Security Architecture

• 1.1 Given a scenario, analyze the security requirements and objectives to ensure an appropriate, secure network architecture for a new or existing network
• 1.2 Given a scenario, analyze the organizational requirements to determine the proper infrastructure security design.
• 1.3 Given a scenario, integrate software applications securely into an enterprise architecture.
• 1.4 Given a scenario, implement data security techniques for securing enterprise architecture.
• 1.5 Given a scenario, analyze the security requirements and objectives to provide the appropriate authentication and authorization controls.
• 1.6 Given a set of requirements, implement secure cloud and virtualization solutions.
• 1.7 Explain how cryptography and public key infrastructure (PKI) support security objectives and requirements.
• 1.8 Explain the impact of emerging technologies on enterprise security and privacy.

Security Operations

• 2.1 Given a scenario, perform threat management activities.
• 2.2 Given a scenario, analyze indicators of compromise and formulate an appropriate response.
• 2.3 Given a scenario, perform vulnerability management activities.
• 2.4 Given a scenario, use the appropriate vulnerability assessment and penetration testing methods and tools.
• 2.5 Given a scenario, analyze vulnerabilities and recommend risk mitigations.
• 2.6 Given a scenario, use processes to reduce risk.
• 2.7 Given an incident, implement the appropriate response.
• 2.8 Explain the importance of forensic concepts.
• 2.9 Given a scenario, use forensic analysis tools.

Security Engineering and Cryptography

• 3.1 Given a scenario, apply secure configurations to enterprise mobility.
• 3.2 Given a scenario, configure and implement endpoint security controls.
• 3.3 Explain security considerations impacting specific sectors and operational technologies.
• 3.4 Explain how cloud technology adoption impacts organizational security.
• 3.5 Given a business requirement, implement the appropriate PKI solution.
• 3.6 Given a business requirement, implement the appropriate cryptographic protocols and algorithms.
• 3.7 Given a scenario, troubleshoot issues with cryptographic implementations.

Governance, Risk, and Compliance

• 4.1 Given a set of requirements, apply the appropriate risk strategies.
• 4.2 Explain the importance of managing and mitigating vendor risk.
• 4.3 Explain compliance frameworks and legal considerations, and their organizational impact.
• 4.4 Explain the importance of business continuity and disaster recovery concepts.