1.0 Threats, attacks and vulnerabilities
- Analyze attacks.
- Viruses, malware, crypto-malware, bots, spyware, keyloggers, trojans, toolkits, etc.
- Compare and contrast attacks.
- Social engineering
- Wireless attacks.
- Penetration testing.
- Impact of vulnerabilities. Scanning concepts.
2.0 Technologies and tools
- Firewalls, routers, loads balances, access points, DLP, NAC, Proxy, SIEM, VPN.
- Assess security posture of an organization.
- Protocol analyzer.
- Troubleshoot security.
- Deploy mobile device securely.
- Secure Protocols.
3.0 Architecture and Design
- Industry frameworks and reference architecture. Benchmarking.
- Defense and layered security.
- System security design: hardware, firmware, operating systems, peripherals.
- Cloud and virtualization.
- Embedded systems.
- Physical controls
4.0 Identity and access management
- Configure identity and access
- Identification
- Authentication, Authorization and Accounting (AAA)
- Multi-factor authentication
- Risk management
- Organizational security
- Business analysis
- Risk Management
- Forensics
- Disaster Recovery
5.0: Cryptography and PKI
- Configure identity and access
- Identification
- Authentication, Authorization and Accounting (AAA)
- Multi-factor authentication
- Risk management
- Organizational security
- Business analysis
- Risk Management
- Forensics
- Disaster Recovery
6.0: Risk Management
- Algorithms, Hashing, Salt, IV, nonce, diffusion, obfuscation, key strength,
- Identification, authentication, Authorization and accounting (AAA)
- Multi-factor authentication
- Authentication protocols
- Certificates