Security Geek-Ed

I’m in the process of redoing my Network Security syllabus as part of a “cycle of improvement” exercise that I find both highly frustrating and rewarding. I’m wrestling with the notion of cognitive vs. behavioral assessments and the overlap thereof. For example, is an outcome of “being able to identify and contrast WEP, WPA, and WPA2″ a cognitive or a behavioral assessment? I reminded of book entitled “The Philosophy of Mind” by Gilbert Ryle, which had a chapter on the differences between “knowing how and knowing that.” I may know what a router does, what an ACL does, how to apply one, but is it all for naught if I can’t remember the syntax for iptables or Cisco IOS?  ’Tis a puzzlement indeed.