Security Analyst to Security Architect Proficiency (Advanced Level)

Topics covered

• describe authentication, authorization, and encryption factors and how they fit together
• describe authentication threats and non-repudiation
• describe authenticity and identity spoofing threats
• describe how to validate integrity and tampering threats
• describe information threats such as privacy breaches or data leaks
• describe methods of authentication and their best practices
• describe methods of authorization and access control
• describe methods of brute force attacks and key sizes
• describe methods of keeping login and authentication credentials secure
• describe system authentication and authorization through user account administration in Linux
• describe the approaches to network security through traffic analysis
• describe the categories of vulnerabilities using the STRIDE model
• describe the concepts of signal and noise when it comes to network traffic analysis
• describe the network forensic approach to computer networks
• describe the placement and use of sniffing and IDS sensors
• describe the privilege escalation threat model
• describe the threat of denial of service attacks
• describe the tools and techniques used by intrusion detection systems
• describe the types of application controls that can be used for traffic analysis
• describe the use of encryption methods and best practices in implementing encryption
• differentiate between public and private keys and their ciphers
• handle security policy trade-offs in situations where solutions might not align with policy
• recognize examples of security misconfiguration threats