Standards in this Framework
| Standard | Description |
|---|---|
| 1.1 | Given a scenario, analyze indicators of compromise and determine the type of malware. |
| 1.2 | Compare and contrast types of attacks. |
| 1.3 | Explain threat actor types and attributes. |
| 1.4 | Explain penetration testing concepts. |
| 1.5 | Explain vulnerability scanning concepts. |
| 1.6 | Explain the impact associated with types of vulnerabilities. |
| 2.1 | Install and configure network components, both hardwareand software-based, to support organizational security |
| 2.2 | Given a scenario, use appropriate software tools to assess the security posture of an organization. |
| 2.3 | Given a scenario, troubleshoot common security issues. |
| 2.4 | Given a scenario, analyze and interpret output from security technologies. |
| 2.5 | Given a scenario, deploy mobile devices securely. |
| 2.6 | Given a scenario, implement secure protocols. |
| 3.1 | Explain use cases and purpose for frameworks, best practices and secure configuration guides. |
| 3.2 | Given a scenario, implement secure network architecture concepts. |
| 3.3 | Given a scenario, implement secure systems design |
| 3.4 | Explain the importance of secure staging deployment concepts. |
| 3.5 | Explain the security implications of embedded systems. |
| 3.6 | Summarize secure application development and deployment concepts. |
| 3.7 | Summarize cloud and virtualization concepts |
| 3.8 | Explain how resiliency and automation strategies reduce risk. |
| 3.9 | Explain the importance of physical security controls. |
| 4.1 | Compare and contrast identity and access management concepts |
| 4.2 | Given a scenario, install and configure identity and access services. |
| 4.3 | Given a scenario, implement identity and access management controls. |
| 4.4 | Given a scenario, differentiate common account management practices. |
| 5.1 | Explain the importance of policies, plans and procedures related to organizational security |
| 5.2 | Summarize business impact analysis concepts. |
| 5.3 | Explain risk management processes and concepts. |
| 5.4 | Given a scenario, follow incident response procedures. |
| 5.5 | Summarize basic concepts of forensics. |
| 5.6 | Explain disaster recovery and continuity of operation concepts. |
| 5.7 | Compare and contrast various types of controls. |
| 5.8 | Given a scenario, carry out data security and privacy practices. |
| 6.1 | Compare and contrast basic concepts of cryptography |
| 6.2 | Explain cryptography algorithms and their basic characteristics. |
| 6.3 | Given a scenario, install and configure wireless security settings. |
| 6.4 | Given a scenario, implement public key infrastructure. |
