SecOps Literacy (Beginner Level)

  • 24m
  • 24 questions
The SecOps Literacy benchmark measures whether a learner has had some exposure of the SecOps practices and processes. A learner who scores high on this benchmark demonstrates literacy in key areas of the SecOps discipline. They are able to participate in SecOps discussions and understand the advice of more advanced SecOps practitioners.

Topics covered

  • compare vulnerability to penetration testing and describe the function of each
  • describe active information gathering along with methods and techniques for collecting information
  • describe black box penetration testing and why it may be used
  • describe common client-side attacks such as Cross-Site Scripting attacks and methods to help prevent them
  • describe common password attacks and methods for preventing them
  • describe common web cyber attacks and countermeasures to prevent these attacks
  • describe cryptography and its four goals
  • describe grey box penetration testing and why it may be used
  • describe how to find a vulnerability using scanners and other techniques
  • describe passive information gathering and methods for collecting information
  • describe port forwarding and how it can be used as an exploit
  • describe the cause of buffer overflow and how this exploit can be used for attacks
  • describe the common types of penetration and the importance of testing each type
  • describe the different types of IT governance frameworks
  • describe the purpose of network tunneling and why it is important for penetration testing
  • describe user privilege escalation and methods that can be used to protect your system from security attacks
  • describe what penetration testing is and why it is important to the organization
  • describe white box penetration testing and why it may be used
  • differentiate between malware types and recognize some of the consequences of using targeted malware
  • differentiate between scanning and enumeration
  • differentiate between symmetric and asymmetric cryptography
  • distinguish between governance and management
  • identify the various roles and responsibilities of senior management in governance
  • recognize how to choose a password cracking technique