Cylabs
  • 😊Welcome to CyLabs
  • 101 Series
    • Cyber Security 101
      • Introduction to Cyber Security and core concepts
      • Getting Started into Cyber Security Career
      • Online Cybersecurity Practice Labs to Sharpen Your Skills
      • Cyber Security Interview Q&A
        • Careers in Cybersecurity
      • Stay Tuned : Cyber Resources
        • Blogs for Cyber Security
          • Blogs
            • Penetration Testing Automation
            • Security
              • Metasploit Framework
              • Jenkins Servers: Identifying Vulnerabilities and Exploiting Unauthenticated Access with Groovy Scrip
              • Securing Your Network: Printer Vulnerabilities, LDAP Exploits, and Defense Strategies
              • SSH for Red Teaming and Security Analysis
              • Operating Systems for Penetration Testing: Enhancing Your Cybersecurity Arsenal
              • Hacking Notes
                • Phineas Fisher
        • Cyber News
        • Leading Cybersecurity Companies to follow
        • Cybersecurity Courses and Certifications: Trends in 2024
        • ISACs: Enhancing Cybersecurity through Collaboration and Information Sharing
        • Global and National Cybersecurity Agencies: Guardians of the Digital Realm
        • Cyber Security News Feed Resources
    • Kubernetes 101
    • Web 101
    • Operating Systems
      • Linux 101
        • Linux Kernel
        • Basic Commands and Usage
          • Shell Commands
        • Linux File System
        • apt
        • su and sudo
        • File Search
        • Linux Services
        • Networking
          • Netcat
        • Corn Jobs
        • Shell Scripting
        • Linux OS API's
      • Windows 101
        • Windows system calls
        • Windows Event Logs and IDs
        • Windows UAC
        • Windows Registry
        • Windows Bit Locker
        • Volume Shadow Copy Service
        • Windows OS API's
    • Building the Security Lab
      • Virtualization with Virtual Box
        • Installing and setting Virtual Box
        • Vritual Box Networking
      • Home Lab Setup
        • PF Sense Installation
        • Ubuntu Installation
        • Metasploit Installation
        • Kali Linux Installation
    • Fundamentals of Programming
      • Python 101
      • Powershell 101
      • SQL 101
    • AI/ML and Data Science for Cyber Security and Analytics
    • IT Infrastructure and Hardware
    • Governance, Risk and Compliance
    • Networking 101
      • Network Packets and Frames
      • Network Switches and Routers: The Backbone of Connectivity
      • Network Security Devices and Strategies
      • Network Design and Architecture: A Foundation for Robust Connectivity
      • Specialized Network Equipment and Functions
      • Network Traffic Management and Analysis
      • Advanced Networking Concepts
      • ARP and RARP
      • How DNS, HTTP and HTTPS works
      • Understanding the Basics of Networking
  • Introduction to Cyber Security Operations
    • Security Architecture and Engineering
      • Security Controls
        • Preventive
        • Deterrent
        • Detective
        • Corrective
        • Compensating
        • Directive
    • GRC
      • Information Security and Risk Management
        • Risk Management
        • Supply Chain Risk Management
        • Governance
        • Asset Management
        • Cyber Security Road Map
        • Cyber Security Controls
        • Cyber Security Strategy and Architecture
        • Cyber Security Architecture
        • Risk Assessment and Security Questionnaire
        • Ransomware Prevention
        • Gap Assessment
        • Principle of Least Privilege
      • Governance
      • Asset Security
      • Communication and Network Security
      • Identity and Access Management
      • Security Assessment and Testing
      • Security Operations
      • Software Development Security
      • Security Baselines
      • Security Reporting
      • Data Loss Prevention
      • Zero Trust
      • MFA
      • Compliance
    • Security Policies and Procedures
    • Offensive Security
      • Stages of Penetration Testing
    • Cyber Defense
      • Security Operations Center (SOC)
        • SOC Architecture Development with ELK Stack:
      • Different Classes of Threat Actor
    • Security Principles, Controls and Strategies
      • Defense in Depth
      • Least Privilege
      • Zero Trust
  • Cyber Security Assessment
    • Planning and Scoping
      • Security Engagement
      • Security Assessment Questionaire
      • Who Targeting you
    • Reconnaissance
      • Active Recon
        • Tools
          • NMAP
          • Maascan
          • Recon-NG
          • Maltego
          • Spider Foot
          • Whois
          • TraceRoute
          • Amass
          • The Harvester
          • Nslookup
          • DNS Dumpster
          • BloodHound
          • Relay Attacks
          • Packet Crafting
          • NMAP+Proxychains+TOR
      • Passive Reconnaissance
        • Network Sniffing
          • Wireshark
          • TCPDump
        • Whois (online services)
        • EMail Account Enumeration
          • Hunter.io
        • Search Engine Analysis
          • Google Hacking Database
          • Shodan
          • Censys.io
        • Information Disclousre
        • Banner Grabbing
        • HTML Scrapping
        • Certificate Transparency Logs
        • Open Source Intelligence (OSINT)
          • Ship OSINT
          • Social Media
          • Code Repositories
          • Darkweb Analysis
          • DNS
          • Cached Pages
          • Password Dumps
          • Anonymity
    • Enumeration
      • OS Finger Printing
      • Service Discovery
      • Protocol Enumeration
      • DNS Enumeration
      • FTP Service
      • HTTP/HTTPS
      • WMI
      • DCOM
      • RPC Remote Procedure Call
      • Directory Enumeration
      • Host Discovery
      • Share Enumeration
        • SMB
      • Local User Enumeration
      • Email Account Enumeration
      • SSH Service
      • Wireless Enumeration
        • Wigle.net
        • InSSIDer
        • Aircrack-ng
      • Permission Enumeration
      • Secrets Enumeration
        • Passwords
        • Session Tokens
        • Cloud Access Keys
      • Attack Path Mapping
      • VNC
      • Web Application Firewall
      • Wordpress Scan
      • Remote Desktop Protocol
      • SNMP
      • SMTP
      • Web Crawling
        • Platform Plugins
        • Sitemap
        • Robots.txt
      • Active Directory Enumeration
    • Vulnerability Assessment and Management
      • Terminology
      • Vulnerability Database
      • Vulnerability Scoring
        • CWE
        • CVSS
        • CVE
        • EPSS
      • Vulnerability Scan
        • Authenticated vs Unauthenticated Scans
        • OS Security Assessment
        • Tenable
        • Nikto
        • Open VAS
      • Exploit Databases
      • Tools
        • Tenable.IO
        • Open VAS
    • Exploitation
      • Attack Surface and Target Prioritization
        • High Valued Assets and Identification
        • Vulnerability Metrics
        • End of Life Softwares
        • Default Configuration
        • Running Services
        • Vulnerable Encryption Methods
        • Defensive Capabilities
        • Attack Path
      • Attack Types
        • Network Attacks
          • Virtual LAN Hopping
          • Packet Crafting
            • Attacks Scenario
          • Default Credentials
          • On-Path / Man in the Middle Attacks
          • Certificate Services Attacks
      • Host Based Attacks
        • Privilege Escalation
        • Credential Dumping
        • Shell Escape
        • UAC Bypass
        • Payload Obfuscation
        • Endpoint Security Bypass
        • Process Hallowing
        • Log Tampering
        • DLL Injection
        • Service Path Injection
      • Authentication Attacks
        • LDAP Injection
        • SAML Attacks
        • Open ID Connect Attacks
        • Dictionary Attacks
        • Credential Stuffing
        • MFA Fatigue
        • Pass the Hash attacks
        • Kerberos Attacks
        • Pass the Ticket Attacks
      • Vulnerable Encryption Methods
      • Tools
        • Metsploit
        • Netcat
        • LOLbins
        • Mimikatz
        • Rubeus
        • Certify
        • AD Search
        • Powerview
        • SeaBelt
        • Evil winRM
        • PSEXEC
        • Powersploit
        • Metasploit
        • Impacket
        • Responder
        • CrackMapExec
        • Msfvenom
        • Responder
        • Searhsploit
        • Powersploit
      • Password Attacks
        • Password Cracking
        • Password Spraying
        • Tools
          • Medusa
          • Burpsuite
          • John the Ripper
          • Hydra
          • Hashcat
        • Password Attacks
    • Lateral Movement
      • Relay Creation
      • String Searches
      • Service Discovery
      • Tunneling
        • SSH Tunneling
      • Pivoting
      • Exfiltration
        • DNS
        • HTTPS
        • EMail
        • Cloud Storage
      • Tools
        • sshuttle
        • Page 1
    • Post Exploitation
      • Persistance
        • Scheduled Taks
        • Bind Shell
        • Registry Keys
        • C2 Frameworks
        • Tampering Security Controls
        • Back Door
          • Trojan
          • Root Kit
          • Web Shell
        • Searching Valid Account Credetials
        • New Account Creation
        • Reverse Shell
        • Service Creation
        • Cron Jobs
      • Command and Control
    • Reporting
  • Cybersecurity Frameworks and Standards
    • CREST
    • CIS
    • NIST Publications
      • NIST SP 800-171
      • NIST CSF
      • NIST SP 800-115
    • MITRE
      • MITRE D3FEND
      • MITRE ATT&CK
    • Penetration Testing Execution Standard (PTES)
    • OWASP Top 10
    • Purdue Model
    • Open Source Security Testing Methodology Manual (OSSTMM)
    • Council of Registered Ethical Security Testers (CREST)
    • Zero Trust
    • CMMC
    • Threat Modeling Frameworks
      • STRIDE
      • OCTAVE
      • DREAD
    • Mitigation Strategies
      • Network Segmentaion
      • Access Control
      • Application Control
      • Isolation Techniques
      • Default Password Changes
      • Host based firewall
      • Protocol blocking
      • Port blocking
      • Host based intrusion prevention
      • Endpoint Management
      • Decommissioning
      • Configuration Management
      • Least Privilege
      • Logging
      • Monitoring
      • Encryption
      • Patching
    • Security Governance
      • Data and System: Roles and Responsiblities
      • Security Policies
        • Access Use Policy
      • Security Standards
        • Access Control
        • Encryption
        • Password
      • Security Procedures
        • Change Management
  • Security Domains
    • Security Designing
    • Application Security
      • Cryptographic Attacks
      • Password Attacks
      • Web Application Security
        • Enumeration
          • Cookie and Header Security Review
        • Bruteforce Attack
        • Directory Traversal
        • Insecure Direct Object Reference (IDOR)
        • Session Hijacking
        • File Inclusion Attacks
          • LFI
          • Webshell
          • RFI
        • Server-Side Request Forgery (SSRF)
        • Deserialization Attacks
        • Command Injection
        • Server Side Template Injection
        • Cross Site Scripting (XSS)
        • SQL Injection
          • Union Based SQL Injection
          • Blind SQL Injection
        • Cross-Site Request Forgery (CSRF)
        • XML External Entity (XXE)
        • File Upload Vulnerabilites
        • Remote Code Execution (RCE)
        • Tools
          • Hetty
      • OWASP TOP 10 API
        • API Abuse
        • JWT Token manipulation
        • Graph QL security
        • API security
      • OWASP Top 10 Mobile
      • OWASP Top 10 IOT
      • Web Application Security
        • Getting Started in BugBounty Hutning
        • Subdomain Enumeration
        • Subdomain Takeover: Understanding the Risks and Prevention
        • Tools and Technologies
      • Microservices
      • WPscan
        • Burpsuite
        • Ffuf
        • Gobuster
        • Postman
        • Dirbuster
        • Wfuzz
        • ZAP
      • Tools
        • BurpSuite
        • SQLmap
    • Cloud Security
      • Metadata Service Attacks
      • IAM misconfigurations
      • Tools
        • Pacu
        • Prowler
        • Scoutsuite
        • Docker Bench
      • Container Escape
      • Workload Runtime Attacks
      • Supply Chain Attacks
      • Misconfigurations
        • Network Segmentation
        • Network Controls
        • IAM Credentials
        • Public Access to Services
        • Exposed Storage Buckets
        • Logging Information Exposure
      • Azure Security : Components and Assessment Guide
        • Azure Security Assessment Tools : Installation and usuage
    • Identity and Access Management
    • Cloud Security
      • Cloud Engineering and Architecture concepts
      • Cloud Data Security
      • Cloud Platform and Infrastructure Security
      • Cloud Application Security
      • Cloud Security Operations
      • Cloud Legal, Risk and Compliance
      • Azure Security
      • Azure Pentest
    • DevSecOps
      • Static Application Security Testing (SAST)
        • Code Quality
        • CheckMarx
        • Sonarqube
          • Sonarqube Installation using Helm Chart on AKS
      • Interactive Application Security Testing (IAST)
      • Dynamic Application Security Testing (DAST)
      • SCA
      • Wazuh SIEM and XDR
        • Wazuh on Azure AKS
        • Azure + Argo
      • DevSecOps
    • Social Engineering
      • Vishing
      • Spearphishing
      • Smishing
      • Eavesdropping
      • Impersonation
      • Watering Hole
      • Shoulder Surfing
      • Whaling
      • Phishing
      • Tools
        • GoPhish
        • Beef
        • Evilginx
        • SET social engineering toolkit
    • DevOps
      • Kubernetes
        • Kubernetes Architecture and Components
        • Mastering kubectl: The Command Line Interface for Kubernetes
        • Overview of Kubernetes Tools and Utilities
        • Container vs Pod vs Deployment
        • Kubernetes and Docker Swarm
        • Deploying a Kubernetes Cluster Using Minikube
        • Deploying a Kubernetes Cluster Using Kind
        • Integrating Kubernetes with Azure Key Vault
        • Containers vs Virtual Machines
        • Comprehensive Guide to Kubernetes Security and Analysis Tools
        • Monitoring Kubernetes with Prometheus and Grafana
        • Introduction to Azure Kubernetes Service (AKS) and Deploying Your First Cluster
        • Kubernetes Persistence with Backend Databases
        • Kubernetes StatefulSet vs. Deployment
        • DevSecOps Architecture for Kubernetes
      • Docker
      • Helm
        • Scenario : Configuring Azure Key Vault and Using Secrets in Helm Deployments
      • Git Ops
        • Argo CD
      • Git and Versioning
      • Terraform
      • Virtualization
    • Mobile Security
      • Android Mobile App Security Assessment
      • Suspicious Malware App Analysis
      • Android App Penetration Testing
      • Permission Abuse
      • Jailbreak/Rooting
      • Tools
        • MobSF
        • Drozer
        • Frida
    • IOT/OT/SCADA
      • Power Supply
        • Juice Jacking
      • RFID
      • Bluetooth
        • BlueJacking
        • Bluetooth Spamming
      • Ports and Services
      • Port Mirroring
      • Modbus Attack
      • CAN Bus Attack
      • Replay Attack
      • Memory Registry Attacks
      • Tools
        • BlueCrack
        • Scapy
        • TCP Replay
    • Network Security
      • Network Attacks
        • DNS Attacks
        • DDOS
      • Network Assessment
      • Wireshark
      • Zeek
      • Snort
      • TCPDump
      • Defensive Network
        • Firewalls
        • Intrusion Detection System
    • Wireless Attacks
      • Service Set Identifier (SSID)
      • Wardriving
      • Evil Twin Attack
      • Deauthentication Attacks
      • Signal Jamming
      • Channel Scanning
      • Signal Strength Scanning
      • Tools
        • WiFi Pumpkin
        • AirCrack Ng
        • Kismet
    • Purple Teaming
      • Tools
        • Infection Monkey
        • Atomic RedTeam
        • Caldera
    • Kubernetes Security
      • AKS Security
      • Kube-Hunter
      • KubeEscape
    • Hardware Security
    • Container Security
      • Grype
      • Trivy
      • Clair
    • AI
      • LLM (Large Language Models)
      • Prompt Engineering
      • AI Cyber Security Risk Management
        • AI Policies
      • AI Security
      • AI Attacks
        • Prompt Injection
        • Model Manipulation
      • Security Frameworks
        • MITRE ATLAS
        • OWASP Top 10 LLMs
        • NIST AI Risk Management Framework
    • Reverse Engineering
      • Scenarios
        • Browser Plugin
        • PDF document
        • Word Doc
        • Windows Binary File
        • Mobile App
      • Buffer Overflow
  • Operational Security
    • Identity and Access Management
      • Identity
      • Authentication
      • Accountability
      • Access Management
      • Authorization
      • Access Controls
    • Deception Technology
      • Honeypot
      • Honeynet
      • Honeyfile
      • Honey Token
    • Cryptography
      • Data at Rest
      • Data at Transit
      • Hashing
      • BlockChain
      • Digital Signatures
      • Certificates
      • Encryption
        • Public Key Infrastructure (PKI)
          • Public Key
          • Private Key
        • Tools
      • Certification Preparation
        • Penetration Testing
        • GRC and Audit
    • File Integrity Monitoring
    • Data Security
      • DLP
    • Change Management
      • Impact Analysis
    • Malware Analysis
      • Malware Analysis Tool
      • Malware Analysis Books
      • university courses and resources related to malware analysis
      • Binary Analysis
    • Data Loss Prevention
    • Threat Modeling
      • Attack Surface Management
        • Introduction
      • Threats, Technologies, Procedures
        • Threat Actors
      • Threat Hunting
        • Indicators of Compromise
      • Threat Assessment
        • Threat Modeling
          • OCTAVE
          • DREAD
          • STRIDE
        • Threat Hunting
          • Threat Hunting Blogs
          • Ransomware: An Overview
          • Threat Hunting and Incident Response Q&A
          • Network Traffic Analysis: Wireshark
          • Threat Hunting Questionnaire
          • KQL
          • Email Header Analysis
          • TH
          • Windows Process Exploration
        • Threat Intelligence
          • Threat Intelligence Tools and Techniques
            • Yara
      • Malware Attacks
    • Digital Forensics
      • Network Forensics
      • Forensic Tool Analysis
      • Data Recovery
    • Endpoint Management
    • SOC/SOAR
      • Threat hunting scenarios
      • Log Management
        • AWS VPC flow log analysis
        • Linux Logs
        • Windows Logs
    • Ransomware Prevention
      • APT Groups
    • Security Automation
      • C
      • Powershell
      • Python
      • C++
      • GO
      • Rust
    • Incident Response
      • Scenarios
        • Windows : No Event Logs
      • Tools
        • Chainsaw
    • Defensive Security Controls
    • Physical Security
      • Physical Attacks
        • USB (Universal Serial Bus)
        • Tailgating
        • Lock Picking
        • RFID Cloning
          • Badge Cloning
    • Personal Security
    • Security Awareness and Training
    • Firewall
    • Network Access Control
    • Intrusion Detection System
    • Intrusion Prevention System
    • Operating System Security
    • Secure Protocol Usuage
    • Business Continuity
    • Email Security
    • DNS Filtering
    • user behaviour analytics
    • Host Security
    • Mobile Device Security
    • Change Management
    • Vulnerability Management
      • Vulnerability Assessment
        • Vulnerability Analysis
      • Types of Vulnerabilites
    • Penetration Testing/Red Teaming
    • Disaster Recovery
    • Logging and Monitoring
      • Monitoring
        • Systems
        • Infrastructure
        • Applications
      • Logging
        • Log Data
          • Application Logs
          • Network Logs
          • WAF Logs
          • IDS/IPS logs
          • OS logs
          • Endpoint Logs
          • Firewall Logs
        • Alerting
        • Log Aggregation
      • Tools
    • Endpoint
    • Security Metrics
  • Industry Specific Security:Case Studies
    • Aviation Security
      • The Integral Role of Airports in National Security : Operations Perspective
      • Cyber Attacks on Airports
      • Navigating the Complex Web of Airport Operations: Key Components and Leading Industry Providers
    • Aviation Security
  • Computational Science
    • Quantum Computing
      • Quantum Computing: Unleashing the Power of Qubits
    • Probability
  • Data Engineering
  • AI/ML and Data Science
    • Installation
      • Ollama
    • Machine Learning
    • Large Language Models (LLM)
    • Security Analytics
    • Untitled
      • Roles and Responsibilites
      • Azure AI Services
        • AI Services Security
        • Monitoring Azure AI Services
        • AI services on containers
  • Application Development
    • Django
  • Radom Topics :)
    • CSA WAI
  • CISSP
Powered by GitBook
On this page

Was this helpful?

  1. Operational Security
  2. Cryptography
  3. Certification Preparation

GRC and Audit

  • Security and Risk Management

  • CIA Triad confidentiality, integrity and availability

  • Confidentiality and Integrity tightly coupled on each other

  • Security control evaluation using CIA Triad

    • Scenarios which violates these security CIA triad and how to detect and address

      • For ex: weak encryption and enforce strong encryption

    • DOS attacks

    • BCP

  • IAAAA

  • Layering defense in depth

BCP

DR

Data encryption

Data hiding

  • Security governance principles (IT and corporate governance)

    • Change management (change advisory board)

    • Data classification

      • Who are data owners

      • Data custodians

      • Levels of classification

  • Security policies and security management planning

    • Strategic plan

    • Tactical plan

    • Operational plan

  • Security frameworks

    • NIST 800-53 or 800-100

  • Org roles

    • Senior manager

    • Security professional

    • Data owner

    • Data custodian

    • User

    • Auditor

  • Security control frameworks

    • COBIT

    • OSSTMM

    • ISO 27002/1

  • Security policies

  • Security standards

  • Security baselines

  • Security guidelines

  • Security procedures

  • Security governance

  • Third party governance

  • Threat modeling

    • Proactive

    • Reactive

    • Stride

    • Pasta

  • Threat reduction analysis

  • Threat prioritization and reduction

    • DREAD

  • Supply chain and third party service risk assessment

  • Audit

    • PCI

    • CJIS

    • SOC 2

  • Separation of duties

  • Job responsibilities

  • Job rotation

  • Cross training

  • Employee onboarding process

    • Security awareness training

  • Employee termination process

    • Access revoke

    • Audit activity

  • NDA

  • NCA

  • SLA

    • Vendors, contractors, contract agreements

  • Compliance policy requirements

  • Privacy policy requirement

  • Risk Management

    • Asset

      • Asset inventory

      • Classes and criticality

      • Asset valuation

    • Asset valuation

    • Threats

    • Vulnerability

    • Exposure

    • Risk

    • Safeguards

    • Attack

    • Breach

  • Identifying the threats and vulnerabilities

  • Risk assessment

    • Quantitative risk analysis

      • Exposure factor

      • Single loss expectancy

      • Annualized rate of occurrence

      • Annualized loss expectancy

      • Calculating safe guard costs

    • Qualitative risk analysis

      • Risk responses

        • Risk mitigation

        • Avoidance

        • Etc..

      • Counter measures

        • Security controls

          • Physical

          • Logical/technical

          • Administrative

      • Types of controls

        • Deterrent

        • Preventive

        • Detective

        • Compensating

        • Corrective

        • Recovery

        • Directive

    • Security control assessment

      • NIST Guide for Assessing the Security Controls in Federal Information Systems

    • RISK frameworks

      • NIST SP 800-37

    • Security awareness training

  • Business continuity plan

  • Disaster recovery plan

  • Legal and regulatory requirements

  • Business Impact Analysis

    • Business priorities

    • Identifying the risk/risk assessment

      • SaaS application

      • Cloud

  • Law

    • Cyberlaw

    • Criminal activity law

    • FISMA Act

  • Compliance

    • PCI www.pcisecuritystandards.org/

    • SAAS (contracting and procurement)

  • Asset Security

    • Data classification

      • DLP

      • PII

      • PHI

      • Classification levels

    • NIST SP 800-122

    • Data thefts

    • Asset classification

    • Data security controls

      • Email data security

      • Strong encryption algo AES 256

    • Data states

      • In rest

      • In transit

      • In use

    • Labeling

      • Sensitive data

      • Sensitive systems

    • Sensitive data destroying

    • Data remanence, destruction, clearing, degaussing, purging

    • Data protection policies/methods

    • Ownership

      • Data owners

      • Asset owners

      • Asset owners

      • Business owners

    • Data processors

      • Anonymization

    • NIST 800-53

    • Security baselines

      • Scoping

      • Standards

        • NISR

        • CIS

        • PCI

  • Security Architecture

  • Cryptography

    • FIPS 140

    • Ciphers

    • One time pads

    • Symmetric key

    • Asymmetric key

    • Hashing

  • Data encryption standards

  • Key management

    • PKI

    • Public key encryption

    • Private key encryption

    • Key distribution

    • Key escrow and recover

    • RSA

    • Elliptic curve

    • Digital signatures

    • HMAC

    • Public key infra

    • Certificate authority

    • Certificates

    • Digital signing

    • TPM

    • Portable device encryption

    • PGP

    • TLS/SSL

    • Networking

      • IPSEC

      • Wpa2

      • Wireless

    • Cryptographic attacks

    • Man in middle attacks

  • Security architecture references

    • Perimeter security

    • Access controls

    • ITSEC

    • Org certification and accreditation

    • TPM

    • Protection

      • Os level

      • Application

      • Firmware

      • BIOS

      • UEFI

  • Memory

    • Browser

    • System/RAM

    • Pendrives

    • Storage

  • Client based systems

    • Applets

    • Java

  • Server based systems

  • Cache based attacks

    • ARP

    • DNS

  • Database security

  • Backup monitoring

  • Distributed systems security

  • DMZ

  • Endpoint security

  • Cloud security

  • Virutual machines security

  • Paas

  • Saas

  • Iaas

  • Cloud acces security broker

  • Peer to peer

  • IOT https://www .nist.gov/itl/applied-cybersecurity/nist-initiatives-iot

  • ICS

  • SCADA

  • PLC

  • SAML

  • HIDS

  • USB security

  • Device security

    • Device encryption

    • Remote wiping

    • Lockout

    • Screen locks

    • GPS

    • Application control

    • Storage segmentation

    • Asset Tracking

    • Inventory control

    • Mobile Device Management

    • BYOD

    • Device Access Control

    • Removable storage media

  • Application security

    • Key Management

    • Credential Management

    • Authentication

    • Geo tagging

    • Encryption

    • Application whitelisting

    • Corporate mobile devices

    • Virtual mobile infrastructure

  • Mobile

    • Android

    • ios

  • Web app security

    • OWASP

    • TLS/SSL

  • DLP

  • Data Ownership

  • Forensics

  • Patch Management

  • System Engineering

  • Vulnerability Management

  • Antivirus Management

  • User acceptance and policies

  • Asset on boarding and off boarding

  • Embedded systems security

  • Cyber physical security

  • Network segmentation

  • Application firewalls

  • Security layers

  • Version control

  • Monitoring

  • Network Security

    • OSI

    • TCP/IP

    • Port numbers

    • Tcp three way handshake

    • Protocol discovery using sniffer

    • Organization ipv 4 ranges

    • Network diagram

    • Attacks

      • Dos

      • Dns poisoning

      • Domain hijacking

    • Wireless networks

    • Secure encryption protocols

    • Wireless attacks

    • Network access control

    • Attacks on networks

    • Firewalls

    • Secure communication protocols

    • Authentication protocosl

    • Vedio/audio communication protocols

    • Social engineering attacks

    • Email security

    • Remote access security

    • Vpn

    • Tunneling

    • Virtualization

    • NAT

  • Identity and access management

    • Assets access

    • CIA triad for authentication/authorization/identification

    • Password manament

    • Best practices

    • Single sign on

    • Kerberos

    • Azure dc

  • Security Assessment and training

    • Security testing and assessment

    • External audits

    • Third party audits

    • Vulnerability assessments

    • Scap

    • Scom

    • Network discovery scanning

    • Network vulnerability scanning

    • Database vulnerability scanning

    • Penetrations testing

    • Secure code review

    • Log monitoring

    • Account management

    • Backup reviews

  • Security operations

    • Privilege management

    • Os baselining

    • Incident response

    • Preventive measure

    • Logging and monitoring

  • Security assessment and testing

  • Cyber Investigations

  • Forensics

    • https://www.nist.gov/publications/guide-integrating-forensic-techniques-incident-response

  • Asset Security

  • Security Architecture and Engineering

  • Communication and Network Security

  • Identity and Access Management (IAM)

  • Security Assessment and Testing

  • Security Operations

  • Software Development Security

References:

https://blog.rsisecurity.com/what-is-the-purpose-of-cybersecurity-architecture/

https://blog.rsisecurity.com/what-is-cybersecurity-architecture/

https://www.simplilearn.com/book-resources-to-read-for-cissp-certification-exam-article

https://www.conqueryourexam.com/best-cissp-study-guides/https://www.reddit.com/r/cissp/comments/c6d0jt/my_personal_cissp_journey_and_recommended_study/

https://www.reddit.com/r/cissp/comments/fdd33d/received_4_books_which_ones_are_best/

PreviousPenetration TestingNextFile Integrity Monitoring

Last updated 11 months ago

Was this helpful?