![]() Operation of hardware (e.g., redundant power, warranty, support)Ĥ.3 - Implement secure communication channels according to designħ.1 - Understand and comply with investigations.Wireless networks (e.g., Li-Fi, Wi-Fi, Zigbee, satellite).Micro-segmentation (e.g., Software Defined Networks (SDN), Virtual eXtensible Local Area Network (VXLAN), Encapsulation, Software-Defined Wide Area Network (SD-WAN)).Converged protocols (e.g., Fiber Channel Over Ethernet (FCoE), Internet Small Computer Systems Interface (iSCSI), Voice over Internet Protocol (VoIP)).Internet Protocol (IP) networking (e.g., Internet Protocol Security (IPSec), Internet Protocol (IP) v4/6).Open System Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) models.Fire prevention, detection, and suppressionĤ.1 - Assess and implement secure design principles in network architectures.Utilities and Heating, Ventilation, and Air Conditioning (HVAC).Wiring closets/intermediate distribution facilities.Digital signatures and digital certificatesģ.7 - Understand methods of cryptanalytic attacksģ.8 - Apply security principles to site and facility design 3.9 - Design site and facility security controls.Cryptographic methods (e.g., symmetric, asymmetric, elliptic curves, quantum).Cryptographic life cycle (e.g., keys, algorithm selection).High-Performance Computing (HPC) systemsģ.6 - Select and determine cryptographic solutions.Cloud-based systems (e.g., Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS)).Methods and techniques to present awareness and training (e.g., social engineering, phishing, security champions, gamification)ģ.1 - Research, implement and manage engineering processes using secure design principlesģ.2 - Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula) 3.3 - Select controls based upon systems security requirements 3.4 - Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption) 3.5 - Assess and mitigate the vulnerabilities of security architectures, designs, and solution. ![]() Risks associated with hardware, software, and servicesġ.13 - Establish and maintain a security awareness, education, and training program.Continuous improvement (e.g., Risk maturity modeling)ġ.11 - Understand and apply threat modeling concepts and methodologies 1.12 - Apply Supply Chain Risk Management (SCRM) concepts.Control assessments (security and privacy).Applicable types of controls (e.g., preventive, detective, corrective).Countermeasure selection and implementation.Vendor, consultant, and contractor agreements and controlsġ.10 - Understand and apply risk management concepts.Onboarding, transfers, and termination processes.Develop and document the scope and the planġ.9 - Contribute to and enforce personnel security policies and procedures.Licensing and Intellectual Property (IP) requirementsġ.6 - Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards) 1.7 - Develop, document, and implement security policy, standards, procedures, and guidelines 1.8 - Identify, analyze, and prioritize Business Continuity (BC) requirements.Contractual, legal, industry standards, and regulatory requirementsġ.5 - Understand legal and regulatory issues that pertain to information security in a holistic context.Organizational roles and responsibilitiesġ.4 - Determine compliance and other requirements.Organizational processes (e.g., acquisitions, divestitures, governance committees).Alignment of the security function to business strategy, goals, mission, and objectives.Confidentiality, integrity, and availability, authenticity and nonrepudiationġ.3 - Evaluate and apply security governance principles. ![]() 1.1 - Understand, adhere to, and promote professional ethicsġ.2 - Understand and apply security concepts
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |