Phishing is the use of digital communications to trick people into revealing

sensitive data or deploying malicious software.

Malware is software designed to harm devices or networks. There are many types of
malware. The primary purpose of malware is to obtain money, or in some cases, an
intelligence advantage that can be used against a person, an organization, or a
territory.

Social engineering is a manipulation technique that exploits human error to gain

private information, access, or valuables. Human error is usually a result of
trusting someone without question. It’s the mission of a threat actor, acting as a
social engineer, to create an environment of false trust and lies to exploit as
many people as possible.

Let's start with the first domain, security and risk management. Security and risk
management focuses on defining security goals and objectives, risk mitigation,
compliance, business continuity, and the law. For example, security analysts may
need to update company policies related to private health information if a change
is made to a federal compliance regulation such as the Health Insurance Portability
and Accountability Act, also known as HIPAA.
Play video starting at :1:57 and follow transcript1:57

The second domain is asset security. This domain focuses on securing digital and
physical assets. It's also related to the storage, maintenance, retention, and
destruction of data. When working with this domain, security analysts may be tasked
with making sure that old equipment is properly disposed of and destroyed,
including any type of confidential information.
Play video starting at :2:25 and follow transcript2:25

The third domain is security architecture and engineering. This domain focuses on
optimizing data security by ensuring effective tools, systems, and processes are in
place. As a security analyst, you may be tasked with configuring a firewall. A
firewall is a device used to monitor and filter incoming and outgoing computer
network traffic. Setting up a firewall correctly helps prevent attacks that could
affect productivity.
Play video starting at :2:57 and follow transcript2:57

The fourth security domain is communication and network security. This domain
focuses on managing and securing physical networks and wireless communications. As
a security analyst, you may be asked to analyze user behavior within your
organization.

In this video, we'll introduce you to the next four security domains: identity and
access management, security assessment and testing, security operations, and
software development security.

Let's move into the fifth domain: identity and access management. Identity and
access management focuses on keeping data secure, by ensuring users follow
established policies to control and manage physical assets, like office spaces, and
logical assets, such as networks and applications. Validating the identities of
employees and documenting access roles are essential to maintaining the
organization's physical and digital security. For example, as a security analyst,
you may be tasked with setting up employees' keycard access to buildings.
Play video starting at :1:27 and follow transcript1:27

The sixth domain is security assessment and testing. This domain focuses on
conducting security control testing, collecting and analyzing data, and conducting
security audits to monitor for risks, threats, and vulnerabilities. Security
analysts may conduct regular audits of user permissions, to make sure that users
have the correct level of access. For example, access to payroll information is
often limited to certain employees, so analysts may be asked to regularly audit
permissions to ensure that no unauthorized person can view employee salaries.
Play video starting at :2:6 and follow transcript2:06

The seventh domain is security operations. This domain focuses on conducting

investigations and implementing preventative measures. Imagine that you, as a
security analyst, receive an alert that an unknown device has been connected to
your internal network. You would need to follow the organization's policies and
procedures to quickly stop the potential threat.
Play video starting at :2:31 and follow transcript2:31

The final, eighth domain is software development security. This domain focuses on
using secure coding practices, which are a set of recommended guidelines that are
used to create secure applications and services. A security analyst may work with
software development teams to ensure security practices are incorporated into the
software development life-cycle. If, for example, one of your partner teams is
creating a new mobile app, then you may be asked to advise on the password policies
or ensure that any user data is properly secured and managed.

Certified Information Systems Security Professional (CISSP) security domains

A hacker is any person who uses computers to gain access to computer systems,
networks, or data. They can be beginner or advanced technology professionals who
use their skills for a variety of reasons

Authorized hackers are also called ethical hackers. They follow a code of ethics
and adhere to the law to conduct organizational risk evaluations. They are
motivated to safeguard people and organizations from malicious threat actors.

Semi-authorized hackers are considered researchers. They search for vulnerabilities

but don’t take advantage of the vulnerabilities they find.

Unauthorized hackers are also called unethical hackers. They are malicious threat
actors who do not follow or respect the law. Their goal is to collect and sell
confidential data for financial gain.

Adversarial artificial intelligence (AI): A technique that manipulates artificial

intelligence (AI) and machine learning (ML) technology to conduct attacks more
efficiently

Business Email Compromise (BEC): A type of phishing attack where a threat actor
impersonates a known source to obtain financial advantage

Computer virus: Malicious code written to interfere with computer operations and
cause damage to data and software

Cryptographic attack: An attack that affects secure forms of communication between

a sender and intended recipient

Hacker: Any person who uses computers to gain access to computer systems, networks,
or data

Malware: Software designed to harm devices or networks

Password attack: An attempt to access password secured devices, systems, networks,
or data

Phishing: The use of digital communications to trick people into revealing

sensitive data or deploying malicious software

Physical attack: A security incident that affects not only digital but also
physical environments where the incident is deployed

Physical social engineering: An attack in which a threat actor impersonates an

employee, customer, or vendor to obtain unauthorized access to a physical location

Social engineering: A manipulation technique that exploits human error to gain

private information, access, or valuables

Social media phishing: A type of attack where a threat actor collects detailed
information about their target on social media sites before initiating the attack

Spear phishing: A malicious email attack targeting a specific user or group of

users, appearing to originate from a trusted source

Supply-chain attack: An attack that targets systems, applications, hardware, and/or

software to locate a vulnerability where malware can be deployed

USB baiting: An attack in which a threat actor strategically leaves a malware USB
stick for an employee to find and install to unknowingly infect a network

Virus: refer to “computer virus”

Vishing: The exploitation of electronic voice communication to obtain sensitive

information or to impersonate a known source

Watering hole attack: A type of attack when a threat actor compromises a website
frequently visited by a specific group of users