Domain 4: Security Operations
Chapter 14, Given a scenario, apply common security techniques to computing resources, covers securing computing resources through secure baselines, hardening targets, wireless security settings, and application security.
Chapter 15, Explain the security implications of proper hardware, software, and data asset management, discusses the implications of asset management in security, focusing on acquisition, monitoring, and disposal processes.
Chapter 16, Explain various activities associated with vulnerability management, details activities in vulnerability management including identification methods, analysis, response, and reporting.
Chapter 17, Explain security alerting and monitoring concepts and tools, explores concepts and tools for security alerting and monitoring like SCAP, SIEM, antivirus, and DLP.
Chapter 18, Given a scenario, modify enterprise capabilities to enhance security, focuses on modifying enterprise security capabilities using tools and strategies like firewalls, IDS/IPS, web filters, and secure protocols.
Chapter 19, Given a scenario, implement and maintain identity and access management, discusses implementation and maintenance of identity and access management, including multifactor authentication and password concepts.
Chapter 20, Explain the importance of automation and orchestration related to secure operations, highlights the role of automation and orchestration in security operations, discussing use cases, benefits, and other considerations.
Chapter 21, Explain appropriate incident response activities, details the processes and activities involved in incident response, including preparation, analysis, containment, and recovery.
Chapter 22, Given a scenario, use data sources to support an investigation, discusses using various data sources like log data and automated reports to support security investigations.