Domain 2: Technologies and Tools

• Explore security technologies used to protect systems, networks, and applications

• Learn about firewalls, VPNs, IDS/IPS, and endpoint security tools

• Understand the role of secure network architecture in mitigating threats

• Learn how to use encryption protocols for data protection

• Investigate the functionality of various authentication methods, including MFA

 

Domain 3: Architecture and Design

• Understand secure network and system design concepts

• Learn about the role of segmentation, zoning, and cloud-based security solutions

• Explore concepts of secure software development, and mobile and wireless security

• Understand the design considerations for implementing security controls acrossenvironments (on-premises, cloud, hybrid)

• Discuss risk management and disaster recovery processes

Domain 4: Identity and Access Management

• Understand the principles of identity and access management (IAM)

• Learn about authentication, authorization, and accounting (AAA) models

• Explore methods for securing access control, including role-based access control (RBAC) and least privilege

• Learn how to implement user provisioning and de-provisioning processes

• Discuss techniques for securing credentials, including password management strategies

 

Domain 5: Risk Management

• Understand the risk management lifecycle and key principles

• Learn how to conduct risk assessments and analyze potential threats to organizational assets

• Explore security policies, procedures, and frameworks

• Understand business continuity planning and disaster recovery planning

• Discuss compliance requirements such as GDPR, HIPAA, and PCI-DSS

 

Domain 6: Cryptography and Public Key Infrastructure (PKI)

• Understand cryptographic principles and how they apply to securing data

• Learn about symmetric and asymmetric encryption algorithms

• Explore the concept of digital signatures, certificates, and public key infrastructure (PKI)

• Learn how to configure and manage encryption technologies for data at rest and in transit

• Understand the importance of hashing, key management, and secure certificate management

 

Domain 7: Security Operations and Incident Response

• Learn about the incident response process, including detection, containment, eradication and recovery

• Understand the tools used for security operations, such as SIEM (Security Information and Event Management) systems

• Investigate how to conduct forensic analysis following a security breach

• Discuss the importance of creating and maintaining an incident response plan

• Learn best practices for patch management and system hardening

 

Domain 8: Governance, Risk, and Compliance (GRC)

• Understand the importance of governance frameworks, such as ISO/IEC 27001, and

• compliance standards like NIST and CIS

• Explore how to develop and enforce security policies to align with industry regulations

• Learn how to manage security audits and reviews

• Discuss risk management practices and the implementation of controls to meet compliance requirements

• Understand the role of security metrics and reporting in organizational governance

 

This course prepares participants to effectively handle cybersecurity responsibilities, ensuring th