domain 5 : secyruty operations :

module 1 : understand data security :

*data handling practices : - data classification (public, internal, confidential,

restrictrd )
- data labeling (adding descriptive metadata or tags to
data to improve data management and security )
- data retention (storing data for a specific period of
time , data retention policy )
- data destruction : - clearing (overwites)
- purging (multiple overwrites)
- destroying (physical damage)
*event logging and monitoring : SIEM (security information and event management)
*ingress & egress monitoring
*cryptography : the practice and study of techniques for secure communication and
data
*encryption : the process of encoding information (from plaintext to ciphertext)
*cryptanalysis : the process of analyzing cryptographic security systems to breach
them , even if the key is uknown
*symmetric cryptography : - single key in both encryption and the decryption
process
- key cannot be sent in the same channel as the encrypted
message
- this can be defficult to manage if there are many
parties involved or must be changed frequently
*asymmetric cryptography : - one key to encrypt and a different ket to decrypt
- each party must generate a key pair
- private key is kept secret
- public key can be shared
*cryptography advantages : - confidentiality
- integrity & authentication ( hash functions , digital
signatures )
*hash functions : - one way
- fixed-size output
*digital signature : -a uthenticity
- non repudation
- integrity
*password hashing and salting : same password + different salt = same hashing =
different output

module 2 : undersatand system hardening & configuration management :

*hardening : is the process of applying secure configuration to reduce the attack

surface
*system hardening : - remove unnecessary services
- update software and firmeware (patching)
- enable firewalls
- use strong authentification with MFA
*configuration management (CM): is the process of identifying, organizing,
testing, approving and managing the changes made to a system's
components throught their lifecycle
* CM components : - identification (identifying the system that need to be managed)
- baseline (the minimum level of protection that can be used as a
reference point)
- change control ( an update process for requesting changes to a
baseline)
 - verification & audit (process to verify that nothing was broken
by a newly applied change)
*inventory : a list IT assets that an organization possesses

module 3 : understande best practice security policies :

*data handling\protection policy : to protect and secure all data consumed,

managed, and stored by the organization
*password policies and guidlines : a set of requirement for passwords in an
organization
*acceptable use policy (AUP) : is a document stipulating constraints and practices
that a user must agree to for access to organization ressources
*bring your own device (BYOD) : - allows employees in an organization to use their
personally owned devices for work related activities
- use mobile device management (MDM)
*privacy policy : legal document that disclose some or all of the ways a party
gathers, uses ...
*change management policy : is the discipline of transitioning from current state
to a future state

module 4 : security awareness training :

*awareness : changing user behavior to realize the importance of security and the
adverse consequences of its failure
*training : teaching people the skills that will enable them to preform their jobs
more effectively
*education : trageted for IT security professionals and focuses on developping the
ability and vision to preform complex, multi-disciplinary activities