Voici le contenu du domaine 7 du CISSP®
Ce domaine vaut 13 % du la note à atteindre
Domaine 7 du CISSP®
Contenu réactualisé en fonction du nouveau programme officiel de 2024
| N° | Description |
|---|---|
| 7.1 | Understand and comply with investigations |
| 7.1.1 | Evidence collection and handling |
| 7.1.2 | Reporting and documentation |
| 7.1.3 | Investigative techniques |
| 7.1.4 | Digital forensics tools, tactics, and procedures |
| 7.1.5 | Artifacts (eg, computer, network, mobile device) |
| 7.2 | Conduct logging and monitoring activities |
| 7.2.1 | Intrusion detection and prevention |
| 7.2.2 | Security Information and Event Management(SIEM) |
| 7.2.3 | Continuous monitoring |
| 7.2.4 | Egress monitoring |
| 7.2.5 | Log management |
| 7.2.6 | Threat intelligence (eg,Threat feeds,Threat hunting) |
| 7.2.7 | User and Entity Behavior Analytics (UEBA) |
| 7.3 | Perform Configuration Management (CM) (eg, provisioning, baselining, automation) |
| 7.4 | Apply foundational security operations concepts |
| 7.4.1 | Need-to-know/least privilege |
| 7.4.2 | Separation of Duties (SoD) and responsibilities |
| 7.4.3 | Privileged account management |
| 7.4.4 | Job rotation |
| 7.4.5 | Service Level Agreements (SLAs) |
| 7.5 | Apply resource protection |
| 7.5.1 | Media Management |
| 7.5.2 | Media protection techniques |
| 7.6 | Conduct incident management |
| 7.6.1 | Detection |
| 7.6.2 | Response |
| 7.6.3 | Mitigation |
| 7.6.4 | Reporting |
| 7.6.5 | Recovery |
| 7.6.6 | Remediation |
| 7.6.7 | Lessons Learned |
| 7.7 | Operate and maintain detective and preventative measures |
| 7.7.1 | Firewalls (eg, next generation, web application, network) |
| 7.7.2 | Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) |
| 7.7.3 | Whitelisting/blacklisting |
| 7.7.4 | Third-party provided security services |
| 7.7.5 | Sandboxing |
| 7.7.6 | Honeypots/honeynets |
| 7.7.7 | Anti-malware |
| 7.7.8 | Machine learning and Artificial Intelligence (AI) based tools) |
| 7.8 | Implement and support patch and vulnerability management |
| 7.9 | Understand and participate in change management processes |
| 7.10 | Implement recovery strategies |
| 7.10.1 | Backup storage strategies |
| 7.10.2 | Recovery site strategies |
| 7.10.3 | Multiple processing sites |
| 7.10.4 | System resilience, High Availability (HA), Quality of Service (QoS), and fault tolerance) |
| 7.11 | Implement Disaster Recovery (DR) processes) |
| 7.11.1 | Response |
| 7.11.2 | Personnel |
| 7.11.3 | Communications |
| 7.11.4 | Assessment |
| 7.11.5 | Restoration |
| 7.11.6 | Training and awareness |
| 7.11.7 | Lessons learned |
| 7.12 | Test Disaster Recovery Plans (DRP)) |
| 7.12.1 | Read-through/tabletop |
| 7.12.2 | Walkthrough |
| 7.12.3 | Simulation |
| 7.12.4 | Parallel |
| 7.12.5 | Full interruption |
| 7.13 | Participate in Business Continuity (BC) planning and exercises |
| 7.14 | Implement and manage physical security |
| 7.14.1 | Perimeter security controls |
| 7.14.2 | Internal security controls |
| 7.15 | Address personnel safety And security concerns |
| 7.15.1 | Travel |
| 7.15.2 | Security training and awareness |
| 7.15.3 | Emergency management |
| 7.15.4 | Duress |