CompTIA Advanced Security Practitioner CASP+ 國際認可證書課程



本中心現已支援 轉數快 付款。



推介服務:課堂錄影隨時睇
(在家觀看 = 0%,在校觀看 = 100%)

100% 在校觀看日期及時間:
自由選擇,點選以下地區觀看辦公時間及位置

不限$7,680 (地點沒有限制)報名
旺角95折 $7,296 報名 phone
電話:2332-6544
觀塘9折 $6,912 報名 phone
電話:3563-8425
北角9折 $6,912 報名 phone
電話:3580-1893
沙田85折 $6,528 報名 phone
電話:2151-9360
屯門85折 $6,528 報名 phone
電話:3523-1560

課時: 42 小時

享用時期: 14 星期。進度由您控制,可快可慢。

課堂錄影導師:Larry
在校免費試睇:首 3 小時,請致電以上地點與本中心職員預約。

本課程提供在校免費重睇導師解答服務。




推介服務:課堂錄影隨時睇
(在家觀看 = 100%,在校觀看 = 0%)

100% 在家觀看日期及時間:
每天 24 小時全天候不限次數地觀看

學費:$7,680 報名 phone
電話:2332-6544

課時: 42 小時

享用時期: 14 星期。進度由您控制,可快可慢。

課堂錄影導師:Larry
在校免費試睇:首 3 小時,請致電以上地點與本中心職員預約。

本課程提供導師解答服務。




CompTIA (The Computing Technology Industry Association) 於 1982 年成立,擁有超過 2,000 個國際級機構成員,3,000 個學術和合作夥伴,覆蓋了整個信息通信技術 (ICT) 行業,故 CompTIA 已經成為技術生態系統的主要領導者之一。

CompTIA CASP+ 認證是一套中立的 (Vendor Neutral) 國際認證系統,是針對安全架構師 (Security Architects) 和負責領導和提升企業資訊科技安全狀況的高級安全工程師 (Senior Security Engineers) 的高級認證。

CompTIA CASP+ 是唯一針對高級資訊科技安全實踐者 (而非管理人員) 的認證。資訊科技安全管理人員是協助確定可實施的資訊科技安全政策和框架,而 CompTIA CASP+ 認證專業人員則負責在這些政策和框架中實施解決方案。

與其他 CompTIA 認證不同,CompTIA CASP+ 同時涵蓋了安全架構和工程方面的內容。

CompTIA CASP+ 認證是市場上唯一技術領導者,並能評估企業的資訊科技安全狀況,及設計與實施適當的解決方案以確保您的機構能應對下一次攻擊。

CompTIA CASP+ 涵蓋了本地、雲原生和混合環境中的技術技能,以及治理、風險和合規性技能,評估企業的資訊科技安全準備狀況,並帶領技術團隊實施全面的企業資訊科技安全解決方案。

因應世界各地的監管機構和政府依賴美國國家標準協會 ANAB / ANSI 的 ISO 認證,CompTIA CASP+ 認證 (Certification) 本身亦獲得 ISO 17024 認可 (Accreditation) 及美國國防部 “Cyberspace Workforce Qualification and Management Program 8140.03M” 的批核 (Approval),而成為全球認可的知識體系。

自 2011 年起,CompTIA 已向全球超過三百萬名考生提供符合以上標準認可的考試。


CompTIA CASP+

通過 CompTIA CASP+ 認證課程,您將學習到哪些領域的技能?

  • 資訊科技安全架構 (I.T. Security Architecture)
    分析混合網路中的資訊科技安全需求,面向全企業的零信任資訊科技安全架構 (Zero Trust Model),並使用先進的安全雲端和虛擬化解決方案。

  • 資訊科技安全運營 (I.T. Security Operations)
    處理高級威脅管理、漏洞管理、風險緩解、事件應變策略和數位鑑識分析。

  • 治理、風險和合規性 (Governance, Risk and Compliance)
    證明組織整體資訊科技安全狀態符合如 CMMC、PCI-DSS、SOX、HIPAA、GDPR、FISMA、NIST 和 CCPA 等規定。

  • 資訊科技安全工程與密碼學 (Security Engineering and Cryptography)
    端點 (Endpoint) 安全控制、企業移動性、雲端 / 混合環境以及企業級 PKI 和密碼學解決方案的設定。


根據 CompTIA 的描述,CASP+ 認證所提供的知識體系適合以下列各職位人士:

  • Security Architect
  • Cybersecurity Engineer
  • Cyber Risk Analyst
  • Security Operations Center (SOC) Manager
  • Chief Information Security Officer

課程名稱: CompTIA Advanced Security Practitioner CASP+ 國際認可證書課程
- 簡稱:CASP+ Training Course
課程時數: 合共 42 小時 (共 14 堂),共 1 科
適合人士: 有志考取 CompTIA CASP+ 證書人士或對資訊科安全有興趣人士
授課語言: 以廣東話為主,輔以英語
課程筆記: 本中心導師親自編寫英文為主筆記,而部份英文字附有中文對照。

1. 模擬考試題目: 本中心為學員提供模擬考試題目,每條考試題目均附有標準答案。(我們備有大量練習令學員更易通過考試)
2. 時數適中:

本中心的 CompTIA Advanced Security Practitioner CASP+ 國際認可證書課程時數適中,有 42小時。

令學員能真正了解及掌握課程內容,而又能於 4 個月內考獲以下 1 張國際認可證書:

  • CompTIA Advanced Security Practitioner CASP+
3. 導師親自編寫筆記:

資深導師 Larry Chan具備了 28 年以上電腦、網絡、數據庫及雲端保安系統的工作經驗,而最近 24 年更於本中心全職教學。

資深導師 Larry Chan並同時於本中心教授資訊科技安全及雲端安全相關的不同課程, 包括:

  • CompTIA Security+國際認可證書課程
  • ISC2 Certified Cloud Security Professional (CCSP) 國際認可證書課程
  • Microsoft 365 Certified Security Administrator Associate (1 科 Microsoft 365 商務雲端保安) 國際認可證書課程
  • Microsoft Certified Security Operations Analyst Associate (1 科商務雲端保安) 國際認可證書課程
  • Microsoft Certified Information Protection and Compliance Administrator Associate (1 科 Microsoft 365 商務雲端保安) 國際認可證書課程
  • Microsoft Certified Azure Security Engineer Associate (1 科 Azure 雲端保安) 國際認可證書課程
  • Microsoft Certified Cybersecurity Architect Expert (1科混合雲保安) 國際認可證書課程
  • Microsoft Certified Security, Compliance, and Identity Fundamentals (1 科基礎雲端保安) 國際認可證書課程
  • Google Cloud Platform Associate Cloud Engineer (GCP-ACE) 國際認可證書課程
  • Alibaba Cloud Certification Associate (ACA) 國際認可證書課程
  • Amazon Elastic Compute Cloud 雲端服務管理實戰課程
  • Juniper Networks JNCIS-SEC (SRX 實物防火牆及 vSRX 雲端防火牆) 國際認可證書課程
  • Palo Alto Networks Certified Network Security Administrator (PCNSA) 國際認可證書課程
  • 雲端及網路監聽技術 (WireShark 4.0) 課程

資深導師 Larry Chan 親自編寫筆記,絕對適合考試及實際管理之用,令你無須「死鋤」如字典般厚及不適合香港讀書格調的書本。

4. 一人一機上課: 本課程以一人一機模式上課。
5. 免費重讀: 傳統課堂學員可於課程結束後三個月內免費重看課堂錄影。

CompTIA 已公佈考生必須通過以下 1 個 CompTIA CASP+ 相關科目的考試,便可獲發 CompTIA CASP+ 國際認可證書:

考試編號 科目名稱
CAS-004 CompTIA CASP+


本中心為 CompTIA 指定的考試試場。報考時請致電本中心,登記欲報考之科目、考試日期及時間 (最快可即日報考)。臨考試前考生須出示身份證及繳付考試費。

考試編號 CAS-004 考試費為 HK$4,174。

考試題目由澳洲考試中心傳送到你要應考的電腦,考試時以電腦作答。所有考試題目均為英文,而大多數的考試題目為選擇題。作答完成後會立即出現你的分數,結果即考即知!考試不合格便可重新報考,不限次數。欲知道作答時間、題目總數、合格分數等詳細考試資料,可瀏覽本中心網頁
"各科考試分數資料"。


課程名稱:CompTIA Advanced Security Practitioner CASP+ 國際認可證書課程
- 簡稱:CASP+ Training Course

1. Designing a Secure Network Architecture
1.1 Physical, virtual network and security devices
1.1.1 OSI model
1.1.2 Unified threat management
1.1.3 IDS/IPS
1.1.4 Network IDS versus NIPS
1.1.5 Wireless IPS
1.1.6 Inline Encryptors
1.1.7 Network access control
1.1.8 SIEM
1.1.9 Switches
1.1.10 Firewalls
1.1.11 Routers
1.1.12 Proxy
1.1.13 Network address translation gateway
1.1.14 Load balancer
1.1.15 Hardware security module
1.2 Application- and protocol-aware technologies
1.2.1 DLP
1.2.2 WAF
1.2.3 Database activity monitoring
1.2.4 Spam filter
1.2.5 Advanced network design
1.2.6 Remote access
1.2.7 VPN
1.2.8 IPsec
1.2.9 SSH
1.2.10 Remote Desktop Protocol
1.2.11 Virtual Network Computing
1.2.12 Reverse proxy
1.2.13 Network authentication methods
1.2.14 Placement of hardware and applications
1.3 Network management and monitoring tools
1.3.1 Alert definitions and rule writing
1.3.2 Advanced configuration of network devices
1.3.3 Transport security
1.3.4 Port security
1.3.5 Route protection
1.3.6 Distributed DoS protection
1.3.7 Remotely triggered black hole
1.4 Security zones
1.4.1 DMZ

2. Integrating Software Applications into the Enterprise
2.1 Integrating security into the development life cycle
2.1.1 Systems development life cycle
2.1.2 Development approaches
2.1.3 Versioning
2.2 Software assurance
2.2.1 Sandboxing/development environment
2.2.2 Validating third-party libraries
2.2.3 SecDevOps
2.2.4 Defining the DevOps pipeline
2.3 Baseline and templates
2.3.1 Secure coding standards
2.3.2 Application vetting processes
2.3.3 Hypertext Transfer Protocol
2.3.4 (HTTP) headers
2.3.5 Application Programming Interface (API) management
2.4 Considerations when integrating enterprise applications
2.4.1 Customer relationship management (CRM)
2.4.2 Enterprise resource planning (ERP)
2.4.3 Configuration Management Database (CMDB)
2.4.4 Content management systems
2.5 Integration enablers
2.5.1 Directory services
2.5.2 Domain name system
2.5.3 Service-oriented architecture
2.5.4 Enterprise service bus

3. Enterprise Data Security, Including Secure Cloud and Virtualization Solutions
3.1 Implementing data loss prevention
3.1.1 Blocking the use of external media
3.1.2 Print blocking
3.1.3 Remote Desktop Protocol blocking
3.2 Implementing data loss detection
3.2.1 Watermarking
3.2.2 Digital rights management
3.2.3 Network traffic decryption/deep packet inspection
3.2.4 Network traffic analysis
3.3 Enabling data protection
3.3.1 Data classification
3.3.2 Metadata/attributes
3.3.3 Obfuscation
3.3.4 Anonymization
3.3.5 Encrypted versus unencrypted
3.3.6 Data life cycle
3.3.7 Data inventory and mapping
3.3.8 Data integrity management
3.3.9 Data storage, backup, and recovery
3.3.10 Redundant array of inexpensive disks
3.4 Implementing secure cloud and virtualization solutions
3.4.1 Virtualization strategies
3.4.2 Security considerations for virtualization
3.5 Investigating cloud deployment models
3.5.1 Deployment models and considerations
3.5.2 Private cloud
3.5.3 Public cloud
3.5.4 Hybrid cloud
3.5.5 Hosting models
3.5.6 Service models
3.5.7 Software as a service
3.5.8 Platform as a service
3.5.9 Infrastructure as a service
3.5.10 Cloud provider limitations
3.6 Extending appropriate on-premises controls
3.6.1 Micro-segmentation
3.6.2 Jump box
3.6.3 Examining cloud storage models
3.6.4 File-based storage
3.6.5 Database storage
3.6.6 Block storage
3.6.7 Blob storage
3.6.8 Key/value pairs

4. Deploying Enterprise Authentication and Authorization Controls
4.1 Credential management
4.1.1 Single Sign-On (SSO)
4.1.2 Password repository applications
4.1.3 On-premises versus cloud password repository
4.1.4 Hardware key manager
4.1.5 Privileged access management
4.1.6 Password policies
4.2 Identity federation
4.2.1 Transitive trust
4.2.2 OpenID
4.2.3 Security Assertion Markup Language (SAML)
4.3 Access control
4.3.1 Mandatory Access Control (MAC)
4.3.2 Discretionary Access Control (DAC)
4.3.3 Role-based access control
4.3.4 Rule-based access control
4.3.5 Attribute-based access control
4.4 Authentication and authorization protocols
4.4.1 Remote Authentication Dial-In User Server (RADIUS)
4.4.2 Terminal Access Controller Access Control System (TACACS)
4.4.3 Diameter
4.4.4 Lightweight Directory Access Protocol (LDAP)
4.4.5 Kerberos
4.4.6 OAuth
4.4.7 802.1X
4.4.8 Extensible Authentication Protocol (EAP)
4.5 Multi-Factor Authentication (MFA)
4.5.1 Two-Factor Authentication (2FA)
4.5.2 Two-step verification
4.5.3 In-band authentication
4.5.4 Out-of-Band Authentication (OOBA)
4.5.5 One-Time Password (OTP)
4.5.6 HMAC-based One-Time Password (HOTP)
4.5.7 Time-based One-Time Password (TOTP)
4.5.8 Hardware root of trust
4.5.9 JWT

5. Threat and Vulnerability Management
5.1 Intelligence types
5.1.1 Tactical intelligence
5.1.2 Strategic intelligence
5.1.3 Operational intelligence
5.1.4 Commodity malware
5.1.5 Targeted attacks
5.2 Actor types
5.2.1 Advanced persistent threat – nation-state
5.2.2 Insider threat
5.2.3 Competitor
5.2.4 Hacktivist
5.2.5 Script kiddie
5.2.6 Organized crime
5.3 Threat actor properties
5.3.1 Resources
5.3.2 Time
5.3.3 Money
5.3.4 Supply chain access
5.3.5 Capabilities and sophistication
5.3.6 Identifying techniques
5.4 Intelligence collection methods
5.4.1 Intelligence feeds
5.4.2 Deep web
5.4.3 Proprietary intelligence
5.4.4 Open source intelligence
5.4.5 Human intelligence
5.5 Frameworks
5.5.1 MITRE adversarial tactics, techniques, and common knowledge (ATT&CK)
5.5.2 ATT&CK for industrial control systems
5.5.3 The Diamond model of intrusion analysis
5.5.4 Cyber Kill Chain
5.5.5 Threat hunting
5.5.6 Threat emulation
5.6 Indicators of compromise
5.6.1 Packet capture
5.6.2 Logs
5.6.3 Network logs
5.6.4 Vulnerability logs
5.6.5 Operating system logs
5.6.6 Access logs
5.6.7 NetFlow logs
5.6.8 Notifications
5.6.9 File integrity monitoring alerts
5.6.10 SIEM alerts
5.6.11 Data loss prevention alerts
5.6.12 Intrusion detection system and intrusion prevention system alerts
5.6.13 Antivirus alerts
5.6.14 Notification severity and priorities
5.7 Responses
5.7.1 Firewall rules
5.7.2 Intrusion prevention system and intrusion detection system rules
5.7.3 Access control list rules
5.7.4 Signature rules
5.7.5 Behavior rules
5.7.6 Data loss prevention rules
5.7.7 Scripts/regular expressions

6. Vulnerability Assessment and Penetration Testing Methods and Tools
6.1 Vulnerability scans
6.1.1 Credentialed versus non-credentialed scans
6.1.2 Agent-based/server-based
6.1.3 Criticality ranking
6.1.4 Active versus passive scans
6.2 Security Content Automation Protocol (SCAP)
6.2.1 Extensible Configuration Checklist Description Format (XCCDF)
6.2.2 Open Vulnerability and Assessment Language (OVAL)
6.2.3 Common Platform Enumeration (CPE)
6.2.4 Common Vulnerabilities and Exposures (CVE)
6.2.5 Common Vulnerability Scoring System (CVSS)
6.2.6 Common Configuration Enumeration (CCE)
6.2.7 Asset Reporting Format (ARF)
6.2.8 Self-assessment versus third-party vendor assessment
6.2.9 Patch management
6.3 Information sources
6.3.1 Advisories
6.3.2 Bulletins
6.3.3 Vendor websites
6.3.4 Information Sharing and Analysis
6.3.5 News reports
6.4 Testing methods
6.4.1 Static analysis
6.4.2 Dynamic analysis
6.4.3 Side-channel analysis
6.4.4 Wireless vulnerability scan
6.4.5 Software Composition Analysis (SCA)
6.4.6 Fuzz testing
6.5 Penetration testing
6.5.1 Requirements
6.5.2 Box testing
6.5.3 Post-exploitation
6.5.4 Persistence
6.5.5 Pivoting
6.5.6 Rescanning for corrections/changes
6.6 Security tools
6.6.1 SCAP scanner
6.6.2 Network traffic analyzer
6.6.3 Vulnerability scanner
6.6.4 Protocol analyzer
6.6.5 Port scanner
6.6.6 HTTP interceptor
6.6.7 Exploit framework
6.6.8 Password crackers
6.6.9 Dependency management tools

7. Risk Mitigation Controls
7.1 Understanding application vulnerabilities
7.1.1 Race conditions
7.1.2 Buffer overflows
7.1.3 Integer overflow
7.1.4 Broken authentication
7.1.5 Insecure references
7.1.6 Poor exception handling
7.1.7 Security misconfiguration
7.1.8 Information disclosure
7.1.9 Certificate errors
7.1.10 Weak cryptography implementations
7.1.11 Weak ciphers
7.1.12 Software composition analysis
7.1.13 Use of vulnerable frameworks and software modules
7.1.14 Use of unsafe functions
7.1.15 Third-party libraries
7.1.16 Dependencies
7.1.17 End-of-support and end-of-life
7.1.18 Regression issues
7.2 Assessing inherently vulnerable systems and applications
7.2.1 Client-side processing and server-side processing
7.2.2 JSON and representational state transfer
7.2.3 Browser extensions
7.2.4 Hypertext Markup Language 5 (HTML5)
7.2.5 Asynchronous JavaScript and XML (AJAX)
7.2.6 Simple Object Access Protocol (SOAP)
7.3 Recognizing common attacks
7.3.1 Directory traversal
7.3.2 Cross-site scripting
7.3.3 Cross-site request forgery
7.3.4 Injection attacks
7.3.5 Sandbox escape
7.3.6 VM hopping
7.3.7 VM escape
7.3.8 Border Gateway Protocol and route hijacking
7.3.9 Interception attacks
7.3.10 Denial of service and distributed denial of service
7.3.11 Social engineering
7.3.12 VLAN hopping
7.4 Proactive and detective risk reduction
7.4.1 Hunts
7.4.2 Developing countermeasures
7.4.3 Deceptive technologies
7.4.4 Security data analytics
7.5 Applying preventative risk reduction
7.5.1 Application control
7.5.2 Security automation
7.5.3 Physical security

8. Implementing Incident Response and Forensics Procedures
8.1 Understanding incident response planning
8.1.1 Understanding the incident response process
8.1.2 Preparation
8.1.3 Detection
8.1.4 Analysis
8.1.5 Containment
8.1.6 Eradication and recovery
8.1.7 Lessons learned
8.1.8 Specific response playbooks/processes
8.1.9 Non-automated response methods
8.1.10 Automated response methods
8.1.11 Communication plan
8.2 Understanding forensic concepts
8.2.1 Forensic process
8.2.2 Chain of custody
8.2.3 Order of volatility
8.2.4 Memory snapshots
8.2.5 Images
8.2.6 Evidence preservation
8.2.7 Cryptanalysis
8.2.8 Steganalysis
8.3 Using forensic analysis tools
8.3.1 File carving tools
8.3.2 Binary analysis tools
8.3.3 Analysis tools
8.3.4 ExifTool
8.3.5 Imaging tools
8.3.6 Hashing utilities
8.3.7 Using live collection and post-mortem tools

9. Enterprise Mobility and Endpoint Security Controls
9.1 Implementing enterprise mobility management
9.1.1 Managed configurations
9.1.2 Application control
9.1.3 Passwords
9.1.4 Multi-factor authentication requirements
9.1.5 Patch repositories
9.1.6 Patch repositories
9.1.7 Firmware over-the-air (FOTA)
9.1.8 Remote wipe options
9.1.9 Wi-Fi
9.1.10 Wi-Fi protected access (WPA2/3)
9.1.11 Device certificates
9.1.12 Device profiles
9.1.13 Bluetooth
9.1.14 Near-field communication
9.1.15 Peripherals
9.1.16 Geofencing
9.1.17 Geotagging
9.1.18 Full device encryption
9.1.19 Tethering
9.1.20 Airplane mode
9.1.21 Location services
9.1.22 DNS over HTTPS (DoH)
9.1.23 Custom DNS settings
9.1.24 Deployment scenarios
9.1.25 Bring your own device challenges
9.1.26 Corporate-owned devices
9.1.27 Corporate-owned, personally enabled (COPE) devices
9.1.28 Choose your own device (CYOD) challenges
9.2 Security considerations for mobility management
9.2.1 The unauthorized remote activation and deactivation of devices or features
9.2.2 Encrypted and unencrypted communication concerns
9.2.3 Physical reconnaissance
9.2.4 Personal data theft
9.2.5 Health privacy
9.2.6 The implications of wearable devices
9.2.7 The digital forensics of collected data
9.2.8 Unauthorized application stores
9.2.9 Containerization
9.2.10 Original equipment manufacturer (OEM) and carrier differences
9.2.11 Supply chain issues
9.2.12 The use of an eFuse
9.3 Implementing endpoint security controls
9.3.1 Hardening techniques
9.3.2 Compensating controls

10. Security Considerations Impacting Specific Sectors and Operational Technologies
10.1 Identifying regulated business sectors
10.1.1 Energy sector
10.1.2 Manufacturing
10.1.3 Healthcare
10.1.4 Public utilities
10.1.5 Public services
10.1.6 Facility services
10.2 Understanding embedded systems
10.2.1 Internet of things
10.2.2 System on a chip
10.2.3 Application-specific integrated circuits
10.2.4 Field-programmable gate array
10.3 Understanding ICS/SCADA
10.3.1 PLCs
10.3.2 Historian
10.3.3 Ladder logic
10.3.4 Safety instrumented system
10.3.5 Heating, ventilation, and air conditioning
10.4 Understanding OT protocols
10.4.1 Controller area network bus (CANBus)
10.4.2 Modbus
10.4.3 Distributed Network Protocol 3.0
10.4.4 Zigbee
10.4.5 Common Industrial Protocol
10.4.6 Data Distribution Service

11. Implementing Cryptographic Protocols and Algorithms
11.1 Understanding hashing algorithms
11.1.1 Secure Hashing Algorithm (SHA)
11.1.2 Hash-Based Message Authentication Code (HMAC)
11.1.3 Message Digest (MD)
11.1.4 RACE integrity primitives evaluation message digest (RIPEMD)
11.2 Understanding symmetric encryption algorithms
11.2.1 Block ciphers
11.2.2 Stream ciphers
11.3 Understanding asymmetric encryption algorithms
11.3.1 Rivest, Shamir, and Adleman (RSA)
11.3.2 Digital Signature Algorithm (DSA)
11.3.3 Elliptic-curve Digital Signature Algorithm (ECDSA)
11.3.4 Diffie-Hellman (DH)
11.3.5 Elliptic-curve Cryptography (ECC)
11.3.6 Elliptic-curve Diffie-Hellman (ECDH)
11.4 Understanding encryption protocols
11.4.1 Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
11.4.2 Secure/Multipurpose Internet Mail Extensions (S/MIME)
11.4.3 Internet Protocol Security (IPSec)
11.4.4 Secure Shell (SSH)
11.4.5 Key stretching
11.4.6 Password salting
11.4.7 Password-based key derivation function 2 (PBKDF2)
11.5 Understanding emerging security technologies
11.5.1 Quantum computing
11.5.2 Blockchain
11.5.3 Homomorphic encryption
11.5.4 Biometric impersonation
11.5.5 3D printing

12. Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs
12.1 Understanding the PKI hierarchy
12.1.1 Certificate authority
12.1.2 Registration authority
12.1.3 Certificate revocation list
12.1.4 Online Certificate Status Protocol
12.2 Understanding certificate types
12.2.1 Wildcard certificate
12.2.2 Extended validation
12.2.3 Multi-domain
12.2.4 General-purpose
12.2.5 Certificate usages/templates
12.3 Understanding PKI security and interoperability
12.3.1 Trusted certificate providers
12.3.2 Trust models
12.3.3 Cross-certification certificate
12.3.4 Life cycle management
12.3.5 Certificate pinning
12.3.6 Certificate stapling
12.3.7 CSRs
12.3.8 Common PKI use cases
12.3.9 Key escrow
12.4 Troubleshooting issues with cryptographic implementations
12.4.1 Key rotation
12.4.2 Mismatched keys
12.4.3 Improper key handling
12.4.4 Embedded keys
12.4.5 Exposed private keys
12.4.6 Crypto shredding
12.4.7 Cryptographic obfuscation
12.4.8 Compromised keys

13. Applying Appropriate Risk Strategies
13.1 Understanding risk assessments
13.1.1 Qualitative risk assessments
13.1.2 Quantitative risk assessments
13.1.3 Gap analysis
13.2 Implementing risk-handling techniques
13.2.1 Transfer
13.2.2 Accept
13.2.3 Avoid
13.2.4 Mitigate
13.2.5 Risk types
13.3 Understanding the risk management life cycle
13.3.1 Department of Defense Risk Management Framework
13.3.2 NIST Cybersecurity Framework (CSF)
13.3.3 Understanding risk controls
13.4 Understanding risk tracking
13.4.1 Key performance indicators
13.4.2 Key risk indicators
13.4.3 Risk appetite
13.4.4 Risk tolerance
13.4.5 Trade-off analysis
13.5 Managing risk with policies and security practices
13.5.1 Separation of duties (SoD)
13.5.2 Job rotation
13.5.3 Mandatory vacation
13.5.4 Least privilege
13.5.5 Employment and termination procedures
13.5.6 Training and awareness for users
13.5.7 Auditing requirements and frequency
13.6 Explaining the importance of managing and mitigating vendor risk
13.6.1 Vendor lock-in
13.6.2 Vendor Lock-Out
13.6.3 Vendor viability
13.6.4 Merger or acquisition risk
13.6.5 Meeting client requirements
13.6.6 Ongoing vendor assessment tools

14. Compliance Frameworks, Legal Considerations, and Their Organizational Impact
14.1 Security concerns associated with integrating diverse industries
14.1.1 Data considerations
14.1.2 Understanding geographic considerations
14.1.3 Third-party attestation of compliance
14.2 Understanding regulations, accreditations, and standards
14.2.1 Understanding legal considerations
14.2.2 Application of contract and agreement types

15. Business Continuity and Disaster Recovery Concepts
15.1 Conducting a business impact analysis
15.1.1 Maximum Tolerable Downtime (MTD)
15.1.2 Recovery Time Objective (RTO)
15.1.3 Recovery Point Objective (RPO)
15.1.4 Recovery service level
15.1.5 Mission-essential functions
15.1.6 Privacy Impact Assessment (PIA)
15.1.7 Preparing a Disaster Recovery Plan/Business Continuity Plan
15.1.8 Backup and recovery methods
15.2 Planning for high availability and automation
15.2.1 Scalability
15.2.2 Resiliency
15.2.3 Automation
15.2.4 Content Delivery Network (CDN)
15.2.5 Testing plans
15.3 Explaining how cloud technology aids enterprise resilience
15.3.1 Using cloud solutions for business continuity and disaster recovery (BCDR)
15.3.2 Infrastructure versus serverless computing
15.3.3 Collaboration tools
15.3.4 Storage configurations
15.3.5 Cloud Access Security Broker (CASB)

16. Operations Security and Safety
16.1 Physical/Logical Operations
16.1.1 Facilities and Redundancy
16.1.2 American Society of Heating, Refrigerating and Air-Conditioning Engineers (ASHRAE)
16.1.3 Power Redundancy
16.1.4 Power Provider Redundancy
16.1.5 Power Line Redundancy
16.1.6 Power Conditioning and Distribution Redundancy
16.1.7 Communications Redundancy
16.1.8 Personnel Redundancy
16.1.9 Security Redundancy
16.1.10 Holistic Redundancy: The Uptime Institute Tiers
16.1.11 Virtualization Operations
16.1.12 Instance Isolation
16.1.13 Storage Operations
16.1.14 Physical and Logical Isolation
16.2 Security Operations Center
16.2.1 Continuous Monitoring
16.2.2 Incident Management


回到頂端 keyboard_arrow_up