Certified Security Specialist (ECSS)

Network Security Fundamentals

• Understand Fundamentals of Network Security
• Discuss Essential Network Security Protocols

Identification, Authentication and Authorization

• Discuss Access Control Principles, Terminologies, and Models
• Discuss Identity and Access Management (IAM) Concepts

Network Security Controls -Administrative Controls

• Discuss Various Regulatory Frameworks, Laws, and Acts
• Learn to Design and Develop Security Policies
• Learn to Conduct Different Type of Security and Awareness Training

Network Security Controls - Physical Controls

• Understand the Importance of Physical Security
• Discuss Various Physical Security Controls
• Describe Workplace Security
• Describe Various Environmental Controls

Network Security Controls -Technical Controls

• Understand Different Types of Network
• Understand Different Types of Firewalls and their Role
• Understand Different Types of IDS/IPS and their Role
• Understand Different Types of Honeypot
• Understand Different Types of Proxy Servers and their Benefits
• Discuss Fundamentals of VPN and its importance in Network Security
• Discuss Security Incident and Event Management (SIEM)
• Discuss User Behavior Analytics (UBA)
• Understand Various Antivirus/Anti-malware Software

Virtualization and Cloud Computing

• Understand Virtualization Essential Concepts and OS Virtualization Security
• Understand Cloud Computing Fundamentals
• Discuss the Insights of Cloud Security and Best Practices

Wireless Network Security

• Understand Wireless Network Fundamentals
• Understand Wireless Network Encryption Mechanisms
• Discuss Different Types of Wireless Network Authentication Methods

Mobile Device Security

• Understand Various Mobile Device Connection Methods
• Discuss Mobile Device Management Concepts
• Discuss Common Mobile Usage Policies in Enterprises
• Discuss Security Risk and Guidelines Associated with Enterprises Mobile Usage Policies
• Discuss and Implement Enterprise-level Mobile Security Management Solutions
• Discuss and Implement General Security Guidelines and Best Practices on Mobile Platforms

IoT Device Security

• Understand IoT Devices, Application Areas, and Communication Models
• Discuss the Security in IoT-enabled Environments

Cryptography and PKI

• Discuss Cryptographic Techniques
• Discuss Various Cryptographic Algorithms
• Discuss Various Cryptography Tools
• Discuss Public Key Infrastructure (PKI)

Data Security

• Understand Data Security and its Importance
• Discuss Various Security Controls for Data Encryption
• Discuss Data Backup and Retention
• Discuss Data Loss Prevention Concepts

Network Traffic Monitoring

• Understand the Need and Advantages of Network Traffic Monitoring
• Determine Baseline Traffic Signatures for Normal and Suspicious Network Traffic
• Perform Network Monitoring for Suspicious Traffic

Information Security Fundamentals

• Discuss Information Security Fundamentals
• Discuss Various Information Security Laws and Regulations

Ethical Hacking Fundamentals

• Understand Cyber Kill Chain Methodology
• Discuss Hacking Concepts and Hacker Classes
• Understand Different Phases of Hacking Cycle
• Discuss Ethical Hacking Concepts, Scope, and Limitations
• Ethical Hacking Tools

Information Security Threats and Vulnerability Assessment

• Define Threat and Threat Sources
• Define Malware and its Types
• Define Vulnerabilities
• Define Vulnerability Assessment

Password Cracking Techniques and Countermeasures

• Discuss Password Cracking Techniques
• Discuss Password Cracking Tools
• Discuss Password Cracking Countermeasures

Social Engineering Techniques and Countermeasures

• Discuss Social Engineering Concepts and its Phases
• Discuss Social Engineering Techniques
• Discuss Insider Threats and Identity Theft
• Discuss Various Social Engineering Countermeasures

Network Level Attacks and Countermeasures

• Understand Packet Sniffing Concepts
• Discuss Sniffing Techniques
• Discuss Sniffing Countermeasures
• Discuss Types of DoS and DDoS Attacks
• Discuss DoS and DDoS Attack Countermeasures
• Discuss Types Session Hijacking Attacks
• Discuss Session Hijacking Attack Countermeasures

Web Application Attacks and Countermeasures

• Discuss Various Web Server Attacks
• Discuss Web Server Attack Countermeasures
• Understand Web Application Architecture and Vulnerability Stack
• Discuss Web Application Threats and Attacks
• Discuss Web Application Attack Countermeasures
• Discuss Types of SQL Injection Attacks
• Discuss SQL Injection Attack Countermeasures

Wireless Attacks and Countermeasures

• Understand Wireless Terminology
• Discuss Different Types of Wireless Encryption
• Describe Wireless Network-specific Attack Techniques
• Understand Bluetooth Attacks
• Discuss Wireless Attack Countermeasures

Mobile Attacks and Countermeasures

• Understand Mobile Attack Anatomy
• Discuss Mobile Platform Attack Vectors and Vulnerabilities
• Understand Mobile Device Management (MDM) Concept
• Discuss Mobile Attack Countermeasures

IoT and OT Attacks and Countermeasures

• Understand IoT Concepts

• Discuss IoT Threats and Attacks

• Discuss IoT Attack Countermeasures

• Understand OT Concepts

• Discuss OT Threats and Attacks

• Discuss OT Attack Countermeasures

Cloud Computing Threats and Countermeasures

• Understand Cloud Computing Concepts
• Understand Container Technology
• Discuss Cloud Computing Threats
• Discuss Cloud Attack Countermeasures

Penetration Testing Fundamentals

• Understand Fundamentals of Penetration Testing and its Benefits
• Discuss Strategies and Phases of Penetration Testing
• Guidelines and Recommendations for Penetration Testing

Computer Forensics Fundamentals

• Understand the Fundamentals of Computer Forensics
• Understand Digital Evidence
• Understand Forensic Readiness
• Identify the Roles and Responsibilities of a Forensic Investigator
• Understand Legal Compliance in Computer Forensics

Computer Forensics Investigation Process

• Understand the Forensic Investigation Process and its Importance
• Forensic Investigation Process - Preinvestigation Phase
• Forensic Investigation Process - Investigation Phase
• Forensic Investigation Process - Postinvestigation Phase

Understanding Hard Disks and File Systems

• Describe Different Types of Disk Drives and their Characteristics
• Explain the Logical Structure of a Disk
• Understand Booting Process of Windows, Linux, and Mac Operating Systems
• Understand Various File Systems of Windows, Linux, and Mac Operating Systems
• Examine the File System

Data Acquisition and Duplication

• Understand Data Acquisition Fundamentals
• Discuss Different Types of Data Acquisition
• Determine the Data Acquisition Format
• Understand Data Acquisition Methodology

Defeating Anti-forensics Techniques

• Understand Anti-forensics and its Techniques
• Discuss Anti-forensics Countermeasures

Windows Forensics

• Collect Volatile and Non-Volatile Information
• Perform Windows Memory and Registry Analysis
• Examine Cache, Cookie, and History Recorded in Web Browsers
• Examine Windows Files and Metadata

Linux and Mac Forensics

• Understand Volatile and Non-Volatile Data in Linux
• Analyze Filesystem Images Using The Sleuth Kit
• Demonstrate Memory Forensics
• Understand Mac Forensics

Network Forensics

• Understand Network Forensics Fundamentals
• Understand Event Correlation Concepts and Types
• Identify Indicators of Compromise (IoCs) from Network Logs
• Investigate Network Traffic

Investigating Web Attacks

• Understand Web Application Forensics
• Understand IIS and Apache Web Server Logs
• Investigating Web Attacks on Windowsbased Servers
• Detect and Investigate Various Attacks on Web Applications

Dark Web Forensics

• Understand the Dark Web
• Understand Dark Web Forensics
• Perform Tor Browser Forensics

Investigating Email Crimes

• Understand Email Basics
• Understand Email Crime Investigation and its Steps

Malware Forensics

• Understand Malware, its Components and Distribution Methods
• Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysi
• Perform Static Malware Analysis
• Analyze Suspicious Word Documents
• Perform Dynamic Malware Analysis
• Perform System Behavior Analysis
• Perform Network Behavior Analysis