SKILL BENCHMARK

SecOps Competency

  • 24m
  • 24 questions
The SecOps Competency benchmark measures whether a learner has working experience of the SecOps practice, with additional experience with SecOps tools and processes. A learner who scores high on this benchmark demonstrates competency in many areas of the SecOps discipline. This learner has had some working exposure to SecOps and Internet security principles and practices.

Topics covered

  • compare vulnerability to penetration testing and describe the function of each
  • describe black box penetration testing and why it may be used
  • describe cryptography and its four goals
  • describe grey box penetration testing and why it may be used
  • describe how indicators of compromise can help reduce exploits in an environment
  • describe how to find a vulnerability using scanners and other techniques
  • describe organizational risk tolerance and why it is important
  • describe policies and procedures for keeping systems secure in preemptive troubleshooting
  • describe preemptive troubleshooting and how it applies to security and SecOps
  • describe the common types of penetration and the importance of testing each type
  • describe the different categories of findings
  • describe the importance of setting stopping points and when to stop a penetration test
  • describe the rules of engagement and how they are used
  • describe what should be documented during a penetration test and why it is important
  • describe white box penetration testing and why it may be used
  • differentiate between malware types and recognize some of the consequences of using targeted malware
  • differentiate between scanning and enumeration
  • differentiate between symmetric and asymmetric cryptography
  • recognize how preemptive troubleshooting is different than intrusion detection systems
  • recognize how to choose a password cracking technique
  • update hardware and recognize the importance of doing so
  • update software and recognize the importance of doing so
  • use password policies to enforce compliance
  • use tools to troubleshoot hardware and policies to prevent security compromise

recently added courses