SKILL BENCHMARK

Security+: Implementation Competency

  • 25m
  • 25 questions
The Security+: Implementation Competency benchmark will measure your ability to recognize key terms and concepts related security implementation. You will be evaluated on identity and account management, physical controls, PKI, security protocols, and wireless and mobile security. A learner who scores high on this benchmark demonstrates that they have an understanding of security implementation terminology and concepts.

Topics covered

  • compare IoT security like sensors, smart devices, facility automation, specialized systems, medical systems, vehicles, aircraft, and smart meters
  • compare various mobile connection methods and receivers, such as cellular, WiFi, Bluetooth, NFC, infrared, USB, RFID, and GPS
  • configure common account policies for AWS Identity and Access Management
  • contrast symmetric and asymmetric cryptosystems
  • define mobile deployment models, as in BYOD, COPE, CYOD, corporate-owned, and VDI
  • define network segmentation and zoning concepts, such as a virtual local area network (VLAN), PVLAN, DMZ, east-west traffic, extranets, intranets, and zero-trust deployments
  • define SCADA security issues such as facilities, industrial, manufacturing, energy, and logistics
  • describe access control schemes like Attribute-based Access Control, Role-based Access Control, Rule-based Access Control, Mandatory Access Control, and Discretionary Access Control
  • describe a cryptographic key including key length, strength, stretching, and perfect forward secrecy
  • describe advanced account policy methods such as time of day, network location, geofencing, geotagging, and geolocation
  • describe an array of secure protocols including DNSSEC, SSH, S/MIME, SRTP, LDAPS, FTPS, SFTP, and SNMPv3
  • describe cameras and surveillance techniques such as CCTV, webcams, motion and object detection, and lighting
  • describe embedded system security, such as in raspberry pi, FPGA, and Arduino, and constraints such as power, compute, network, crypto, inability to patch, authentication, range, cost, and implied trust
  • describe installation considerations, as in site surveys, heat maps, Wi-Fi analysis, channel overlays, and WAP placement
  • describe IPsec in terms of Authentication Header (AH), Encapsulated Security Payload (ESP), and tunnel vs. transport mode
  • describe mobile device management concepts like MDM vs. MAM, content management, remote wipe, geofencing, geolocation, screen locks, push notifications, passwords, pins, and biometrics
  • describe mobile device types, like MicroSD HSM and SEAndroid
  • describe specialty systems like VoIP, HVAC, drones, AVs, MFP, RTOS, surveillance systems, SoC, 5g, narrow-band, baseband radio, and SIM cards
  • describe various authentication management techniques like password keys, password vaults , TPM, HSM, and knowledge-based authentication
  • describe various identity controls such as identity providers, attributes, certificates, tokens, SSH keys, and smart cards
  • describe various load balancing concepts and techniques, including active/active, active/passive, elastic, scheduling, virtual IP addresses, and persistence
  • recognize different barrier types such as bollards, barricades, gates, and fences
  • survey common authentication protocols such as EAP-CHAP, password authentication protocol, 802.1x, and RADIUS
  • survey mobile enforcement and monitoring concepts, such as third-party app stores, rooting, jailbreaking, sideloading, custom firmware, carrier unlocking, and firmware OTA updates
  • survey protocols and services used for federation and single-sign-on like SAML 2.0, TACACS+, OAuth, OIDC, and Kerberos