- Network Administrator
- Application Developer
- Security Officer
- Quality Manager
- Operational Manager
1. TCP/IP Networking
- Describe what a node is.
- Describe how nodes can be connected to each other.
- Explain the concepts of TCP/IP addressing of both IP v4 and IP v6.
- Describe the layers and main functionalities of the OSI and TCP/IP models.
- Explain the main network protocols, what their functionality is and how they fit into the OSI and TCP/IP reference models.
2. Computer Systems
- Explain the components of a computer system.
- Describe how an operating system works.
- List the main operating systems.
- Identify the most prevalent types of computer system vulnerabilities.
- Identify the main security measures related to computer systems.
3. Applications & Databases
- Explain the different methods and phases of the systems development life cycle.
- Describe the advantages and disadvantages of each of the different methods of the systems development lifecycle.
- Explain how to address security during the systems development life cycle.
- Describe the different database models.
- Explain the functionality of the database and the database management systems.
- Describe the prevalent security issues related to applications development and databases.
- Explain the countermeasures against security issues related to applications and databases.
- Differentiate between symmetric and asymmetric encryption.
- Identify encryption algorithms and standards.
- Digital Signatures, Hashing
- Explain how hashing provides for the integrity of digital information.
- Describe the main hashing standards.
- Describe the components, parties and processes of a public key infrastructure.
- Explain what digital certificates and their use cases are.
- Explain the technology and use cases of SSL/TLS.
- Explain the technology and use cases of IPSec.
5. Identity & Access Management
- Differentiate between identification and authentication.
- Describe the main technologies of authentication and two-factor authentication.
- Explain biometrics and their use cases.
- Explain the concepts and different types of Single sign-on (SSO).
- Explain password management and its use cases.
- Describe how the principles of Need to know, Least privilege and Separation of Duties (SoD) relate to authorization.
- Describe authorization models such as role-based access control (RBAC) and attribute-based access control (ABAC).
- Describe the specifications and functionality of OpenID Connect and OAuth.
6. Cloud Computing
- Differentiate between the deployment models public cloud, private cloud and hybrid cloud.
- Explain the service models SaaS, PaaS, IaaS, SECaaS and IDaaS.
- Identify the risks of cloud computing.
7. Exploiting Vulnerabilities
- Identify the main attack categories of cybercrime.
- Recognize Black hat hackers, White hat hackers, Grey hat hackers, Script kiddies and Hacktivists.
- Identify which tools cybercriminals use.
- Identify the steps cybercriminals take to exploit vulnerabilities