(ISC)2 Certification Topics

vulnerability assessment

2 exams

Authentication Protocols

2 exams

Incident response

2 exams

Business Continuity

2 exams

Authentication

2 exams

Access Control

2 exams

Integrity

2 exams

discovery phase

1 exam

OS fingerprinting

1 exam

scanning errors

1 exam

Accountability

1 exam

Backup media

1 exam

Data access

1 exam

Information lifecycle

1 exam

HTTP Authentication

1 exam

Web Security

1 exam

Cryptography

1 exam

VLAN

1 exam

network segmentation

1 exam

Layer 3 routing

1 exam

Operating systems

1 exam

System architecture

1 exam

Hardware Abstraction Layer (HAL)

1 exam

DES

1 exam

Symmetric encryption

1 exam

Key length

1 exam

Cryptographic weaknesses

1 exam

Rootkit

1 exam

Malware remediation

1 exam

System reinstallation

1 exam

federated identity

1 exam

trust relationships

1 exam

identity providers

1 exam

single sign-on (SSO)

1 exam

security assessment

1 exam

penetration testing

1 exam

due diligence

1 exam

M&A security

1 exam

digital forensics

1 exam

order of volatility

1 exam

evidence collection

1 exam

Cloud deployment models

1 exam

Private cloud

1 exam

Cloud security architecture

1 exam

Data security

1 exam

Cloud contracts

1 exam

Vendor management

1 exam

Data processing

1 exam

Subcontractor agreements

1 exam

Data Archiving

1 exam

Data Recovery

1 exam

Long-term storage

1 exam

Data lifecycle management

1 exam

DLP

1 exam

Data Loss Prevention

1 exam

Data Security Controls

1 exam

Tokenization

1 exam

DRM

1 exam

SIEM

1 exam

Security Controls Integration

1 exam

BCDR

1 exam

Critical Assets

1 exam

Contingency Planning

1 exam

Asset Identification

1 exam

Cryptographic keys

1 exam

Key management

1 exam

Data security principles

1 exam

Information protection

1 exam

Bastion host

1 exam

Network security

1 exam

System hardening

1 exam

Perimeter security

1 exam

Cloud Service Models

1 exam

IaaS

1 exam

Shared Responsibility Model

1 exam

Operating System Administration

1 exam

Cloud Resource Allocation

1 exam

Resource Prioritization

1 exam

Resource Sharing

1 exam

Cloud Resource Management

1 exam

data classification

1 exam

sensitive data

1 exam

PII

1 exam

information security policies

1 exam

Security logging

1 exam

Event logging

1 exam

Forensic data

1 exam

Stream ciphers

1 exam

Hardware implementation

1 exam

Block ciphers

1 exam

Cryptographic primitives

1 exam

Disaster Recovery Plan

1 exam

Alternate Sites

1 exam

Geographic Redundancy

1 exam

Bell-LaPadula model

1 exam

Star-property

1 exam

Confidentiality

1 exam

Access Control Models

1 exam

Post-mortem review

1 exam

Lessons learned

1 exam

Incident closure

1 exam

Biometrics

1 exam

Retinal Scan

1 exam

Access Control Technology

1 exam

Physical Characteristics

1 exam

Intrusion Detection Systems

1 exam

NIDS

1 exam

Network Monitoring

1 exam

Security Architecture

1 exam

Kerberos

1 exam

Replay attacks

1 exam

Timestamps

1 exam

Authentication Factors

1 exam

NIST SP 800-37

1 exam

Risk Management Framework (RMF)

1 exam

RMF Tiers

1 exam

Physical Controls

1 exam

Security Controls

1 exam

Environmental Security

1 exam

Information Security Roles

1 exam

Agency Roles

1 exam

CISO

1 exam

SAISO

1 exam

Security Assessment Report

1 exam

NIST RMF

1 exam

Security Control Assessment

1 exam

Documentation

1 exam

Event-driven authorization

1 exam

System change management

1 exam

Continuous monitoring

1 exam

Authorization triggers

1 exam

Assessment Plan

1 exam

CIA Triad

1 exam

Information Security Principles

1 exam

Non-repudiation

1 exam

Risk impact levels

1 exam

CIA loss

1 exam

Adverse effects

1 exam

Organizational impact

1 exam

RMF Roles

1 exam

Risk Executive

1 exam

Risk Management Strategy

1 exam

Authorization Decisions

1 exam

Security Control Overlays

1 exam

Control Tailoring

1 exam

Security Control Baselines

1 exam

Buffer overflow

1 exam

Security countermeasures

1 exam

IIS security

1 exam

DIACAP

1 exam

Certification & Accreditation

1 exam

Information Assurance Controls

1 exam

Validation

1 exam

Disaster Recovery

1 exam

Cold Site

1 exam

Budgetary Constraints

1 exam

Operational Resilience

1 exam

DoD 8500.2

1 exam

Mission Assurance Categories

1 exam

Availability

1 exam

Software architecture styles

1 exam

Pipes and filters

1 exam

Architectural patterns

1 exam

Data transformation

1 exam

CSRF

1 exam

Web application security

1 exam

Vulnerabilities

1 exam

Attack types

1 exam

DITSCAP

1 exam

System Accreditation

1 exam

Post-Accreditation Phase

1 exam

Lifecycle Management

1 exam

Anonymous Authentication

1 exam

Web Security Concepts

1 exam

Uptime

1 exam

Hot Site

1 exam

Security models

1 exam

Clark-Wilson model

1 exam

Integrity models

1 exam

Well-formed transactions

1 exam