Advance Your Skills with Experts

1. General Security Concepts
This domain covers the types of security controls including technical, operational, and administrative. It explains the core security principles of confidentiality, integrity, and availability, as well as non-repudiation and the AAA framework (authentication, authorization, and accounting). It also introduces Zero Trust models, deception and disruption technologies, change management processes, and cryptographic solutions such as PKI, encryption, hashing, digital signatures, and blockchain.

2. Threats, Vulnerabilities & Mitigations
This domain focuses on identifying different threat actors and their motivations, such as nation-states, hacktivists, insiders, and organized crime. It explains threat vectors and attack surfaces, and the different types of vulnerabilities that exist in applications, devices, cloud environments, virtualization, and supply chains. It also covers malicious activities including malware, password attacks, network attacks, and cryptographic attacks. Mitigation techniques such as segmentation, hardening, patching, isolation, and access control are introduced.

3. Security Architecture
This section explores the design of secure systems across various environments including on-premises, cloud, virtualization, IoT, and Infrastructure as Code (IaC). It explains how to apply security to enterprise architectures and secure communications. It also emphasizes data classification and protection methods, and resilience strategies such as high availability, site redundancy, platform diversity, backup strategies, and continuity of operations.

4. Security Operations
This domain addresses secure computing practices including baseline configurations, hardening, wireless security, sandboxing, and monitoring. It explains asset management processes such as acquisition, disposal, assignment, and tracking of hardware, software, and data. It covers vulnerability management steps identification, analysis, remediation, verification, and reporting as well as monitoring and alerting through logs, SIEM, and other data sources. Network security solutions such as firewalls, IDS/IPS, DNS filtering, DLP, NAC, and endpoint detection and response (EDR/XDR) are included. Identity and Access Management (IAM) is explained through provisioning, single sign-on (SSO), multifactor authentication (MFA), and privileged access tools. The section also discusses automation, scripting, incident response lifecycle, root cause analysis, threat hunting, and digital forensics.

5. Security Program Management & Oversight
This domain covers organizational aspects of cybersecurity including governance through policies, procedures, structures, roles, and responsibilities. It addresses risk management processes such as risk identification, assessment, maintaining a risk register, business impact analysis, and strategies to mitigate or accept risks. It explains third-party risk management including vendor assessments, contracts, and continuous monitoring. Compliance and regulatory requirements are covered, along with the consequences of non-compliance and privacy considerations. Finally, it explains audits and assessments including internal reviews, external audits, penetration testing, and security evaluations, as well as security awareness programs to train users, improve behavior, and strengthen organizational security posture

1. Networking Fundamentals
This domain explains the purpose of networking and key terminology. It covers network types and topologies including LAN, WAN, WLAN, MAN, and PAN. It introduces IPv4 and IPv6 addressing and explains common networking protocols and ports such as TCP, UDP, DNS, DHCP, HTTP/S, SNMP, and SSH. It also compares the OSI and TCP/IP models and explains the process of data encapsulation.

2. Network Implementations
This section focuses on networking devices and technologies. It explains the functions of switches, routers, firewalls, access points, and wireless controllers. It covers Ethernet standards, cabling types, and connectors for copper and fiber. Wireless networking standards (Wi-Fi 5, Wi-Fi 6, Wi-Fi 6E), frequencies, and encryption methods are also included. Additional topics include virtual networking, VLANs, VPNs, tunneling protocols, and WAN technologies such as MPLS, Metro Ethernet, broadband, and cellular.

3. Network Operations
This domain highlights day-to-day network operations. It includes the use of documentation and diagrams such as rack diagrams, wiring schematics, and logical or physical topology maps. It explains remote access methods like SSH, RDP, and VPN, as well as monitoring tools such as SNMP, Syslog, SIEM, and NetFlow. It covers configuration management, network baselines, and change management processes. Finally, it introduces high availability, redundancy, and disaster recovery concepts.

4. Network Security
This section emphasizes protecting network infrastructure. It explains physical security measures such as locks, cameras, and access badges. It covers authentication, authorization, and accounting (AAA) using RADIUS and TACACS+. Common threats like DoS, MITM, spoofing, phishing, and ransomware are introduced. Secure protocols such as HTTPS, SFTP, IPSec, and TLS are explained. The module also covers network segmentation, VLAN security, access control lists (ACLs), and wireless security methods including WPA3, EAP, and captive portals.

5. Network Troubleshooting
This final domain explains the troubleshooting methodology: identifying problems, forming hypotheses, testing, implementing fixes, verifying, and documenting results. It describes common issues such as IP conflicts, duplicate MAC addresses, DNS errors, and DHCP failures. Troubleshooting tools include ping, traceroute, nslookup/dig, ipconfig/ifconfig, netstat, and Wireshark. It also covers diagnosing cabling problems, hardware failures, and performance issues, as well as wireless connectivity and interference troubleshooting.

1. Soft Skills & Assessment Management
Understanding the penetration testing lifecycle including scoping, risk management, record keeping, interim and final reporting. Covers client communication, legal and compliance considerations, and project closure.

2. Core Technical Skills
Knowledge of IP protocols (IPv4, IPv6, TCP, UDP, ICMP), network architectures, scanning techniques, target identification, OS and application fingerprinting. Understanding network access controls and basic cryptography (encryption, hashing, symmetric/asymmetric keys).

3. Background Information Gathering & Open Source
Use of open source intelligence (OSINT): WHOIS lookups, DNS queries and zone transfers, website analysis, Google hacking techniques, searching mailing lists and newsgroups, and analyzing email/news headers.

4. Networking Equipment
Assessment of routers, switches, firewalls, and other devices. Includes testing remote management protocols (SSH, Telnet, SNMP, web admin), analyzing captured traffic, fingerprinting VPN/IPSec devices, VoIP/SIP enumeration, wireless device scanning, and protocol-specific weaknesses (ARP, DHCP, STP, VTP, TACACS+).

5. Microsoft Windows Security Assessment
Enumeration of Windows systems: users, groups, and Active Directory structure. Evaluation of password policies, patch management, desktop lockdown, registry ACLs, and common application vulnerabilities. Covers auditing methods for permissions and configurations.

6. Unix Security Assessment
Targeting Unix/Linux hosts: username enumeration, weak services (FTP, SMTP, NFS, X11, RPC, SSH), file system permissions and ACLs, misconfigured services, and known Unix-specific vulnerabilities.

7. Web Technologies
Understanding how web applications and services operate. Covers server types, protocols (HTTP/S), markup vs. backend logic, APIs, and overall web architectures.

8. Web Testing Methodologies
Practical methods for web app testing: reconnaissance, threat modeling, authentication and authorization testing, input validation, error handling, session management, information disclosure, and common flaws such as XSS and injection. Includes secure coding and source code review basics.

9. Web Testing Techniques
Hands-on exploitation skills: reconnaissance, brute forcing, chaining vulnerabilities, traffic monitoring and manipulation, exploitation resistance testing, and evaluating web defense architectures.

10. Databases
High-level database assessment: structure of database servers, common weaknesses, SQL injection, access control issues, and understanding how databases integrate with web applications in security assess.