{"product_id":"comptia-cysa-®-certification-training","title":"CompTIA CySA+® Certification Training","description":"\u003cdiv\u003e\n\u003cp\u003eJoin our \u003cstrong\u003eCompTIA CySA+ Certification Training\u003c\/strong\u003e and gain the knowledge and skills to prepare for and pass the Cybersecurity Analyst (CySA+) exam. In this course, you'll learn how to manage threats and vulnerabilities effectively, implement software and systems security solutions, monitor security operations, perform incident response procedures, and execute compliance and assessment measures. \u003c\/p\u003e\r\n\u003cp\u003eWith a focus on hands-on experience, this training requires IT security professionals with at least 3-4 years of experience at the level of \u003cspan title=\"CompTIA Network+ Training | Learning Tree\" rel=\"follow\"\u003eCompTIA Network+\u003c\/span\u003e or \u003cspan title=\"CompTIA Security+ Training | Learning Tree\" rel=\"follow\"\u003eCompTIA Security+\u003c\/span\u003e. Plus, your course tuition includes a voucher to take the CS0-003 exam at any Pearson VUE Test Center location. Don't miss this opportunity to enhance your expertise and advance your career in IT security.\u003cbr\u003e \u003cbr\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA CySA+® Certification Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the Cybersecurity Analyst (CySA+) exam.\u003c\/li\u003e\n\u003cli\u003eManage Threats and Vulnerabilities \u003c\/li\u003e\n\u003cli\u003eSecure and Monitor Software and Systems \u003c\/li\u003e\n\u003cli\u003ePerform an Incident Response.\u003c\/li\u003e\n\u003cli\u003eExecute Compliance and Assessment.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIT (Information Technology) Security Professionals must have 3-4 years of hands-on information security or related experience at the level of Network+ or Security+.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIncluded in your course tuition is a voucher that enables you to take the CS0-003 exam at any Pearson VUE Test Center location.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA CySA+ Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Threat and Vulnerability Management\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e1.1 Explain the importance of threat data and intelligence.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntelligence sources\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOpen-source intelligence\u003c\/li\u003e\n\u003cli\u003eProprietary\/closed-source intelligence\u003c\/li\u003e\n\u003cli\u003eTimeliness\u003c\/li\u003e\n\u003cli\u003eRelevancy\u003c\/li\u003e\n\u003cli\u003eAccuracy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eIndicator management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStructured Threat Information eXpression (STIX)\u003c\/li\u003e\n\u003cli\u003eTrusted Automated eXchange of Indicator Information (TAXII)\u003c\/li\u003e\n\u003cli\u003eOpenIoC\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat classification\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eKnown threat vs. unknown threat\u003c\/li\u003e\n\u003cli\u003eZero-day\u003c\/li\u003e\n\u003cli\u003eAdvanced persistent threat\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat actors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNation-state\u003c\/li\u003e\n\u003cli\u003eHacktivist\u003c\/li\u003e\n\u003cli\u003eOrganized crime\u003c\/li\u003e\n\u003cli\u003eInsider threat\u003c\/li\u003e\n\u003cli\u003eIntentional\u003c\/li\u003e\n\u003cli\u003eUnintentional\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eIntelligence cycle\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequirements\u003c\/li\u003e\n\u003cli\u003eCollection\u003c\/li\u003e\n\u003cli\u003eAnalysis\u003c\/li\u003e\n\u003cli\u003eDissemination\u003c\/li\u003e\n\u003cli\u003eFeedback\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCommodity malware\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInformation sharing and analysis communities \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eHealthcare\u003c\/li\u003e\n\u003cli\u003eFinancial\u003c\/li\u003e\n\u003cli\u003eAviation\u003c\/li\u003e\n\u003cli\u003eGovernment\u003c\/li\u003e\n\u003cli\u003eCritical infrastructure\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.2 Given a scenario, utilize threat intelligence to support organizational security.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack frameworks\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMITRE ATT\u0026amp;CK\u003c\/li\u003e\n\u003cli\u003eThe Diamond Model of Intrusion Analysis\u003c\/li\u003e\n\u003cli\u003eKill chain\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat research\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReputational\u003c\/li\u003e\n\u003cli\u003eBehavioral\u003c\/li\u003e\n\u003cli\u003eIndicator of compromise (IoC)\u003c\/li\u003e\n\u003cli\u003eStandard vulnerability scoring system (CVSS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat modeling methodologies\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdversary capability\u003c\/li\u003e\n\u003cli\u003eTotal attack surface\u003c\/li\u003e\n\u003cli\u003eAttack vector\u003c\/li\u003e\n\u003cli\u003eImpact\u003c\/li\u003e\n\u003cli\u003eLikelihood\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat intelligence sharing with supported functions \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIncident response\u003c\/li\u003e\n\u003cli\u003eVulnerability management\u003c\/li\u003e\n\u003cli\u003eRisk management\u003c\/li\u003e\n\u003cli\u003eSecurity engineering\u003c\/li\u003e\n\u003cli\u003eDetection and monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.3 Given a scenario, perform vulnerability management activities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVulnerability identification\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAsset criticality\u003c\/li\u003e\n\u003cli\u003eActive vs. passive scanning\u003c\/li\u003e\n\u003cli\u003eMapping\/enumeration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eValidation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrue positive\u003c\/li\u003e\n\u003cli\u003eFalse positive - True negative\u003c\/li\u003e\n\u003cli\u003eFalse-negative\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRemediation\/mitigation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConfiguration baseline\u003c\/li\u003e\n\u003cli\u003ePatching\u003c\/li\u003e\n\u003cli\u003eHardening\u003c\/li\u003e\n\u003cli\u003eCompensating controls\u003c\/li\u003e\n\u003cli\u003eRisk acceptance\u003c\/li\u003e\n\u003cli\u003eVerification of mitigation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScanning parameters and criteria\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisks associated with scanning activities\u003c\/li\u003e\n\u003cli\u003eVulnerability feed\u003c\/li\u003e\n\u003cli\u003eScope\u003c\/li\u003e\n\u003cli\u003eCredentialed vs. non-credentialed\u003c\/li\u003e\n\u003cli\u003eServer-based vs. agent-based\u003c\/li\u003e\n\u003cli\u003eInternal vs. external\u003c\/li\u003e\n\u003cli\u003eSpecial considerations\u003c\/li\u003e\n\u003cli\u003eTypes of data\u003c\/li\u003e\n\u003cli\u003eTechnical constraints\u003c\/li\u003e\n\u003cli\u003eWorkflow\u003c\/li\u003e\n\u003cli\u003eSensitivity levels\u003c\/li\u003e\n\u003cli\u003eRegulatory requirements\u003c\/li\u003e\n\u003cli\u003eSegmentation\u003c\/li\u003e\n\u003cli\u003eIntrusion prevention system (IPS), intrusion detection system (IDS), and firewall settings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInhibitors to remediation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMemorandum of understanding (MOU)\u003c\/li\u003e\n\u003cli\u003eService-level agreement (SLA)\u003c\/li\u003e\n\u003cli\u003eOrganizational governance\u003c\/li\u003e\n\u003cli\u003eBusiness process interruption\u003c\/li\u003e\n\u003cli\u003eDegrading functionality\u003c\/li\u003e\n\u003cli\u003eLegacy systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.4 Given a scenario, analyze the output from standard vulnerability assessment tools.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eWeb application scanner\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOWASP Zed Attack Proxy (ZAP)\u003c\/li\u003e\n\u003cli\u003eBurp suite\u003c\/li\u003e\n\u003cli\u003eNikto\u003c\/li\u003e\n\u003cli\u003eArachni\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInfrastructure vulnerability scanner\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNessus\u003c\/li\u003e\n\u003cli\u003eOpenVAS\u003c\/li\u003e\n\u003cli\u003eQualys\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware assessment tools and techniques\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStatic analysis\u003c\/li\u003e\n\u003cli\u003eDynamic analysis\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eFuzzing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEnumeration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNmap\u003c\/li\u003e\n\u003cli\u003ehoping\u003c\/li\u003e\n\u003cli\u003eActive vs. passive\u003c\/li\u003e\n\u003cli\u003eResponder\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWireless assessment tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAircrack-ng\u003c\/li\u003e\n\u003cli\u003eReaver\u003c\/li\u003e\n\u003cli\u003eoclHashcat\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud Infrastructure assessment tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScoutSuite\u003c\/li\u003e\n\u003cli\u003eProwler\u003c\/li\u003e\n\u003cli\u003ePacu\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.5 Explain the threats and vulnerabilities associated with specialized technology.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMobile\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInternet of Things (IoT)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEmbedded\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eReal-time operating system (RTOS)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSystem-on-Chip (SoC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eField programmable gate array (FPGA)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePhysical access control\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBuilding automation systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVehicles and drones\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCAN bus\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWorkflow and process automation systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIndustrial control system\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSupervisory control and data acquisition (SCADA)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eModbus\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.6 Explain the threats and vulnerabilities associated with operating in the cloud.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud service models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSoftware as a Service (SaaS)\u003c\/li\u003e\n\u003cli\u003ePlatform as a Service (PaaS)\u003c\/li\u003e\n\u003cli\u003eInfrastructure as a Service (IaaS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud deployment models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePublic\u003c\/li\u003e\n\u003cli\u003ePrivate\u003c\/li\u003e\n\u003cli\u003eCommunity\u003c\/li\u003e\n\u003cli\u003eHybrid\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFunction as a Service (FaaS)\/ serverless architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInfrastructure as code (IaC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInsecure application programming interface (API)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eImproper key management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUnprotected storage\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eLogging and monitoring\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsufficient logging and monitoring\u003c\/li\u003e\n\u003cli\u003eInability to access\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack types\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExtensible markup language (XML) attack\u003c\/li\u003e\n\u003cli\u003eStructured query language (SQL) injection\u003c\/li\u003e\n\u003cli\u003eOverflow attack\n\u003cul\u003e\n\u003cli\u003eBuffer\u003c\/li\u003e\n\u003cli\u003eInteger\u003c\/li\u003e\n\u003cli\u003eHeap\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eRemote code execution\u003c\/li\u003e\n\u003cli\u003eDirectory traversal\u003c\/li\u003e\n\u003cli\u003ePrivilege escalation\u003c\/li\u003e\n\u003cli\u003ePassword spraying\u003c\/li\u003e\n\u003cli\u003eCredential stuffing\u003c\/li\u003e\n\u003cli\u003eImpersonation\u003c\/li\u003e\n\u003cli\u003eMan-in-the-middle attack\u003c\/li\u003e\n\u003cli\u003eSession hijacking\u003c\/li\u003e\n\u003cli\u003eRootkit\u003c\/li\u003e\n\u003cli\u003eCross-site scripting\n\u003cul\u003e\n\u003cli\u003eReflected\u003c\/li\u003e\n\u003cli\u003ePersistent\u003c\/li\u003e\n\u003cli\u003eDocument object model (DOM)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eVulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproper error handling\u003c\/li\u003e\n\u003cli\u003eDereferencing\u003c\/li\u003e\n\u003cli\u003eInsecure object reference\u003c\/li\u003e\n\u003cli\u003eRace condition\u003c\/li\u003e\n\u003cli\u003eBroken authentication\u003c\/li\u003e\n\u003cli\u003eSensitive data exposure\u003c\/li\u003e\n\u003cli\u003eInsecure components - Insufficient logging and monitoring - Weak or default configurations - Use of insecure functions - strcpy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e2.0 Software and Systems Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e2.1 Given a scenario, apply security solutions for infrastructure management.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud vs. on-premises\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAsset management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAsset tagging\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSegmentation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003cli\u003eVirtual\u003c\/li\u003e\n\u003cli\u003eJumpbox\u003c\/li\u003e\n\u003cli\u003eSystem isolation\u003c\/li\u003e\n\u003cli\u003eAir gap\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003cli\u003eSoftware-define\u003c\/li\u003e\n\u003cli\u003eVirtual private cloud (VPC)\u003c\/li\u003e\n\u003cli\u003eVirtual private network (VPN)\u003c\/li\u003e\n\u003cli\u003eServerless\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChange management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVirtualization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVirtual desktop infrastructure (VDI)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContainerization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIdentity and access management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrivilege management\u003c\/li\u003e\n\u003cli\u003eMultifactor authentication (MFA)\u003c\/li\u003e\n\u003cli\u003eSingle sign-on (SSO)\u003c\/li\u003e\n\u003cli\u003eFederation\u003c\/li\u003e\n\u003cli\u003eRole-based\u003c\/li\u003e\n\u003cli\u003eAttribute-based\u003c\/li\u003e\n\u003cli\u003eMandatory\u003c\/li\u003e\n\u003cli\u003eManual review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud access security broker (CASB)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHoneypot\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMonitoring and logging\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEncryption\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCertificate management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eActive defense\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2 Explain software assurance best practices.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePlatforms\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMobile\u003c\/li\u003e\n\u003cli\u003eWeb application\u003c\/li\u003e\n\u003cli\u003eClient\/server\u003c\/li\u003e\n\u003cli\u003eEmbedded\u003c\/li\u003e\n\u003cli\u003eSystem-on-chip (SoC)\u003c\/li\u003e\n\u003cli\u003eFirmware\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware development life cycle (SDLC) integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDevSecOps\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware assessment methods\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUser acceptance testing\u003c\/li\u003e\n\u003cli\u003eStress test application\u003c\/li\u003e\n\u003cli\u003eSecurity regression testing\u003c\/li\u003e\n\u003cli\u003eCode review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecure coding best practices\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInput validation\u003c\/li\u003e\n\u003cli\u003eOutput encoding\u003c\/li\u003e\n\u003cli\u003eSession management\u003c\/li\u003e\n\u003cli\u003eAuthentication\u003c\/li\u003e\n\u003cli\u003eData protection\u003c\/li\u003e\n\u003cli\u003eParameterized queries\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eStatic analysis tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDynamic analysis tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFormal methods for verification of critical software\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eService-oriented architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Assertions Markup Language (SAML)\u003c\/li\u003e\n\u003cli\u003eSimple Object Access Protocol (SOAP)\u003c\/li\u003e\n\u003cli\u003eRepresentational State Transfer (REST)\u003c\/li\u003e\n\u003cli\u003eMicroservices\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e2.3 Explain hardware assurance best practices.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHardware root of trust\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrusted platform module (TPM)\u003c\/li\u003e\n\u003cli\u003eHardware security module (HSM)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eeFuse\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUnified Extensible Firmware Interface (UEFI)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrusted foundry\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSecure processing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrusted execution\u003c\/li\u003e\n\u003cli\u003eSecure enclave\u003c\/li\u003e\n\u003cli\u003eProcessor security extensions\u003c\/li\u003e\n\u003cli\u003eAtomic execution\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAnti-tamper\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSelf-encrypting drive\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrusted firmware updates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMeasured boot and attestation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBus encryption\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e3.0 Security Operations and Monitoring\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e3.1 Given a scenario, analyze data as part of security monitoring activities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHeuristics\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrend analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMalware\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eMemory\u003c\/li\u003e\n\u003cli\u003eSystem and application behavior\u003c\/li\u003e\n\u003cli\u003eKnown-good behavior\u003c\/li\u003e\n\u003cli\u003eAnomalous behavior\u003c\/li\u003e\n\u003cli\u003eExploit techniques\u003c\/li\u003e\n\u003cli\u003eFile system\u003c\/li\u003e\n\u003cli\u003eUser and entity behavior analytics (UEBA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUniform Resource Locator (URL) and domain name system (DNS) analysis\u003c\/li\u003e\n\u003cli\u003eDomain generation algorithm\u003c\/li\u003e\n\u003cli\u003eFlow analysis\u003c\/li\u003e\n\u003cli\u003ePacket and protocol analysis\u003c\/li\u003e\n\u003cli\u003eMalware\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLog review\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvent logs\u003c\/li\u003e\n\u003cli\u003eSyslog\u003c\/li\u003e\n\u003cli\u003eFirewall logs\u003c\/li\u003e\n\u003cli\u003eWeb application firewall (WAF)\u003c\/li\u003e\n\u003cli\u003eProxy\u003c\/li\u003e\n\u003cli\u003eIntrusion detection system (IDS)\/ Intrusion prevention system (IPS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImpact analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOrganizational impact vs. localized impact\u003c\/li\u003e\n\u003cli\u003eImmediate vs. total\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity information and event management (SIEM) review\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRule writing\u003c\/li\u003e\n\u003cli\u003eKnown-bad Internet protocol (IP)\u003c\/li\u003e\n\u003cli\u003eDashboard\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eQuery writing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eString search\u003c\/li\u003e\n\u003cli\u003eScript\u003c\/li\u003e\n\u003cli\u003ePiping\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eE-mail analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMalicious payload\u003c\/li\u003e\n\u003cli\u003eDomain Keys Identified Mail (DKIM)\u003c\/li\u003e\n\u003cli\u003eDomain-based Message Authentication, Reporting, and Conformance (DMARC)\u003c\/li\u003e\n\u003cli\u003eSender Policy Framework (SPF)\u003c\/li\u003e\n\u003cli\u003ePhishing\u003c\/li\u003e\n\u003cli\u003eForwarding\u003c\/li\u003e\n\u003cli\u003eDigital signature\u003c\/li\u003e\n\u003cli\u003eE-mail signature block\u003c\/li\u003e\n\u003cli\u003eEmbedded links\u003c\/li\u003e\n\u003cli\u003eImpersonation\u003c\/li\u003e\n\u003cli\u003eHeader\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e3.2 Given a scenario, implement configuration changes to existing controls to improve security.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePermissions\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSafelisting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDenylisting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFirewall\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntrusion prevention system (IPS) rules\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData loss prevention (DLP)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint detection and response (EDR)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork access control (NAC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSinkholing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMalware signatures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDevelopment\/rule writing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSandboxing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePort security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3 Explain the importance of proactive threat hunting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEstablishing a hypothesis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eProfiling threat actors and activities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThreat hunting tactics\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExecutable process analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eReducing the attack surface area\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBundling critical assets\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack vectors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntegrated intelligence\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eImproving detection capabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4 Compare and contrast automation concepts and technologies.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eWorkflow orchestration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Orchestration, Automation, and Response (SOAR)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScripting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eApplication programming interface (API) integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAutomated malware signature creation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData Enrichment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThreat feed combination\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMachine learning\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUse of automation protocols and standards\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Content Automation Protocol (SCAP)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContinuous integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eContinuous deployment\/delivery\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e4.0 Incident Response\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e4.1 Explain the importance of the incident response process.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCommunication plan\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimiting communication to trusted parties\u003c\/li\u003e\n\u003cli\u003eDisclosing based on regulatory\/ legislative requirements\u003c\/li\u003e\n\u003cli\u003ePreventing inadvertent release of information\u003c\/li\u003e\n\u003cli\u003eUsing a secure method of communication\u003c\/li\u003e\n\u003cli\u003eReporting requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eResponse coordination with relevant entities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLegal Human resources\u003c\/li\u003e\n\u003cli\u003ePublic relations\u003c\/li\u003e\n\u003cli\u003eInternal and external\u003c\/li\u003e\n\u003cli\u003eLaw enforcement\u003c\/li\u003e\n\u003cli\u003eSenior leadership\u003c\/li\u003e\n\u003cli\u003eRegulatory bodies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFactors contributing to data criticality\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePersonally identifiable information (PII)\u003c\/li\u003e\n\u003cli\u003ePersonal health information (PHI)\u003c\/li\u003e\n\u003cli\u003eSensitive personal information (SPI)\u003c\/li\u003e\n\u003cli\u003eHigh-value asset\u003c\/li\u003e\n\u003cli\u003eFinancial information\u003c\/li\u003e\n\u003cli\u003eIntellectual property\u003c\/li\u003e\n\u003cli\u003eCorporate information\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.2 Given a scenario, apply the appropriate incident response procedure.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreparation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTraining\u003c\/li\u003e\n\u003cli\u003eTesting\u003c\/li\u003e\n\u003cli\u003eDocumentation of procedures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDetection and analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCharacteristics contributing to severity level classification\u003c\/li\u003e\n\u003cli\u003eDowntime\u003c\/li\u003e\n\u003cli\u003eRecovery time\u003c\/li\u003e\n\u003cli\u003eData integrity\u003c\/li\u003e\n\u003cli\u003eEconomic\u003c\/li\u003e\n\u003cli\u003eSystem process criticality\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eData correlation\u003c\/li\u003e\n\u003cli\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContainment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSegmentation\u003c\/li\u003e\n\u003cli\u003eIsolation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEradication and Recovery\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVulnerability mitigation\u003c\/li\u003e\n\u003cli\u003eSanitization\u003c\/li\u003e\n\u003cli\u003eReconstruction\/reimaging\u003c\/li\u003e\n\u003cli\u003eSecure disposal\u003c\/li\u003e\n\u003cli\u003ePatching\u003c\/li\u003e\n\u003cli\u003eRestoration of permissions\u003c\/li\u003e\n\u003cli\u003eReconstitution of resources\u003c\/li\u003e\n\u003cli\u003eRestoration of capabilities and services\u003c\/li\u003e\n\u003cli\u003eVerification of logging\/ communication to security monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePost-incident activities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvidence retention\u003c\/li\u003e\n\u003cli\u003eLessons learned report\u003c\/li\u003e\n\u003cli\u003eChange control process\u003c\/li\u003e\n\u003cli\u003eIncident response plan update\u003c\/li\u003e\n\u003cli\u003eIncident summary report\u003c\/li\u003e\n\u003cli\u003eIoC generation\u003c\/li\u003e\n\u003cli\u003eMonitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.3 Given an incident, analyze potential indicators of compromise.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBandwidth consumption\u003c\/li\u003e\n\u003cli\u003eBeaconing\u003c\/li\u003e\n\u003cli\u003eIrregular peer-to-peer communication\u003c\/li\u003e\n\u003cli\u003eThe rogue device on the network\u003c\/li\u003e\n\u003cli\u003eScan\/sweep\u003c\/li\u003e\n\u003cli\u003eUnusual traffic spike\u003c\/li\u003e\n\u003cli\u003eCommon protocol over a non-standard port\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eHost-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProcessor consumption\u003c\/li\u003e\n\u003cli\u003eMemory consumption\u003c\/li\u003e\n\u003cli\u003eDrive capacity consumption\u003c\/li\u003e\n\u003cli\u003eUnauthorized software\u003c\/li\u003e\n\u003cli\u003eMalicious process\u003c\/li\u003e\n\u003cli\u003eUnauthorized change\u003c\/li\u003e\n\u003cli\u003eUnauthorized privilege\u003c\/li\u003e\n\u003cli\u003eData exfiltration\u003c\/li\u003e\n\u003cli\u003eAbnormal OS process behavior\u003c\/li\u003e\n\u003cli\u003eFile system change or anomaly\u003c\/li\u003e\n\u003cli\u003eRegistry change or anomaly\u003c\/li\u003e\n\u003cli\u003eUnauthorized scheduled task\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApplication-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAnomalous activity\u003c\/li\u003e\n\u003cli\u003eIntroduction of new accounts\u003c\/li\u003e\n\u003cli\u003eUnexpected output\u003c\/li\u003e\n\u003cli\u003eUnexpected outbound communication\u003c\/li\u003e\n\u003cli\u003eService interruption\u003c\/li\u003e\n\u003cli\u003eApplication log\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.4 Given a scenario, utilize basic digital forensics techniques.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eWireshark\u003c\/li\u003e\n\u003cli\u003etcpdump\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDisk\u003c\/li\u003e\n\u003cli\u003eMemory\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMobile\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVirtualization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eLegal hold\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eProcedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHashing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges to binaries\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCarving\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData acquisition\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e5.0 Compliance and Assessment\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e5.1 Understand the importance of data privacy and protection.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePrivacy vs. security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNon-technical controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eClassification\u003c\/li\u003e\n\u003cli\u003eOwnership\u003c\/li\u003e\n\u003cli\u003eRetention\u003c\/li\u003e\n\u003cli\u003eData types\u003c\/li\u003e\n\u003cli\u003eRetention standards\u003c\/li\u003e\n\u003cli\u003eConfidentiality\u003c\/li\u003e\n\u003cli\u003eLegal Requirements\u003c\/li\u003e\n\u003cli\u003eData sovereignty\u003c\/li\u003e\n\u003cli\u003eData minimization\u003c\/li\u003e\n\u003cli\u003ePurpose limitation\u003c\/li\u003e\n\u003cli\u003eA non-disclosure agreement (NDA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eTechnical controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEncryption\u003c\/li\u003e\n\u003cli\u003eData loss prevention (DLP)\u003c\/li\u003e\n\u003cli\u003eData masking\u003c\/li\u003e\n\u003cli\u003eDeidentification\u003c\/li\u003e\n\u003cli\u003eTokenization\u003c\/li\u003e\n\u003cli\u003eDigital rights management (DRM)?\u003c\/li\u003e\n\u003cli\u003eWatermarking\u003c\/li\u003e\n\u003cli\u003eGeographic access requirements\u003c\/li\u003e\n\u003cli\u003eAccess controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.2 Given a scenario, apply security concepts to support organizational risk mitigation.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBusiness impact analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk identification process\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk calculation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProbability\u003c\/li\u003e\n\u003cli\u003eMagnitude\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCommunication of risk factors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk prioritization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity controls -\u003c\/li\u003e\n\u003cli\u003eEngineering tradeoffs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSystems assessment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDocumented compensating controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTraining and exercises\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRed team\u003c\/li\u003e\n\u003cli\u003eBlue team\u003c\/li\u003e\n\u003cli\u003eWhite team\u003c\/li\u003e\n\u003cli\u003eTabletop exercise\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSupply chain assessment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVendor due diligence\u003c\/li\u003e\n\u003cli\u003eHardware source authenticity\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3 Explain the importance of frameworks, policies, procedures, and controls.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFrameworks\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisk-based\u003c\/li\u003e\n\u003cli\u003ePrescriptive\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePolicies and procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCode of conduct\/ethics\u003c\/li\u003e\n\u003cli\u003eAcceptable use policy (AUP)\u003c\/li\u003e\n\u003cli\u003ePassword policy\u003c\/li\u003e\n\u003cli\u003eData Ownership\u003c\/li\u003e\n\u003cli\u003eData retention\u003c\/li\u003e\n\u003cli\u003eAccount management\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring\u003c\/li\u003e\n\u003cli\u003eWork product retention\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCategory\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManagerial\u003c\/li\u003e\n\u003cli\u003eOperational\u003c\/li\u003e\n\u003cli\u003eTechnical\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eControl type\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePreventative\u003c\/li\u003e\n\u003cli\u003eDetective\u003c\/li\u003e\n\u003cli\u003eCorrective\u003c\/li\u003e\n\u003cli\u003eDeterrent\u003c\/li\u003e\n\u003cli\u003eCompensating\u003c\/li\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAudits and assessments\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRegulatory\u003c\/li\u003e\n\u003cli\u003eCompliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A14CN \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534191935707,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"267B25US \/ 2026-07-13T09:00:00 \/ Aurora, CO","offer_id":47534192001243,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"267B26US \/ 2026-07-27T09:00:00 \/ Herndon, VA","offer_id":47534192099547,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"269A87US \/ 2026-09-14T09:00:00 \/ Bellevue, WA","offer_id":47591599407323,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"268A84CN \/ 2026-08-31T09:00:00 \/ Toronto","offer_id":48216558403803,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"268C95US \/ 2026-08-17T09:00:00 \/ New York","offer_id":48216558436571,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26AB73US \/ 2026-10-26T09:00:00 \/ Austin","offer_id":48216558469339,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26BA36CN \/ 2026-11-16T09:00:00 \/ Ottawa","offer_id":48216558502107,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26CB55US \/ 2026-12-14T09:00:00 \/ Aurora, CO","offer_id":48216558534875,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"271A34CN \/ 2027-01-25T09:00:00 \/ Toronto","offer_id":48216558567643,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"271C18US \/ 2027-01-11T09:00:00 \/ New York","offer_id":48216558600411,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B83US \/ 2027-03-01T09:00:00 \/ Herndon, VA","offer_id":48309393227995,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B84US \/ 2027-03-08T09:00:00 \/ San Francisco","offer_id":48329825616091,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B85US \/ 2027-03-15T09:00:00 \/ Austin","offer_id":48363059216603,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"274A30CN \/ 2027-04-19T09:00:00 \/ Ottawa","offer_id":48612319068379,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"275C35US \/ 2027-05-17T09:00:00 \/ Aurora, CO","offer_id":48778587504859,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"269D59US \/ 2026-09-21T09:00:00 \/ Online","offer_id":48837147263195,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true}],"url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/products\/comptia-cysa-%c2%ae-certification-training","provider":"Learning Tree International","version":"1.0","type":"link"}