1.0 General Security Concepts (12%)
1.1
Compare and contrast various types of security
controls
1.2
Summarize fundamental security concepts
1.3
Explain the importance of change management
processes
1.4
Explain the importance of appropriate cryptographic
solutions
2.0 Threats, Vulnerabilities, and Mitigations (22%)
2.1
Common threat actors and motivations
2.2
Common threat vectors and attack surfaces
2.3
Various types of vulnerabilities
2.4
Analyze indicators of malicious activity
2.5
Explain the purpose of mitigation techniques used to
secure the enterprise
3.0 Security Architecture (18%)
3.1
Security implications of different architecture
models
3.2
Apply security principles to secure enterprise
infrastructure
3.3
Concepts and strategies to protect data
3.4
Importance of resilience and recovery in security
architecture
4.0 Security Operations (28%)
4.1
Security Techniques
4.2
Asset Management
4.3
Vulnerability Management
4.4
Monitoring Tools
4.5
Identity and Access Management
4.6
Security Enhancements
4.7
Automation
4.8
Incident Response
4.9
Data Sources
4.10
New Security Measures
5.0 Program Management and Oversight (20%)
5.1
Governance
5.2
Risk Management
5.3
Third-Party Risk
5.4
Compliance
5.5
Audits
5.6
Awareness