Domain 2: Threats, Vulnerabilities, and Mitigations
Chapter 5, Compare and contrast common threat actors and motivations, examines various threat actors (nation-state, unskilled attacker, hacktivist, etc.) and their motivations like data exfiltration, espionage, and service disruption.
Chapter 6, Explain common threat vectors and attack surfaces, explores different threat vectors and attack surfaces, including message-based, image-based, file-based threats, and human vectors.
Chapter 7, Explain various types of vulnerabilities, discusses a range of vulnerabilities in applications, operating systems, hardware, cloud, and more.
Chapter 8, Given a scenario, analyze indicators of malicious activity, outlines how to identify indicators of malicious activities like malware attacks, physical attacks, and network attacks.
Chapter 9, Explain the purpose of mitigation techniques used to secure the enterprise, details the various mitigation techniques like segmentation, encryption, monitoring, and hardening techniques.