📖 About this Domain
This domain covers the design and implementation of secure systems and networks within an enterprise. It focuses on applying security principles to on-premises, cloud, and hybrid architectures to build a resilient security posture.
🎓 What You Will Learn
- You will learn to analyze security implications of enterprise architectures, including zero trust, defense-in-depth, and secure access service edge (SASE).
- You will learn to apply security principles to cloud environments, covering IaaS, PaaS, SaaS, containerization, and serverless architectures.
- You will learn to implement security controls for infrastructure, including network segmentation, endpoint detection and response (EDR), and mobile device management (MDM).
- You will learn to explain cryptographic concepts like symmetric/asymmetric encryption, hashing, digital signatures, and public key infrastructure (PKI).
🛠️ Skills You Will Build
- You will build the skill to design and analyze secure architectures using frameworks like zero trust and defense-in-depth.
- You will build the skill to implement security controls for cloud infrastructure, including identity and access management (IAM) and virtual private cloud (VPC) configurations.
- You will build the skill to apply cryptographic techniques to secure data at rest, in transit, and in use.
- You will build the skill to harden enterprise infrastructure components, from network devices to endpoints and mobile assets.
💡 Top Tips to Prepare
- Focus on cloud security concepts, including shared responsibility models, IaaS/PaaS/SaaS security, and containerization security.
- Understand the practical application of architectural frameworks like zero trust and SASE, not just their definitions.
- Use performance-based questions (PBQs) to practice designing and securing network diagrams and cloud environments.
- Differentiate between cryptographic concepts like hashing, encryption, and digital signatures, and know their specific use cases.
📖 About this Domain
This domain establishes the foundational principles of cybersecurity. It covers the core security controls, the CIA triad, and fundamental cryptographic concepts essential for a security professional.
🎓 What You Will Learn
- Differentiate security control types like administrative, technical, and physical, and their functions such as preventative or detective.
- Define core security concepts including the CIA triad, non-repudiation, authentication, and authorization.
- Explain the use cases for cryptographic solutions like symmetric/asymmetric encryption, hashing, and digital signatures.
- Summarize the importance of change management processes and secure baselining for maintaining system integrity.
🛠️ Skills You Will Build
- Ability to classify security controls based on their category and function in a given security architecture.
- Skill to apply the principles of the CIA triad to identify and mitigate risks to data and systems.
- Competency in selecting appropriate cryptographic methods to achieve confidentiality, integrity, or non-repudiation.
- Proficiency in analyzing Public Key Infrastructure (PKI) components like CAs, CRLs, and certificate trust models.
💡 Top Tips to Prepare
- Master the definitions and applications of the CIA triad, as it is a core concept tested in multiple scenarios.
- Use mnemonic devices or charts to memorize the differences between control types and categories.
- Focus on the 'why' and 'when' for using specific cryptographic algorithms, not just the 'what'.
- Review change management workflow diagrams to understand the security checkpoints at each stage.
📖 About this Domain
This domain covers the principles of governance, risk, and compliance (GRC) that form an organization's security posture. It focuses on implementing security policies, managing risk through frameworks, and ensuring business continuity.
🎓 What You Will Learn
- Learn to apply risk management frameworks like NIST RMF to identify, assess, and mitigate organizational risks.
- Understand the components of business continuity and disaster recovery planning, including BIA and RTO/RPO.
- Explore data governance concepts such as data classification, data sovereignty, and privacy regulations.
- Grasp the importance of security policies, standards, and procedures in establishing a formal security program.
🛠️ Skills You Will Build
- You will build the skill to conduct a business impact analysis (BIA) to identify critical systems and processes.
- You will develop the ability to contribute to the development and enforcement of security policies and controls.
- You will gain proficiency in evaluating third-party risk and vendor security assessments.
- You will learn to align security initiatives with organizational goals and compliance requirements.
💡 Top Tips to Prepare
- Memorize key GRC acronyms and their functions, such as BIA, RTO, RPO, and MTTR.
- Focus on understanding the steps of risk management frameworks, not just the names of the frameworks themselves.
- Differentiate between policies, standards, procedures, and guidelines as they are frequently tested concepts.
- Use practice questions that present scenarios requiring you to apply GRC principles to a business problem.
📖 About this Domain
The Security Operations domain focuses on the practical application of cybersecurity concepts. It covers the tools, techniques, and processes used to monitor, detect, and respond to security incidents. This domain is critical for understanding the day-to-day functions of a security professional.
🎓 What You Will Learn
- You will learn to use security tools for network reconnaissance, packet capture, and vulnerability scanning.
- This domain teaches the incident response lifecycle, including preparation, detection, analysis, and post-incident activities.
- You will understand how to analyze logs and security data from SIEM and SOAR platforms to identify indicators of compromise.
- It covers digital forensics concepts like chain of custody, data acquisition, and evidence preservation for investigations.
🛠️ Skills You Will Build
- You will build skills in using command-line tools and security frameworks for network discovery and vulnerability assessment.
- This domain develops your ability to analyze security logs and SIEM data to detect and investigate potential threats.
- You will gain proficiency in executing incident response procedures, including containment, eradication, and recovery.
- You will learn to apply digital forensics principles, such as maintaining the chain of custody and proper evidence handling.
💡 Top Tips to Prepare
- Utilize virtual labs to gain hands-on experience with tools like Nmap, Wireshark, and command-line utilities.
- Memorize the incident response lifecycle and the purpose of each phase, from preparation to lessons learned.
- Learn to differentiate between various security assessment techniques, such as vulnerability scanning and penetration testing.
- Practice identifying common indicators of compromise in sample logs and network traffic captures.
📖 About this Domain
This domain covers the analysis of indicators of compromise (IoCs) and the tactics, techniques, and procedures (TTPs) of threat actors. You will learn to identify various vulnerabilities and attacks to apply appropriate mitigation strategies.
🎓 What You Will Learn
- Analyze threat actor attributes and utilize threat intelligence sources to predict and prevent attacks.
- Identify security vulnerabilities associated with software, hardware, and system configurations.
- Differentiate between various attack vectors, including malware, social engineering, and denial-of-service.
- Understand mitigation techniques such as threat hunting, vulnerability scanning, and system hardening.
🛠️ Skills You Will Build
- Perform threat analysis by correlating IoCs with known threat actor TTPs.
- Conduct vulnerability assessments to discover weaknesses in network assets and applications.
- Recommend appropriate security controls and mitigation strategies for identified threats.
- Improve an organization's security posture by implementing proactive defense measures.
💡 Top Tips to Prepare
- Focus on memorizing the distinct characteristics of malware types and social engineering tactics.
- Connect each mitigation technique to the specific vulnerability or attack vector it counters.
- Review real-world Common Vulnerabilities and Exposures (CVEs) to understand practical application.
- Use practice labs and performance-based questions to simulate threat identification and response scenarios.
