Study for CPCSP (Certified Physical & Cybersecurity Professional)
Here is some information to guide you what to study and prepare for the exam.
- Network Security - Study about basics of networking, understanding of how IP addresses works, how firewalls work, OSI model, ACLs, Wireless technologies and so on.
- Security Architecture - Learn about different type of security models, basics of computer architecture like memory and disk. How to secure computer systems. Protection mechanisms and recovery procedures.
- Governance and Risk Management - Learn about security triad model, risk management, risk responses, administrative controls, qualitative vs quantitative, how to handle breaches, etc.
- Security Assessment and Testing - Learn about different types of security testing types. Some tools used in testing, DAST vs SAST, threat modelling, auditing. Understanding of basic vulnerabilities like sql injection, xss, authentication bypass, path traversal, knowing OWASP Top 10, etc.
- Identity and Access Management - Study type of authentication and access controls, authorization mechanisms, passwords, biometric, SSO and so on.
- Operations Security - Basics of digital forensics, DLP, IDS and IPS, SIEM, incident response, root cause analysis, the 3 branches of law.
- Software Security and Cryptography - Understanding basics of software and database security, buffer overflows, virus, worms, trojans. How to secure APIs, encryption techniques, symmetric vs asymmetric encryption, hashing, encoding, SSL/TLS, SDLC, covert channels, software development methods and others.
- Business Continuity and Disaster Recovery - Learn about BCP and DRP. Understand the goal for BIA (Business Impact Assessment), backup types, disaster recovery plans, MTTF, MTTR, MTBF, MTD, etc.
- Physical Security - Learn about the threats and controls for physical security. Fences, CCTV, alarms, fire detection and prevention, electrical power, security access cards, locks, etc.
Copyright © 2021 TekCert