DOMAIN 1.0: General Security Concepts

1.1 Recognize and be able to differentiate and explain the following access control models

• MAC (Mandatory Access Control)
• DAC (Discretionary Access Control)
• RBAC (Role Based Access Control)

1.2 Recognize and be able to differentiate and explain the following methods of authentication

• Kerberos
• CHAP (Challenge Handshake Authentication Protocol)
• Certificates
• Username / Password
• Tokens
• Multi-factor
• Mutual
• Biometrics

1.3 Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols

1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk

• DOS / DDOS (Denial of Service / Distributed Denial of Service)
• Back Door
• Spoofing
• Man in the Middle
• Replay
• TCP/IP Hijacking
• Weak Keys
• Mathematical
• Social Engineering
• Birthday
• Password Guessing
• Brute Force
• Dictionary
• Software Exploitation

1.5 Recognize the following types of malicious code and specify the appropriate actions to take to mitigate vulnerability and risk

• Viruses
• Trojan Horses
• Logic Bombs
• Worms

1.6 Understand the concept of and know how reduce the risks of social engineering

1.7 Understand the concept and significance of auditing, logging and system scanning

DOMAIN 2.0: Communication Security

2.1 Recognize and understand the administration of the following types of remote access technologies

• 802.1x
• VPN (Virtual Private Network)>
• RADIUS (Remote Authentication Dial-In User Service)
• TACACS (Terminal Access Controller Access Control System)
• L2TP / PPTP (Layer Two Tunneling Protocol / Point to Point Tunneling Protocol)
• SSH (Secure Shell)
• IPSEC (Internet Protocol Security)
• Vulnerabilities

2.2 Recognize and understand the administration of the following email security concepts

• S/MIME (Secure Multipurpose Internet Mail Extensions)
• PGP (Pretty Good Privacy) like technologies
• Vulnerabilities
• SPAM
• Hoaxes

2.3 Recognize and understand the administration of the following Internet security concepts

• SSL / TLS (Secure Sockets Layer / Transport Layer Security)
• HTTP/S (Hypertext Transfer Protocol / Hypertext Transfer Protocol over Secure Sockets Layer)
• Instant Messaging
• Vulnerabilities
• Packet Sniffing
• Privacy
• Vulnerabilities
• Java Script
• ActiveX
• Buffer Overflows
• Cookies
• Signed Applets
• CGI (Common Gateway Interface)
• SMTP (Simple Mail Transfer Protocol) Relay

2.4 Recognize and understand the administration of the following directory security concepts

• SSL / TLS (Secure Sockets Layer / Transport Layer Security)
• LDAP (Lightweight Directory Access Protocol)

2.5 Recognize and understand the administration of the following file transfer protocols and concepts

• S/FTP (File Transfer Protocol)
• Blind FTP (File Transfer Protocol) / Anonymous
• File Sharing
• Vulnerabilities
• Packet Sniffing
• 8.3 Naming Conventions

2.6 Recognize and understand the administration of the following wireless technologies and concepts

• WTLS (Wireless Transport Layer Security)
• 802.11 and 802.11x
• WEP / WAP (Wired Equivalent Privacy / Wireless Application Protocol)
• Vulnerabilities
• Site Surveys

DOMAIN 3.0: Infrastructure Security

3.1 Understand security concerns and concepts of the following types of devices

• Firewalls
• Routers
• Switches
• Wireless
• Modems
• RAS (Remote Access Server)
• Telecom / PBX (Private Branch Exchange)
• VPN (Virtual Private Network)
• IDS (Intrusion Detection System)
• Network Monitoring / Diagnostics
• Workstations
• Servers
• Mobile Devices

3.2 Understand the security concerns for the following types of media

• Coaxial Cable
• UTP / STP (Unshielded Twisted Pair / Shielded Twisted Pair)
• Fiber Optic Cable
• Removable Media
• Tape
• CD-R (Recordable Compact Disks)
• Hard Drives
• Diskettes
• Flashcards
• Smartcards

3.3 Understand the concepts behind the following kinds of security topologies

• Security Zones
• DMZ (Demilitarized Zone)
• Intranet
• Extranet
• VLANs (Virtual Local Area Network)
• NAT (Network Address Translation)
• Tunneling

3.4 Differentiate the following types of intrusion detection, be able to explain the concepts of each type, and understand the implementation and configuration of each kind of intrusion detection system

• Network Based
• Active Detection
• Passive Detection
• Host Based
• Active Detection
• Passive Detection
• Honey Pots
• Incident Response

3.5 Understand the following concepts of security baselines, be able to explain what a security baseline is, and understand the implementation and configuration of each kind of intrusion detection system

• OS / NOS (Operating System / Network Operating System) Hardening
• File System
• Updates (Hotfixes, Service Packs, Patches)
• Network Hardening
• Updates (Firmware)
• Configuration
• Enabling and Disabling Services and Protocols
• Access Control Lists
• Application Hardening
• Updates (Hotfixes, Service Packs, Patches)
• Web Servers
• E-mail Servers
• FTP (File Transfer Protocol) Servers
• DNS (Domain Name Service) Servers
• NNTP (Network News Transfer Protocol) Servers
• File / Print Servers
• DHCP (Dynamic Host Configuration Protocol) Servers
• Data Repositories
• Directory Services
• Databases

DOMAIN 4.0: Basics of Cryptography

4.1 Be able to identify and explain the of the following different kinds of cryptographic algorithms

• Hashing
• Symmetric
• Asymmetric

4.2 Understand how cryptography addresses the following security concepts

• Confidentiality
• Integrity
• Digital Signatures
• Authentication
• Non-Repudiation
• Digital Signatures
• Access Control

4.3 Understand and be able to explain the following concepts of PKI (Public Key Infrastructure)

• Certificates
• Certificate Policies
• Certificate Practice Statements
• Revocation
• Trust Models

4.4 Identify and be able to differentiate different cryptographic standards and protocols

4.5 Understand and be able to explain the following concepts of Key Management and Certificate Lifecycles

• Centralized vs. Decentralized
• Storage
• Hardware vs. Software
• Private Key Protection
• Escrow
• Expiration
• Revocation
• Status Checking
• Suspension
• Status Checking
• Recovery
• M-of-N Control (Of M appropriate individuals, N must be present to authorize recovery)
• Renewal
• Destruction
• Key Usage
• Multiple Key Pairs (Single, Dual)

DOMAIN 5.0: Operational/Organizational Security

5.1 Understand the application of the following concepts of physical security

• Access Control
• Physical Barriers
• Biometrics
• Social Engineering
• Environment
• Wireless Cells
• Location
• Shielding
• Fire Suppression

5.2 Understand the security implications of the following topics of disaster recovery

• Backups
• Off Site Storage
• Secure Recovery
• Alternate Sites
• Disaster Recovery Plan

5.3 Understand the security implications of the following topics of business continuity

• Utilities
• High Availability / Fault Tolerance
• Backups

5.4 Understand the concepts and uses of the following types of policies and procedures

• Security Policy
• Acceptable Use
• Care
• Privacy
• Separation of Duties
• Need to Know
• Password Management
• SLAs (Service Level Agreements)
• Disposal / Destruction
• HR (Human Resources) Policy
• Termination (Adding and revoking passwords and privileges, etc.)
• Hiring (Adding and revoking passwords and privileges, etc.)
• Code of Ethics
• Incident Response Policy

5.5 Explain the following concepts of privilege management

• User / Group / Role Management
• Single Sign-on
• Centralized vs. Decentralized
• Auditing (Privilege, Usage, Escalation)
• MAC / DAC / RBAC (Mandatory Access Control / Discretionary Access Control / Role Based Access Control)

5.6 Understand the concepts of the following topics of forensics

• Chain of Custody
• Preservation of Evidence
• Collection of Evidence

5.7 Understand and be able to explain the following concepts of risk identification

• Asset Identification
• Risk Assessment
• Identification
• Vulnerabilities

5.8 Understand the security relevance of the education and training of end users, executives and human resources

• Communication
• User Awareness
• Education
• On-line Resources

5.9 Understand and explain the following documentation concepts

• Standards and Guidelines
• Systems Architecture
• Change Documentation
• Logs and Inventories
• Classification
• Notification
• Retention / Storage
• Destruction