THREAT AND VULNERABILITY MANAGEMENT
Analyze and apply proactive threat intelligence to support organizational security and perform vulnerability management activities.
- Explain the importance of threat data and intelligence
- Given a scenario, utilize threat intelligence to support organizational security
- Given a scenario, perform vulnerability management activities
- Given a scenario, analyze the output from common vulnerability assessment tools
- Explain the threats and vulnerabilities associated with specialized technology
- Explain the threats and vulnerabilities associated with operating in the cloud
- Given a scenario, implement controls to mitigate attacks and software vulnerabilities
SOFTWARE AND SYSTEMS SECURITY
Apply security solutions for infrastructure management and explain software & hardware assurance best practices.
- Given a scenario, apply security solutions for infrastructure management
- Explain software assurance best practices
- Explain hardware assurance best practices
SECURITY OPERATIONS AND MONITORING
Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security.
- Given a scenario, analyze data as part of security monitoring activities
- Given a scenario, implement configuration changes to existing controls to improve security
- Explain the importance of proactive threat hunting
- Compare and contrast automation concepts and technologies
INCIDENT RESPONSE
Analyze and apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques.
- Explain the importance of the incident response process
- Given a scenario, apply the appropriate incident response procedure
- Given an incident, analyze potential indicators of compromise
- Given a scenario, utilize basic digital forensics techniques
COMPLIANCE AND ASSESSMENT
Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls.
- Understand the importance of data privacy and protection
- Given a scenario, apply security concepts in support of organizational risk mitigation
- Explain the importance of frameworks, policies, procedures, and controls