0% found this document useful (0 votes)

252 views20 pages

Social Engineering & Attack Analysis

This document outlines various cybersecurity objectives and their associated descriptions and locations. It covers topics such as social engineering techniques, malware, password attacks, physical attacks, application attacks, and more. For each objective, specific related terms are defined such as phishing, ransomware, dictionary attacks, and privilege escalation. Associated chapter and module references are provided for further information on each term.

Uploaded by

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

252 views20 pages

Social Engineering & Attack Analysis

Uploaded by

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

You are on page 1/ 20

Obj Num Obective Description Location

1.0 Threats, Attacks, and Vulnerabilities

1.1 Compare and contrast different types of social engineering techniques
1.1.1 • Phishing Chapter 13, Module A
1.1.2 • Smishing Chapter 13, Module A
1.1.3 • Vishing Chapter 13, Module A
1.1.4 • Spam Chapter 13, Module A
1.1.5 • Spam over Internet messaging (SPIM) Chapter 13, Module A
1.1.6 • Spear phishing Chapter 13, Module A
1.1.7 • Dumpster diving Chapter 13, Module A
1.1.8 • Shoulder surfing Chapter 13, Module A
1.1.9 • Pharming Chapter 4, Module A
1.1.10 • Tailgating Chapter 13, Module A
1.1.11 • Eliciting information Chapter 13, Module A
1.1.12 • Whaling Chapter 13, Module A
1.1.13 • Prepending Chapter 13, Module A
1.1.14 • Identity fraud Chapter 13, Module A
1.1.15 • Invoice scams Chapter 13, Module A
1.1.16 • Credential harvesting Chapter 13, Module A
1.1.17 • Reconnaissance Chapter 13, Module A
1.1.18 • Hoax Chapter 13, Module A
1.1.19 • Impersonation Chapter 13, Module A
1.1.20 • Watering hole attack Chapter 9, Module A
1.1.21 • Typo squatting Chapter 13, Module A
1.1.22 • Pretexting Chapter 13, Module A
1.1.23 • Influence campaigns Chapter 13, Module A
1.1.23.1 -Hybrid warfare Chapter 13, Module A
1.1.23.2 -Social media Chapter 13, Module A
1.1.24 • Principles (reasons for effectiveness) Chapter 13, Module A
1.1.24.1 -Authority Chapter 13, Module A
1.1.24.2 -Intimidation Chapter 13, Module A
1.1.24.3 -Consensus Chapter 13, Module A
1.1.24.4 -Scarcity Chapter 13, Module A
1.1.24.5 -Familiarity Chapter 13, Module A
1.1.24.6 -Trust Chapter 13, Module A
1.1.24.7 -Urgency Chapter 13, Module A

1.2 Given a scenario, analyze potential indicators to determine the type of attack
1.2.1 • Malware Chapter 9, Module A
1.2.1.1 -Ransomware Chapter 9, Module A
1.2.1.2 -Trojans Chapter 9, Module A
1.2.1.3 -Worms Chapter 9, Module A
1.2.1.4 -Potentially unwanted programs (PUPs) Chapter 9, Module A
1.2.1.5 -Fileless virus Chapter 9, Module A
1.2.1.6 -Command and control Chapter 9, Module A
1.2.1.7 -Bots Chapter 9, Module A
1.2.1.8 -Cryptomalware Chapter 9, Module A
1.2.1.9 -Logic bombs Chapter 9, Module A
1.2.1.10 -Spyware Chapter 9, Module A
1.2.1.11 -Keyloggers Chapter 9, Module A
1.2.1.12 -Remote access Trojan (RAT) Chapter 9, Module A
1.2.1.13 -Rootkit Chapter 9, Module A
1.2.1.14 -Backdoor Chapter 9, Module A
1.2.2 • Password attacks Chapter 4, Module A
1.2.2.1 -Spraying Chapter 4, Module A
1.2.2.2 -Dictionary Chapter 4, Module A
1.2.2.3 -Brute force Chapter 4, Module A
1.2.2.3.1 -Offline Chapter 4, Module A
1.2.2.3.2 -Online Chapter 4, Module A
1.2.2.4 -Rainbow tables Chapter 4, Module A
1.2.2.5 -Plaintext/unencrypted Chapter 4, Module A
1.2.3 • Physical attacks Various
1.2.3.1 -Malicious universal serial bus (USB) cable Chapter 9, Module A
1.2.3.2 -Malicious flash drive Chapter 9, Module A
1.2.3.3 -Card cloning Chapter 4, Module A
Obj Num Obective Description Location
1.2.3.4 -Skimming Chapter 4, Module A
1.2.4 • Adversarial artificial intelligence (AI) Chapter 2, Module A
1.2.4.1 -Tainted training data for machine learning(ML) Chapter 2, Module A
1.2.4.2 -Security of machine learning algorithms Chapter 2, Module A
1.2.5 • Supply-chain attacks Chapter 2, Module B
1.2.6 • Cloud-based vs. on-premises attacks Chapter 12, Module B
1.2.7 • Cryptographic attacks Chapter 4, Module A
1.2.7.1 -Birthday Chapter 4, Module A
1.2.7.2 -Collision Chapter 4, Module A
1.2.7.3 -Downgrade Chapter 4, Module A

1.3 Given a scenario, analyze potential indicators associated with application attacks
1.3.1 • Privilege escalation Chapter 11, Module A
1.3.2 • Cross-site scripting Chapter 11, Module A
1.3.3 • Injections Chapter 11, Module A
1.3.3.1 -Structured query language(SQL) Chapter 11, Module A
1.3.3.2 -Dynamic link library (DLL) Chapter 11, Module A
1.3.3.3 -Lightweight directory access protocol (LDAP) Chapter 11, Module A
1.3.3.4 -Extensible markup language (XML) Chapter 11, Module A
1.3.4 • Pointer/object dereference Chapter 11, Module A
1.3.5 • Directory traversal Chapter 11, Module A
1.3.6 • Buffer overflows Chapter 11, Module A
1.3.7 • Race conditions Chapter 11, Module A
1.3.7.1 -Time of check/time of use Chapter 11, Module A
1.3.8 • Error handling Chapter 11, Module B
1.3.9 • Improper input handling Chapter 11, Module A
1.3.10 • Replay attack Chapter 4, Module A
1.3.10.1 -Session replays Chapter 4, Module A
1.3.11 • Integer overflow Chapter 11, Module A
1.3.12 • Request forgeries Chapter 11, Module A
1.3.12.1 -Server-side Chapter 11, Module A
1.3.12.2 -Cross-site Chapter 11, Module A
1.3.13 • Application programming interface (API) attacks Chapter 11, Module A
1.3.14 • Resource exhaustion Chapter 11, Module A
1.3.15 • Memory leak Chapter 11, Module A
1.3.16 • Secure sockets layer (SSL) stripping Chapter 4, Module A
1.3.17 • Driver manipulation Chapter 9, Module A
1.3.17.1 -Shimming Chapter 9, Module A
1.3.17.2 -Refactoring Chapter 9, Module A
1.3.18 • Pass the hash Chapter 4, Module A

1.4 Given a scenario, analyze potential indicators associated with network attacks
1.4.1 • Wireless Chapter 4, Module A
1.4.1.1 -Evil twin Chapter 4, Module A
1.4.1.2 -Rogue access point Chapter 4, Module A
1.4.1.3 -Bluesnarfing Chapter 4, Module A
1.4.1.4 -Bluejacking Chapter 4, Module A
1.4.1.5 -Disassociation Chapter 4, Module A
1.4.1.6 -Jamming Chapter 4, Module A
1.4.1.7 -Radio frequency identifier (RFID) Chapter 4, Module A
1.4.1.8 -Near-field communication (NFC) Chapter 4, Module A
1.4.1.9 -Initialization vector(IV) Chapter 4, Module A
1.4.2 • On-path attack Chapter 4, Module A
1.4.3 • Layer 2 attacks Chapter 4, Module A
1.4.3.1 -Address resolution protocol (ARP) poisoning Chapter 4, Module A
1.4.3.2 -Media access control (MAC) flooding Chapter 4, Module A
1.4.3.3 -MAC cloning Chapter 4, Module A
1.4.4 • Domain name system (DNS) Various
1.4.4.1 -Domain hijacking Chapter 4, Module A
1.4.4.2 -DNS poisoning Chapter 4, Module A
1.4.4.3 -Universal resource locator (URL) redirection Chapter 4, Module A
1.4.4.4 -Domain reputation Chapter 13, Module A
1.4.5 • Distributed denial-of-service (DDoS) Chapter 4, Module A
1.4.5.1 -Network Chapter 4, Module A
1.4.5.2 -Application Chapter 4, Module A
Obj Num Obective Description Location
1.4.5.3 -Operational technology (OT) Chapter 4, Module A
1.4.6 • Malicious code or script execution Chapter 9, Module A
1.4.6.1 -PowerShell Chapter 9, Module A
1.4.6.2 -Python Chapter 9, Module A
1.4.6.3 -Bash Chapter 9, Module A
1.4.6.4 -Macros Chapter 9, Module A
1.4.6.5 -Virtual Basic for Applications (VBA) Chapter 9, Module A

1.5 Explain different threat actors, vectors, and intelligence sources.

1.5.1 • Actors and threats Chapter 2, Module A
1.5.1.1 -Advanced persistent threat (APT) Chapter 2, Module A
1.5.1.2 -Insider threats Chapter 2, Module A
1.5.1.3 -State actors Chapter 2, Module A
1.5.1.4 -Hacktivists Chapter 2, Module A
1.5.1.5 -Script kiddies Chapter 2, Module A
1.5.1.6 -Criminal syndicates Chapter 2, Module A
1.5.1.7 -Hackers Chapter 2, Module A
1.5.1.7.1 -Authorized Chapter 2, Module A
1.5.1.7.2 -Unauthorized Chapter 2, Module A
1.5.1.7.3 -Semi-Authorized Chapter 2, Module A
1.5.1.8 -Shadow IT Chapter 2, Module A
1.5.1.9 -Competitors Chapter 2, Module A
1.5.2 • Attributes of actors Chapter 2, Module A
1.5.2.1 -Internal/external Chapter 2, Module A
1.5.2.2 -Level of sophistication/capability Chapter 2, Module A
1.5.2.3 -Resources/funding Chapter 2, Module A
1.5.2.4 -Intent/motivation Chapter 2, Module A
1.5.3 • Vectors Chapter 2, Module A
1.5.3.1 -Direct access Chapter 2, Module A
1.5.3.2 -Wireless Chapter 2, Module A
1.5.3.3 -Email Chapter 2, Module A
1.5.3.4 -Supply chain Chapter 2, Module A
1.5.3.5 -Social media Chapter 2, Module A
1.5.3.6 -Removable media Chapter 2, Module A
1.5.3.7 -Cloud Chapter 2, Module A
1.5.4 • Threat intelligence sources Chapter 2, Module A
1.5.4.1 -Open source intelligence (OSINT) Chapter 2, Module A
1.5.4.2 -Closed/proprietary Chapter 2, Module A
1.5.4.3 -Vulnerability databases Chapter 2, Module A
1.5.4.4 -Public/private information sharing centers Chapter 2, Module A
1.5.4.5 -Dark web Chapter 2, Module A
1.5.4.6 -Indicators of compromise Chapter 2, Module A
1.5.4.7 -Automated indicator sharing (AIS) Chapter 2, Module A
-Structured Threat Information eXpression (STIX)/
1.5.4.7.1 Trusted Automated eXchange of Indicator Information(TAXII) Chapter 2, Module A
1.5.4.8 -Predictive analysis Chapter 2, Module A
1.5.4.9 -Threat maps Chapter 2, Module A
1.5.4.10 -File/code repositories Chapter 2, Module A
1.5.5 • Research sources Chapter 2, Module A
1.5.5.1 -Vendor websites Chapter 2, Module A
1.5.5.2 -Vulnerability feeds Chapter 2, Module A
1.5.5.3 -Conferences Chapter 2, Module A
1.5.5.4 -Academic journals Chapter 2, Module A
1.5.5.5 -Request for comments (RFC) Chapter 2, Module A
1.5.5.6 -Local industry groups Chapter 2, Module A
1.5.5.7 -Social media Chapter 2, Module A
1.5.5.8 -Threat feeds Chapter 2, Module A
1.5.5.9 -Adversary tactics,techniques, and procedures (TTP) Chapter 2, Module A

1.6 Explain the security concerns associated with various types of vulnerabilities
1.6.1 • Cloud-based vs. on-premises vulnerabilities Chapter 12, Module B
1.6.2 • Zero-day Chapter 2, ModuleA
1.6.3 • Weak configurations Chapter 2, ModuleC
1.6.3.1 -Open permissions Chapter 2, ModuleC
1.6.3.2 -Unsecure root accounts Chapter 2, ModuleC
1.6.3.3 -Errors Chapter 2, ModuleC
Obj Num Obective Description Location
1.6.3.4 -Weak encryption Chapter 2, ModuleC
1.6.3.5 -Unsecure protocols Chapter 2, ModuleC
1.6.3.6 -Default settings Chapter 2, ModuleC
1.6.3.7 -Open ports and services Chapter 2, ModuleC
1.6.4 • Third-party risks Chapter 2, ModuleA
1.6.4.1 -Vendor management Chapter 2, ModuleA
1.6.4.1.1 -System integration Chapter 2, ModuleA
1.6.4.1.2 -Lack of vendor support Chapter 2, ModuleA
1.6.4.2 -Supply chain Chapter 2, ModuleA
1.6.4.3 -Outsourced code development Chapter 2, ModuleA
1.6.4.4 -Data storage Chapter 2, ModuleA
1.6.5 • Improper or weak patch management Chapter 2, ModuleC
1.6.5.1 -Firmware Chapter 2, ModuleC
1.6.5.2 -Operating system (OS) Chapter 2, ModuleC
1.6.5.3 -Applications Chapter 2, ModuleC
1.6.6 • Legacy platforms Chapter 2, ModuleC
1.6.7 • Impacts Chapter 2, ModuleA
1.6.7.1 -Data loss Chapter 2, ModuleA
1.6.7.2 -Data breaches Chapter 2, ModuleA
1.6.7.3 -Data exfiltration Chapter 2, ModuleA
1.6.7.4 -Identity theft Chapter 2, ModuleA
1.6.7.5 -Financial Chapter 2, ModuleA
1.6.7.6 -Reputation Chapter 2, ModuleA
1.6.7.7 -Availability loss Chapter 2, ModuleA

1.7 Summarize the techniques used in security assessments.

1.7.1 • Threat hunting Chapter 2, Module C
1.7.1.1 -Intelligence fusion Chapter 2, Module C
1.7.1.2 -Threat feeds Chapter 2, Module C
1.7.1.3 -Advisories and bulletins Chapter 2, Module C
1.7.1.4 -Maneuver Chapter 2, Module C
1.7.2 • Vulnerability scans Chapter 2, Module C
1.7.2.1 -False positives Chapter 2, Module C
1.7.2.2 -False negatives Chapter 2, Module C
1.7.2.3 -Log reviews Chapter 2, Module C
1.7.2.4 -Credentialed vs. non-credentialed Chapter 2, Module C
1.7.2.5 -Intrusive vs. non-intrusive Chapter 2, Module C
1.7.2.6 -Application Chapter 2, Module C
1.7.2.7 -Web application Chapter 2, Module C
1.7.2.8 -Network Chapter 2, Module C
1.7.2.9 -Common Vulnerabilities and Exposures(CVE)/Common Vulnerability Scoring System(CVSS) Chapter 2, Module C
1.7.2.10 -Configuration review Chapter 2, Module C
1.7.3 • Syslog/Security information and event management (SIEM) Chapter 5, Module B
1.7.3.1 -Review reports Chapter 5, Module B
1.7.3.2 -Packet capture Chapter 5, Module B
1.7.3.3 -Data inputs Chapter 5, Module B
1.7.3.4 -User behavior analysis Chapter 5, Module B
1.7.3.5 -Sentiment analysis Chapter 5, Module B
1.7.3.6 -Security monitoring Chapter 5, Module B
1.7.3.7 -Log aggregation Chapter 5, Module B
1.7.3.8 -Log collectors Chapter 5, Module B
1.7.3 • Security orchestration, automation, and response (SOAR) Chapter 14, Module C

1.8 Explain the techniques used in penetration testing.

1.8.1 •Penetration testing Chapter 2, Module C
1.8.1.1 -White-box (known environment) Chapter 2, Module C
1.8.1.2 -Black-box (unknown environment) Chapter 2, Module C
1.8.1.3 -Gray-box (partially known environment) Chapter 2, Module C
1.8.1.4 -Rules of engagement Chapter 2, Module C
1.8.1.5 -Lateral movement Chapter 2, Module C
1.8.1.6 -Privilege escalation Chapter 2, Module C
1.8.1.7 -Persistence Chapter 2, Module C
1.8.1.8 -Cleanup Chapter 2, Module C
1.8.1.9 -Bug bounty Chapter 2, Module C
1.8.1.10 -Pivoting Chapter 2, Module C
1.8.2 • Passive and active reconnaissance Various
Obj Num Obective Description Location
1.8.2.1 -Drones/unmanned aerial vehicle (UAV) Chapter 2, Module C
1.8.2.2 -War flying Chapter 4, Module A
1.8.2.3 -War driving Chapter 4, Module A
1.8.2.4 -Footprinting Chapter 2, Module C
1.8.2.5 -OSINT Chapter 2, Module C
1.8.3 • Exercise types Chapter 2, Module C
1.8.3.1 -Red-team Chapter 2, Module C
1.8.3.2 -Blue-team Chapter 2, Module C
1.8.3.3 -White-team Chapter 2, Module C
1.8.3.4 -Purple-team Chapter 2, Module C

2.0 Architecture and Design

2.1 Explain the importance of security concepts in an enterprise environment.
2.1.1 • Configuration management Chapter 6, Module B
2.1.1.1 -Diagrams Chapter 6, Module B
2.1.1.2 -Baseline configuration Chapter 6, Module B
2.1.1.3 -Standard naming conventions Chapter 6, Module B
2.1.1.4 -Internet protocol (IP) schema Chapter 6, Module B
2.1.2 • Data sovereignty Chapter 12, Module B
2.1.3 • Data protection Chapter 9, Module B
2.1.3.1 -Data loss prevention (DLP) Chapter 9, Module B
2.1.3.2 -Masking Chapter 9, Module B
2.1.3.3 -Encryption Chapter 9, Module B
2.1.3.4 -At rest Chapter 9, Module B
2.1.3.5 -In transit/motion Chapter 9, Module B
2.1.3.6 -In processing Chapter 9, Module B
2.1.3.7 -Tokenization Chapter 9, Module B
2.1.3.8 -Rights management Chapter 9, Module B
2.1.4 • Hardware security module (HSM) Chapter 9, Module B
2.1.5 • Geographical considerations Chapter 14, Module B
2.1.6 • Response and recovery controls Chapter 14, Module A
2.1.7 • Secure Sockets Layer (SSL)/Transport Layer Security (TLS) inspection Chapter 6, Module A
2.1.8 • Hashing Chapter 3, Module A
2.1.9 • API considerations Chapter 12, Module A
2.1.10 • Site resiliency Chapter 14, Module B
2.1.10.1 -Hot site Chapter 14, Module B
2.1.10.2 -Cold site Chapter 14, Module B
2.1.10.3 -Warm site Chapter 14, Module B
2.1.11 • Deception and disruption Chapter 5, Module A
2.1.11.1 -Honeypots Chapter 5, Module A
2.1.11.2 -Honeyfiles Chapter 5, Module A
2.1.11.3 -Honeynets Chapter 5, Module A
2.1.11.4 -Fake telemetry Chapter 5, Module A
2.1.11.5 -DNS sinkhole Chapter 5, Module A

2.2 Summarize virtualization and cloud computing concepts.

2.2.1 • Cloud models Chapter 12, Module A
2.2.1.1 -Infrastructure as a service (IaaS) Chapter 12, Module A
2.2.1.2 -Platform as aservice (PaaS) Chapter 12, Module A
2.2.1.3 -Software as a service (SaaS) Chapter 12, Module A
2.2.1.4 -Anything as a service (XaaS) Chapter 12, Module A
2.2.1.5 -Public Chapter 12, Module A
2.2.1.6 -Community Chapter 12, Module A
2.2.1.7 -Private Chapter 12, Module A
2.2.1.8 -Hybrid Chapter 12, Module A
2.2.2 • Cloud service providers Chapter 12, Module A
2.2.3 • Managed service provider (MSP)/ managed security service provider (MSSP) Chapter 12, Module B
2.2.4 • On-premises vs. off-premises Chapter 12, Module A
2.2.5 • Fog computing Chapter 12, Module A
2.2.6 • Edge computing Chapter 12, Module A
2.2.7 • Thin client Chapter 12, Module A
2.2.8 • Containers Chapter 12, Module A
2.2.9 • Microservices/API Chapter 12, Module A
2.2.10 • Infrastructure as code Chapter 12, Module A
Obj Num Obective Description Location
2.2.10.1 -Software-defined networking (SDN) Chapter 12, Module A
2.2.10.2 -Software-defined visibility (SDV) Chapter 12, Module A
2.2.11 • Serverless architecture Chapter 12, Module A
2.2.12 • Services integration Chapter 12, Module B
2.2.13 • Resource policies Chapter 12, Module B
2.2.14 • Transit gateway Chapter 12, Module A
2.2.15 • Virtualization Chapter 12, Module A
2.2.15.1 -Virtual machine (VM) sprawl avoidance Chapter 12, Module A
2.2.15.2 -VM escape protection Chapter 12, Module A

2.3 Summarize secure application development, deployment, and automation concepts.

2.3.1 • Environment Chapter 11, Module B
2.3.1.1 -Development Chapter 11, Module B
2.3.1.2 -Test Chapter 11, Module B
2.3.1.3 -Staging Chapter 11, Module B
2.3.1.4 -Production Chapter 11, Module B
2.3.1.5 -Quality assurance (QA) Chapter 11, Module B
2.3.2 • Provisioning and deprovisioning Chapter 11, Module B
2.3.3 • Integrity measurement Chapter 9, Module C
2.3.4 • Secure coding techniques Chapter 11, Module B
2.3.4.1 -Normalization Chapter 11, Module B
2.3.4.2 -Stored procedures Chapter 11, Module B
2.3.4.3 -Obfuscation/camouflage Chapter 11, Module B
2.3.4.4 -Code reuse/dead code Chapter 11, Module B
2.3.4.5 -Server-side vs. client-side execution and validation Chapter 11, Module B
2.3.4.6 -Memory management Chapter 11, Module B
2.3.4.7 -Use of third-party libraries and software development kits (SDKs) Chapter 11, Module B
2.3.4.8 -Data exposure Chapter 11, Module B
2.3.5 • Open Web Application Security Project (OWASP) Chapter 11, Module A
2.3.6 • Software diversity Chapter 11, Module B
2.3.6.1 -Compiler Chapter 11, Module B
2.3.6.2 -Binary Chapter 11, Module B
2.3.7 • Automation/scripting Various
2.3.7.1 -Automated courses of action Chapter 14, Module C
2.3.7.2 -Continuous monitoring Chapter 11, Module B
2.3.7.3 -Continuous validation Chapter 11, Module B
2.3.7.4 -Continuous integration Chapter 11, Module B
2.3.7.5 -Continuous delivery Chapter 11, Module B
2.3.7.6 -Continuous deployment Chapter 11, Module B
2.3.8 • Elasticity Chapter 14, Module B
2.3.9 • Scalability Chapter 14, Module B
2.3.10 • Version control Chapter 1, Module A

2.4 Summarize authentication and authorization design concepts.

2.4.1 • Authentication methods Various
2.4.1.1 -Directory services Chapter 7, Module B
2.4.1.2 -Federation Chapter 7, Module A
2.4.1.3 -Attestation Chapter 7, Module A
2.4.1.4 -Technologies Chapter 7, Module A
2.4.1.4.1 -Time-based one-time password (TOTP) Chapter 7, Module A
2.4.1.4.2 -HMAC-based one-time password (HOTP) Chapter 7, Module A
2.4.1.4.3 -Short message service (SMS) Chapter 7, Module A
2.4.1.4.4 -Token key Chapter 7, Module A
2.4.1.4.5 -Static codes Chapter 7, Module A
2.4.1.4.6 -Authentication applications Chapter 7, Module A
2.4.1.4.7 -Push notifications Chapter 7, Module A
2.4.1.4.8 -Phone call Chapter 7, Module A
2.4.1.5 -Smart card authentication Chapter 7, Module A
2.4.2 • Biometrics Chapter 7, Module A
2.4.2.1 -Fingerprint Chapter 7, Module A
2.4.2.2 -Retina Chapter 7, Module A
2.4.2.3 -Iris Chapter 7, Module A
2.4.2.4 -Facial Chapter 7, Module A
2.4.2.5 -Voice Chapter 7, Module A
2.4.2.6 -Vein Chapter 7, Module A
2.4.2.7 -Gait analysis Chapter 7, Module A
Obj Num Obective Description Location
2.4.2.8 -Efficacy rates Chapter 7, Module A
2.4.2.9 -False acceptance Chapter 7, Module A
2.4.2.10 -False rejection Chapter 7, Module A
2.4.2.11 -Crossover error rate Chapter 7, Module A
2.4.3 • Multifactor authentication (MFA) factors and attributes Chapter 7, Module A
2.4.3.1 -Factors Chapter 7, Module A
2.4.3.1.2 -Something you know Chapter 7, Module A
2.4.3.1.3 -Something you have Chapter 7, Module A
2.4.3.1.4 -Something you are Chapter 7, Module A
2.4.3.2 -Attributes Chapter 7, Module A
2.4.3.2.2 -Somewhere you are Chapter 7, Module A
2.4.3.2.3 -Something you can do Chapter 7, Module A
2.4.3.2.4 -Something you exhibit Chapter 7, Module A
2.4.3.2.5 -Someone you know Chapter 7, Module A
2.4.4 • Authentication, authorization, and accounting (AAA) Chapter 7, Module A
2.4.5 • Cloud vs. on-premises requirements Chapter 12, Module B

2.5 Given a scenario, implement cybersecurity resilience.

2.5.1 • Redundancy Chapter 14, Module B
2.5.1.1 -Geographic dispersal Chapter 14, Module B
2.5.1.2 -Disk Chapter 14, Module B
2.5.1.2.1 -Redundant array of inexpensive disks (RAID) levels Chapter 14, Module B
2.5.1.2.2 -Multipath Chapter 14, Module B
2.5.1.3 -Network Chapter 14, Module B
2.5.1.3.1 -Load balancers Chapter 14, Module B
2.5.1.3.2 -Network interface card (NIC) teaming Chapter 14, Module B
2.5.1.4 -Power Chapter 14, Module B
2.5.1.4.1 -Uninterruptible powers upply (UPS) Chapter 14, Module B
2.5.1.4.2 -Generator Chapter 14, Module B
2.5.1.4.3 -Dual supply Chapter 14, Module B
2.5.1.4.4 -Managed power distribution units (PDUs) Chapter 14, Module B
2.5.2 • Replication Chapter 14, Module B
2.5.2.2 -Storage area network Chapter 14, Module B
2.5.2.3 -VM Chapter 14, Module B
2.5.3 • On-premises vs. cloud Chapter 14, Module B
2.5.4 • Backup types Chapter 14, Module B
2.5.4.1 -Full Chapter 14, Module B
2.5.4.2 -Incremental Chapter 14, Module B
2.5.4.3 -Snapshot Chapter 14, Module B
2.5.4.4 -Differential Chapter 14, Module B
2.5.4.5 -Tape Chapter 14, Module B
2.5.4.6 -Disk Chapter 14, Module B
2.5.4.7 -Copy Chapter 14, Module B
2.5.4.8 -Network-attached storage (NAS) Chapter 14, Module B
2.5.4.9 -Storage area network Chapter 14, Module B
2.5.4.10 -Cloud Chapter 14, Module B
2.5.4.11 -Image Chapter 14, Module B
2.5.4.12 -Online vs. offline Chapter 14, Module B
2.5.4.13 -Offsite storage Chapter 14, Module B
2.5.4.13.1 -Distance considerations Chapter 14, Module B
2.5.5 • Non-persistence Chapter 14, Module B
2.5.5.1 -Revert to known state Chapter 14, Module B
2.5.5.2 -Last known-good configuration Chapter 14, Module B
2.5.5.3 -Live boot media Chapter 14, Module B
2.5.6 • High availability Chapter 14, Module B
2.5.6.1 -Scalability Chapter 14, Module B
2.5.7 • Restoration order Chapter 14, Module A
2.5.8 • Diversity Chapter 14, Module B
2.5.8.1 -Technologies Chapter 14, Module B
2.5.8.2 -Vendors Chapter 14, Module B
2.5.8.3 -Crypto Chapter 14, Module B
2.5.8.4 -Controls Chapter 14, Module B

2.6 Explain the security implications of embedded and specialized systems.

2.6.1 • Embedded systems Chapter 10, Module B
2.6.1.1 -Raspberry Pi Chapter 10, Module B
Obj Num Obective Description Location
2.6.1.2 -Field-programmable gate array (FPGA) Chapter 10, Module B
2.6.1.3 -Arduino Chapter 10, Module B
2.6.2 • Supervisory control and data acquisition (SCADA)/industrial control system (ICS) Chapter 10, Module B
2.6.3 -Facilities Chapter 10, Module B
2.6.4 -Industrial Chapter 10, Module B
2.6.5 -Manufacturing Chapter 10, Module B
2.6.6 -Energy Chapter 10, Module B
2.6.7 -Logistics Chapter 10, Module B
2.6.3 • Internet of Things (IoT) Chapter 10, Module B
2.6.3.1 -Sensors Chapter 10, Module B
2.6.3.2 -Smart devices Chapter 10, Module B
2.6.3.3 -Wearables Chapter 10, Module B
2.6.3.4 -Facility automation Chapter 10, Module B
2.6.3.5 -Weak defaults Chapter 10, Module B
2.6.4 • Specialized Chapter 10, Module B
2.6.4.1 -Medical systems Chapter 10, Module B
2.6.4.2 -Vehicles Chapter 10, Module B
2.6.4.3 -Aircraft Chapter 10, Module B
2.6.4.4 -Smart meters Chapter 10, Module B
2.6.5 • Voice over IP (VoIP) Chapter 10, Module B
2.6.6 • Heating, ventilation, air conditioning (HVAC) Chapter 10, Module B
2.6.7 • Drones/AVs Chapter 10, Module B
2.6.8 • Multifunction printer (MFP) Chapter 10, Module B
2.6.9 • Real-time operating system (RTOS) Chapter 10, Module B
2.6.10 • Surveillance systems Chapter 10, Module B
2.6.11 • System on chip (SoC) Chapter 10, Module B
2.6.12 • Communication considerations Chapter 10, Module B
2.6.12.1 -5G Chapter 10, Module B
2.6.12.2 -Narrow-band Chapter 10, Module B
2.6.12.3 -Baseband radio Chapter 10, Module B
2.6.12.4 -Subscriber identity module (SIM) cards Chapter 10, Module B
2.6.12.5 -Zigbee Chapter 10, Module B
2.6.13 • Constraints Chapter 10, Module B
2.6.14 -Power Chapter 10, Module B
2.6.15 -Compute Chapter 10, Module B
2.6.16 -Network Chapter 10, Module B
2.6.17 -Crypto Chapter 10, Module B
2.6.18 -Inability to patch Chapter 10, Module B
2.6.19 -Authentication Chapter 10, Module B
2.6.20 -Range Chapter 10, Module B
2.6.21 -Cost Chapter 10, Module B
2.6.22 -Implied trust Chapter 10, Module B

2.7 Explain the importance of physical security controls.

2.7.1 • Bollards/barricades Chapter 13, Module D
2.7.2 • Access control vestibules Chapter 13, Module D
2.7.3 • Badges Chapter 13, Module D
2.7.4 • Alarms Chapter 13, Module D
2.7.5 • Signage Chapter 13, Module D
2.7.6 • Cameras Chapter 13, Module D
2.7.6.1 -Motion recognition Chapter 13, Module D
2.7.6.2 -Object detection Chapter 13, Module D
2.7.7 • Closed-circuit television (CCTV) Chapter 13, Module D
2.7.8 • Industrial camouflage Chapter 13, Module D
2.7.9 • Personnel Chapter 13, Module D
2.7.9.1 -Guards Chapter 13, Module D
2.7.9.2 -Robot sentries Chapter 13, Module D
2.7.9.3 -Reception Chapter 13, Module D
2.7.9.4 -Two-person integrity/control Chapter 13, Module D
2.7.10 • Locks Chapter 13, Module D
2.7.10.1 -biometrics Chapter 13, Module D
2.7.10.2 -Electronic Chapter 13, Module D
2.7.10.3 -Physical Chapter 13, Module D
2.7.10.4 -Cable locks Chapter 13, Module D
2.7.11 • USB data blocker Chapter 13, Module D
2.7.12 • Lighting Chapter 13, Module D
Obj Num Obective Description Location
2.7.13 • Fencing Chapter 13, Module D
2.7.14 • Fire suppression Chapter 13, Module D
2.7.15 • Sensors Chapter 13, Module D
2.7.15.1 -Motion detection Chapter 13, Module D
2.7.15.2 -Noise detection Chapter 13, Module D
2.7.15.3 -Proximity reader Chapter 13, Module D
2.7.15.4 -Moisture detection Chapter 13, Module D
2.7.15.5 -Cards Chapter 13, Module D
2.7.15.6 -Temperature Chapter 13, Module D
2.7.16 • Drones/UAV Chapter 13, Module D
2.7.17 • Visitor logs Chapter 13, Module D
2.7.18 • Faraday cages Chapter 13, Module D
2.7.19 • Air gap Chapter 13, Module D
2.7.20 • Screened subnet (previously known as demilitarized zone) Chapter 13, Module D
2.7.21 • Protected cable distribution Chapter 13, Module D
2.7.22 • Secure areas Chapter 13, Module D
2.7.22.1 -Air gap Chapter 13, Module D
2.7.22.2 -Vault Chapter 13, Module D
2.7.22.3 -Safe Chapter 13, Module D
2.7.22.4 -Hot aisle Chapter 13, Module D
2.7.22.5 -Cold aisle Chapter 13, Module D
2.7.23 • Secure data destruction Chapter 9, Module B
2.7.23.1 -Burning Chapter 9, Module B
2.7.23.2 -Shredding Chapter 9, Module B
2.7.23.3 -Pulping Chapter 9, Module B
2.7.23.4 -Pulverizing Chapter 9, Module B
2.7.23.5 -Degaussing Chapter 9, Module B
2.7.23.6 -Third-party solutions Chapter 9, Module B

2.8 Summarize the basics of cryptographic concepts.

2.8.1 • Digital signatures Chapter 3, Module A
2.8.2 • Key length Chapter 3, Module A
2.8.3 • Key stretching Chapter 3, Module A
2.8.4 • Salting Chapter 3, Module A
2.8.5 • Hashing Chapter 3, Module A
2.8.6 • Key exchange Chapter 3, Module A
2.8.7 • Elliptic-curve cryptography Chapter 3, Module A
2.8.8 • Perfect forward secrecy Chapter 3, Module A
2.8.9 • Quantum Chapter 3, Module A
2.8.9.1 -Communications Chapter 3, Module A
2.8.9.2 -Computing Chapter 3, Module A
2.8.10 • Post-quantum Chapter 3, Module A
2.8.11 • Ephemeral Chapter 3, Module A
2.8.12 • Modes of operation Chapter 3, Module A
2.8.12.1 -Authenticated Chapter 3, Module A
2.8.12.2 -Unauthenticated Chapter 3, Module A
2.8.12.3 -Counter Chapter 3, Module A
2.8.13 • Blockchain Chapter 3, Module A
2.8.13.1 -Public ledgers Chapter 3, Module A
2.8.14 • Cipher suites Chapter 3, Module A
2.8.14.1 -Stream Chapter 3, Module A
2.8.14.2 -Block Chapter 3, Module A
2.8.15 • Symmetric vs. asymmetric Chapter 3, Module A
2.8.16 • Lightweight cryptography Chapter 3, Module A
2.8.17 • Steganography Chapter 3, Module A
2.8.17.1 -Audio Chapter 3, Module A
2.8.17.2 -Video Chapter 3, Module A
2.8.17.3 -Image Chapter 3, Module A
2.8.18 • Homomorphic encryption Chapter 3, Module A
2.8.19 • Common use cases Chapter 3, Module A
2.8.19.1 -Low power devices Chapter 3, Module A
2.8.19.2 -Low latency Chapter 3, Module A
2.8.19.3 -High resiliency Chapter 3, Module A
2.8.19.4 -Supporting confidentiality Chapter 3, Module A
2.8.19.5 -Supporting integrity Chapter 3, Module A
2.8.19.6 -Supporting obfuscation Chapter 3, Module A
Obj Num Obective Description Location
2.8.19.7 -Supporting authentication Chapter 3, Module A
2.8.19.8 -Supporting non-repudiation Chapter 3, Module A
2.8.19.9 -Resource vs. security constraints Chapter 3, Module A
2.8.20 • Limitations Chapter 3, Module A
2.8.20.1 -Speed Chapter 3, Module A
2.8.20.2 -Size Chapter 3, Module A
2.8.20.3 -Weak keys Chapter 3, Module A
2.8.20.4 -Time Chapter 3, Module A
2.8.20.5 -Longevity Chapter 3, Module A
2.8.20.6 -Predictability Chapter 3, Module A
2.8.20.7 -Reuse Chapter 3, Module A
2.8.20.8 -Entropy Chapter 3, Module A
2.8.20.9 -Computational overheads Chapter 3, Module A
2.8.20.10 -Resource vs. security constraints Chapter 3, Module A

3.0 Implementation
3.1 Given a scenario, implement secure protocols
3.1.1 • Protocols Chapter 6, Module A
3.1.1.1 -Domain Name System Security Extension (DNSSEC) Chapter 6, Module A
3.1.1.2 -SSH Chapter 6, Module A
3.1.1.3 -Secure/Multipurpose Internet Mail Extensions (S/MIME) Chapter 6, Module A
3.1.1.4 -Secure Real-time Protocol (SRTP) Chapter 6, Module A
3.1.1.5 -Lightweight Directory Access Protocol Over SSL (LDAPS) Chapter 6, Module A
3.1.1.6 -File Transfer Protocol, Secure (FTPS) Chapter 6, Module A
3.1.1.7 -SSH File Transfer Protocol (SFTP) Chapter 6, Module A
3.1.1.8 -Simple Network Management Protocol, version3 (SNMPv3) Chapter 6, Module A
3.1.1.9 -Hypertext transfer protocol over SSL/TLS (HTTPS) Chapter 6, Module A
3.1.1.10 -IPSec Chapter 6, Module A
3.1.1.10.1 -Authentication header (AH)/ Encapsulating Security Payloads (ESP) Chapter 6, Module A
3.1.1.10.2 -Tunnel/transport Chapter 6, Module A
3.1.1.11 -Secure Post Office Protocol (POP)/ Internet Message Access Protocol (IMAP) Chapter 6, Module A
3.1.2 • Use cases Various
3.1.2.1 -Voice and video Chapter 6, Module A
3.1.2.2 -Time synchronization Chapter 6, Module A
3.1.2.3 -Email and web Chapter 6, Module A
3.1.2.4 -File transfer Chapter 6, Module A
3.1.2.5 -Directory services Chapter 6, Module A
3.1.2.6 -Remote access Chapter 6, Module A
3.1.2.7 -Domain name resolution Chapter 6, Module A
3.1.2.8 -Routing and switching Chapter 6, Module B
3.1.2.9 -Network address allocation Chapter 6, Module A
3.1.2.10 -Subscription services Chapter 6, Module B

3.2 Given a scenario, implement host or application security solutions.

3.2.1 • Endpoint protection Chapter 9, Module C
3.2.1.1 -Antivirus Chapter 9, Module C
3.2.1.2 -Anti-malware Chapter 9, Module C
3.2.1.3 -Endpoint detection and response (EDR) Chapter 9, Module C
3.2.1.4 -DLP Chapter 9, Module C
3.2.1.5 -Next-generation firewall (NGFW) Chapter 9, Module C
3.2.1.6 -Host-based intrusion prevention system (HIPS) Chapter 9, Module C
3.2.1.7 -Host-based intrusion detection system (HIDS) Chapter 9, Module C
3.2.1.8 -Host-based firewall Chapter 9, Module C
3.2.2 • Boot integrity Chapter 9, Module C
3.2.1.1 -Boot security/Unified Extensible FirmwareInterface(UEFI) Chapter 9, Module C
3.2.1.2 -Measured boot Chapter 9, Module C
3.2.1.3 -Boot attestation Chapter 9, Module C
3.2.3 • Database Chapter 11, Module B
3.2.3.1 -Tokenization Chapter 11, Module B
3.2.3.2 -Salting Chapter 11, Module B
3.2.3.3 -Hashing Chapter 11, Module B
3.2.4 • Application security Various
3.2.4.1 -Input validations Chapter 11, Module B
Obj Num Obective Description Location
3.2.4.2 -Secure cookies Chapter 11, Module B
3.2.4.3 -Hypertext Transfer Protocol (HTTP) headers Chapter 11, Module B
3.2.4.4 -Code signing Chapter 9, Module C
3.2.4.5 -Allow list Chapter 9, Module C
3.2.4.6 -Block list/deny list Chapter 9, Module C
3.2.4.7 -Secure coding practices Chapter 11, Module B
3.2.4.8 -Static code analysis Chapter 11, Module B
3.2.4.8.1 -Manual code review Chapter 11, Module B
3.2.4.9 -Dynamic code analysis Chapter 11, Module B
3.2.4.10 -Fuzzing Chapter 11, Module B
3.2.5 • Hardening Various
3.2.5.1 -Open ports and services Chapter 9, Module C
3.2.5.2 -Registry Chapter 9, Module C
3.2.5.3 -Disk encryption Chapter 9, Module B
3.2.5.4 -OS Chapter 9, Module C
3.2.5.5 -Patch management Chapter 9, Module C
3.2.5.5.1 -Third-party updates Chapter 9, Module C
3.2.5.5.2 -Auto-update Chapter 9, Module C
3.2.6 • Self-encrypting drive (SED)/ full-disk encryption (FDE) Chapter 9, Module B
3.2.6.1 -Opal Chapter 9, Module B
3.2.7 • Hardware root of trust Chapter 9, Module C
3.2.8 • Trusted Platform Module (TPM) Chapter 9, Module C
3.2.9 • Sandboxing Chapter 9, Module C

3.3 Given a scenario, implement secure network designs.

3.3.1 • Load balancing Chapter 5, Module A
3.3.1.1 -Active/active Chapter 5, Module A
3.3.1.2 -Active/passive Chapter 5, Module A
3.3.1.3 -Scheduling Chapter 5, Module A
3.3.1.4 -Virtual IP Chapter 5, Module A
3.3.1.5 -Persistence Chapter 5, Module A
3.3.2 • Network segmentation Various
3.3.2.1 -Virtual local area network(VLAN) Chapter 6, Module B
3.3.2.2 - Screened subnet (previously known as demilitarized zone) Chapter 4, Module B
3.3.2.3 -East-west traffic Chapter 4, Module B
3.3.2.4 -Extranet Chapter 4, Module B
3.3.2.5 -Intranet Chapter 4, Module B
3.3.2.6 -Zero Trust Chapter 6, Module B
3.3.3 • Virtual private network (VPN) Chapter 6, Module A
3.3.3.1 -Always-on Chapter 6, Module A
3.3.3.2 -Split tunnel vs. full tunnel Chapter 6, Module A
3.3.3.3 -Remote access vs. site-to-site Chapter 6, Module A
3.3.3.4 -IPSec Chapter 6, Module A
3.3.3.5 -SSL/TLS Chapter 6, Module A
3.3.3.6 -HTML5 Chapter 6, Module A
3.3.3.7 -Layer 2 tunneling protocol (L2TP) Chapter 6, Module A
3.3.4 • DNS Chapter 6, Module B
3.3.5 • Network access control (NAC) Chapter 5, Module A
3.3.5.1 -Agent and agentless Chapter 5, Module A
3.3.6 • Out-of-band management Chapter 4, Module B
3.3.7 • Port security Chapter 4, Module B
3.3.7.1 -Broadcast storm prevention Chapter 4, Module B
3.3.7.2 -Bridge Protocol Data Unit (BPDU) guard Chapter 4, Module B
3.3.7.3 -Loop prevention Chapter 4, Module B
3.3.7.4 -Dynamic Host Configuration Protocol (DHCP) snooping Chapter 4, Module B
3.3.7.5 -Media access control (MAC)filtering Chapter 4, Module B
3.3.8 • Network appliances Various
3.3.8.1 -Jump servers Chapter 4, Module B
3.3.8.2 -Proxy servers Chapter 5, Module A
3.3.8.2.1 -Forward Chapter 5, Module A
3.3.8.2.2 -Reverse Chapter 5, Module A
3.3.8.3 -Network-based intrusion detection system (NIDS)/network-based intrusion prevention system (NIPS) Chapter 5, Module A
3.3.8.3.1 -Signature-based Chapter 5, Module A
3.3.8.3.2 -Heuristic/behavior Chapter 5, Module A
3.3.8.3.3 -Anomaly Chapter 5, Module A
3.3.8.3.4 -Inline vs.passive Chapter 5, Module A
Obj Num Obective Description Location
3.3.8.4 -HSM Chapter 9, Module B
3.3.8.5 -Sensors Chapter 5, Module B
3.3.8.6 -Collectors Chapter 5, Module B
3.3.8.7 -Aggregators Chapter 5, Module B
3.3.8.8 -Firewalls Various
3.3.8.8.1 -Web application firewall (WAF) Chapter 5, Module A
3.3.8.8.2 -NGFW Chapter 5, Module A
3.3.8.8.3 -Stateful Chapter 4, Module B
3.3.8.8.4 -Stateless Chapter 4, Module B
3.3.8.8.5 -Unified threat management (UTM) Chapter 5, Module A
3.3.8.8.6 -Network address translation (NAT) gateway Chapter 4, Module B
3.3.8.8.7 -Content/URL filter Chapter 5, Module A
3.3.8.8.8 -Open-source vs. proprietary Chapter 4, Module B
3.3.8.8.9 -Hardware vs. software Chapter 4, Module B
3.3.8.8.10 -Appliance vs. host-based vs. virtual Chapter 4, Module B
3.3.9 • Access control list (ACL) Chapter 4, Module B
3.3.10 • Route security Chapter 6, Module B
3.3.11 • Quality of service (QoS) Chapter 4, Module B
3.3.12 • Implications of IPv6 Chapter 6, Module B
3.3.13 • Port spanning/port mirroring Chapter 5, Module B
3.3.13.1 -Port taps Chapter 5, Module B
3.3.14 • Monitoring services Chapter 12, Module B
3.3.15 • File integrity monitors Chapter 9, Module C

3.4 Given a scenario, install and configure wireless security settings.

3.4.1 • Cryptographic protocols Chapter 6, Module A
3.4.1.1 -Wi-Fi protected access II (WPA2) Chapter 6, Module A
3.4.1.2 -Wi-Fi protected accessIII (WPA3) Chapter 6, Module A
3.4.1.3 -Counter-mode/CBC-MAC protocol(CCMP) Chapter 6, Module A
3.4.1.4 -Simultaneous Authentication of Equals (SAE) Chapter 6, Module A
3.4.2 • Authentication protocols Chapter 7, Module B
3.4.2.1 -Extensible Authentication Protocol(EAP) Chapter 7, Module B
3.4.2.2 -Protected Extensible Application Protocol (PEAP) Chapter 7, Module B
3.4.2.3 -EAP-FAST Chapter 7, Module B
3.4.2.4 -EAP-TLS Chapter 7, Module B
3.4.2.5 -EAP-TTLS Chapter 7, Module B
3.4.2.6 -IEEE802.1X Chapter 7, Module B
3.4.2.7 -Remote Authentication Dial-in User Service (RADIUS) Federation Chapter 7, Module B
3.4.3 • Methods Chapter 6, Module A
3.4.3.1 -Pre-shared key (PSK) vs. Enterprise vs. Open Chapter 6, Module A
3.4.3.2 -WiFi Protected Setup (WPS) Chapter 6, Module A
3.4.3.3 -Captive portals Chapter 6, Module A
3.4.5 • Installation considerations Chapter 6, Module B
3.4.5.1 -Site surveys Chapter 6, Module B
3.4.5.2 -Heatmaps Chapter 6, Module B
3.4.5.3 -WiFi analyzers Chapter 6, Module B
3.4.5.4 -Channel overlays Chapter 6, Module B
3.4.5.5 -Wireless access point (WAP) placement Chapter 6, Module B
3.4.5.6 -Controller and access point security Chapter 6, Module B

3.5 Given a scenario, implement secure mobile solutions.

3.5.1 • Connection methods and receivers Chapter 10, Module A
3.5.1.1 -Cellular Chapter 10, Module A
3.5.1.2 -WiFi Chapter 10, Module A
3.5.1.3 -Bluetooth Chapter 10, Module A
3.5.1.4 -NFC Chapter 10, Module A
3.5.1.5 -Infrared Chapter 10, Module A
3.5.1.6 -USB Chapter 10, Module A
3.5.1.7 -Point-to-point Chapter 10, Module A
3.5.1.8 -Point-to-multipoint Chapter 10, Module A
3.5.1.9 -Global Positioning System(GPS) Chapter 10, Module A
3.5.1.10 -RFID Chapter 10, Module A
3.5.2 • Mobile device management (MDM) Chapter 10, Module A
3.5.2.1 -Application management Chapter 10, Module A
3.5.2.2 -Content management Chapter 10, Module A
3.5.2.3 -Remote wipe Chapter 10, Module A
Obj Num Obective Description Location
3.5.2.4 -Geofencing Chapter 10, Module A
3.5.2.5 -Geolocation Chapter 10, Module A
3.5.2.6 -Screenlocks Chapter 10, Module A
3.5.2.7 -Push notifications Chapter 10, Module A
3.5.2.8 -Passwords and pins Chapter 10, Module A
3.5.2.9 -Biometrics Chapter 10, Module A
3.5.2.10 -Context-aware authentication Chapter 10, Module A
3.5.2.11 -Containerization Chapter 10, Module A
3.5.2.12 -Storage segmentation Chapter 10, Module A
3.5.2.13 -Full device encryption Chapter 10, Module A
3.5.3 • Mobile devices Chapter 10, Module A
3.5.3.1 -MicroSD HSM Chapter 10, Module A
3.5.3.2 -MDM/Unified Endpoint Management (UEM) Chapter 10, Module A
3.5.3.3 -Mobile application management (MAM) Chapter 10, Module A
3.5.3.4 -SEAndroid Chapter 10, Module A
3.5.4 • Enforcement and monitoring of: Chapter 10, Module A
3.5.4.1 -Third-party application stores Chapter 10, Module A
3.5.4.2 -Rooting/jailbreaking Chapter 10, Module A
3.5.4.3 -Sideloading Chapter 10, Module A
3.5.4.4 -Custom firmware Chapter 10, Module A
3.5.4.5 -Carrier unlocking Chapter 10, Module A
3.5.4.6 -Firmware over-the-air (OTA) updates Chapter 10, Module A
3.5.4.7 -Camera use Chapter 10, Module A
3.5.4.8 -SMS/Multimedia Messaging Service (MMS)/Rich communication services (RCS) Chapter 10, Module A
3.5.4.9 -External media Chapter 10, Module A
3.5.4.10 -USB On-The-Go (USBOTG) Chapter 10, Module A
3.5.4.11 -Recording microphone Chapter 10, Module A
3.5.4.12 -GPS tagging Chapter 10, Module A
3.5.4.13 -WiFi direct/ad hoc Chapter 10, Module A
3.5.4.14 -Tethering Chapter 10, Module A
3.5.4.15 -Hotspot Chapter 10, Module A
3.5.4.16 -Payment methods Chapter 10, Module A
3.5.5 • Deployment models Chapter 10, Module A
3.5.5.1 -Bring your own device (BYOD) Chapter 10, Module A
3.5.5.2 -Corporate-owned personally enabled (COPE) Chapter 10, Module A
3.5.5.3 -Choose your own device (CYOD) Chapter 10, Module A
3.5.5.4 -Corporate-owned Chapter 10, Module A
3.5.5.5 -Virtual desktop infrastructure (VDI) Chapter 10, Module A

3.6 Given a scenario, apply cybersecurity solutions to the cloud.

3.6.1 • Cloud security controls Chapter 12, Module B
3.6.1.1 -High availability across zones Chapter 12, Module B
3.6.1.2 -Resource policies Chapter 12, Module B
3.6.1.3 -Secrets management Chapter 12, Module B
3.6.1.4 -Integration and auditing Chapter 12, Module B
3.6.1.5 -Storage Chapter 12, Module B
3.6.1.5.1 -Permissions Chapter 12, Module B
3.6.1.5.2 -Encryption Chapter 12, Module B
3.6.1.5.3 -Replication Chapter 12, Module B
3.6.1.5.4 -High availability Chapter 12, Module B
3.6.1.6 -Network Chapter 12, Module B
3.6.1.6.1 -Virtual networks Chapter 12, Module B
3.6.1.6.2 -Public and private subnets Chapter 12, Module B
3.6.1.6.3 -Segmentation Chapter 12, Module B
3.6.1.6.4 -API inspection and integration Chapter 12, Module B
3.6.1.7 -Compute Chapter 12, Module B
3.6.1.7.1 -Security groups Chapter 12, Module B
3.6.1.7.2 -Dynamic resource allocation Chapter 12, Module B
3.6.1.7.3 -Instance awareness Chapter 12, Module B
3.6.1.7.4 -Virtual private cloud (VPC) endpoint Chapter 12, Module B
3.6.1.7.5 -Container security Chapter 12, Module B
3.6.2 • Solutions Chapter 12, Module B
3.6.2.1 -CASB Chapter 12, Module B
3.6.2.2 -Application security Chapter 12, Module B
3.6.2.3 -Next-generation Secure Web Gateway (SWG) Chapter 12, Module B
3.6.2.4 -Firewall considerations in a cloud environment Chapter 12, Module B
Obj Num Obective Description Location
3.6.2.4.1 -Cost Chapter 12, Module B
3.6.2.4.2 -Need for segmentation Chapter 12, Module B
3.6.2.4.3 -Open Systems Interconnection (OSI) layers Chapter 12, Module B
3.6.3 • Cloud native controls vs. third-party solutions Chapter 12, Module B

3.7 Given a scenario, implement identity and account management controls.

3.7.1 • Identity Chapter 8, Module B
3.7.1.1 -Identity provider(IdP) Chapter 8, Module B
3.7.1.2 -Attributes Chapter 8, Module B
3.7.1.3 -Certificates Chapter 8, Module B
3.7.1.4 -Tokens Chapter 8, Module B
3.7.1.5 -SSHkeys Chapter 8, Module B
3.7.1.6 -Smart cards Chapter 8, Module B
3.7.2 • Account types Chapter 8, Module B
3.7.2.1 -User account Chapter 8, Module B
3.7.2.2 -Shared and generic accounts/credentials Chapter 8, Module B
3.7.2.3 -Guest accounts Chapter 8, Module B
3.7.2.4 -Service accounts Chapter 8, Module B
3.7.3 • Account policies Various
3.7.3.1 -Password complexity Chapter 8, Module B
3.7.3.2 -Password history Chapter 8, Module B
3.7.3.3 -Password reuse Chapter 8, Module B
3.7.3.4 -Time of day Chapter 8, Module A
3.7.3.5 -Network location Chapter 8, Module A
3.7.3.6 -Geofencing Chapter 8, Module A
3.7.3.7 -Geotagging Chapter 8, Module A
3.7.3.8 -Geolocation Chapter 8, Module A
3.7.3.9 -Time-based logins Chapter 8, Module A
3.7.3.10 -Access policies Chapter 8, Module B
3.7.3.11 -Account permissions Chapter 8, Module B
3.7.3.12 -Account audits Chapter 8, Module B
3.7.3.13 -Impossible travel time/risky login Chapter 8, Module A
3.7.3.14 -Lockout Chapter 8, Module B
3.7.3.15 -Disablement Chapter 8, Module B

3.8 Given a scenario, implement authentication and authorization solutions.

3.8.1 • Authentication management Chapter 8, Module B
3.8.1.1 -Password keys Chapter 8, Module B
3.8.1.2 -Password vaults Chapter 8, Module B
3.8.1.3 -TPM Chapter 8, Module B
3.8.1.4 -HSM Chapter 8, Module B
3.8.1.5 -Knowledge-based Authentication Chapter 8, Module B
3.8.2 • Authentication Various
3.8.2.1 -EAP Chapter 7, Module B
3.8.2.2 -Challenge Handshake Authentication Protocol (CHAP) Chapter 7, Module B
3.8.2.3 -Password Authentication protocol(PAP) Chapter 7, Module B
3.8.2.4 -802.1X Chapter 7, Module B
3.8.2.5 -RADIUS Chapter 7, Module B
3.8.2.6 -Single sign-on (SSO) Chapter 7, Module A
3.8.2.7 -Security Assertions Markup Language (SAML) Chapter 7, Module B
3.8.2.8 -Terminal Access Controller Access Control System Plus (TACACS+) Chapter 7, Module B
3.8.2.9 -OAuth Chapter 7, Module B
3.8.2.10 -OpenID Chapter 7, Module B
3.8.2.11 -Kerberos Chapter 7, Module B
3.8.3 • Access control schemes Various
3.8.3.1 -Attribute-based access control (ABAC) Chapter 8, Module A
3.8.3.2 -Role-based access control Chapter 8, Module A
3.8.3.3 -Rule-based access control Chapter 8, Module A
3.8.3.4 -MAC Chapter 8, Module A
3.8.3.5 -Discretionary access control (DAC) Chapter 8, Module A
3.8.3.6 -Conditional access Chapter 8, Module A
3.8.3.7 -Privilege access management Chapter 8, Module B
3.8.3.8 -File system permissions Chapter 9, Module B

3.9 Given a scenario, implement public key infrastructure.

Obj Num Obective Description Location
3.9.1 • Public key infrastructure (PKI) Chapter 3, Module B
3.9.1.1 -Key management Chapter 3, Module B
3.9.1.2 -Certificate authority (CA) Chapter 3, Module B
3.9.1.3 -Intermediate CA Chapter 3, Module B
3.9.1.4 -Registration authority (RA) Chapter 3, Module B
3.9.1.5 -Certificate revocation list (CRL) Chapter 3, Module B
3.9.1.6 -Certificate attributes Chapter 3, Module B
3.9.1.7 -Online Certificate Status Protocol (OCSP) Chapter 3, Module B
3.9.1.8 -Certificate signing request (CSR) Chapter 3, Module B
3.9.1.9 -CN Chapter 3, Module B
3.9.1.10 -Subject alternative name Chapter 3, Module B
3.9.1.11 -Expiration Chapter 3, Module B
3.9.2 • Types of certificates Chapter 3, Module B
3.9.2.1 -Wildcard Chapter 3, Module B
3.9.2.2 -Subject alternative name Chapter 3, Module B
3.9.2.3 -Code signing Chapter 3, Module B
3.9.2.4 -Self-signed Chapter 3, Module B
3.9.2.5 -Machine/computer Chapter 3, Module B
3.9.2.6 -Email Chapter 3, Module B
3.9.2.7 -User Chapter 3, Module B
3.9.2.8 -Root Chapter 3, Module B
3.9.2.9 -Domain validation Chapter 3, Module B
3.9.2.10 -Extended validation Chapter 3, Module B
3.9.3 • Certificate formats Chapter 3, Module B
3.9.3.1 -Distinguished encoding rules (DER) Chapter 3, Module B
3.9.3.2 -Privacy enhanced mail (PEM) Chapter 3, Module B
3.9.3.3 -Personal information exchange (PFX) Chapter 3, Module B
3.9.3.4 -.cer Chapter 3, Module B
3.9.3.5 -P7B Chapter 3, Module B
3.9.4 • Concepts Chapter 3, Module B
3.9.4.1 -Online vs. offline CA Chapter 3, Module B
3.9.4.2 -Stapling Chapter 3, Module B
3.9.4.3 -Pinning Chapter 3, Module B
3.9.4.4 -Trust model Chapter 3, Module B
3.9.4.5 -Key escrow Chapter 3, Module B
3.9.4.6 -Certificate chaining Chapter 3, Module B

4.0 Operations and Incident Response

4.1 Given a scenario, use the appropriate tool to assess organizational security.
4.1.1 • Network reconnaissance and discovery Various
4.1.1.1 -tracert/traceroute Chapter 2, Module C
4.1.1.2 -nslookup/dig Chapter 2, Module C
4.1.1.3 -ipconfig/ifconfig Chapter 2, Module C
4.1.1.4 -nmap Chapter 2, Module C
4.1.1.5 -ping/pathping Chapter 2, Module C
4.1.1.6 -hping Chapter 2, Module C
4.1.1.7 -netstat Chapter 2, Module C
4.1.1.8 -netcat Chapter 2, Module C
4.1.1.9 -IP scanners Chapter 2, Module C
4.1.1.10 -arp Chapter 2, Module C
4.1.1.11 -route Chapter 2, Module C
4.1.1.12 -curl Chapter 2, Module C
4.1.1.13 -the harvester Chapter 2, Module C
4.1.1.14 -sn1per Chapter 2, Module C
4.1.1.15 -scanless Chapter 2, Module C
4.1.1.16 -dnsenum Chapter 2, Module C
4.1.1.17 -Nessus Chapter 2, Module C
4.1.1.18 -Cuckoo Chapter 9, Module A
4.1.2 • File manipulation Various
4.1.2.1 -head Chapter 5, Module B
4.1.2.2 -tail Chapter 5, Module B
4.1.2.3 -cat Chapter 5, Module B
4.1.2.4 -grep Chapter 5, Module B
4.1.2.5 -chmod Chapter 9, Module B
Obj Num Obective Description Location
4.1.2.6 -logger Chapter 5, Module B
4.1.3 • Shell and script environments Various
4.1.3.1 -SSH Chapter 2, Module C
4.1.3.2 -PowerShell Chapter 9, Module A
4.1.3.3 -Python Chapter 9, Module A
4.1.3.4 -OpenSSL Chapter 6, Module A
4.1.4 • Packet capture and replay Chapter 2, Module C
4.1.4.1 -Tcpreplay Chapter 2, Module C
4.1.4.2 -Tcpdump Chapter 2, Module C
4.1.4.3 -Wireshark Chapter 2, Module C
4.1.5 • Forensics Chapter 14, Module C
4.1.5.1 -dd Chapter 14, Module C
4.1.5.2 -Memdump Chapter 14, Module C
4.1.5.3 -WinHex Chapter 14, Module C
4.1.5.4 -FTK imager Chapter 14, Module C
4.1.5.5 -Autopsy Chapter 14, Module C
4.1.6 • Exploitation frameworks Chapter 2, Module C
4.1.7 • Password crackers Chapter 14, Module C
4.1.8 • Data sanitization Chapter 9, Module B

4.2 Summarize the importance of policies, processes, and procedures for incident response.
4.2.1 • Incident response plans Chapter 14, Module C
4.2.2 • Incident response process Chapter 14, Module C
4.2.2.1 -Preparation Chapter 14, Module C
4.2.2.2 -Identification Chapter 14, Module C
4.2.2.3 -Containment Chapter 14, Module C
4.2.2.4 -Eradication Chapter 14, Module C
4.2.2.5 -Recovery Chapter 14, Module C
4.2.2.6 -Lessons learned Chapter 14, Module C
4.2.3 • Exercises Chapter 14, Module A
4.2.3.1 -Tabletop Chapter 14, Module A
4.2.3.2 -Walkthroughs Chapter 14, Module A
4.2.3.3 -Simulations Chapter 14, Module A
4.2.4 • Attack frameworks Chapter 2, Module A
4.2.4.1 -MITREATT&CK Chapter 2, Module A
4.2.4.2 -The Diamond Model of Intrusion Analysis Chapter 2, Module A
4.2.4.3 -Cyber Kill Chain Chapter 2, Module A
4.2.5 • Stakeholder management Chapter 14, Module A
4.2.6 • Communication plan Chapter 14, Module A
4.2.7 • Disaster recovery plan Chapter 14, Module A
4.2.8 • Business continuity plan Chapter 14, Module A
4.2.9 • Continuity of operations planning (COOP) Chapter 14, Module A
4.2.10 • Incident response team Chapter 14, Module C
4.2.11 • Retention policies Chapter 14, Module C

4.3 Given an incident, utilize appropriate data sources to support an investigation.

4.3.1 • Vulnerability scan output Chapter 14, Module C
4.3.2 • SIEM dashboards Chapter 5, Module B
4.3.2.1 -Sensor Chapter 5, Module B
4.3.2.2 -Sensitivity Chapter 5, Module B
4.3.2.3 -Trends Chapter 5, Module B
4.3.2.4 -Alerts Chapter 5, Module B
4.3.2.5 -Correlation Chapter 5, Module B
4.3.3 • Log files Chapter 14, Module C
4.3.3.1 -Network Chapter 14, Module C
4.3.3.2 -System Chapter 14, Module C
4.3.3.3 -Application Chapter 14, Module C
4.3.3.4 -Security Chapter 14, Module C
4.3.3.5 -Web Chapter 14, Module C
4.3.3.6 -DNS Chapter 14, Module C
4.3.3.7 -Authentication Chapter 14, Module C
4.3.3.8 -Dump files Chapter 14, Module C
4.3.3.9 -VoIP and call managers Chapter 14, Module C
4.3.3.10 -Session Initiation Protocol (SIP) traffic Chapter 14, Module C
4.3.4 • syslog/rsyslog/syslog-ng Chapter 5, Module B
4.3.5 • journalctl Chapter 5, Module B
Obj Num Obective Description Location
4.3.6 • nxlog Chapter 5, Module B
4.3.7 • Retention Chapter 14, Module C
4.3.8 • Bandwidth monitors Chapter 5, Module B
4.3.9 • Metadata Chapter 14, Module C
4.3.9.1 -Email Chapter 14, Module C
4.3.9.2 -Mobile Chapter 14, Module C
4.3.9.3 -Web Chapter 14, Module C
4.3.9.4 -File Chapter 14, Module C
4.3.10 • Netflow/sflow Chapter 5, Module B
4.3.10.1 -Netflow Chapter 5, Module B
4.3.10.2 -sflow Chapter 5, Module B
4.3.10.3 -IPFIX Chapter 5, Module B

4.4 Given an incident, apply mitigation techniques or controls to secure an environment.

4.4.1 • Reconfigure endpoint security solutions Chapter 14, Module C
4.4.1.1 -Application whitelisting (approved list) Chapter 14, Module C
4.4.1.2 -Application blacklisting (block list/deny list) Chapter 14, Module C
4.4.1.3 -Quarantine Chapter 14, Module C
4.4.2 • Configuration changes Chapter 14, Module C
4.4.2.1 -Firewall rules Chapter 14, Module C
4.4.2.2 -MDM Chapter 14, Module C
4.4.2.3 -DLP Chapter 14, Module C
4.4.2.4 -Content filter/URL filter Chapter 14, Module C
4.4.2.5 -Update or revoke certificates Chapter 14, Module C
4.4.3 • Isolation Chapter 14, Module C
4.4.4 • Containment Chapter 14, Module C
4.4.5 • Segmentation Chapter 14, Module C
4.4.6 • SOAR Chapter 14, Module C
4.4.6.1 -Runbooks Chapter 14, Module C
4.4.6.2 -Playbooks Chapter 14, Module C

4.5 Explain the key aspects of digital forensics.

4.5.1 • Documentation/evidence Chapter 14, Module C
4.5.1.1 -Legal hold Chapter 14, Module C
4.5.1.2 -Video Chapter 14, Module C
4.5.1.3 -Admissibility Chapter 14, Module C
4.5.1.4 -Chain of custody Chapter 14, Module C
4.5.1.5 -Timelines of sequence of events Chapter 14, Module C
4.5.1.5.1 -Timestamps Chapter 14, Module C
4.5.1.5.2 -Time offset Chapter 14, Module C
4.5.1.6 -Tags Chapter 14, Module C
4.5.1.7 -Reports Chapter 14, Module C
4.5.1.8 -Eventlogs Chapter 14, Module C
4.5.1.9 -Interviews Chapter 14, Module C
4.5.2 • Acquisition Chapter 14, Module C
4.5.2.1 -Order of volatility Chapter 14, Module C
4.5.2.2 -Disk Chapter 14, Module C
4.5.2.3 -Random-access memory (RAM) Chapter 14, Module C
4.5.2.4 -Swap/page file Chapter 14, Module C
4.5.2.5 -OS Chapter 14, Module C
4.5.2.6 -Device Chapter 14, Module C
4.5.2.7 -Firmware Chapter 14, Module C
4.5.2.8 -Snapshot Chapter 14, Module C
4.5.2.9 -Cache Chapter 14, Module C
4.5.2.10 -Network Chapter 14, Module C
4.5.2.11 -Artifacts Chapter 14, Module C
4.5.3 • On-premises vs. cloud Chapter 14, Module C
4.5.3.1 -Right-to-audit clauses Chapter 14, Module C
4.5.3.2 -Regulatory/jurisdiction Chapter 14, Module C
4.5.3.3 -Data breach notification laws Chapter 14, Module C
4.5.4 • Integrity Chapter 14, Module C
4.5.4.1 -Hashing Chapter 14, Module C
4.5.4.2 -Checksums Chapter 14, Module C
4.5.4.3 -Provenance Chapter 14, Module C
4.5.5 • Preservation Chapter 14, Module C
4.5.6 • E-discovery Chapter 14, Module C
Obj Num Obective Description Location
4.5.7 • Data recovery Chapter 14, Module C
4.5.8 • Non-repudiation Chapter 3, Module A
4.5.9 • Strategic intelligence/counterintelligence Chapter 2, Module A

5.0 Governance, Risk, and Compliance

5.1 Compare and contrast various types of controls.
5.1.1 • Category Chapter 1, Module A
5.1.1.1 - Managerial Chapter 1, Module A
5.1.1.2 -Operational Chapter 1, Module A
5.1.1.3 -Technical Chapter 1, Module A
5.1.2 • Control type Chapter 1, Module A
5.1.2.1 - Preventative Chapter 1, Module A
5.1.2.2 -Detective Chapter 1, Module A
5.1.2.3 -Corrective Chapter 1, Module A
5.1.2.4 -Deterrent Chapter 1, Module A
5.1.2.5 -Compensating Chapter 1, Module A
5.1.2.6 -Physical Chapter 1, Module A

Explain the importance of applicable regulations, standards,

5.2 or frameworks that impact organizational security posture.
5.2.1 • Regulations, standards, and legislation Chapter 1, Module B
5.2.1.1 -General Data Protection Regulation(GDPR) Chapter 1, Module B
5.2.1.2 -National ,territory, or state laws Chapter 1, Module B
5.2.1.3 -Payment card Industry Data Security Standard (PCIDSS) Chapter 1, Module B
5.2.2 • Key frameworks Chapter 1, Module C
5.2.2.1 -Center for Internet Security (CIS) Chapter 1, Module C
5.2.2.2 -National Institute of Standards and Technology (NIST) RMF/CSF Chapter 1, Module C
5.2.2.3 -International Organization for Standardization (ISO) 27001/27002/27701/31000 Chapter 1, Module C
5.2.2.4 -SSAE SOC2 Type I/II Chapter 1, Module C
5.2.2.5 -Cloud security alliance Chapter 1, Module C
5.2.2.5.1 -Cloud control matrix Chapter 1, Module C
5.2.2.5.2 -Reference architecture Chapter 1, Module C
5.2.3 • Benchmarks /secure configuration guides Chapter 1, Module C
5.2.3.1 -Platform/vendor-specific guides Chapter 1, Module C
5.2.3.1.1 -Webserver Chapter 1, Module C
5.2.3.1.2 -OS Chapter 1, Module C
5.2.3.1.3 -Application server Chapter 1, Module C
5.2.3.1.4 -Networkinfrastructure devices Chapter 1, Module C

5.3 Explain the importance of policies to organizational security.

5.3.1 • Personnel Various
5.3.1.1 -Acceptable use policy Chapter 13, Module B
5.3.1.2 -Job rotation Chapter 13, Module C
5.3.1.3 -Mandatory vacation Chapter 13, Module B
5.3.1.4 -Separation of duties Chapter 13, Module B
5.3.1.5 -Least privilege Chapter 13, Module B
5.3.1.6 -Clean desk space Chapter 13, Module B
5.3.1.7 -Background checks Chapter 13, Module B
5.3.1.8 -Non-disclosure agreement (NDA) Chapter 13, Module B
5.3.1.9 -Social media analysis Chapter 13, Module B
5.3.1.10 -Onboarding Chapter 13, Module B
5.3.1.11 -Offboarding Chapter 13, Module B
5.3.1.12 -User training Chapter 13, Module C
5.3.1.12.1 -Gamification Chapter 13, Module C
5.3.1.12.2 -Capture the flag Chapter 13, Module C
5.3.1.12.3 -Phishing campaigns Chapter 13, Module A
5.3.1.12.3.1 -Phishing simulations Chapter 13, Module A
5.3.1.12.4 -Computer-based training (CBT) Chapter 13, Module C
5.3.1.12.5 -Role-based training Chapter 13, Module C
5.3.2 • Diversity of training techniques Chapter 13, Module C
5.3.3 • Third-party risk management Various
5.3.3.1 -Vendors Chapter 13, Module B
5.3.3.2 -Supply chain Chapter 13, Module B
Obj Num Obective Description Location
5.3.3.3 -Business partners Chapter 13, Module B
5.3.3.4 -Service level agreement (SLA) Chapter 13, Module B
5.3.3.5 -Memorandum of understanding (MOU) Chapter 13, Module B
5.3.3.6 -Measurement systems analysis (MSA) Chapter 1, Module C
5.3.3.7 -Business partnership agreement (BPA) Chapter 13, Module B
5.3.3.8 -End of life (EOL) Chapter 13, Module B
5.3.3.9 -End of service life (EOSL) Chapter 13, Module B
5.3.3.10 -NDA Chapter 13, Module B
5.3.4 • Data Chapter 9, Module B
5.3.4.1 -Classification Chapter 9, Module B
5.3.4.2 -Governance Chapter 9, Module B
5.3.4.3 -Retention Chapter 9, Module B
5.3.5 • Credential policies Chapter 13, Module B
5.3.5.1 -Personnel Chapter 13, Module B
5.3.5.2 -Third-party Chapter 13, Module B
5.3.5.3 -Devices Chapter 13, Module B
5.3.5.4 -Service accounts Chapter 13, Module B
5.3.5.5 -Administrator/root accounts Chapter 13, Module B
5.3.6 • Organizational policies Chapter 1, Module C
5.3.6.1 -Change management Chapter 1, Module C
5.3.6.2 -Change control Chapter 1, Module C
5.3.6.3 -Asset management Chapter 1, Module C

5.4 Summarize risk management processes and concepts.

5.4.1 • Risk types Chapter 2, Module B
5.4.1.1 -External Chapter 2, Module B
5.4.1.2 -Internal Chapter 2, Module B
5.4.1.3 -Legacy systems Chapter 2, Module B
5.4.1.4 -Multiparty Chapter 2, Module B
5.4.1.5 -IP theft Chapter 2, Module B
5.4.1.6 -Software compliance/licensing Chapter 2, Module B
5.4.2 • Risk management strategies Chapter 2, Module B
5.4.2.1 -Acceptance Chapter 2, Module B
5.4.2.2 -Avoidance Chapter 2, Module B
5.4.2.3 -Transference Chapter 2, Module B
5.4.2.3.1 -Cybersecurity insurance Chapter 2, Module B
5.4.2.4 -Mitigation Chapter 2, Module B
5.4.3 • Risk analysis Chapter 2, Module B
5.4.3.1 -Risk register Chapter 2, Module B
5.4.3.2 -Risk matrix/heatmap Chapter 2, Module B
5.4.3.3 -Risk control assessment Chapter 2, Module B
5.4.3.4 -Risk control self-assessment Chapter 2, Module B
5.4.3.5 -Risk awareness Chapter 2, Module B
5.4.3.6 -Inherent risk Chapter 2, Module B
5.4.3.7 -Residual risk Chapter 2, Module B
5.4.3.8 -Control risk Chapter 2, Module B
5.4.3.9 -Risk appetite Chapter 2, Module B
5.4.3.10 -Regulations that affect risk posture Chapter 2, Module B
5.4.3.11 -Risk assessment types Chapter 2, Module B
5.4.3.11.1 -Qualitative Chapter 2, Module B
5.4.3.11.2 -Quantitative Chapter 2, Module B
5.4.3.12 -Likelihood of occurrence Chapter 2, Module B
5.4.3.13 -Impact Chapter 2, Module B
5.4.3.14 -Asset value Chapter 2, Module B
5.4.3.15 -Single loss expectancy (SLE) Chapter 2, Module B
5.4.3.16 -Annualized loss expectancy (ALE) Chapter 2, Module B
5.4.3.17 -Annualized rate of occurrence (ARO) Chapter 2, Module B
5.4.4 • Disasters Chapter 2, Module B
5.4.4.1 -Environmental Chapter 2, Module B
5.4.4.2 -Person-made Chapter 2, Module B
5.4.4.3 -Internal vs. external Chapter 2, Module B
5.4.5 • Business impact analysis Various
5.4.5.1 -Recovery time objective (RTO) Chapter 14, Module B
5.4.5.2 -Recovery point objective (RPO) Chapter 14, Module B
5.4.5.3 -Mean time to repair (MTTR) Chapter 2, Module B
5.4.5.4 -Mean time between failures (MTBF) Chapter 2, Module B
Obj Num Obective Description Location
5.4.5.5 -Functional recovery plans Chapter 14, Module A
5.4.5.6 -Single point of failure Chapter 14, Module B
5.4.5.7 -Disaster recovery plan (DRP) Chapter 14, Module A
5.4.5.8 -Mission essential functions Chapter 14, Module A
5.4.5.9 -Identification of critical systems Chapter 14, Module A
5.4.5.10 -Site risk assessment Chapter 14, Module A

5.5 Explain privacy and sensitive data concepts in relation to security.

5.5.1 • Organizational consequences of privacy breaches Chapter 9, Module B
5.5.1.1 -Reputation damage Chapter 9, Module B
5.5.1.2 -Identity theft Chapter 9, Module B
5.5.1.3 -Fines Chapter 9, Module B
5.5.1.4 -IP theft Chapter 9, Module B
5.5.2 • Notifications of breaches Chapter 9, Module B
5.5.2.1 -Escalation Chapter 9, Module B
5.5.2.2 -Public notifications and disclosures Chapter 9, Module B
5.5.3 • Data types Chapter 9, Module B
5.5.3.1 -Classifications Chapter 9, Module B
5.5.3.1.1 -Public Chapter 9, Module B
5.5.3.1.2 -Private Chapter 9, Module B
5.5.3.1.3 -Sensitive Chapter 9, Module B
5.5.3.1.4 -Confidential Chapter 9, Module B
5.5.3.1.5 -Critical Chapter 9, Module B
5.5.3.1.6 -Proprietary Chapter 9, Module B
5.5.3.2 -Personally identifiable information (PII) Chapter 9, Module B
5.5.3.3 -Health information Chapter 9, Module B
5.5.3.4 -Financial information Chapter 9, Module B
5.5.3.5 -Government data Chapter 9, Module B
5.5.3.6 -Customer data Chapter 9, Module B
5.5.4 • Privacy enhancing technologies Chapter 9, Module B
5.5.4.1 -Data minimization Chapter 9, Module B
5.5.4.2 -Data masking Chapter 9, Module B
5.5.4.3 -Tokenization Chapter 9, Module B
5.5.4.4 -Anonymization Chapter 9, Module B
5.5.4.5 -Pseudo-Anonymization Chapter 9, Module B
5.5.5 • Roles and responsibilities Chapter 9, Module B
5.5.5.1 -Data owners Chapter 9, Module B
5.5.5.2 -Data controller Chapter 9, Module B
5.5.5.3 -Data processor Chapter 9, Module B
5.5.5.4 -Data custodian/steward Chapter 9, Module B
5.5.5.5 -Data protection officer(DPO) Chapter 9, Module B
5.5.6 • Information life cycle Chapter 9, Module B
5.5.7 • Impact assessment Chapter 9, Module B
5.5.8 • Terms of agreement Chapter 9, Module B
5.5.9 • Privacy notice Chapter 9, Module B

Cybersecurity Overview and Threats
No ratings yet
Cybersecurity Overview and Threats
6 pages
Understanding Phishing and E-Commerce Security
No ratings yet
Understanding Phishing and E-Commerce Security
107 pages
Tech Acronyms and Definitions Guide
No ratings yet
Tech Acronyms and Definitions Guide
5 pages
Stanford Cybersecurity Program
No ratings yet
Stanford Cybersecurity Program
14 pages
Insider Threat Detection with UEBA
No ratings yet
Insider Threat Detection with UEBA
72 pages
Cybersecurity White Paper
No ratings yet
Cybersecurity White Paper
58 pages
Understanding Cybersecurity Trends 2023
No ratings yet
Understanding Cybersecurity Trends 2023
8 pages
Cybersecurity: Categories of Cybercrime
100% (1)
Cybersecurity: Categories of Cybercrime
6 pages
1 Information Security Fundamentals 27-04-2023
No ratings yet
1 Information Security Fundamentals 27-04-2023
122 pages
Cybersecurity Threats and Prevention Strategies
100% (1)
Cybersecurity Threats and Prevention Strategies
44 pages
CompTIA Security Test 1
No ratings yet
CompTIA Security Test 1
7 pages
Advanced Persistent Threat
No ratings yet
Advanced Persistent Threat
9 pages
FRAND License Terms Court Brief
No ratings yet
FRAND License Terms Court Brief
22 pages
How To Read The Wireshark TCP - HTTP Log
0% (1)
How To Read The Wireshark TCP - HTTP Log
8 pages
Privilege Escalation Attack Detection and Mitigation in Cloud Using Machine Learning - PPT 3
No ratings yet
Privilege Escalation Attack Detection and Mitigation in Cloud Using Machine Learning - PPT 3
43 pages
CEH Module 06: Enumeration
No ratings yet
CEH Module 06: Enumeration
17 pages
Computer Viruses and Malwares - by Meye Protect Lab
No ratings yet
Computer Viruses and Malwares - by Meye Protect Lab
52 pages
Practical Computer Security Overview
No ratings yet
Practical Computer Security Overview
47 pages
BAE Systems Cyber Threat Intelligence Brochure
No ratings yet
BAE Systems Cyber Threat Intelligence Brochure
12 pages
Essential Data Security Considerations
No ratings yet
Essential Data Security Considerations
14 pages
Security Plan
No ratings yet
Security Plan
11 pages
Cybersecurity Education Model in Georgia
No ratings yet
Cybersecurity Education Model in Georgia
4 pages
Cyber Threat Intelligence Overview
No ratings yet
Cyber Threat Intelligence Overview
22 pages
Before We Knew It: An Empirical Study of Zero-Day Attacks in The Real World
No ratings yet
Before We Knew It: An Empirical Study of Zero-Day Attacks in The Real World
12 pages
Ilovepdf Merged
No ratings yet
Ilovepdf Merged
110 pages
Ethical Hacking: Security Insights
No ratings yet
Ethical Hacking: Security Insights
30 pages
Changes in Supply Chain Management
No ratings yet
Changes in Supply Chain Management
23 pages
Samuel - Threat Hunting
No ratings yet
Samuel - Threat Hunting
18 pages
Defense-in-Depth Network Security Overview
No ratings yet
Defense-in-Depth Network Security Overview
24 pages
Chapter 1 Cybersecurity - A World of Experts and Criminals
No ratings yet
Chapter 1 Cybersecurity - A World of Experts and Criminals
38 pages
Lecture 03 - Asymmetric Encryption
No ratings yet
Lecture 03 - Asymmetric Encryption
58 pages
Insider and Ransomware Threats Mitigation
No ratings yet
Insider and Ransomware Threats Mitigation
10 pages
Wellarchitected Security Pillar
No ratings yet
Wellarchitected Security Pillar
78 pages
Web Application Attacks
No ratings yet
Web Application Attacks
53 pages
Delhi Police
No ratings yet
Delhi Police
27 pages
Cs2001g0041 002 Data Security E-Book
No ratings yet
Cs2001g0041 002 Data Security E-Book
10 pages
Data Breaches
No ratings yet
Data Breaches
6 pages
3 - Network Security Fundamentals
No ratings yet
3 - Network Security Fundamentals
15 pages
User Security Awareness
No ratings yet
User Security Awareness
37 pages
Hands-On Ethical Hacking and Network Defense
No ratings yet
Hands-On Ethical Hacking and Network Defense
56 pages
Forrester Zero Trust Model Information Security
No ratings yet
Forrester Zero Trust Model Information Security
18 pages
Computer Security Essentials
No ratings yet
Computer Security Essentials
45 pages
ThreatModellingDisertation Sudhanshu
No ratings yet
ThreatModellingDisertation Sudhanshu
81 pages
Security Threats & Vulnerabilities
No ratings yet
Security Threats & Vulnerabilities
38 pages
Types of Threats and Attacks
No ratings yet
Types of Threats and Attacks
76 pages
INT 242 Network Attacks-1
No ratings yet
INT 242 Network Attacks-1
32 pages
Cyber LAW
No ratings yet
Cyber LAW
43 pages
Ethical Hacking Course-4
No ratings yet
Ethical Hacking Course-4
32 pages
SY0-501 Exam Questions and Answers
No ratings yet
SY0-501 Exam Questions and Answers
174 pages
Pre Assessment Answers Mod6
No ratings yet
Pre Assessment Answers Mod6
3 pages
Firewall and Types
No ratings yet
Firewall and Types
6 pages
Understanding AAA Security Framework
No ratings yet
Understanding AAA Security Framework
9 pages
Curriculum Vitae: Svenn R. Norendal
No ratings yet
Curriculum Vitae: Svenn R. Norendal
5 pages
Whizlabs AWS-SAP-01-Migration To AWS
No ratings yet
Whizlabs AWS-SAP-01-Migration To AWS
2 pages
Cybersecurity Ethics
No ratings yet
Cybersecurity Ethics
9 pages
Module 1 Introduction To Ethical Hacking
No ratings yet
Module 1 Introduction To Ethical Hacking
18 pages
Merkow - PPT - 01 F
No ratings yet
Merkow - PPT - 01 F
14 pages
CompTIA® Security+ Exam Notes
No ratings yet
CompTIA® Security+ Exam Notes
69 pages
ASSU Chapter 2
No ratings yet
ASSU Chapter 2
47 pages
1.0 Threats, Attacks and Vulnerabilities
No ratings yet
1.0 Threats, Attacks and Vulnerabilities
11 pages
AlienVault Installation and Configuration
No ratings yet
AlienVault Installation and Configuration
29 pages
Zone To Win
No ratings yet
Zone To Win
30 pages
Gilat Product Sheet SkyEdge IV System 2
No ratings yet
Gilat Product Sheet SkyEdge IV System 2
4 pages
Assignment 01 ANSWER
No ratings yet
Assignment 01 ANSWER
5 pages
NoSQL Data Management Overview
No ratings yet
NoSQL Data Management Overview
36 pages
SOS Administration
No ratings yet
SOS Administration
143 pages
Internet Marketing-PPT Final
100% (1)
Internet Marketing-PPT Final
19 pages
HR5000 - Manuale D Uso Ver.3ing
No ratings yet
HR5000 - Manuale D Uso Ver.3ing
37 pages
Prelim Exam Class 9th Computer
No ratings yet
Prelim Exam Class 9th Computer
2 pages
SlideDeck Report Guidelines
No ratings yet
SlideDeck Report Guidelines
4 pages
2023 Scheme - 1st Year MCA Syllabus
No ratings yet
2023 Scheme - 1st Year MCA Syllabus
104 pages
E2 Technical Specifications (2023-05-20 10 - 59 - 00)
No ratings yet
E2 Technical Specifications (2023-05-20 10 - 59 - 00)
8 pages
Eetop - CN DWC Pcie CTL DM Reference
No ratings yet
Eetop - CN DWC Pcie CTL DM Reference
6,406 pages
Cambridge Ict Starters Syllabus English
No ratings yet
Cambridge Ict Starters Syllabus English
84 pages
Important Notes
No ratings yet
Important Notes
13 pages
1-Of-16 Decoder/demultiplexer: Integrated Circuits
No ratings yet
1-Of-16 Decoder/demultiplexer: Integrated Circuits
8 pages
Presentación - Workshop "BVMS Master Features" - 54126
No ratings yet
Presentación - Workshop "BVMS Master Features" - 54126
71 pages
Dynamic Positioning DP v0.7
100% (1)
Dynamic Positioning DP v0.7
10 pages
CNC Setup & Debugging Guide
100% (1)
CNC Setup & Debugging Guide
4 pages
Top 100 SQL Questions and Answers
No ratings yet
Top 100 SQL Questions and Answers
10 pages
Langkah-Langkah Memasang Menu Drop Down Keren Di Blog
No ratings yet
Langkah-Langkah Memasang Menu Drop Down Keren Di Blog
4 pages
Free HPE0-S59 Questions For HPE Compute Solutions HPE0-S59 Exam As PDF & Practice Test Engine
No ratings yet
Free HPE0-S59 Questions For HPE Compute Solutions HPE0-S59 Exam As PDF & Practice Test Engine
6 pages
Understanding Const in C++ Methods and Arguments
No ratings yet
Understanding Const in C++ Methods and Arguments
15 pages
Excel Basics for Natural Resources
No ratings yet
Excel Basics for Natural Resources
18 pages
Key Roles in Scrum Methodology
No ratings yet
Key Roles in Scrum Methodology
3 pages
04 QFMC Template Pages Worksheet v1.2
No ratings yet
04 QFMC Template Pages Worksheet v1.2
12 pages
Istqb Ctel Test Manager Sample Exam Paper v2011 Release Version
No ratings yet
Istqb Ctel Test Manager Sample Exam Paper v2011 Release Version
29 pages
Project Estimation
100% (1)
Project Estimation
112 pages
TTL1 Midterms Reviewer
No ratings yet
TTL1 Midterms Reviewer
7 pages
HSS Roaming Configuration Guide
No ratings yet
HSS Roaming Configuration Guide
3 pages