Topic 1: Comparing Security Roles and Security Controls
• Compare and contrast information security roles
• Compare and contrast security control and framework types
Topic 2: Explaining Threat Actors and Threat Intelligence
• Explain threat actor types and attack vectors
• Explain threat intelligence sources
Topic 3: Performing Security Assessments
• Assess organizational security with network reconnaissance tools
• Explain security concerns with general vulnerability types
• Summarize vulnerability scanning techniques
• Explain penetration testing concepts
Topic 4: Identifying Social Engineering and Malware
• Compare and contrast social engineering techniques
• Analyze indicators of malware-based attacks
Topic 5: Summarizing Basic Cryptographic Concepts
• Compare and contrast cryptographic ciphers
• Summarize cryptographic modes of operation
• Summarize cryptographic use cases and weaknesses
• Summarize other cryptographic technologies
LU2 Design Security System
Topic 6: Implementing Public Key Infrastructure
• Implement certificates and certificate authorities
• Implement PKI management
Topic 7: Implementing Authentication Controls
• Summarize authentication design concepts
• Implement knowledge-based authentication
• Implement authentication technologies
• Summarize biometrics authentication concepts
Topic 8: Implementing Identity and Account Management Controls
• Implement identity and account types
• Implement account policies
• Implement authorization solutions
• Explain the importance of personnel policies
Topic 9: Implementing Secure Network Designs
• Implement secure network designs
• Implement secure routing and switching
• Implement secure wireless infrastructure
• Implement load balancers
LU3 Define Security Specifications
Topic 10: Implementing Network Security Appliances
• Implement firewalls and proxy servers
• Implement network security monitoring
• Summarize the use of SIEM
Topic 11: Implementing Secure Network Protocols
• Implement secure network operations protocols
• Implement secure application protocols
• Implement secure remote access protocols
Topic 12: Implementing Host Security Solutions
• Implement secure firmware
• Implement endpoint security
• Explain embedded system security implications
Topic 13: Implementing Secure Mobile Solutions
• Implement mobile device management
• Implement secure mobile device connections
LU4 Security System Components
Topic 14: Summarizing Secure Application Concepts
• Analyze indicators of application attacks
• Analyze indicators of web application attacks
• Summarize secure coding practices
• Implement secure script environments
• Summarize deployment and automation concepts
Topic 15: Implementing Secure Cloud Solutions
• Summarize secure cloud and virtualization services
• Apply cloud security solutions
• Summarize infrastructure as code concepts
Topic 16: Explaining Data Privacy and Protection Concepts
• Explain privacy and data sensitivity concepts
• Explain privacy and data protection controls
LU5 Security Assurance
Topic 17: Performing Incident Response
• Summarize incident response procedures
• Utilize appropriate data sources for incident response
• Apply mitigation controls
Topic 18: Explaining Digital Forensics
• Explain key aspects of digital forensics documentation
• Explain key aspects of digital forensics evidence acquisition
Topic 19: Summarizing Risk Management Concepts
• Explain risk management processes and concepts
• Explain business impact analysis concepts
Topic 20: Implementing Cybersecurity Resilience
• Implement redundancy strategies
• Implement backup strategies
• Implement cybersecurity resiliency strategies
Topic 21: Explaining Physical Security
• Explain the importance of physical site security controls
• Explain the importance of physical host security controls
