Risk Management of new products, technology, and users. Business models including partnerships, outsourcing, cloud, and strategies around mergers, divestiture, and acquisitions. Data ownership and reclassification. Rules, policies, regulations. Competitors, auditors, regulations.
1.2 Compare and contrast security, privacy policies, and procedures based on organizational requirements.
Policy and process life cycles. Legal compliance and advocacy by partnering with human resources, legal, and management. Common business documents supporting security including risk assessments, business impact analysis, interoperability agreement, interconnection security agreements, memorandum of understanding, service level and operating level agreements, as well as non-disclosure, business partnership, and master service agreements. Research security requirements such as requests for proposals, for quotes, and for information. Privacy requirements and development of policies containing standard security practices.
1.3 Given a scenario, execute risk mitigation strategies and controls.
CIA and security controls. Scenario planning and risk analysis. Risk determination using metrics, such as annual loss and single loss expectancy. Recommending a strategy based on risk avoidance, transference, mitigation, and acceptance. Risk management processes, including exemptions, deterrence, inherent, and residual. Business continuity planning.
1.4 Analyze risk metric scenarios to secure the enterprise.
Review effectiveness of security controls with gap analysis, lessons learned, and after-action reports. Reverse engineer existing solutions and analyze metrics. Prototype solutions, benchmarks, and baselines, and interpretation of data to anticipate cyber defense needs. Analyze possible solutions based on performance, latency, scalability, capability, usability, maintainability, availability, and recoverability.
2.0 Enterprise Security Architecture
2.1 Analyze a scenario and integrate network and security components, concepts, and architectures to meet security requirements.
Physical and virtual network security devices as well as application and protocol-aware technologies. Advanced network design and complex network security for data in transit. Secure configuration, baselining, and monitoring of assets. Security zones, network access control, and critical infrastructure.
2.2 Analyze a scenario to integrate security controls for host devices to meet security requirements.
Enterprise mobility management, including containers, remote assistance and wiping, VPN, and mobile payment systems. Security implications and privacy concerns of data storage. Wearable technology and security implications.
2.4 Given software vulnerability scenarios, select the appropriate security controls.
Malware, debugging, reconnaissance, fingerprinting, code review, social engineering, OSINT, and pivoting. Type of penetration testing, including black, white, and gray box. Vulnerability assessments, audits, and team exercises.
3.2 Analyze a scenario or output, and select the appropriate tool for a security assessment.
Network tools, such as port scanners, vulnerability scanners, protocol analyzers, fuzzers, and logging-analysis tools. Host tool types, such as password crackers, command line tools, SCAP, FIM, antivirus, and reverse-engineering tools. Physical security tools, such as lock picks, RFID tools, and IR camera.
3.3 Given a scenario, implement incident response and recovery procedures.
E-discovery, data retention, recovery, ownership, and handling. Data breach response, detection, mitigation, recovery, response, and disclosure. Incident detection and response, incident response tools to help determine the severity of the incident or breach, and posting incident response.
4.0 Technical Integration of Enterprise Security
4.1 Given a scenario, integrate hosts, storage, networks, and applications into a secure enterprise architecture.
Data flow security. Open, competing, adherence, and de facto standards. Interoperability issues, including software types, legacy systems, application requirements, protocols, and standard data formats. Resilience issues, provisioning, and deprovisioning resources, including users, servers, virtual systems, and applications. Network segmentation, security and privacy considerations, and enterprise applications.
4.2 Given a scenario, integrate cloud and virtualization technologies into a secure enterprise architecture.