Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area.
With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena.
The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.
DOMAIN 1: CYBERSECURITY CONCEPTS
1.1 Knowledge of information assurance (IA) principles used to manage risks related to the use, processing, storage and transmission of information or data.
1.2 Knowledge of security management.
1.3 Knowledge of risk management processes, including steps and methods for assessing risk.
1.4 Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
1.5 Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored] and third generation [nation state sponsored]).
1.6 Knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication and non-repudiation.
1.7 Knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities).
1.8 Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
1.9 Knowledge of relevant laws, policies, procedures and governance requirements.
1.10 Knowledge of relevant laws, policies, procedures or governance as they relate to work that may impact critical infrastructure.
DOMAIN 2: CYBERSECURITY ARCHITECTURE PRINCIPLES
2.1 Knowledge of network design processes, to include understanding of security objectives, operational objectives and tradeoffs.
2.2 Knowledge of security system design methods, tools and techniques.
2.3 Knowledge of network access, identity and access management (e.g., public key infrastructure [PKI]).
2.4 Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
2.5 Knowledge of current industry methods for evaluating, implementing and disseminating information technology (IT) security assessment, monitoring, detection and remediation tools and procedures, utilizing standards-based concepts and capabilities.
2.6 Knowledge of network security architecture concepts, including topology, protocols, components and principles (e.g., application of defence in depth).
2.7 Knowledge of malware analysis concepts and methodology.
2.8 Knowledge of intrusion detection methodologies and techniques for detecting host-and network- based intrusions via intrusion detection technologies.
2.9 Knowledge of defence in depth principles and network security architecture.
2.10 Knowledge of encryption algorithms (e.g., internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE]).
2.11 Knowledge of cryptology.
2.12 Knowledge of encryption methodologies.
2.13 Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [ITCP/IP], Open System Interconnection model [OSI]).
2.14 Knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol
DOMAIN 3: SECURITY OF NETWORK, SYSTEM, APPLICATION AND DATA
3.1 Knowledge of computer network defence (CND) and vulnerability assessment tools, including open source tools, and their capabilities.
3.2 Knowledge of basic system administration, network and operating system hardening techniques.
3.3 Knowledge of risk associated with virtualizations.
3.4 Knowledge of penetration testing principles, tools and techniques (e.g., metasploit, neosploit).
3.5 Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring) and tools.
3.6 Knowledge of remote access technology concepts.
3.7 Knowledge of systems administration concepts.
3.8 Knowledge of Unix command line.
3.9 Knowledge of system and application security threats and vulnerabilities.
3.10 Knowledge of system lifecycle management principles, including software security and usability.
3.11 Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance and reliability.
3.12 Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
3.13 Knowledge of social dynamics of computer attackers in a global context.
3.14 Knowledge of secure configuration management techniques.
3.15 Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media and related hardware.
3.16 Knowledge of communication methods, principles and concepts that support the network infrastructure.
3.17 Knowledge of the common networking protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and services (e.g., web, mail, Domain Name System [DNS]) and how they interact to provide network communications.
3.18 Knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Local Area Network [WLAN], Wireless Wide Area Network [WWAN]).
3.19 Knowledge of virtualization technologies and virtual machine development and maintenance.
3.20 Knowledge of application vulnerabilities.
3.21 Knowledge of information assurance (IA) principles and methods that apply to software development.
3.22 Knowledge of risk threat assessment.
DOMAIN 4: INCIDENT RESPONSE
4.1 Knowledge of incident categories, incident responses and timelines for responses.
4.2 Knowledge of disaster recovery and continuity of operations plans.
4.3 Knowledge of data backup, types of backups (e.g., full, incremental) and recovery concepts and tools.
4.4 Knowledge of incident response and handling methodologies.
4.5 Knowledge of security event correlation tools.
4.6 Knowledge of investigative implications of hardware, operating systems and network technologies.
4.7 Knowledge of processes for seizing and preserving digital evidence (e.g., chain of custody).
4.8 Knowledge of types of digital forensics data and how to recognize them.
4.9 Knowledge of basic concepts and practices of processing digital forensic data.
4.10 Knowledge of anti-forensics tactics, techniques, and procedures (TTPS).
4.11 Knowledge of common forensic tool configuration and support applications (e.g., VMWare, Wireshark).
4.12 Knowledge of network traffic analysis methods.
4.13 Knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files.
DOMAIN 5: SECURITY OF EVOLVING TECHNOLOGY
5.1 Knowledge of new and emerging information technology (IT) and information security technologies.
5.2 Knowledge of emerging security issues, risks, and vulnerabilities.
5.3 Knowledge of risk associated with mobile computing.
5.4 Knowledge of cloud concepts around data and collaboration.
5.5 Knowledge of risk of moving applications and infrastructure to the cloud.
5.6 Knowledge of risk associated with outsourcing
5.7 Knowledge of supply chain risk management processes and practices
CISA - Certified Information Systems Auditor
CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.
Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments.
Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the possibility of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world.
The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course.
The ultimate goal is to pass your CISA examination first time.
Use the knowledge gained in a practical manner beneficial to your organisation
Provide audit services in accordance with IT audit standards
Provide assurance on leadership and organizational structure and processes
Provide assurance on acquisition/ development, testing and implementation of IT assets
Provide assurance on IT operations including service operations and third party
Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.
Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.
Domain 1—The Process of Auditing Information Systems (14%)
Provide audit services in accordance with IT audit standards to assist the organization in protecting and controlling information systems.
1.1 Develop and implement a risk-based IT audit strategy in compliance with IT audit standards to ensure that key areas are included.
1.2 Plan specific audits to determine whether information systems are protected, controlled and provide value to the organization.
1.3 Conduct audits in accordance with IT audit standards to achieve planned audit objectives.
1.4 Report audit findings and make recommendations to key stakeholders to communicate results and effect change when necessary.
1.5 Conduct follow-ups or prepare status reports to ensure appropriate actions have been taken by management in a timely manner.
Domain 2—Governance and Management of IT (14%)
Provide assurance that the necessary leadership and organization structure and processes are in place to achieve objectives and to support the organization's strategy.
2.1 Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
2.2 Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.
2.3 Evaluate the IT strategy, including the IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and objectives.
2.4 Evaluate the organization’s IT policies, standards, and procedures, and the processes for their development, approval, implementation, maintenance, and monitoring, to determine whether they support the IT strategy and comply with regulatory and legal requirements.
2.5 Evaluate the adequacy of the quality management system to determine whether it supports the organization’s strategies and objectives in a cost-effective manner.
2.6 Evaluate IT management and monitoring of controls (e.g., continuous monitoring, QA) for compliance with the organization’s policies, standards and procedures.
2.7 Evaluate IT resource investment, use and allocation practices, including prioritization criteria, for alignment with the organization’s strategies and objectives.
2.8 Evaluate IT contracting strategies and policies, and contract management practices to determine whether they support the organization’s strategies and objectives.
2.9 Evaluate risk management practices to determine whether the organization’s IT-related risks are properly managed.
2.10 Evaluate monitoring and assurance practices to determine whether the board and executive management receive sufficient and timely information about IT performance.
2.11 Evaluate the organization’s business continuity plan to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
Domain 3—Information Systems Acquisition, Development, and Implementation (19%)
Provide assurance that the practices for the acquisition, development, testing, and implementation of information systems meet the organization’s strategies and objectives.
3.1 Evaluate the business case for the proposed investments in information systems acquisition, development, maintenance and subsequent retirement to determine whether it meets business objectives.
3.2 Evaluate the project management practices and controls to determine whether business requirements are achieved in a cost-effective manner while managing risks to the organization.
3.3 Conduct reviews to determine whether a project is progressing in accordance with project plans, is adequately supported by documentation and status reporting is accurate.
3.4 Evaluate controls for information systems during the requirements, acquisition, development and testing phases for compliance with the organization's policies, standards, procedures and applicable external requirements.
3.5 Evaluate the readiness of information systems for implementation and migration into production to determine whether project deliverables, controls and organization's requirements are met.
3.6 Conduct post-implementation reviews of systems to determine whether project deliverables, controls and organization's requirements are met.
Domain 4—Information Systems Operations, Maintenance and Support (23%)
Provide assurance that the processes for information systems operations, maintenance and support meet the organization’s strategies and objectives.
4.1 Conduct periodic reviews of information systems to determine whether they continue to meet the organization’s objectives.
4.2 Evaluate service level management practices to determine whether the level of service from internal and external service providers is defined and managed.
4.3 Evaluate third party management practices to determine whether the levels of controls expected by the organization are being adhered to by the provider.
4.4 Evaluate operations and end-user procedures to determine whether scheduled and non-scheduled processes are managed to completion.
4.5 Evaluate the process of information systems maintenance to determine whether they are controlled effectively and continue to support the organization’s objectives.
4.6 Evaluate data administration practices to determine the integrity and optimization of databases.
4.7 Evaluate the use of capacity and performance monitoring tools and techniques to determine whether IT services meet the organization’s objectives.
4.8 Evaluate problem and incident management practices to determine whether incidents, problems or errors are recorded, analyzed and resolved in a timely manner.
4.9 Evaluate change, configuration and release management practices to determine whether scheduled and non-scheduled changes made to the organization’s production environment are adequately controlled and documented.
4.10 Evaluate the adequacy of backup and restore provisions to determine the availability of information required to resume processing.
4.11 Evaluate the organization’s disaster recovery plan to determine whether it enables the recovery of IT processing capabilities in the event of a disaster.
Domain 5—Protection of Information Assets (30%)
Provide assurance that the organization’s security policies, standards, procedures and controls ensure the confidentiality, integrity and availability of information assets.
5.1 Evaluate the information security policies, standards and procedures for completeness and alignment with generally accepted practices.
5.2 Evaluate the design, implementation and monitoring of system and logical security controls to verify the confidentiality, integrity and availability of information.
5.3 Evaluate the design, implementation, and monitoring of the data classification processes and procedures for alignment with the organization’s policies, standards, procedures, and applicable external requirements.
5.4 Evaluate the design, implementation and monitoring of physical access and environmental controls to determine whether information assets are adequately safeguarded.
5.5 Evaluate the processes and procedures used to store, retrieve, transport and dispose of information assets (e.g., backup media, offsite storage, hard copy/print data, and softcopy media) to determine whether information assets are adequately safeguarded.
CISM - Certified Information Security Manager
CISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities/ challenges in Information Security Management.
Our CISM training methodology provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.
We have delivered more than 100+ CISM training events in the United Kingdom and Europe. Our instructors encourage all attending delegates to go through the ISACA released CISM QA&E (Questions, Answers and Explanations) as exam preparation - you get this FREE as part of our course. The QA&E is exceptional in helping delegates understand the ISACA style of questions, approach to solving these questions and it helps rapid memory assimilation of the CISM concepts during live classroom sessions.
All our trainers have extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination. If you do not pass first time, then join us again for exam preparation free of charge.
The ultimate goal is to pass your CISM examination first time.
Use the knowledge gained in a practical manner beneficial to your organisation
Establish and maintain an Information security governance framework to achieve your organization goals and objectives
Manage Information risk to an acceptable level to meet the business and compliance requirements
Establish and maintain information security architectures (people, process, technology)
Integrate information security requirements into contracts and activities of third parties/ suppliers
Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact
Security professionals with 3-5 years of front-line experience; Information security managers or those with management responsibilities; Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO's, CIO's, CSO's, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions.
Domain 1—Information Security Governance (24%)
Establish and maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives, information risk is managed appropriately and program resources are managed responsibly.
1.1 Establish and maintain an information security strategy in alignment with organizational goals and objectives to guide the establishment and ongoing management of the information security program.
1.2 Establish and maintain an information security governance framework to guide activities that support the information security strategy.
1.3 Integrate information security governance into corporate governance to ensure that organizational goals and objectives are supported by the information security program.
1.4 Establish and maintain information security policies to communicate management’s directives and guide the development of standards, procedures and guidelines.
1.5 Develop business cases to support investments in information security.
1.6 Identify internal and external influences to the organization (for example, technology, business environment, risk tolerance, geographic location, legal and regulatory requirements) to ensure that these factors are addressed by the information security strategy.
1.7 Obtain commitment from senior management and support from other stakeholders to maximize the probability of successful implementation of the information security strategy.
1.8 Define and communicate the roles and responsibilities of information security throughout the organization to establish clear accountabilities and lines of authority.
1.9 Establish, monitor, evaluate and report metrics (for example, key goal indicators [KGIs], key performance indicators [KPIs], key risk indicators [KRIs]) to provide management with accurate information regarding the effectiveness of the information security strategy.
Domain 2—Information Risk Management and Compliance (33%)
Manage information risk to an acceptable level to meet the business and compliance requirements of the organization.
2.1 Establish and maintain a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value.
2.2 Identify legal, regulatory, organizational and other applicable requirements to manage the risk of noncompliance to acceptable levels.
2.3 Ensure that risk assessments, vulnerability assessments and threat analyses are conducted periodically and consistently to identify risk to the organization’s information.
2.4 Determine appropriate risk treatment options to manage risk to acceptable levels.
2.5 Evaluate information security controls to determine whether they are appropriate and effectively mitigate risk to an acceptable level.
2.6 Identify the gap between current and desired risk levels to manage risk to an acceptable level.
2.7 Integrate information risk management into business and IT processes (for example, development, procurement, project management, mergers and acquisitions) to promote a consistent and comprehensive information risk management process across the organization.
2.8 Monitor existing risk to ensure that changes are identified and managed appropriately.
2.9 Report noncompliance and other changes in information risk to appropriate management to assist in the risk management decision-making process.
Domain 3—Information Security Program Development and Management (25%)
Establish and manage the information security program in alignment with the information security strategy.
3.1 Establish and maintain the information security program in alignment with the information security strategy.
3.2 Ensure alignment between the information security program and other business functions (for example, human resources [HR], accounting, procurement and IT) to support integration with business processes.
3.3 Identify, acquire, manage and define requirements for internal and external resources to execute the information security program.
3.4 Establish and maintain information security architectures (people, process, technology) to execute the information security program.
3.5 Establish, communicate and maintain organizational information security standards, procedures, guidelines and other documentation to support and guide compliance with information security policies.
3.6 Establish and maintain a program for information security awareness and training to promote a secure environment and an effective security culture.
3.7 Integrate information security requirements into organizational processes (for example, change control, mergers and acquisitions, development, business continuity, disaster recovery) to maintain the organization’s security baseline.
3.8 Integrate information security requirements into contracts and activities of third parties (for example, joint ventures, outsourced providers, business partners, customers) to maintain the organization’s security baseline.
3.9 Establish, monitor and periodically report program management and operational metrics to evaluate the effectiveness and efficiency of the information security program.
Domain 4—Information Security Incident Management (18%)
Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.
4.1 Establish and maintain an organizational definition of, and severity hierarchy for, information security incidents to allow accurate identification of and response to incidents.
4.2 Establish and maintain an incident response plan to ensure an effective and timely response to information security incidents.
4.3 Develop and implement processes to ensure the timely identification of information security incidents.
4.4 Establish and maintain processes to investigate and document information security incidents to be able to respond appropriately and determine their causes while adhering to legal, regulatory and organizational requirements.
4.5 Establish and maintain incident escalation and notification processes to ensure that the appropriate stakeholders are involved in incident response management.
4.6 Organize, train and equip teams to effectively respond to information security incidents in a timely manner.
4.7 Test and review the incident response plan periodically to ensure an effective response to information security incidents and to improve response capabilities.
4.8 Establish and maintain communication plans and processes to manage communication with internal and external entities.
4.9 Conduct post-incident reviews to determine the root cause of information security incidents, develop corrective actions, reassess risk, evaluate response effectiveness and take appropriate remedial actions.
4.10 Establish and maintain integration among the incident response plan, disaster recovery plan and business continuity plan.
CISMP - Certificate in Information Security Management Principles
This is an Instructor led course, home work and practice exams also form part of the course.
This course is accredited by ISEB/BCS to provide training for their CISMP examination. The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.
You will be thoroughly prepared to undertake the BCS examination, the examination is part of the course package. The achieved qualification will prove that the holder has a good knowledge and basic understanding of the wide range of subject areas that make up information security management.
To provide students with the skills and knowledge required to pass the "The Certificate in Information Security Management Principles" examination by demonstrating the following:
Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
Understanding of the current business and technical environments in which information security management has to operate;
Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
1. Information Security Management Principles – 10%
1.1 Concepts and definitions
1.2 The need for & benefits of Information Security
2. Information Risk – 10%
2.1 Threats to & vulnerabilities of information systems
2.2 Risk Management
3. Information Security Framework – 20%
3.1 Organisation and responsibilities
3.2 Legal framework
3.3 Security standards and procedures
4. Procedural/people security controls – 15%
4.2 User access controls
5. Technical security controls – 25%
5.1 Protection from malicious software
5.2 Networks and communications
5.3 External services
5.4 Cloud computing
5.5 IT infrastructure
6. Software development – 5%
6.1 Testing, audit & review
6.2 Systems development & support
7. Physical and environmental controls – 5%
8. Disaster recovery and business continuity management – 5%
9. Other technical aspects – 5%
9.1 Investigations & forensics
CISSP - Certified Information Systems Security Professional
Our CISSP is competitive, thorough and exam focused training course. With experience of delivering more than 200 CISSP training events in Europe and around the world and training more than 1800+ CISSP delegates, the Net Security CISSP training material has been developed in house with the highest priority of ensuring CISSP aspirants pass the (ISC)2® CISSP Exam. The CISSP manual covers all relevant concepts, case studies, workshops for key technical areas across the 8 domains. We provide online e-learning training which we recommend attending delegates should complete before they attend the course. ISC2 has recently introduced the new drag and drop questions, these form part of the course. Furthermore, the Trainer shares key CISSP supporting material like books, question dumps, revision documents during the course. We also provide different learning techniques throughout the course and our price is unbeatable with all study aids and experience. If you do not pass first time, then attend again for exam preparation free of charge.
All our trainers have extensive experience in delivering CISSP training events around the world. They are industry certified professionals who deliver our events with pride and passion.
Workshop Activities include:
Various Workshop/Labs allowing delegates to gain practical knowledge and reinforce understanding of the CISSP technical domains
Daily doubt clearing sessions and CISSP questions and discussions in evenings regarding discussed concepts
Demonstrations and real world experience highlighting key points
You will learn to:
Use the knowledge gained in a practical manner beneficial to your organisation
Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography
Secure your network architecture and design (implement Cyber security)
Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance
Enhance IT services secure delivery via Security operations, architecture and design principles
Implement business resiliency via Business Continuity Plan
You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®
The Main Goal:
To pass your CISSP examination first time.
This is THE course for you if you are a professional needing to be CISSP Certified!
Also, anyone who needs to develop a broad and deep knowledge and understanding of IT Security principles and implementation.
1. Security and Risk Management
Understand and apply concepts of confidentiality, integrity and availability
Apply security governance principles
Understand legal and regulatory issues that pertain to information security in a global context
Understand professional ethics
Develop and implement documented security policy, standards, procedures, and guidelines
Understand business continuity requirements
Contribute to personnel security policies
Understand and apply risk management concepts
Understand and apply threat modelling
2. Asset Security
Classify information and supporting assets (e.g., sensitivity, criticality)
Determine and maintain ownership (e.g., data owners, system owners, business/mission owners)
Ensure appropriate retention (e.g., media, hardware, personnel)
Determine data security controls (e.g., data at rest, data in transit)
Establish handling requirements (markings, labels, storage, destruction of sensitive information)
3. Security Engineering
Implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models (e.g., Confidentiality, Integrity, and Multi-level Models)
Select controls and countermeasures based upon systems security evaluation models
Understand security capabilities of information systems (e.g., memory protection, virtualization, trusted platform module, interfaces, fault tolerance)
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
4. Communications and Network Security
Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)
Secure network components
Design and establish secure communication channels
Prevent or mitigate network attacks
5. Identity and Access Management
Control physical and logical access to assets
Manage identification and authentication of people and devices
Integrate identity as a service
Integrate third-party identity services (e.g., on premise)
Implement and manage authorization mechanisms
Prevent or mitigate access control attacks
Manage the identity and access provisioning lifecycle (e.g., provisioning, review)
6. Security Assessment and Testing
Design and validate assessment and test strategies
Conduct security control testing
Collect security process data (e.g., management and operational controls)
Analyse and report test outputs (e.g., automated, manual)
Conduct or facilitate internal and third party audits
7. Security Operations
Understand and support investigations
Understand requirements for investigation types
Conduct logging and monitoring activities
Secure the provisioning of resources
Understand and apply foundational security operations concepts
Employ resource protection techniques
Conduct incident management
8. Software Development Security
Understand and apply security in the software development lifecycle
Enforce security controls in development environments
Assess the effectiveness of software security
Assess security impact of acquired software