|
Domain |
Percentage of Examination |
|
1.0 Threat and Vulnerability Management |
22% |
|
2.0 Software and Systems Security |
18% |
|
3.0 Security Operations and Monitoring |
25% |
|
4.0 Incident Response |
25% |
|
5.0 Compliance and Assessment |
13% |
|
Total |
100% |
- Threat and Vulnerability Management
- Explain the importance of threat data and intelligence.
- Given a scenario, utilize threat intelligence to support organizational security.
- Given a scenario, perform vulnerability management activities. 1.3
- Given a scenario, analyze the output from common vulnerability assessment tools.
- Explain the threats and vulnerabilities associated with specialized technology.
- Explain the threats and vulnerabilities associated with operating in the cloud.
- Given a scenario, implement controls to mitigate attacks and software vulnerabilities.
- Software and Systems Security
- Given a scenario, apply security solutions for infrastructure management.
- Explain software assurance best practices.
- Explain hardware assurance best practices.
- Security Operations and Monitoring
- Given a scenario, analyze data as part of security monitoring activities.
- Given a scenario, implement configuration changes to existing controls to improve security.
- Explain the importance of proactive threat hunting. 3.3
- Compare and contrast automation concepts and technologies. 3.4
- Incident Response
- Explain the importance of the incident response process.
- Given a scenario, apply the appropriate incident response procedure.
- Given an incident, analyze potential indicators of compromise. 4.3
- Given a scenario, utilize basic digital forensics techniques. 4.4
- Compliance and Assessment
- Given a scenario, apply security concepts in support of organizational risk mitigation.
- Explain the importance of frameworks, policies, procedures, and controls.