內容註: |
Introduction -- Domain 1: security and risk management (e.g., security, risk, compliance, law, regulations, business continuity) -- Domain 2: asset security (protecting security of assets) -- Domain 3: security engineering (engineering and management of security) -- Domain 4: communication and network security (designing and protecting network security) -- Domain 5: identity and access management (controlling access and managing identity) -- Domain 6: security assessment and testing (designing, performing, and analyzing security testing) -- Domain 7: security operations (e.g., foundational concepts, investigations, incident management, disaster recovery) -- Domain 8: software development security (understanding, applying, and enforcing software security). |