Course Outline


  • 1.1 Knowledge of information assurance (IA) principles used to manage risks related to the use, processing, storage and transmission of information or data.
  • 1.2 Knowledge of security management.
  • 1.3 Knowledge of risk management processes, including steps and methods for assessing risk.
  • 1.4 Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • 1.5 Knowledge of different operational threat environments (e.g., first generation [script kiddies], second generation [non-nation state sponsored] and third generation [nation state sponsored]).
  • 1.6 Knowledge of information assurance (IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication and non-repudiation.
  • 1.7 Knowledge of common adversary tactics, techniques, and procedures (TTPs) in assigned area of responsibility (e.g., historical country-specific TTPs, emerging capabilities).
  • 1.8 Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution).
  • 1.9 Knowledge of relevant laws, policies, procedures and governance requirements.
  • 1.10 Knowledge of relevant laws, policies, procedures or governance as they relate to work that may impact critical infrastructure.


  • 2.1 Knowledge of network design processes, to include understanding of security objectives, operational objectives and tradeoffs.
  • 2.2 Knowledge of security system design methods, tools and techniques.
  • 2.3 Knowledge of network access, identity and access management (e.g., public key infrastructure [PKI]).
  • 2.4 Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • 2.5 Knowledge of current industry methods for evaluating, implementing and disseminating information technology (IT) security assessment, monitoring, detection and remediation tools and procedures, utilizing standards-based concepts and capabilities.
  • 2.6 Knowledge of network security architecture concepts, including topology, protocols, components and principles (e.g., application of defence in depth).
  • 2.7 Knowledge of malware analysis concepts and methodology.
  • 2.8 Knowledge of intrusion detection methodologies and techniques for detecting host-and network- based intrusions via intrusion detection technologies.
  • 2.9 Knowledge of defence in depth principles and network security architecture.
  • 2.10 Knowledge of encryption algorithms (e.g., internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE]).
  • 2.11 Knowledge of cryptology.
  • 2.12 Knowledge of encryption methodologies.
  • 2.13 Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [ITCP/IP], Open System Interconnection model [OSI]).
  • 2.14 Knowledge of network protocols (e.g., Transmission Control Protocol and Internet Protocol


  • 3.1 Knowledge of computer network defence (CND) and vulnerability assessment tools, including open source tools, and their capabilities.
  • 3.2 Knowledge of basic system administration, network and operating system hardening techniques.
  • 3.3 Knowledge of risk associated with virtualizations.
  • 3.4 Knowledge of penetration testing principles, tools and techniques (e.g., metasploit, neosploit).
  • 3.5 Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring) and tools.
  • 3.6 Knowledge of remote access technology concepts.
  • 3.7 Knowledge of systems administration concepts.
  • 3.8 Knowledge of Unix command line.
  • 3.9 Knowledge of system and application security threats and vulnerabilities.
  • 3.10 Knowledge of system lifecycle management principles, including software security and usability.
  • 3.11 Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance and reliability.
  • 3.12 Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • 3.13 Knowledge of social dynamics of computer attackers in a global context.
  • 3.14 Knowledge of secure configuration management techniques.
  • 3.15 Knowledge of capabilities and applications of network equipment including hubs, routers, switches, bridges, servers, transmission media and related hardware.
  • 3.16 Knowledge of communication methods, principles and concepts that support the network infrastructure.
  • 3.17 Knowledge of the common networking protocols (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and services (e.g., web, mail, Domain Name System [DNS]) and how they interact to provide network communications.
  • 3.18 Knowledge of different types of network communication (e.g., Local Area Network [LAN], Wide Area Network [WAN], Metropolitan Area Network [MAN], Wireless Local Area Network [WLAN], Wireless Wide Area Network [WWAN]).
  • 3.19 Knowledge of virtualization technologies and virtual machine development and maintenance.
  • 3.20 Knowledge of application vulnerabilities.
  • 3.21 Knowledge of information assurance (IA) principles and methods that apply to software development.
  • 3.22 Knowledge of risk threat assessment.


  • 4.1 Knowledge of incident categories, incident responses and timelines for responses.
  • 4.2 Knowledge of disaster recovery and continuity of operations plans.
  • 4.3 Knowledge of data backup, types of backups (e.g., full, incremental) and recovery concepts and tools.
  • 4.4 Knowledge of incident response and handling methodologies.
  • 4.5 Knowledge of security event correlation tools.
  • 4.6 Knowledge of investigative implications of hardware, operating systems and network technologies.
  • 4.7 Knowledge of processes for seizing and preserving digital evidence (e.g., chain of custody).
  • 4.8 Knowledge of types of digital forensics data and how to recognize them.
  • 4.9 Knowledge of basic concepts and practices of processing digital forensic data.
  • 4.10 Knowledge of anti-forensics tactics, techniques, and procedures (TTPS).
  • 4.11 Knowledge of common forensic tool configuration and support applications (e.g., VMWare, Wireshark).
  • 4.12 Knowledge of network traffic analysis methods.
  • 4.13 Knowledge of which system files (e.g., log files, registry files, configuration files) contain relevant information and where to find those system files.


  • 5.1 Knowledge of new and emerging information technology (IT) and information security technologies.
  • 5.2 Knowledge of emerging security issues, risks, and vulnerabilities.
  • 5.3 Knowledge of risk associated with mobile computing.
  • 5.4 Knowledge of cloud concepts around data and collaboration.
  • 5.5 Knowledge of risk of moving applications and infrastructure to the cloud.
  • 5.6 Knowledge of risk associated with outsourcing
  • 5.7 Knowledge of supply chain risk management processes and practices


There are no set pre-requisites for attending this course

  28 Hours

Testimonials (4)

Related Courses

CISA - Certified Information Systems Auditor

  28 Hours

Related Categories