Executive Summary
Section 1: Cybersecurity Introduction and Overview
Topic 1—Introduction to Cybersecurity
Topic 2— Difference Between Information Security and Cybersecurity
Topic 3—Cybersecurity Objectives
Topic 4—Cybersecurity Roles
Topic 5—Cybersecurity Domains
Section 1—Knowledge Check
Section 2: Cybersecurity Concepts
Topic 1—Risk
Topic 2—Common Attack Types and Vectors
Topic 3—Policies and Procedures
Topic 4—Cybersecurity Controls
Section 2—Knowledge Check
Section 3: Security Architecture Principles
Topic 1—Overview of Security Architecture
Topic 2—The OSI Model
Topic 3—Defense in Depth
Topic 4—Firewalls
Topic 5—Isolation and Segmentation
Topic 6—Monitoring, Detection and Logging
Topic 7A—Encryption Fundamentals
Topic 7B—Encryption Techniques
Topic 7C—Encryption Applications
Section 3—Knowledge Check
Section 4: Security of Networks, Systems, Applications and Data
Topic 1—Process Controls—Risk Assessments
Topic 2—Process Controls—Vulnerability Management
Topic 3—Process Controls—Penetration Testing
Topic 4—Network Security
Topic 5—Operating System Security
Topic 6—Application Security
Topic 7—Data Security
Section 4—Knowledge Check
Section 5: Incident Response
Topic 1—Event vs. Incident
Topic 2—Security Incident Response
Topic 3— Investigations, Legal Holds and Preservation
Topic 4—Forensics
Topic 5— Disaster Recovery and Business Continuity Plans
Section 5—Knowledge Check
Section 6: Security Implications and Adoption of Evolving Technology
Topic 1—Current Threat Landscape
Topic 2—Advanced Persistent Threats
Topic 3—Mobile Technology—Vulnerabilities, Threats and Risk
Topic 4— Consumerization of IT and Mobile Devices
Topic 5—Cloud and Digital Collaboration
Section 6—Knowledge Check
Appendices
Appendix A—Knowledge Statements
Appendix B—Glossary
Appendix C—Knowledge Check Answers
Appendix D—Additional Resources