Exam Review Guide - Prometric
Exam Review Guide - Prometric
Exam Review Guide - Prometric
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Exam</strong> Content Outline<br />
You will find that Cyber Security Essentials is comprehensive in the material that it covers. The <strong>Exam</strong> consists of seven<br />
major subject areas that span the following.<br />
Information Systems Security − Means by which electronically stored information is kept confidential. Information<br />
Systems Security, also known as INFOSEC, often refers to the access controls to prevent unauthorized people from<br />
accessing an information system, which is accomplished through a combination of processes.<br />
Application Security − Use of software, hardware and procedural methods to protect applications from hacker threats.<br />
Because applications are increasingly accessible over networks, they are vulnerable to a wide variety of threats.<br />
Governance – Practices exercised by those responsible for an organization or enterprise. The overarching goal of<br />
governance is to provide an organization with a strategic direction to ensure that it reaches business objectives and that<br />
risks, including ever-increasing cyber security risks, are effectively managed.<br />
Compliance – How well an organization adheres to the standards of good practice when it comes to managing<br />
cyber risks.<br />
Operational Security - Identification and safeguarding of sensitive or critical information. In a well-run organization,<br />
management and users enhance operational security against cyber risks by instilling effective procedures and guidelines<br />
into the day-to-day operations.<br />
Network Security – Procedures and policies adopted by an organization’s computer network administrator to prevent<br />
unauthorized access or misuse of a computer network and systems attached to that network. It also refers to the<br />
systems put in place to ensure authorization of access to data in a network.<br />
Physical Security – Procedures and polices that blunt unauthorized access to areas in a facility where computer and<br />
networking resources are housed. Some common types of physical security include door alarms, video cameras, locked<br />
doors and barrier fences.<br />
Environmental Security – Protection of computer and networking resources from environmental damage from threats<br />
such as fire, water, smoke, dust, radiation and impact.<br />
Vulnerability Management – Consolidated methodology and process for assessing, mitigating and protecting an<br />
organization’s computer and networking resources, while also reducing the cost of security and compliance.<br />
Vulnerability management also includes assessing and planning for myriad threat scenarios, from environmental disaster<br />
to cyber attack.<br />
<strong>Prometric</strong> | Canton Crossing Tower | 1501 South Clinton Street | Baltimore MD 21224<br />
www.prometric.com 3