CompTIA SecurityX® Training

Module 1.0 Governance, Risk, and Compliance

1.1 Given a set of organizational security requirements, implement the appropriate governance components.           

• Security program documentation
• Security program management
• Governance frameworks
• Change/configuration management
• Governance risk and compliance (GRC) tools
• Data governance in staging environments

1.2 Given a set of organizational security requirements, perform risk management activities.

• Impact analysis
• Third-party risk management
• Availability risk considerations
• Confidentiality risk considerations
• Integrity risk considerations
• Privacy risk considerations
• Crisis management
• Breach response

1.3 Explain how compliance affects information security strategies.

• Awareness of industry-specific compliance
• Industry standards
• Security and reporting frameworks
• Audits vs. assessments vs. certifications
• Privacy regulations
• Awareness of cross-jurisdictional compliance requirements

1.4 Given a scenario, perform threat-modeling activities.

• Actor characteristics
• Attack patterns
• Frameworks
• Attack surface determination
• Modeling applicability of threats to the organization/environment

1.5 Summarize the information security challenges associated with artificial intelligence (AI) adoption.

• Legal and privacy implications
• Threats to the model
• AI-enabled attacks
• Risks of AI usage
• AI-enabled assistants/digital workers

Module 2.0 Security Architecture

2.1 Given a scenario, analyze requirements to design resilient systems.

• Component placement and configuration
• Availability and integrity design considerations

2.2 Given a scenario, implement security in the early stages of the systems life cycle and throughout subsequent stages.

• Security requirements definition
• Software assurance
• Continuous integration/continuous deployment (CI/CD)
• Supply chain risk management
• Hardware assurance
• End-of-life (EOL) considerations

2.3 Given a scenario, integrate appropriate controls in the design of a secure architecture.

• Attack surface management and reduction
• Detection and threat-hunting enablers
• Information and data security design
• Hybrid infrastructures
• Third-party integrations
• Control effectiveness

2.4 Given a scenario, apply security concepts to the design of access, authentication, and authorization systems.

• Provisioning/deprovisioning
• Federation
• Single sign-on (SSO)
• Conditional access
• Identity provider
• Service provider
• Attestations
• Policy decision and enforcement points
• Access control models
• Logging and auditing
• Public key infrastructure (PKI) architecture
• Access control systems

2.5 Given a scenario, securely implement cloud capabilities in an enterprise environment.

• Cloud access security broker (CASB)
• Shadow IT detection
• Shared responsibility model
• CI/CD pipeline
• Terraform
• Ansible
• Package monitoring
• Container security
• Container orchestration
• Serverless
• API security
• Cloud vs. customer-managed
• Cloud data security considerations
• Customer-to-cloud connectivity
• Cloud service integration
• Cloud service adoption

2.6 Given a scenario, integrate Zero Trust concepts into system architecture design.

• Continuous authorization
• Context-based reauthentication
• Network architecture
• API integration and validation
• Asset identification, management, and attestation
• Security boundaries
• Deperimeterization
• Defining subject-object relationships

Module 3.0 Security Engineering

3.1 Given a scenario, troubleshoot common issues with identity and access management (IAM) components in an enterprise environment.

• Subject access control
• Biometrics
• Secrets management
• Attestation
• Cloud IAM access and trust policies
• Logging and monitoring
• Privilege identity management
• Authentication and authorization - Security Assertions Markup Lang

3.2 Given a scenario, analyze requirements to enhance the security of endpoints and servers.

• Application control
• Endpoint detection response (EDR)
• Event logging and monitoring
• Endpoint privilege management
• Attack surface monitoring and reduction
• Host-based intrusion protection system/ host-based detection system (HIPS/ HIDS)
• Anti-malware
• SELinux
• Host-based firewall
• Browser isolation
• Configuration management
• Mobile device management (MDM) technologies
• Threat-actor tactics, techniques, and procedures (TTPs)

3.3 Given a scenario, troubleshoot complex network infrastructure security issues.

• Network misconfigurations
• IPS/IDS issues
• Observability
• Domain Name System (DNS) security
• Transport Layer Security (TLS) errors
• Cipher mismatch • PKI issues
• Issues with cryptographic implementations
• DoS/distributed denial of service (DDoS)
• Resource exhaustion
• Network access control list (ACL) issues

3.4 Given a scenario, implement hardware security technologies and techniques.

• Roots of trust
• Virtual hardware
• Host-based encryption
• Self-encrypting drive (SED)
• Secure Boot
• Measured boot
• Self-healing hardware
• Tamper detection and countermeasures
• Threat-actor TTPs

3.5 Given a set of requirements, secure specialized and legacy systems against threats.

• Operational technology (OT)
• Internet of Things (IoT)
• System-on-chip (SoC)
• Embedded systems
• Wireless technologies/radio frequency (RF)
• Security and privacy considerations

3.6 Given a scenario, use automation to secure the enterprise.

• Scripting
• Cron/scheduled tasks
• Event-based triggers
• Infrastructure as code (IaC)
• Configuration files
• Cloud APIs/software development kits (SDKs)
• Generative AI
• Containerization
• Automated patching
• Auto-containment
• Security orchestration, automation, and response (SOAR)
• Vulnerability scanning and reporting
• Security Content Automation Protocol (SCAP)

3.7 Explain the importance of advanced cryptographic concepts.

• Post-quantum cryptography (PQC)
• Key stretching and splitting
• Homomorphic encryption
• Forward secrecy
• Hardware acceleration
• Envelope encryption
• Performance vs. security
• Secure multiparty computation
• Authenticated encryption with associated data (AEAD)
• Mutual authentication

3.8 Given a scenario, apply the appropriate cryptographic use case and/or technique.

Module 4.0 Security Operations

4.1 Given a scenario, analyze data to enable monitoring and response activities.

• Security information event management (SIEM)
• Aggregate data analysis
• Behavior baselines and analytics

4.2 Given a scenario, analyze vulnerabilities and attacks, and recommend solutions to reduce the attack surface.

• Vulnerabilities and attacks
• Mitigations

4.3 Given a scenario, apply threat-hunting and threat intelligence concepts.

• Internal intelligence sources
• External intelligence sources
• Counterintelligence and operational security
• Threat intelligence platforms (TIPs)
• Indicator of compromise (IoC) sharing
• Rule-based languages

4.4 Given a scenario, analyze data and artifacts in support of incident response activities.

• Malware analysis
• Reverse engineering
• Volatile/non-volatile storage analysis
• Network analysis
• Host analysis
• Metadata analysis
• Data recovery and extraction
• Threat response
• Preparedness exercises
• Timeline reconstruction
• Root cause analysis
• Cloud workload protection platform (CWPP)
• Insider threat