Chapter 4
Domain 4: Security Architecture and Tool Sets
EXAM OBJECTIVES COVERED IN THIS CHAPTER:
4.1 Explain the relationship between frameworks, common policies, controls, and procedures.
- Regulatory compliance
- Frameworks
- Policies
- Controls
- Procedures
- Verifications and quality control
4.2 Given a scenario, use data to recommend remediation of security issues related to identity and access management.
- Security issues associated with context-based authentication
- Security issues associated with identities
- Security issues associated with identity repositories
- Security issues associated with federation and single sign-on
- Exploits
4.3 Given a scenario, review security architecture and make recommendations to implement compensating controls.
- Security data analytics
- Manual review
- Defense in depth
4.4 Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
- Best practices during software...