Module 01: Security Principles
Understanding the security concepts of information assurance
- Confidentiality
- Integrity
- Availability
- Authentication
- Non-repudiation
- Privacy
Understand the risk management process
- Risk management
- Risk identification, assessment & treatment
Understand security controls
- Technical controls
- Administrative controls
- Physical controls
Understand ISC2 code of ethics
- Professional code of conduct
Understand governance processes
- Policies
- Procedures
- Standards
- Regulations & laws
Module 02: Business Continuity (BC), Disaster Recovery & Incident Response Concepts
Understand Business Continuity (BC)
- Purpose
- Importance
- Components
Understand Disaster Recovery (DR)
- Purpose
- Importance
- Components
Understand Incident Response
- Purpose
- Importance
- Components
Module 03: Access Controls Concepts
Understand Physical Access Controls
- Physical security controls
- Monitoring
- Authorized vs unauthorized personnel
Understand Logical Access Control
- Principal of least privileges
- Segregation of duties
- Discretionary access control (DAC)
- Mandatory access control (MAC)
- Role-based access control (RBAC)
Module 04: Network Security
Understand computer networking
- Networks
- Ports
- Applications
Understand network threats & attacks
- Types if threats
- Identification
- prevention
Understand network security infrastructure
- On-premises
- Design
- Cloud
Module 05: Security Operations
Understand data security
- Encryption
- Data handling
- Logging & monitoring security events
Understand system hardening
- Configuration management
Understand best practice system security policies
- Data handling policies
- Password policy
- Acceptable use policy (AUP)
- BYOD policy
- Change management policy
- Privacy policy
Understand security awareness training
- Purpose / concepts
- importance
