ITE-GPP-03 IT governance and resource management

a. Analyze the expanding role of IT governance and its effect on organizations.
b. Be aware of management issues in IT governance.
c. Compare and contrast organizational cultures and their impact on IT governance.
d. Justify the appropriate resources needed to administer the system.
e. Compare and contrast several alternative vendors of system resources.
f. Develop naming conventions for the resources in a system.
g. Create and justify several appropriate policies and procedures to manage resources in a system.

ITE-GPP-04 Risk identification and evaluation

a. Analyze the role of risk to an organization and ways to identify key risk factors.
b. Evaluate various risks and appropriate actions.
c. Design and build a risk matrix.

ITE-GPP-05 Environmental issues

a. Analyze and critique ways to develop green IT policies and standards and learn to identify green IT.
b. Contrast several frameworks for green computing.
c. Describe several uses of green computing for improving energy efficiency.

ITE-GPP-06 Ethical, legal, and privacy issues

a. Evaluate the role of legal, ethical, and privacy issues within IT as it relates to organizations.
b. Reflect on whether existing laws need modification to keep up with technology.
c. Model a computer use policy that includes privacy, legal, and ethical considerations for all employees.
d. Contrast ethical algorithms with algorithms that are ethically neutral.

ITE-GPP-07 Intellectual property

a. Describe the foundations of intellectual property.
b. Critique several transnational issues concerning intellectual property.
c. Distinguish among employees, contractors, and consultants and offer the implications of each hiring class.
d. Compare software patents and contrast with other forms of intellectual property protection.

ITE-GPP-08 Project management principles

a. Describe the key components of a project plan.
b. Show the importance of a cost/benefit analysis to the successful implementation of a project plan.
c. Evaluate appropriate project planning and tracking tools.
d. Illustrate how to identify the lessons learned in a project closeout and review session.

ITE-GPP -09 Communications

a. Evaluate several strategies for effective professional communication in writing and in speaking.
b. Create well-organized technical reports that are structured according to acceptable standards.
c. Analyze and describe the role of communications within IT as well as in building relationships with the organizations.
d. Illustrate several essential skills for communicating within a team environment.

ITE-GPP-10 Teamwork and conflict management

a. Analyze several skill sets needed to function effectively in a team environment.
b. Contrast several ways in which industry approaches teamwork toward a common goal.
c. Describe and critique several ways that conflict management aids in building stronger teams.

ITE-GPP-11 Employability skills and careers in IT

a. Evaluate viable skill sets essential to a career in IT.
b. Illustrate the elements of a successful technical resume.

Page 91 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

c. Reflect on the need for industry experience within the IT field.

d. Compare the important elements needed for a strong interview for an IT position.

ITE-GPP-12 Information systems principles

a. Critique ways in which information systems supports organizational requirements.
b. Describe the system development life cycle, its phases, and models.
c. Evaluate the effectiveness and efficiency of a system.
d. Contrast several high-level IT strategies to avoid obstacles to achieve organizational goals.

ITE-IMA Information Management

ITE-IMA-01 Perspectives and impact
a. Describe how data storage and retrieval has changed over time.
b. Justify the advantages of a database approach compared to traditional file processing.
c. Describe how the growth of the internet and demands for information for users outside the organization (customers and suppliers)
impact data handling and processing.
d. Tell a brief history of database models and their evolution.

ITE-IMA-02 Data-information concepts

a. Describe the role of data, information, and databases in organizations.
b. Compare and use key terms such as: information, data, database, database management system, metadata, and data mining.
c. Illustrate data quality, accuracy, and timeliness, and explain how their absence will impact organizations.
d. Describe mechanisms for data collection and their implications (automated data collection, input forms, sources).
e. Describe basic issues of data retention, including the need for retention, physical storage, backup, and security.

ITE-IMA-03 Data modeling

a. Design Entity Relationship diagrams based on appropriate organizational rules for a given scenario.
b. Describe the relationship between a logical model and a physical model.
c. Evaluate importance of database constraints.
d. Design a physical model for the best performance including impact of normalization and indexes.
e. Compare and contrast the differences and similarities between the relational and the dimensional data modeling (OLTP vs. OLAP).

ITE-IMA-04 Database query languages

a. Create, modify, and query database objects using the Structured Query Language (SQL).
b. Perform filtering and sorting data using various clauses including where, order by, between, like, group by, and having.
c. Use joins to select data across multiple tables.
d. Use embedded SQL queries.
e. Perform calculations in a query using calculated fields and aggregate functions.
f. Create updatable and non-updatable views.

ITE-IMA-05 Data organization architecture

a. Demonstrate select, project, union, intersection, set difference, and natural join relational operations using simple example relations
provided.
b. Contrast and compare relational databases concepts and non-relational databases including object-oriented, XML, NewSQL and
NoSQL databases.
c. Express the relationship between functional dependencies and keys, and give examples.
d. Evaluate data integrity and provide examples of entity and referential integrity.
e. Analyze how data fragmentation, replication and allocation affect database performance.

ITE-IMA-06 Special-purpose databases

a. Describe major concepts of object oriented, XML, NewSQL, and NoSQL databases.
b. Demonstrate an understanding of online analytical processing and data warehouse systems.
c. Describe methods of data mining and what insights may be gained by these methods.

ITE-IMA-07 Managing the database environment

a. Contrast and compare data administration and database administration.
b. Describe tasks commonly performed by database administrators.
c. Create and manage database users, roles, and privileges.
d. Consider the concept of database security and backup and recovery.
e. Evaluate the importance of metadata in database environment.

ITE-IST Integrated Systems Technology

ITE-IST-01 Perspectives and impact
a. Describe how integrating various modules can produce a working system.

Page 92 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

b. Describe how integration is an important function of all IT professionals.

ITE-IST-02 Data mapping and exchange

a. Produce a definition for the term ‘metadata.’
b. Describe how ASCII, EBCDIC, and Unicode are used to encode data, and show how each should be used.
c. Describe how XML and the document object model are being used to integrate and exchange data between systems.
d. Use DTD to create a document definition for a data structure. Given a DTD for data structure, create an XML document with real data.
e. Describe how XSL, XSLT and XPath are used to transform data streams.

ITE-IST-03 Intersystem communication protocols

a. Describe how different types of architectures must be considered for integrating systems.
b. Demonstrate the role of DCOM, CORBA, and RMI in distributed processing.
c. Describe how web services are used to integrate disparate applications in an organization. Describe the role of the WSDL, SOAP, and
UDDI architectures in creating and using web services.
d. Demonstrate the role of socket programming in communicating between systems. Contrast the protocols and uses of TCP/IP sockets
and Datagram sockets.
e. Describe the purpose of message and queuing services and demonstrate how they work. Illustrate the protocol used by one messaging
service (e.g., JMS).
f. List the commonly used low level data communications protocols (e.g., RS232), describe how to know when each protocol should be
used, and illustrate the protocol for one low-level communication protocol.

ITE-IST-04 Integrative programming

a. Describe how design patterns are useful in integrative programming.
b. Evaluate the motivation for using each of the following design patterns: MVC, singleton, factory method, façade, proxy, decorator, and
observer.
c. Describe how a programming interface is used in programming, and illustrate with an example when the use of a programming interface
simplified the development of a system.
d. Define the concept of inheritance and describe how it can be applied to encourage code reuse.
e. Design an abstract class and use inheritance to create a class that extends the abstract class.
f. Design, develop, and test an application that uses the abstract class.

ITE-IST-05 Scripting techniques

a. Describe how scripting languages are used for web scripting, server-side scripting, and operating system scripting.
b. Write, debug, and test a script that includes selection, repetition, and parameter passing.

ITE-IST-06 Defensible integration

a. Contrast evidence-based security vs. code access security.
b. Define and evaluate several goals of secure coding.
c. Justify the guidelines for authenticating and defining permissions to systems services and resources.
d. For each of the following “best secure coding” practices, give an example of a problem that can occur when the practice is not followed
and then describe how to overcome the problem.
1. Preventing buffer overflow
2. Securing state data
3. Securing method access
4. Wrapper code
5. Unmanaged code
6. Validation of user input
7. Remoting considerations
8. Protected objects
9. Serialization
10. Robust error handling

ITE-NET Networking
ITE-NET-01 Perspectives and impact
a. Describe networking and the research scope of networking study.
b. Identify some components of a network.
c. Name several network devices and describe their purpose.
d. Describe ways information technology uses or benefits from networks.
e. Illustrate the role of networks in information technology.
f. Identify people who influenced or contributed to the area of networks.
g. Identify several contributors to networks and relate their achievements to the area.

Page 93 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITE-NET-02 Foundations of networking

a. Identify several current standards (e.g., RFC’s and IEEE 802) and describe how standards’ bodies and the standardization process impact
networking technology.
b. Contrast the OSI and internet models as they apply to contemporary communication protocols.
c. Analyze why different technologies are deployed in different contexts of networking, such as topology, bandwidth, distance, and number
of users.
d. Express the basic components and media of network systems and distinguish between LANs and WANs.
e. Describe how bandwidth and latency impact throughput in a data communications channel.
f. Deploy a basic Ethernet LAN and compare it to other network topologies.
g. Exhibit the concept and allocation of addressing scheme which involves port numbers, IPv4 and IPv6 address.
h. Configure a client and a server operating system and connect the client machine to the server over a LAN.
i. Analyze and compare the characteristics of various communication protocols and how they support application requirements.
j. Demonstrate the ability to solve basic problems and perform basic troubleshooting operations on LANs and connected devices.

ITE-NET-03 Physical layer

a. Show how the variables of Shannon’s law impact channel capacity.
b. Compare the bandwidth characteristics of several types of physical communication media.
c. Contrast the historical evolution of the switched and routed infrastructures.
d. Analyze the physical challenges inherent in wireless-fixed and wireless-mobile communication channels.
e. Compare methods of error detection and correction such as parity, cyclic redundancy check (CRC), and error detection and correction
(EDC).
f. Describe the development of modern communication standards, addressing both de jure and de facto standards.
g. Choose the appropriate compression methodology (lossy or lossless) for a given type of application.
h. Analyze and compare four networking topologies in terms of robustness, expandability, and throughput.

ITE-NET-04 Networking and interconnectivity

a. Describe the seven layers of the OSI model.
b. Contrast the differences between circuit switching and packet switching.
c. Contrast point-to-point network line configuration with multipoint configuration.
d. Illustrate some networking and internetworking devices such as repeaters, bridges, switches, routers, and gateways.
e. Recognize network topologies such as mesh, star, tree, bus, ring, 3-D torus.
f. Contrast connection-oriented services with connectionless services.
g. Teach network protocol features such as syntax, semantics, and timing.
h. Be aware of layered protocol software (stacks) such as physical-layer networking concepts, data-link layer concepts, internetworking,
and routing.
i. Contrast protocol suites such as IPv4, IPv6, IPvN, and TCP/UDP.
j. Evaluate the operation principles of some main protocols, such as FTP and SNMP.
k. Identify network standards and standardization bodies.

ITE-NET-05 Routing, switching, and internetworking

a. Describe data communications and telecommunications models, digital signal processing, topologies, protocols, standards, and
architectures that are in use today.
b. Identify the basic concepts of LAN and WAN technologies and topologies.
c. Describe different components and requirements of network protocols.
d. Discuss the concepts and the “building blocks” of today’s data communication networks such as switches, routers, and cabling.
e. Describe the operation and function of 802.1 devices and protocols.
f. Describe the necessary hardware (switches and routers) and components (routing algorithms and protocols) used to establish
communication between multiple networks.
g. Analyze the effect of various topologies, applications, and devices on network performance topics such as latency, jitter, response time,
window size, connection loss, and quality of service.

ITE-NET-06 Application networking services

a. Describe web software stack technologies such as LAMP solution stack (Linux, Apache HTTP server, MySQL, PHP/Perl/Python).
b. Describe the key components of a web solution stack using LAMP as an illustrative example.
c. Illustrate several roles and responsibilities of clients and servers for a range of possible applications.
d. Select several tools that will ensure an efficient approach to implementing various client-server possibilities.
e. Design and implement a simple interactive web-based application (for example, a simple web form that collects information from the
client and stores it in a file on the server).
f. Contrast peer-to-peer, client-server, and cloud networks.
g. Describe several web technologies such as dynamic HTML and the client-side model, server-side model.
h. Describe several characteristics of web servers such as handling permissions, file management, capabilities of common server
architectures.
i. Use the support tools for website creation and web management.
j. Design the architecture and services of email systems.
k. Describe the role of networking in database and file service applications.
l. Demonstrate the working process of DNS, steps of a resolver looking up a remote name.
m. Analyze the impact on the world-wide web portion of the internet if most of all routers ceased to function.
n. Solve the problem of distributing content, the architecture of content distribution network and peer-to-peer network.

Page 94 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITE-NET-07 Network management

a. Propose several main issues related to network management.
b. Discuss four typical architectures for network management including the management console, aggregators, and device agents.
c. Demonstrate the management of a device such as an enterprise switch through a management console.
d. Compare various network management techniques as they apply to wired and wireless networks such as topics on devices, users, quality
of service, deployment, and configuration of these technologies.
e. Discuss the address resolution protocol (ARP) for associating IP addresses with MAC addresses.
f. Exhibit the concepts of domain names and domain name systems (DNS).
g. Describe the dynamic host configuration protocol (DHCP).
h. Describe several issues related to internet service providers (ISPs).
i. Illustrate several quality-of-service issues such as performance and failure recovery.
j. Describe ad hoc networks.
k. Teach troubleshooting principles and techniques related to networks.
l. Describe management functional areas related to networks.

ITE-PFT Platform Technologies

ITE-PFT-01 Perspectives and impact
a. Describe how the historical development of hardware and operating system computing platforms produced the computing operating
systems we have today.

ITE-PFT-02 Operating systems

a. Describe how the components and functions of an operating system work together to provide a computing platform.
b. Demonstrate the ability to use both Windows and Unix-class systems.
c. Describe how the similarities and differences between Windows and Unix-class systems provide different advantages for these
computing platforms.
d. Demonstrate the main benefits of using scripts to perform operating systems tasks by automating a computing task.

ITE-PFT-03 Computing infrastructures

a. Analyze the power requirements for a computer system.
b. Justify the need for power and heat budgets within an IT environment.
c. Describe how the various types of servers meet different organizational requirements.
d. Justify the need for hardware and software integration.

ITE-PFT-04 Architecture and organization

a. Describe how numbers and characters are represented in a computer.
b. Produce a block diagram, including interconnections, of the main parts of a computer.
c. Describe how a computer stores and retrieves information to and from memory and hard drives.
d. Produce a definition for each of these terms: bus, handshaking, serial, parallel, data rate.

ITE-PFT-05 Application execution environment

a. Design a simple finite state machine with at least six states and four conditional branches, then build and troubleshoot it.
b. Compare the performance of two different computers with two different operating systems.
c. Illustrate the advantages and disadvantages of the five main hardware implementation options.

ITE-SPA System Paradigms

ITE-SPA-01 Perspectives and impact
a. Contrast system integration and system architecture.
b. Explain the system integration from the organizational perspective.

ITE-SPA-02 Requirements
a. Compare the various requirements modeling techniques.
b. Contrast between non-functional and functional requirements.
c. Demonstrate the structure of a detailed use case.
d. Express a use case based on relating functional requirements.
e. Illustrate the types of event flows in a use case and under which conditions they occur.
f. Describe how requirements gathering complements a system development lifecycle.
g. Describe how use cases drive testing throughout a system lifecycle.

ITE-SPA-03 System architecture

a. Demonstrate “architecture” in the context of system integration and architecture reflecting IEEE Standard 1471.
b. Justify how complex systems can be represented using architectural views and how this facilitates system evolution over time.
c. Describe how some specific architectural views relate to the system lifecycle.
d. Contrast the SOA, Zachman Framework, ITIL, COBIT, and ISO 20,000 architectural frameworks.

Page 95 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

e. Describe how modeling tools support the description and management of architectural views with examples.

ITE-SPA-04 Acquisition and sourcing

a. Contrast between build and buy in software and hardware acquisition.
b. Demonstrate the advantages and drawbacks of building and buying in general.
c. Contrast between in-sourcing and out-sourcing for the acquisition of IT services and support.
d. Contrast the advantages and drawbacks of in-sourcing and out-sourcing in general.
e. Demonstrate the importance of testing, evaluation, and benchmarking in any IT sourcing decision.
f. Demonstrate primary components in a request for proposal (RFP).
g. Contrast the advantages and drawbacks of using RFPs in an IT sourcing decision.
h. Express the importance of a well-structured contract in any IT sourcing decision.
i. Given an RFP, justify one or more products that satisfy the criteria of the RFP.

ITE-SPA-05 Testing and quality assurance

a. Express different ways for current testing standards.
b. Demonstrate the various components of usability testing.
c. Express different ways to execute and evaluate an acceptance test.

ITE-SPA-06 Integration and deployment

a. Express different ways for middleware platforms.
b. Demonstrate the advantages and disadvantages of some middleware platforms.
c. Justify major considerations for the selection of an enterprise integration platform.
d. Express different ways of integration using the “wrapper” approach.
e. Express different ways of integration using the “glue code” approach.
f. Describe how a framework facilitates integration of components.
g. Describe how the data warehouse concept relates to enterprise information integration.
h. Describe how integration choices affect testing and evaluation.

ITE-SPA-07 System governance

a. Compare alternative vendors of systems resources and justify a selection.
b. Develop policies for a networked system in an application domain (e.g., health care organization).
c. Develop policies for a network that includes low capacity embedded devices (e.g., a smart home).
d. Develop a disaster recovery plan for a small enterprise.

ITE-SPA-08 Operational activities

a. Design and implement a user and group administrative structure that allows users to use system resources effectively.
b. Design and construct development resources regarding administrative policies for different types of users.
c. Develop and monitor project plans for major system administration activities.
d. Install, configure, and test appropriate software and other resources.
e. Install, configure, and test automated device management technologies.
f. Design and implement a backup and restore strategy for a system.

ITE-SPA-09 Operational domains

a. Describe the scope of each operational domain in a system.
b. Develop and justify policies for each domain that allow for smooth interaction between domains without sacrificing security.
c. Develop and justify resource allocation plans for various operational domains.

ITE-SPA-10 Performance analysis

a. Design and implement a backup and restore strategy for a system.
b. Test the veracity of a disaster recovery plan for a small enterprise.
c. Confirm the accuracy and completeness of a backup.

ITE-SWF Software Fundamentals

ITE-SWF-01 Perspectives and impact
a. Reflect on how the creation of software has changed our lives.
b. Synthesize how software has helped people, organizations, and society to solve problems.
c. Describe several ways in which software has created new knowledge.

ITE-SWF-02 Concepts and techniques

a. Compare multiple levels of abstraction to write programs (constants, expressions, statements, procedures, parameterization, and
libraries).
b. Select appropriate built-in data types and library data structures (abstract data types) to model, represent, and process program data.
c. Use procedures and parameterization to reduce the complexity of writing and maintaining programs and to generalize solutions.
d. Explain multiple levels of hardware architecture abstractions (processor, special purpose cards, memory organization, and storage) and
software abstractions (source code, integrated components, running processes) involved in developing complex programs.
e. Create new programs by modifying and combining existing programs.

Page 96 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITE-SWF-03 Problem-solving strategies

a. Explain abstractions used to represent digital data.
b. Develop abstractions when writing a program or an IT artifact.
c. Apply decomposition strategy to design a solution to a complex problem.
d. Explain appropriateness of iterative and recursive problem solutions.
e. Write programs that use iterative and recursive techniques to solve computational problems.

ITE-SWF-04 Program development

a. Develop a correct program to solve problems by using an iterative process, documentation of program components, and consultation
with program users.
b. Use appropriate abstractions to facilitate writing programs: collections, procedures, application programming interfaces, and libraries.
c. Evaluate how a program is written in terms of program style, intended behavior on specific inputs, correctness of program components,
and descriptions of program functionality.
d. Develop a program by using tools relevant to current industry practices: version control, project hosting, and deployment services.
e. Demonstrate collaboration strategies that consider multiple perspectives, diverse talents, and sociocultural experiences.

ITE-SWF-05 Fundamental data structures

a. Write programs that use data structures (built-in, library, and programmer-defined): strings, lists, and maps.
b. Analyze the performance of different implementations of data structures.
c. Decide on appropriate data structures for modeling a given problem.
d. Explain appropriateness of selected data structures.

ITE-SWF-06 Algorithm principles and development

a. Describe why and how algorithms solve computational problems.
b. Create algorithms to solve a computational problem.
c. Explain how programs implement algorithms in terms of instruction processing, program execution, and running processes.
d. Apply appropriate mathematical concepts in programing: expressions, abstract data types, recurrence relations, and formal reasoning on
algorithm’s efficiency and correctness.
e. Evaluate empirically the efficiency of an algorithm.

ITE-SWF-07 Modern app programming practices

a. Create web and mobile apps with effective interfaces that respond to events generated by rich user interactions, sensors, and other
capabilities of the computing device.
b. Analyze usability, functionality, and suitability of an app program.
c. Collaborate in the creation of interesting and relevant apps.
d. Build and debug app programs using standard libraries, unit testing tools, and debuggers.
e. Evaluate readability and clarity of app programs based on program style, documentation, pre- and post-conditions, and procedural
abstractions.

ITE-UXD User Experience Design

ITE-UXD-01 Perspectives and impact
a. Show when human factors first became an issue in computer hardware and software design.
b. Define the meaning of human-computer interaction or HCI.
c. Define the meaning of user experience design or UXD.
d. Describe the evolution from human factors to User Experience Design (UX).
e. Contrast the physical and non-physical aspects of UXD.
f. Identify several modern high-tech computing technologies that present UXD challenges.
g. Describe several reasons for making UXD an essential part of the information technology discipline.

ITE-UXD-02 Human factors in design

a. Explain the conceptual terms for analyzing human interaction with products (e.g., affordance and feedback).
b. Analyze several different user populations or user cultures regarding their abilities to use software and hardware products.
c. Explain the importance of user abilities and characteristics in the usability of products.
d. Illustrate several ways cognitive and social principles apply to product design.
e. Illustrate several ways that physical aspects of product design affect usability.
f. Identify several goals, activities, and tasks related to an UX project.
g. Describe how creative innovation techniques such as brainstorming can lead to optimal user interfaces.

ITE-UXD-03 Effective interfaces

a. Explain how the user interface (UI) and interaction affect usability.
b. Design an interface that effectively employs localization and globalization technologies.
c. Adapt an interface to more effectively relate to users’ characteristics (e.g., age, education, cultural differences).
d. Design a user experience using storyboarding techniques.
e. Design and justify a low-fidelity prototype for a system or product.
f. Design and justify a high-fidelity prototype for a system or product.

Page 97 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

g. Demonstrate the advantages of user interface modalities other than windows, icons, menus and pointers in some situations.

ITE-UXD-04 Application domain aspects

a. Describe different types of interactive environments.
b. Describe several differences in developing user interfaces for different application environments and types of services.
c. Represent the connection between the design of a user interface and a model of user domain expertise.
d. Compare descriptions of cognitive models with the model names.
e. Propose cognitive models to the design of application user interfaces.
f. Argue for social psychology in the design of a user interface
g. Show how contextual, societal, cultural, and organizational factors can be applied in the design of a user interface.
h. Analyze an IT mediated service with several different user types and various stakeholders including a service provider.

ITE-UXD-05 Affective user experiences

a. Illustrate how a user develops an emotional reaction to or attachment to a product, service, or system.
b. Describe how a user’s emotional reaction to an interface can interfere with product or service acceptance.
c. Describe how a user’s emotional reaction to a product can advance product or service acceptance.

ITE-UXD-06 Human-centered evaluations

a. Demonstrate several general principles used in the heuristic evaluation of a user interface design.
b. Teach usability performance and preference metrics: learning, task time, task completion, effectiveness, and user satisfaction.
c. Describe common usability guidelines and standards.
d. Demonstrate several ways of measuring application usability employing a heuristic evaluation.
e. Produce documentation for an existing system or product with storyboarding techniques.
f. Create an appropriate usability test plan.
g. Propose several ways to measure product usability from performance and preference metrics.

ITE-UXD-07 Assistive technologies and accessibility

a. Describe several main principles for universal design.
b. Illustrate the advantages and disadvantages of biometric access control.
c. Describe the symptoms of repetitive stress syndrome; list some of the approaches that can ameliorate the problem.
d. Use accessibility guidelines and standards in the design of a user interface.
e. Design a user interface to effectively use accessibility features such as an automated narrator.
f. Describe a criterion for choosing a biometric access system for a given application.
g. Propose an assistive technology computer device for persons with visual, hearing, cognitive, or motor difficulties.
h. Describe a possible interface that allows a user with severe physical disabilities to use a website.
i. Describe the structure and components of an assistive technology.

ITE-UXD-08 User advocacy

a. Express the advantages and disadvantages for using a human-centered software development approach.
b. Analyze and model the user environment and context of use before designing a software application.
c. Analyze user groups and develop appropriate personas to represent them in design.
d. Propose appropriate user tasks for an application under consideration.
e. Describe the effect of socialization on the effectiveness of an application interface.
f. Demonstrate the importance of evaluating the impact of proposed system changes on the user experience.

ITE-WMS Web and Mobile Systems

ITE-WMS-01 Perspectives and impact
a. Describe how the world-wide web has impacted people’s lives over time.
b. Illustrate the growth and changes in mobile devices and applications over time.

ITE-WMS-02 Technologies
a. Describe the role of HTTP and HTTPS in the context of web applications.
b. Build a simple web site that
• organizes information effectively,
• uses valid HTML and CSS, and
• applies appropriate web standards from standards bodies such as W3C.
c. Develop a web or mobile application that
• uses industry-standard technologies,
• integrates serialized data in a structured format such as XML or JSON both synchronously and asynchronously,
• validates data inputs on the client- and server-side as appropriate,
• uses cookies,
• reads or modifies data in a server-side database, and
• uses JavaScript.
d. Express the constraints involved in state management (cookies, query strings, sessions) in the web and mobile context.
e. Contrast client-side with server-side security issues.

Page 98 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITE-WMS-03 Digital media

a. Compare characteristics such as color depth, compression, codec, and server requirements for
• graphic media file formats and
• streaming media formats.
b. Propose a graphic file type for a given set of image characteristics.
c. Provide metaphors for issues involved in deploying and serving media content.

ITE-WMS-04 Applications concepts

a. Express constraints that mobile platforms put on developers, including the performance vs. power tradeoff.
b. Contrast mobile programming, web programming, and general-purpose programming.
c. Apply principles of UXD to enhance the user experience of a web site or mobile application.
d. Evaluate the design and architecture of a web or mobile system, including issues such as design patterns (including MVC), layers,
tradeoffs between redundancy and scalability, state management, and search engine optimization.

ITE-WMS-05 Development tools and frameworks

a. Use industry-standard tools and technologies for web and mobile development.
b. Argue for the advantages and disadvantages of development frameworks for web and mobile development.
c. Use a development framework such as jQuery, Angular, Laravel, ASP.NET MVC, Django, or WordPress.
d. Use collaboration tools such as GitHub to work with a team on a web or mobile application.

ITE-WMS-06 Vulnerabilities
a. Illustrate browser security models including same-origin policy and thread models in web security.
b. Describe how authentication, secure certificates, and secure communication can be used in web sessions.
c. Instruct others on common types of vulnerabilities and attacks in web and mobile applications, such as
• using web page graphics as web beacons,
• using cookies to compromise privacy,
• denial of service attacks,
• cross-site scripting attacks, and
• SQL injection attacks.
d. Secure a web or mobile application and defend against common attacks using techniques such as
• client-side security capabilities,
• public key encryption,
• security certificates, and
• safely persisting user logins (such as “remember me” functionality).
e. Use accepted standards to ensure that user input on web pages does not affect server-side processes.

ITE-WMS-07 Social software

a. Illustrate the difference between asynchronous and synchronous communication on the web.
b. Contrast the characteristics of various web- and mobile-based communication media.

Page 99 of 163
Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

B.2 Supplemental IT Domains

ITS-ANE Applied Networks

ITS-ANE-01 Proprietary networks
a. Describe several proprietary network protocols.
b. Describe the advantages and disadvantages of building upon proprietary networks.
c. Compare proprietary network protocols versus open standard protocols.
d. Describe principal components and technologies of the system network architecture (SNA), which is IBM’s proprietary networking
architecture.
e. Analyze proprietary network management schemes.
f. Design and maintain a proprietary network protocol.

ITS-ANE-02 Network programming

a. Describe the role of socket programming in communicating between systems.
b. Contrast the protocols and uses of TCP/IP sockets and datagram sockets.
c. Use various solutions to perform inter-process communications.
d. Demonstrate knowledge of protocols and languages used in web and multimedia delivery.
e. Demonstrate advanced knowledge of programming for network communications.
f. Write your own socket-based network application programs.
g. Describe several major technologies used in network communications.
h. Design, develop, and test a socket program that communicates between several different services using both TCP/IP sockets and
datagram sockets.
i. Design, develop, and test a program that uses a messaging service to send asynchronous messages to another application across the
network.

ITS-ANE-03 Routing protocols

a. Describe the meaning of a routing protocol.
b. Contrast an IPv4 subnet with an IPv6 subnet.
c. Demonstrate the advantages of using an enhanced interior gateway routing protocol (EIGRP) over an interior gateway routing
protocol (IGRP).
d. Contrast dynamic routing with static routing.
e. Illustrate how traffic is routed using a mobile IP.

ITS-ANE-04 Mobile networks

a. Use a basic mobile network architecture.
b. Analyze new developments in the field of mobile communications and mobile internet.
c. Assess new developments in the field of mobile communications and internet using principles, techniques, and tools developed
throughout the course.
d. Demonstrate an understanding of existing technologies for mobile internet and how they can be used, optimized, and enhanced for
practical situations using concepts and techniques presented.
e. Describe several main characteristics of mobile IP and show how it differs from IP regarding mobility management and location
management as well as performance.
f. Describe areas of interest that lie within mobile networks including multimedia, wireless, mobile computing, and distributed
computing.
g. Contrast mobile networks of varying quality.
h. Describe the extension of client-server model to accommodate mobility and client cache management.
i. Illustrate several security issues related to mobile computing.
j. Describe performance issues related to mobile computing.

ITS-ANE-05 Wireless networks

a. Provide an overview of the history, evolution, and compatibility of wireless standards.
b. Identify several special problems related to wireless and mobile computing.
c. Contrast between wireless LANs and cellular networks.
d. Demonstrate several specific differences between physical networking and wireless networking.
e. Compare several different solutions for communications at each network layer.
f. Identify several protocols used in wireless communications.
g. Perform simulations of wireless networking.
h. Describe security issues related to wireless networks.
i. Describe performance issues related to wireless networks.

ITS-ANE-06 Storage area networks

a. Describe a storage area network (SAN).
b. Describe a network-attached storage (NAS).
c. Contrast advantages of SAN and NAS over direct-access storage (DAS).
d. Enumerate several benefits gained from using storage area networks.

Page 100 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

e. Describe storage advantages of internet small computer systems interface (iSCSI) over small computer systems interface (SCSI).

ITS-ANE-07 Applications for networks

a. Describe a network application.
b. Distinguish between a network application and a network-based application.
c. Contrast peer-to-peer (P2P) architectures with client-server architectures.
d. Describe differences between instant messaging and email.
e. Express the underlying architecture utilized for multi-user network games.
f. Contrast land-line telephone communication with internet communication.
g. Describe the challenges of real-time video conferencing.

ITS-CCO Cloud Computing

ITS-CCO-01 Perspectives and impact
a. Recognize what it means when IT is defined as “in the cloud.”
b. Decide when cloud computing first became a service delivery model.
c. Contrast the different categories of cloud computing services (e.g., SaaS, IaaS, PaaS, Business Process-BPaaS).
d. Discuss the reasons why cloud computing is an essential part of information technology.

ITS-CCO-02 Concepts and fundamentals

a. Demonstrate the conceptual terms of cloud computing.
b. Categorize the different service types within cloud service delivery.
c. Compare the responsibilities of service providers vs. cloud service consumers/customers.
d. Be aware of several privacy legislation examples as they relate to cloud computing.
e. Contrast private-sector and public-sector requirements.
f. Analyze the organizational drivers for using cloud services including risk/benefit assessment (e.g., cloud first).

ITS-CCO-03 Security and data considerations

a. Consider how contract negotiation relates to cloud computing (e.g., the right to audit).
b. Demonstrate why organizational accountability for data and system security still exists in a cloud service, delivery model.
c. Imagine several scenarios in which a breach of security may occur.
d. Recommend what safe guards and security models should be in place to reduce organizational risk (e.g., consent/notice requirements,
data classification).
e. Use security tools and design techniques to ensure security is built into cloud services.

ITS-CCO-04 Using cloud computing applications

a. Compare the differences between an internal application and a cloud application.
b. Contrast the advantages and disadvantages of cloud applications.
c. Match descriptions of cloud service types with cloud service names.
d. Propose several samples of risk/benefit assessments when selecting applications.
e. Decide which application characteristics will not, or should not, run in the cloud.

ITS-CCO-05 Architecture
a. Be aware of architecture principles of cloud computing service delivery.
b. Contrast cloud architectures to outsourcing (i.e., hosted) and shared services models.
c. Critique common change control guidelines and standards as they relate to cloud services.
d. Propose several ways of measuring cloud service performance and the importance of service level agreements.
e. Recognize the challenges of ‘big data’ analytics in the cloud.
f. Contrast single cloud vs. multiple cloud deployment models.

ITS-CCO-06 Development in the cloud

a. Compare developing systems in cloud environments compared to those in traditional environments.
b. Document on-demand, self-service design requirements.
c. Contrast the use of synchronous vs. asynchronous transactions.
d. Analyze criteria for choosing coupled or de-coupled system integration.
e. Build and deploy several basic cloud applications.
f. Design an interface for a cloud application to be used on a smartphone.

ITS-CCO-07 Cloud infrastructure and data

a. Compare the infrastructure differences between public cloud computing, private cloud computing, and hybrid models.
b. Argue for how virtualization is a driving principle behind cloud computing.
c. Illustrate how rapid elasticity is a characteristic of cloud computing infrastructure.
d. Contrast the desirable and undesirable characteristics of cloud data management.
e. Reflect on how emerging technologies could change the design of cloud services (e.g., IoT).

Page 101 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITS-CEC Cybersecurity Emerging Challenges

ITS-CEC-01 Case studies and lessons learned
a. Describe how the deployment of a new technology impacts cybersecurity.
b. Describe how law enforcement is impacted by the introduction of new cybersecurity technologies.
c. Show how a cybersecurity event had global reach, such as the DigiNotar incident or the SSL Heartbleed vulnerability.
d. Tell a story of a cybersecurity case studies describing the impact and lessons learned from the case.

ITS-CEC-02 Network forensics

a. Use tools to identify information that can be examined in a network.
b. Perform a network inventory.
c. Compare active and passive approaches to network forensics.
d. Describe how a man-in-the-middle attack can reveal the contents of an encrypted network communication.
e. Employ surveillance mechanisms to discover network intrusion.

ITS-CEC-03 Stored data forensics

a. Show where data is stored in a complex system.
b. Use a criminal investigative technique in a computer forensic investigation scenario.
c. Exhibit digital evidences for presentation in court.
d. Find contraband information on a desktop computer.
e. Prepare an inventory of the files on a desktop computer.
f. Reconstruct a timeline from information on a device being analyzed.
g. Perform a logical file extraction.
h. Perform a physical extraction of evidence.
i. Extract a memory dump from a running computer.
j. Compare commercial and open source forensic tools.

ITS-CEC-04 Mobile forensics

a. Prepare an inventory of the files on a mobile device (e.g., a phone, tablet, or embedded system).
b. Prepare a list of the applications and remote services used by a mobile device.
c. Use forensic tools specific to major mobile operating systems.
d. Unlock and root mobile devices.
e. Describe how to detect or reveal encrypted contents.

ITS-CEC-05 Cloud security

a. Make sense of the different security issues stemming from the use of platform as a service, infrastructure as a service, and software as a
service.
b. Argue for the value of Risk and Authorization Management programs (like FedRAMP) and the key processes used in those programs.
c. Contrast the security benefits and risks of cloud storage systems.
d. Describe how authentication strategies are implemented for users of cloud systems.
e. Propose forensic options for analyzing cloud-based systems.
f. Analyze auditing and recovery options for cloud servers.

ITS-CEC-06 Security metrics

a. Document requirements of security metrics.
b. Propose data that supports the creation of metrics.
c. Perform a security measurement to a network resource.
d. Analyze the role of continuous monitoring in a security practice.
e. Describe how security metrics can be used to detect compliance and risk issues.

ITS-CEC-07 Malware analysis

a. Use a Binary analysis tool.
b. Use a Disassemblers tool.
c. Use a Debugger tool.
d. Use a sandbox.
e. Compare static and dynamic analysis.
f. Illustrate proper laboratory procedures for handling malware.
g. Analyze whether a specific malware detector would identify a malware sample.

ITS-CEC-08 Supply chain and software assurance

a. Illustrate a hardware supply chain.
b. Illustrate a software supply chain.
c. Propose security considerations that should be evaluated for each stage in the lifecycle of a product.
d. Be aware of secure software development including the use of safe language, static analysis of software, and dynamic software testing.
e. Exhibit several common defects, bugs, and logic flaws in software.

Page 102 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITS-CEC-09 Personnel and human security

a. Describe how an insider can intentionally and unintentionally reduce or affect an organization’s security posture.
b. Make sense of the limits a background check in screening an organization’s employees.
c. Illustrate how to recognize phishing and spear phishing.
d. Compare the benefits with the risks of a ‘bring your own device’ (BYOD) program.
e. Tell a story about dangerous places on the web and how surfing one of them can have a negative impact on privacy or security.
f. Tell a story about how a social engineering attack can be designed using data posted on social media.

ITS-CEC-10 Social dimensions

a. Discuss the trade-off between utility and risk of cloud computing, file sharing, and peer-to-peer services.
b. Make sense of the impact of IT systems on privacy.
c. Make meaning of the inherent tension between the concepts of personal privacy, accountability, and deterrence related to cybersecurity
events.
d. Describe how crowdsourcing techniques such as big data mining impacts data confidentiality, integrity, and availability.

ITS-CEC-11 Security implementations

a. Analyze the options for enterprise malware detection.
b. Contrast the effectiveness and costs of malware detection with application whitelisting.
c. Make sense of the limitations of penetration testing.
d. Contrast the security implications of homogeneous and heterogeneous networks.
e. Model the cost of defense, recovery and remediation for a small organization and a large-scale enterprise.
f. Recognize “security containers” and identify their limitations and usability failings with respect to mobile devices.
g. Provide a thorough security analysis of digital currency implementation.
h. Design and develop digital currency e-commerce applications using relevant development tools and protocols (e.g.,
bitpay ̳insight, ̳bitcore, cosign)

ITS-CEC-12 Cyber-physical systems and the IoT

a. Make meaning of the terms CPS and IoT and why they are often used interchangeably and identify definitions that indicate the
differences between them.
b. Recognize the protocols and networks typically used to connect CPS and IoT devices to networks.
c. Describe how security mechanisms are used to address IT challenges that may not be viable in the world of CPS or IoT.
d. Design, create, and deploy a IoT device using open source and low-cost computing platforms.
e. Describe how the handling and storage of data delivered by IoT devices offers challenges to security and privacy.

ITS-DSA Data Scalability and Analytics

ITS- DSA-01 Perspectives and impact
a. Discuss the emerging field of data science.
b. Identify sources of large volumes of data.
c. Recognize challenges in analytics of very large volumes of data.
d. Describe how analytics can be used in major functional areas of an organization.

ITS-DSA-02 Large-scale data challenges

a. Define and describe large-scale data challenges of volume, variety, velocity, and veracity.
b. Define and describe challenges of large scale data analytics in diverse sectors such as sensor networks, finance, retail, genomics, and
social media.
c. Compare different data platforms that can be used for processing and generating large data sets.
d. Use a statistical programming language such as R or Python.

ITS-DSA-03 Data management

a. Discuss common Extract Transform Load scenarios.
b. Apply data preprocessing techniques—data integration, data cleansing, data transformation and data reduction.
c. Discuss how to extract knowledge and insights from large and complex collections of digital data.
d. Use data mining software to perform data mining.

ITS-DSA-04 Methods, tools and techniques

a. Explain technical foundations of the commonly used data analysis methods.
b. Apply appropriate data analysis methods to solve real-world problems.
c. Use tools such as R and RStudio, MapReduce/Hadoop and SAS.
d. Communicate the results of data analysis to technical and management audience.
e. Effectively communicate the results of data analysis using visualization.

ITS-DSA-05 Data governance

a. Identify the importance of data governance for managing large-scale data.
b. Identify logical and physical access security controls to protect data.
c. Identify current social, ethical, legal, and policy issues caused by the large-scale data analytics.
d. Define data ethics.

Page 103 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

e. List regulatory compliance rules and regulations applicable to data management.

ITS-DSA-06 Application
a. Define an organizational problem as an analytics problem.
b. Describe how to best apply large-scale analytics methods and techniques in addressing strategic organizational problems.
c. Apply a data analytics lifecycle to a case study scenario.
d. Implement data-intensive computations on cluster and cloud infrastructures
e. Examine the impact of large-scale data analytics on organizational performance using case studies.

ITS-IOT Internet of Things

ITS-IOT-01 Perspectives and impact
a. Contrast the internet of things with the web of things, with industrial internet, with pervasive computing, and with smart systems.
b. Express the historical stages and growing evolution of the IoT concept.

ITS-IOT-02 IOT architecture

a. Contrast IoT architectural domains.
b. Design an architectural framework for an IoT environment.
c. Illustrate the challenges in defining the architecture for different IoT applications.

ITS-IOT-03 Sensor and actuator interfacing

a. Compare strategic approaches to develop elements for a multimedia IoT system.
b. Illustrate the effect of signal processing concepts on speech applications and in basic sound generation applications.
c. Contrast the differences between analog signal processing, continuous-time signal processing, discrete-time signal processing, and
digital signal processing.
d. Contrast signal processing devices to include filters, samplers, signal compressors, and digital signal processors.
e. Illustrate ways to interface an IoT component to sensors and actuators.

ITS-IOT-04 Data acquisition

a. Contrast data acquisition and signal conditioning.
b. Illustrate the effect of IoT on multiplexing and sampling theory.
c. Express several ways to use IoT sensors for electrical, temperature, and strain measurements.
d. Express several ways to reduce and isolate signal noise.
e. Illustrate the machine-to-machine (M2M) communication, which is a major component of the IoT portfolio of technologies.
f. Demonstrate several security issues and challenges of collaborative data acquisition in IoT.

ITS-IOT-05 Wireless sensor networks

a. Demonstrate wireless sensor networks (WSNs) vis-à-vis their protocols and algorithms from a historical perspective.
b. Contrast stack-based approaches and topology-based approaches for the integration of wireless sensor networks.
c. Illustrate the IoT commonalities between health-care issues, assisted- and enhanced-living issues, industrial and production monitoring
issues, and control network issues.

ITS-IOT-06 Ad hoc networks

a. Express the design and implementation issues related to ad hoc networks and suggest available solutions.
b. Contrast the difference between the following routing techniques: proactive routing, reactive routing, hybrid routing, and position-
based routing.
c. Demonstrate several clustering mechanisms in ad hoc networks.
d. Analyze quality-of-service and scalability issues in the context of ad-hoc networks.
e. For mobile ad hoc networks (MANET), contrast between vehicular ad hoc networks (VANETs), smart phone ad hoc networks (SPANs),
and internet based mobile ad hoc networks (iMANETs).

ITS-IOT-07 Automatic control

a. Illustrate the elements of classical control theory as applied to the control of aircraft and spacecraft.
b. Contrast the properties of positive feedback with negative feedback.
c. For the functions of automatic control, contrast the differences between measurement, comparison, computation, and correction.
d. Represent several common elements of automatic control in systems as applied to measurement, error detection, and final control
element.
e. Demonstrate several basic linear design techniques as applied to spacecraft and aircraft.

ITS-IOT-08 Intelligent information processing

a. Express the intelligent information processing and its application in industry.
b. Express intelligent information discovery, retrieval, and mining on IoT.
c. Demonstrate knowledge expression and context-aware systems.
d. Demonstrate sensor selection, information mashup and integration.
e. Express information quality management in sensor networks.
f. Demonstrate real-time scene reconstruction, information visualization.

Page 104 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITS-IOT-09 IoT application and design

a. Demonstrate the relevance applications for IoT in smart cities, smart environment, eHealth, and in other areas.
b. Illustrate the impact of IoT on existing organizational models and organizational use cases.
c. Express the IoT in conjunction with big data, applications, and mobility.
d. Demonstrate the components required for the IoT.
e. Express tools that are using in designing IoT.
f. Represent list of capabilities that a technology specialist can dial up or down depending on tradeoffs and decisions made in IoT
design.
g. Express smart manufacturing, such as flow optimization, real time inventory, asset tracking, employee safety.
h. Demonstrate wearables, such as entertainment, fitness, smart watch and tracking.
i. Demonstrate IoT design considerations: domain, requirement, cost, remote, network.

ITS-MAP Mobile Application

ITS-MAP-01 Perspectives and impact
a. Describe the history of mobile development and mobile applications.
b. Demonstrate the global scope of the processes of implementing a mobile application.
c. Describe and compare several development environments for mobile applications.

ITS-MAP-02 Architectures
a. Describe the global scope of architectures for different mobile systems.
b. Recognize the UI elements and the concepts glossary for mobile phones.
c. Illustrate each element of the mobile architecture framework.

ITS-MAP-03 Multiplatform mobile application development

a. Contrast iOS, Android, Windows Phone, BlackBerry, and Symbian platforms.
b. Design and implement a simple mobile application for a given mobile platform.
c. Build a mobile web application within a browser.
d. Illustrate hybrid web applications through an application programming interface (API).
e. Describe a platform-independent interpreted web application.
f. Describe the importance of applications generated by cross-compilation.

ITS-MAP-04 Servers and notifications

a. Describe protocol suites.
b. Illustrate the mechanism for notification delivery.
c. Provide techniques for server-side programming.
d. Design and implement a server-side application.

ITS-MAP-05 Performance issues

a. Describe several metrics and methods to evaluate performance of mobile applications.
b. Evaluate the performance of a mobile application and give its result.
c. Describe several ways to improve mobile performance.

ITS-MAP-06 Views and gestures

a. Describe text and typesetting units.
b. Express and compare several ways to improve picture presentation.
c. Demonstrate several methods to improve gesture definition and its application.

ITS-MAP-07 Interface implementations

a. Design a friendly interface framework.
b. Demonstrate several ways to improve user experience through color adjustment and other resources.
c. Identify several modern UI design tools.
d. Contrast SDKs to access device features.
e. Demonstrate several ways to improve cross-platform accommodation and support.

ITS-MAP-08 Camera, state, and documents interaction

a. Describe several concepts of basic service and functions.
b. Manipulate streams from camera and microphones.
c. Describe and contrast several techniques for implementing applications about mobile states.
d. Demonstrate the usefulness of document interaction control.

ITS-MAP-09 2D graphic and animation

a. Express several basic concepts of 2D graphic and animation.
b. Create graphics on different mobile platforms.
c. Design a dynamic graphic transformation for animation.
d. Design 2D graphics and animation on several mobile devices using different operating systems.

Page 105 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

ITS-SDM Software Development and Management

ITS-SDM-01 Process models and activities
a. Illustrate the software development process.
b. Differentiate among phases in software development.
c. Compare software process models based on size, functional requirements, and design qualities of the software system and team and
infrastructure resources.

ITS-SDM-02 Platform-based software development

a. Describe how modern user experiences, beyond the browser, influence software development for mobile devices, touch screens, gesture
and voice-controlled interactions, 3D immersion or virtual reality, sensor industrial networks, and game platforms.
b. Develop a software application by using library and other service interfaces (e.g., APIs) specific to the user’s platform.
c. Explain the differences among platform-specific development and general-purpose programming.
d. Test some constraints that platforms impose on development.

ITS-SDM-03 Tools and services

a. Show how modern tools and services improve efficiency and effectiveness of developers working in teams and on systems with various
challenges (e.g., size, constrained by time or resources, legacy code).
b. Select and use appropriate tools for requirements tracking, design modeling, implementation, build automation, and bug tracking.
c. Conduct inspections, code reviews, audits and indicate the results of the evaluation.
d. Describe the use of version control to manage software configuration and release management.

ITS-SDM-04 Management
a. Argue for the importance of project management as it relates to software development.
b. Engage in team building and team management in a software development project.
c. Plan, monitor, and track progresses for a project activity using project management tools.
d. Assess, mitigate, and manage risks that affect decisions in the software development process.
e. Assess development effort and participate in process improvement by tracking commitments and managing project quality.
f. Use project metrics to monitor a project’s progress.

ITS-SDM-05 Deployment, operations, and maintenance

a. Use appropriate tools to deploy, operate, and maintain a software system.
b. Practice version tracking, automated building, and release of software systems.
c. Explain the difference between pre-production and production software operation environments.
d. Extend the software process with phases that are more relevant in IT: deployment, operations, and maintainability.

ITS-SRE Social Responsibility

ITS-SRE-01 Social Context of Computing
a. Show the importance of the social context of IT and adherence to ethical codes of conduct.
b. Describe the importance of green computing strategies.
c. Contrast several historical, social, professional, ethical, and legal aspects of e-computing.
d. Describe several ways teamwork integrates throughout IT and supports an organization.
e. Describe ways in which computing alters the modes of interaction between people.
f. Describe some parameters needed to design an ethical algorithm.

ITS-SRE-02 Goals, plans, tasks, deadlines and risks

a. Evaluate several computer IT projects where teamwork approaches are important.
b. Illustrate several ways in which industry approaches teamwork toward a common goal.
c. Critique the skill sets necessary to function effectively in a team environment.
d. Implement several planning team goals.

ITS-SRE-03 Government role and regulations

a. Demonstrate the role of government regulations on organizations as well as on a global scale.
b. Analyze the role of the government and how it affects software projects.
c. Contrast the different national approaches to green computing policy creation and implementation.
d. Evaluate the importance of regulation in the control of efficient waste reduction and recycling.

ITS-SRE-04 Global challenges and approaches

a. Critique IT approaches to reduce energy consumption such as thin client solutions as well as those on a global scale.
b. Describe the employment of environmental computing practices in the life cycle of IT applications and system design.
c. Evaluate organizational green computing performance metrics, recycling practices, energy use, and e-waste reduction.
d. Describe reasons for having ethical algorithms in robotics and artificial intelligence.

ITS-SRE-05 Risk management

a. Evaluate the aspects of an organization that may be impacted by a security breach or interruption of operation.
b. Quantify the financial losses associated with potential security breaches and interruption of operations.

Page 106 of 163

Information Technology 2017 Final Curriculum Report
IT2017 2017 December 10

c. Analyze and describe steps to assess risks associated with security specified by accepted security standards.
d. Describe the costs associated with actions that can be taken to mitigate security risks.

ITS-SRE-06 Sustainable Computing

a. Be aware of common energy saving guidelines and standards (e.g., Energy Star international standard) and be aware of sensor and
monitoring software used to track energy use.
b. Be aware of industry standards (e.g., advanced configuration and power (ACP) interface design and manufacturing of computer
components for power savings).
c. Describe several techniques for the use of renewable energy sources (i.e., solar and wind power).
d. Show how workplace incentives will increase the implementation of green computing and computer hazardous material management.
e. Analyze and critique capital investment projects needed to continue stable energy delivery.

ITS-VSS Virtual Systems and Services

ITS-VSS-01 Perspectives and impact
a. Describe how virtualization creates an improved solution.
b. Compare a virtual machine to virtualization.
c. Compare a host machine to a virtual machine.
d. Demonstrate the role of the hypervisor.
e. Compare hypervisor on bare metal (VMware) and hypervisor running in an OS (Hyper-V, RHEV, OracleVM).

ITS-VSS-02 Implementation of virtualization

a. Analyze the types of situations where virtualization is an appropriate solution.
b. Contrast the advantages and disadvantages of virtualization in different application areas.
c. Document the different virtualization licensing issues for Windows, Linux, and Max OS x operating systems.
d. Contrast virtualization of applications with clustering applications.

ITS-VSS-03 User Platform virtualization

a. Critique different user platform (i.e., desktops and devices) virtualization frameworks.
b. Contrast the operational advantages and disadvantages of a virtualized device.
c. Install a virtual machine on a host machine.
d. Install and configure different operating systems on a virtual machine.

ITS-VSS-04 Server virtualization

a. Critique server virtualization platforms and licensing differences.
b. Contrast the operational advantages and disadvantages of a virtualized server.
c. Install a virtual machine on a host server.
d. Install and configure different server systems on a virtual computer.
e. Evaluate the performance of virtualized servers against industry benchmarks.

ITS-VSS-05 Network virtualization

a. Compare the differences between a physical and virtualized network.
b. Contrast the operational advantages and disadvantages of a virtualized network.
c. Evaluate different network management strategies using a virtual network.

ITS-VSS-06 Cluster design and administration

a. Contrast several different server cluster designs.
b. Describe how tools and techniques are used for cluster administration.
c. Design, install, and configure a cluster in the lab.
d. Adjust cluster configurations to accomplish different operational objectives.

ITS-VSS-07 Software clustering application

a. Explain how clustering software functions.
b. Contrast high availability vs. high performance clustering.
c. Research and evaluate the suitability of cluster software and middleware tools in different operational contexts.
d. Illustrate application cluster concepts such as load balancing, failover, and node monitoring.

ITS-VSS-08 Storage
a. Contrast the different storage environments and describe how they function.
b. Contrast the operational advantages and disadvantages of the storage alternatives.
c. Install and configure a storage environment and file system.
d. Evaluate the performance of storage and file systems against industry benchmarks.
e. Illustrate a tiered storage environment.

Page 107 of 163