Domain 1: Security and Risk Management
- Defining Security Management
- Threats, Vulnerabilities, and Attacks
- Risk Assessment & Management
- Risk Analysis Process
- Security Policies and Procedures
- The Objectives of a Security Policy
- Security Policy Implementation
- Information Classification in Security
- Computer Crimes and the Common Law System
- Computer Security, Privacy and Crime Laws
- Important Computer Privacy Laws
- Intellectual Property Law
- Liability Laws
- The Internet Activities Board (IAB) Ethics and the Internet
- The Computer Ethics Institute's Ten Commandments of Computer Ethics
- The U.S. Department of Health, Education and Welfare Code of Fair Information Practices
- The Organization for Economic Cooperation and Development (OECD)
- The (ISC)2 Code of Ethics
Domain 2: Asset Security
- Information Classification in Security
- Information Privacy and Privacy Laws
- Organizational Privacy Policies
- Privacy-Related Legislation and Guidelines
- Media Resource Protection and Security Controls
- Media Viability and Physical Access Controls
- Desktop Vulnerabilities and Safeguards
Domain 3: Security Architecture and Engineering
- Security Policy and Computer Architecture
- Using Security Mechanisms to Enhance Security
- Information Security Models
- Orange Book Controls
- Data Warehousing
- The Data Mining Process
- What is a Data Dictionary?
- Encryption in Cryptography
- Advanced Encryption Standard (Rinjndael)
- Digital Certificates: PKI
- Key Pair Usage
- Components of Public Key Infrastructure
- Private Key Protection
- Key Management Lifecycle
- Certification Expiration and Revocation List
- Software and Hardware Storage of Keys
- The M of N Control Policy
Domain 4: Communications and Network Security
- All About the Central Processing Unit (CPU)
- Types of Computer Memory
- All About Database Management
- Communication and Network Security
- Types of Networks
- Types of Network Topologies
- OSI Reference Model: Network Security
- Inter-OSI Layer Interaction
- TCP/IP Layers
- TCP/IP Protocols
- Transfer and Application Layer Protocols
- Point-to-Point Protocol (PPP)
- Point-to-Point Tunneling Protocol (PPTP)
- Layer 2 Tunneling Protocol (L2TP)
- IP Security Protocol (IPSec)
- Voice Communications in Network Security
- Using Coaxial Cables to Build Network
- Twisted Pair Cables Used to Build Networks
- Fiber Optic Cables
- Wireless Networks
- Use of Bluetooth in Networking
- Using IrDA in Networking
- Primary Networking Devices
- Types of Ethernet
- Tokens and Token Rings
- Areas of the Network
- Common Data Network Services
- Types of Data Networks
- WAN Technologies
- Network Address Translation
- Connecting Systems to a Remote Location
- All About VPNs: Applications and Remote Access
- Email Security
Domain 5: Identity and Access Management
- Access Control and Accountability
- Identification and Authentication
- Access Control Types
- Authentication Protocols
- Single Sign-On (SSO)
- Centralized Access Control
- Methods Used to Bypass Access Control
- Exploits and Attacks to Gain Control
- Covert Channel Analysis
- Access Control Methodologies and Remote Access Authentication Systems
- Remote Authentication Dial-In User Service (RADIUS) and DIAMETER
- Terminal Access Controller Access Control System
- About Physical Security
- Technical Physical Security Controls
- Administrative Physical Security Controls
- Security of Data Storage Devices
- Physical Access Controls
Domain 6: Security Assessment and Training
- Penetration Testing
- Alternative Methods for Testing Security
- Employees and Operational Security
- Security Education, Training and Awareness (SETA)
- Environmental and Personnel Safety
- Trusted Facility Management
- Trusted Recovery, Failure Preparation, and System Recovery
- Electromagnetic Interference (EMI) and Radio Frequency Interference (RFI)
- Database Recovery Definitions
- HVAC, Water and Fire Detection in Electronic-Heavy Environments
- Using Fire Suppression Systems to Protect Electronics
- Business Continuity Planning and Disaster Recovery Planning
- Business Continuity Planning: Project Scope and Planning
- Business Continuity Planning: The Continuity Planning Process
- Business Continuity Planning: Plan Approval and Implementation
- Business Continuity Planning: BCP Documentation
- Business Continuity Planning: Business Impact Assessment (BIA)
- Disaster Recovery: Disaster Categories
- Disaster Recovery: Recovery Strategies
- Disaster Recovery: Hot, Cold and Warm Sites
- Mutual Assistance Agreements (MAAs)
Domain 7: Security Operations
- Controls for Operational Security
- About Operations Controls
- Auditing, Monitoring, and Intrusion Detection
- Monitoring and Intrusion Detection
- Knowledge-Based and Behavior-Based IDS
- The Knowledge Management Tool
- Malicious Code, Viruses, and Worms
- Logic Bombs, Trojan Horses, and Active Content
- Computer Forensics
- The Computer Crime Investigation Process
Domain 8: Software Development Security
Basic Network Components
Which of the following is a component that provides resources over a network?
- Client
- LAN
- Router
- Server
Show answer and Breakdown
Answer: The correct answer is 4.
Breakdown: A server provides or “serves” up resources to a network. Examples of resources are access to email, pages on a web server, or files on a file server.
Show answer and Breakdown
Answer: The correct answer is 4
Breakdown: A server provides or “serves” up resources to a network. Examples of resources are access to email, pages on a web server, or files on a file server.