cpckp的博客

Day 1: This chapter covers various concepts related to security management practices, control environment, and asset classification and controls. Day 2: This chapter discusses important requirements of security awareness and training as well as risk assessment and management. Day 3: This chapter covers the threats, vulnerabilities, and countermeasures for physical security and physical security design that includes perimeter and interior security. Day 4: This chapter addresses the concepts in operations and facility security, along with protecting and securing equipment. Day 5: This chapter covers concepts related to access control, methodologies and techniques, authentication, and access-related attacks and countermeasures. Day 6: This chapter covers concepts related to vulnerability assessment and penetration testing. Day 7: This chapter covers various concepts related to cryptography, such as methods and types of encryption, as well as the application and use of cryptography. Day 8: This chapter covers the core concepts in Public Key Infrastructure, key management techniques, methods of cryptanalytic attacks, and various cryptographic standards. Day 9: This chapter covers various concepts in the areas of operations procedures and responsibilities, incident management, and reporting. Day 10: This chapter covers control environment related to operations security and also evaluation criteria, such as TCSEC. Day 11: This chapter covers concepts in systems engineering and the Software Development Life Cycle models. Day 12: This chapter covers IT systems, threats and vulnerabilities of application systems, and application control concepts. Day 13: This chapter covers various concepts in network architecture, Open System Interconnect (OSI), and the TCP/IP models. It also covers various protocols in the TCP/IP models related to the application and transport layers, along with threats, vulnerabilities, attacks, and countermeasures for the TCP/IP protocols and services. Day 14: This chapter covers different protocols that are in the network/Internet layer, data link layer, and physical layer in the TCP/IP model. In addition, it covers some of the threats and vulnerabilities that are prevalent in such protocols, common attacks, and possible countermeasures. Day 15: This chapter covers concepts in computer architecture, the Trusted Computing Base, and protection domain and its related mechanisms. Day 16: This chapter addresses the concepts in assurance-related standards, various certification and accreditation schemes, and various computer security models. Day 17: This chapter covers various concepts in Business Continuity Planning, its goals and objectives as well as the concepts in the Business Impact Analysis. Day 18: This chapter covers the Disaster Recovery Planning process, various backup concepts, and the process of resuming business from alternative sites. Day 19: This chapter covers various computer crimes, cyber crimes, as well as different types of attacks. Day 20: This chapter covers laws and regulations related to information systems across the world. Additionally, it covers concepts related to computer investigations and ethical usage of information systems as prescribed by international bodies including (ISC)2. Day 21: This chapter contains a full mock test paper containing a total of 250 questions from all 10 domains.