IT Security/Objectives
Appearance
1.0 General Security Concepts
[edit | edit source]1.1 Compare and contrast various types of security controls
[edit | edit source]
|
|
1.2 Summarize fundamental security concepts
[edit | edit source]
|
|
1.3 Explain the importance of change management processes and the impact to security.
[edit | edit source]
|
|
1.4 Explain the importance of using appropriate cryptographic solutions.
[edit | edit source]
|
|
2.0 Threats, Vulnerabilities, and Mitigations
[edit | edit source]2.1 Compare and contrast common threat actors and motivations.
[edit | edit source]
|
|
2.2 Explain common threat vectors and attack surfaces.
[edit | edit source]
|
|
2.3 Explain various types of vulnerabilities.
[edit | edit source]
|
|
2.4 Given a scenario, analyze indicators of malicious activity.
[edit | edit source]
|
|
2.5 Explain the purpose of mitigation techniques used to secure the enterprise.
[edit | edit source]
|
|
3.0 Security Architecture
[edit | edit source]3.1 Compare and contrast security implications of different architecture models.
[edit | edit source]
|
|
3.2 Given a scenario, apply security principles to secure enterprise infrastructure.
[edit | edit source]
|
|
3.3 Compare and contrast concepts and strategies to protect data.
[edit | edit source]
|
|
3.4 Explain the importance of resilience and recovery in security architecture.
[edit | edit source]
|
|
4.0 Security Operations
[edit | edit source]4.1 Given a scenario, apply common security techniques to computing resources.
[edit | edit source]
|
|
4.2 Explain the security implications of proper hardware, software, and data asset management.
[edit | edit source]
|
|
4.3 Explain various activities associated with vulnerability management.
[edit | edit source]
|
|
4.4 Explain security alerting and monitoring concepts and tools.
[edit | edit source]
|
|
4.5 Given a scenario, modify enterprise capabilities to enhance security.
[edit | edit source]
|
|
4.6 Given a scenario, implement and maintain identity and access management.
[edit | edit source]
|
|
4.7 Explain the importance of automation and orchestration related to secure operations.
[edit | edit source]
|
|
4.8 Explain appropriate incident response activities.
[edit | edit source]
|
|
4.9 Given a scenario, use data sources to support an investigation
[edit | edit source]
|
|
5.0 Security Program Management and Oversight
[edit | edit source]5.1 Summarize elements of effective security governance.
[edit | edit source]
|
|
5.2 Explain elements of the risk management process
[edit | edit source]
|
|
5.3 Explain the processes associated with third-party risk assessment and management.
[edit | edit source]
|
|
5.4 Summarize elements of effective security compliance.
[edit | edit source]
|
|
5.5 Explain types and purposes of audits and assessments.
[edit | edit source]
|
|
5.6 Given a scenario, implement security awareness practices.
[edit | edit source]
|
|