Access Control
- Identify the criteria for mandatory and discretionary access control, understand the different factors that help in implementation of access controls and design an access control plan
- Implement and manage an access control plan in alignment with the basic principles that govern the access control systems such as need-to-know
- Identify different access control systems such as ID cards and biometrics
- Understand the importance of warning banners for implementing access rules
- Develop procedures to ensure system users are aware of their IA responsibilities before granting access to the information systems
Social Engineering, Phishing Attacks, Identity Theft
- Understand various social engineering concepts and their role in insider attacks and develop best practices to counter social engineering attacks
- Design a response plan to identity theft incidences
- Identify and design a plan to overcome phishing attacks
Physical Security
- Identify standards, procedures, directives, policies, regulations, and laws for physical security
- Determine the value of physical assets and the impact if unavailable
- Design, implement and manage a comprehensive, coordinated, and holistic physical security plan to ensure overall organizational security including an audit schedule and performance metrics
Disaster Recovery and Business Continuity Planning
- Develop, implement, and monitor business continuity, business recovery, contingency planning, and disaster recovery plans in case of disruptive events and ensure alignment with organizational goals and objectives
- Direct contingency planning, operations, and programs to manage risk
- Design documentation process as part of the continuity of operations program
- Design and execute a testing and updating plan for the continuity of operations program
- Understand the importance of integration of IA requirements into the Continuity of Operations Plan (COOP).
Firewall, IDS/IPS and Network Defense Systems
- Understand and manage network cloud security
- Identify the appropriate intrusion detection and prevention systems for organizational information security
- Design and develop a program to monitor firewalls and identify firewall configuration issues
- Understand perimeter defense systems such as grid sensors and access control lists on routers, firewalls, and other network devices
- Identify the basic network architecture, models, protocols and components such as routers and hubs that play a role in network security
- Understand the concept of network segmentation
- Manage DMZs, VPN and telecommunication technologies such as PBX and VoIP
- Identify network vulnerabilities and explore network security controls such as use of SSL and TLS for transmission security
- Support, monitor, test, and troubleshoot issues with hardware and software
- Manage accounts, network rights, and access to systems and equipment
Wireless Security
- Identify vulnerability and attacks associated with wireless networks and manage different wireless network security tools
Virus, Trojans and Malware, and other Malicious Code Threats
- Assess the threat of virus, Trojan and malware to organizational security and identify sources and mediums of malware infection
- Deploy and manage anti-virus systems
- Develop process to counter virus, Trojan, and malware threats including training both security teams and non-security teams on secure development processes
Secure Coding Best Practices and Securing Web Applications
- Develop and maintain software assurance programs in alignment with the secure coding principles and each phase of System Development Life Cycle (SDLC)
- Understand various system-engineering practices
- Configure and run tools that help in developing secure programs
- Understand software vulnerability analysis techniques including static code, dynamic code, and software composition analysis.
- Install and operate the IT systems in a test configuration manner that does not alter the program code or compromise security safeguards
- Identify web application vulnerabilities and attacks and web application security tools to counter attacks
OS Hardening
- Identify various OS vulnerabilities and attacks and develop a plan for hardening OS systems
- Understand system logs, patch management process and configuration management for information system security
Encryption Technologies
- Understand the concept of encryption and decryption, digital certificates, public key infrastructure and the key differences between cryptography and steganography
- Identify the different components of a cryptosystem
- Develop a plan for information security encryption techniques
Vulnerability Assessment and Penetration Testing
- Design, develop and implement a penetration testing program based on penetration testing methodology to ensure organizational security
- Identify different vulnerabilities associated with information systems and legal issues involved in penetration testing
- Develop pre and post testing procedures
- Develop a plan for pen test reporting and implementation of technical vulnerability corrections
- Develop vulnerability management systems
Threat Management
- Create and manage a threat management program including threat intelligence, thirdparty threats, and security bulletins regarding hardware and software, particularly open-source software
Incident Response and Computer Forensics
- Develop a plan to identify a potential security violation and take appropriate action to report the incident
- Comply with system termination procedures and incident reporting requirements related to potential security incidents or actual breaches
- Assess potential security violations to determine if the network security policies have been breached, assess the impact, and preserve evidence
- Diagnose and resolve IA problems in response to reported incidents
- Design incident response procedures including testing, table top exercises, and playbooks
- Develop guidelines to determine whether a security incident is indicative of a violation of law that requires special legal action
- Identify the volatile and persistent system information
- Set up and manage forensic labs and programs
- Understand various digital media devices, e-discovery principles and practices and different file systems
- Develop and manage an organizational digital forensic program
- Establish, develop and manage forensic investigation teams
- Design investigation processes such as evidence collection, imaging, data acquisition, and analysis
- Identify the best practices to acquire, store and process digital evidence
- Configure and use various forensic investigation tools
- Design anti-forensic techniques