Chapter 1 : Introducing Security and Aligning Asset Management to Risk Management
Classify information security and security concepts.
Summarize components of the asset management l i fecycle . Identify common risks and vulnerabilities.
Provide examples of appropriate risk treatment.
Chapter 2 : Understanding Risk Management Options and the Use of Access Controls to Protect Assets
Provide examples of functional security controls and policies for identified scenarios.
Classify various access control models.
Identify components of the identity management l i fecycle. Recognize access control and authentication methods.
Chapter 3 : Cryptography
Identify the fundamental concepts of cryptography driving requirements and benefits.
Recognize symmetric encryption methods. Use asymmetric encryption methods.
Examine Public- Key Infrastructure ( PKI) systems and certificates. Summarize fundamental key management terms and concepts.
Recognize how to implement secure protocols. Review methods of cryptanalytic attack.
Chapter 4 : Securing Software, Data, and Endpoints
Discuss software systems and application security. Recognize data security concepts and skills.
Identify malicious code and countermeasures.
Evaluate Mobile Device Management ( MDM) and security issues with mobile and autonomous endpoints.
Review attacks and countermeasures for virtual machines.
Chapter 5 : Network and Communications Security
Recognize layers of the OSI Model, their functions, and attacks present at each layer.
Identify commonly used ports and protocols.
Select appropriate countermeasures for various network attacks.
Summarize best practices for establishing a secure networked environment.
Chapter 6 : Cloud and Wireless Security
Recall cloud security concepts and configurations.
Recognize types of virtualization and cloud security considerations.
Summarize the types of telecommunications and network access controls.
Chapter 7 : Incident Detection and Response
Review the steps for monitoring, incident detection, and data loss prevention using all source intelligence.
Identify the elements of an incident response policy and members of the incident response team ( IRT).
Classify the SSCP' s role in supporting forensic investigations.
Chapter 8 : Maturing Risk Management
Identify operational aspects of change management. Summarize physical security considerations.
Design a security education and awareness strategy. Recognize common security assessment activities.
Classify the components of a business continuity plan and disaster recovery plan.