CISM 2022: Cryptography and Data Protection Competency (Intermediate Level)

Topics covered

• apply group policy settings to secure Windows stations
• configure an HTTPS binding for a web application
• configure EFS file encryption
• configure Linux file system encryption to protect data at rest
• configure Microsoft BitLocker to protect data at rest
• configure Microsoft Windows virus and threat protection
• configuring a web app to require client PKI certificates
• consider how HSMs are used for encryption offloading and the storage of cryptographic secrets
• create a repeatable compliant sandbox testing environment in the cloud
• create a Windows-based private CA
• delete a disk partition using a multiple pass disk wiping tool
• determine when email messages are fraudulent for phishing and spear phishing attacks
• discuss various methods of hardening network devices and device OSs
• enable a VM managed identity for resource access
• harden a network printer
• harden a Wi-Fi router
• list common digital forensic hardware and software solutions
• list methods of securing a SAN
• list the characteristics of common malware types
• manage Windows public key infrastructure certificate templates
• outline various cloud-based security solutions
• recall how TPM provides a local device cryptographic store
• recognize common secure coding practices
• recognize how security applies to all SDLC phases
• recognize how security should integrate with development and operations such as testing, deployment, and patching
• recognize how social engineering uses deception to acquire sensitive information
• recognize the various stages of the PKI certificate lifecycle
• upload infected files for analysis to a scanning service
• use Microsoft InTune to centrally manage devices
• use the Social Engineering Toolkit (SET) to execute social engineering attacks