Detailed Course Outline
Domain 1: Access Controls
- Implement and maintain authentication methods
- Support internetwork trust architectures
- Participate in the identity management lifecycle
- Implement access controls
Domain 2: Security Operations and Administration
- Comply with codes of ethics
- Understand security concepts
- Document, implement, and maintain functional security controls
- Participate in asset management
- Implement security controls and assess compliance
- Participate in change management
- Participate in security awareness and training
- Participate in physical security operations (e.g., data center assessment, badging)
Domain 3: Risk Identification, Monitoring, and Analysis
- Understand the risk management process
- Perform security assessment activities
- Operate and maintain monitoring systems (e.g., continuous monitoring)
- Analyze monitoring results
Domain 4: Incident Response and Recovery
- Support incident lifecycle
- Understand and support forensic investigations
- Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities
Domain 5: Cryptography
- Understand fundamental concepts of cryptography
- Understand reasons and requirements for cryptography
- Understand and support secure protocols
- Understand Public Key Infrastructure (PKI) systems
Domain 6: Network and Communications Security
- Understand and apply fundamental concepts of networking
- Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)
- Manage network access controls
- Manage network security
- Operate and configure network-based security devices
- Operate and configure wireless technologies (e.g., bluetooth, NFC, WiFi)
Domain 7: Systems and Application Security
- Identify and analyze malicious code and activity
- Implement and operate endpoint device security
- Operate and configure cloud security
- Operate and secure virtual environments