1
Q
Automation tool that models the behavior of humans and machines
A
UEBA (User Entity Behavior Analytics)
2
Q
Often used to simplify complex data and tell a story
A
Data Visualization
3
Q
Automation tool for real time data capture, event correlation analysis, and reporting
A
SIEM
4
Q
Automation tool that combines multiple threat intelligence feeds
A
TIP (Threat Intelligence Platform)
5
Q
Automation tool that allows an organization to define incident analysis and response procedures in a digital workflow
A
SOAR (Security Orchestration Automation Response)
SGreene
flashcards
Decks in class (126)
# Cards
-
1.1 Understand, Adhere, and Promote Professional Ethics1
-
1.2 Understand and Apply Security Concepts1
-
1-4.3 Privacy Principles5
-
1-4.4 Cybercrime and Data Breaches5
-
1-5.1 Investigation Objectives and Requirements5
-
1-6.1 Governance Documents5
-
1-7.1 Business Continuity Planning5
-
1-7.2 Business Impact Analysis5
-
1-8.1 Workplace Lifecycle Security5
-
1-8.2 Workforce and Third-Party Policies and Agreements5
-
1-9.1 Risk Basics5
-
1-9.2 Risk Assessment5
-
1-9.3 Risk Analysis5
-
1-9.4 Risk Response and Treatment5
-
1-9.5 Risk Mitigation Controls5
-
1-9.6 Monitoring, Reporting, and Maturity5
-
1-10.1 Threat Actors and Attributes5
-
1-10.2 Attack Vectors - Digital Infrastructure5
-
1-10.3 Attack Vectors - People5
-
1-10.3 Attack Vectors - Code5
-
1-10.5 Threat Modeling and Intelligence5
-
1-11.1 Supply Chain Relationships and Risks5
-
1-11.2 Supply Chain Risk Management and Mitigation5
-
1-12.1 SETA Principles and Practices5
-
1-12.2 Emerging SETA Trends5
-
2-13.1 Asset Classification5
-
2-14.1 Asset Handling Requirements5
-
2-15.1 Asset Management5
-
2-16.1 Manage Data Lifecycle5
-
2-16.2 Data Collection, Retention, and Archiving5
-
2-16.3 Data Deletion and Destruction5
-
2-17.1 Asset Retention and Retirement5
-
2-18.1 Control Baselines5
-
2-18.2 Data Protection Methods5
-
3-19.1 Secure Design Principles5
-
3-19.2 Trust and Secure Access Service Edge5
-
1-20.1 Information Security Models5
-
3-21.1 Security Evaluation Criteria5
-
3-22.1 Trusted Computing Base5
-
3-23.1 Client, Server, and Distributed Computing5
-
3-23.1 Databases and Database Management Systems5
-
3-23.3 Operation Technology6
-
3-23.4 Cloud-based Systems5
-
3-23.5 Internet of Things and IIoT5
-
3-23.6 Virtualization5
-
3-23.7 Automation and Solution Elements5
-
3-24.1 Cryptography Primer5
-
3-24.2 Encryption5
-
3-24.3 Hashing and Digital Signatures5
-
3-24.4 PKI and Digital Certificates5
-
3-24.5 Emerging Cryptography5
-
3-25.1 Cryptographic Attacks5
-
3-25.2 Post-Exploitation Attacks5
-
3-25.3 Ransomware5
-
3-26.1 Physical Security Principles5
-
3-27.1 Site and Building Controls5
-
3-27.2 Environmental Impact5
-
3-28.1 Information System Lifecycle5
-
4-29.1 Network Models5
-
4-29.2 Internet Protocol5
-
4-29.3 Secure Protocols5
-
4-29.4 Multilayer and Converged Protocols5
-
4-29.5 Transport Architecture5
-
4-29.6 Segmentation5
-
4-29.7 Microsegmentation5
-
4-29.8 Wireless Architecture5
-
4-29.9 Wi-Fi Networks5
-
4-29.10 Virtual Private Cloud5
-
4-29.11 Continuous Monitoring5
-
4-30.1 Transmission Media5
-
4-30.2 Network Access Control5
-
4-30.3 Endpoint Security5
-
4-31.1 Voice, Video, and Collaboration (CDN)5
-
4.31.2 Secure Remote Access Communications5
-
5-32.1 Access Control Fundamentals5
-
5-33.1 Identify Management5
-
5-33.2 Authentication and Credential Management5
-
5-33.3 Biometric Authentication5
-
5-34.1 Federated Identity Management5
-
5-35.1 Authorization and Access Controls5
-
5-36.1 Identity and Access Management5
-
5-37.1 Implementing Authentication5
-
5-37.2 Authentication and Access Control Attacks5
-
6-38.1 Assessment and Audit Strategies5
-
6-38.2 Planning Engagements5
-
6-39.1 Vulnerability Testing and Assessment5
-
6-39.2 Penetration Testing and Attack Simulations5
-
6-39.3 Code and Interface Testing5
-
6-40.1 Operational and Management Metrics5
-
6-40.2 SETA Measures and Metrics5
-
6-41.1 Response and Disclosure5
-
6-42.1 Security Auditing5
-
7-43.1 Evidence Handling5
-
7-43.2 Forensic Examination5
-
7-44.1 Conduct Logging and Monitoring Activities5
-
7-44.2 Log Analysis, Detection, and Response Tools5
-
7-45.1 Configuration Management5
-
7-46.1 Security Operations5
-
7-47.1 Media Management5
-
7-47.2 Mobile Device Management5
-
7-48.1 Incident Management5
-
7-48.2 Incident Response5
-
7-49.1 Firewalls and Intrusion Detection5
-
7-49.2 Web Filtering & Sandboxing5
-
7-49.3 Malware5
-
7-49.4 Honeypots5
-
7-49.5 Artificial Intelligence5
-
7-50.1 Vulnerability and Patch Management5
-
7-51.1 Change Management5
-
7-52.1 Backup and Recovery5
-
7-52.2 Resiliency Strategies5
-
7-53.1 Disaster Response and Recovery5
-
7-54.1 DRP Training, Testing, and Communications5
-
7-55.1 Business Continuity Integration5
-
7-56.1 SOC Security5
-
7-57.1 Workplace Safety5
-
8-58.1 Software Developement Lifecycle5
-
8-58.2 Software Development Collaboration and Maturity Models5
-
8-59.1 Development Ecosystem5
-
8-59.2 Secure Staging5
-
8-59.3 Application Security Testing5
-
8-60.1 Software Security Assessment5
-
8-61.1 Software Procurement and Acquisition5
-
8-62.1 Source Code Vulnerabilities5
-
8-62.2 Input and Output Validation5
-
8-62.3 Secure Coding Practices5
