CompTIA SecurityX

• Minimum of 10 years of general IT experience, with 5 years focused on IT security
• Familiarity with concepts like governance frameworks, cryptography, and risk management
• Access to basic lab hardware and software, such as virtualized appliances, Linux distributions, and scripting tools

CompTIA SecurityX is an expert-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise’s cybersecurity readiness.

SecurityX is the only hands-on, performance-based certification for advanced practitioners — not managers — at the advanced skill level of cybersecurity

While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, SecurityX certified professionals figure out how to implement solutions within those policies and frameworks.

Unlike other certifications, SecurityX covers both security architecture and engineering

SecurityX is the only certification on the market that qualifies technical leaders to assess cyber readiness within an enterprise, and design and implement the proper solutions to ensure the organization is ready for the next attack.

SecurityX is the most up to date advanced-level cybersecurity certification on the market

SecurityX covers technical skills in on premises, cloud native, and hybrid environments, governance, risk, and compliance skills, assessing an enterprise’s cybersecurity readiness, and leading technical teams to implement enterprise-wide cybersecurity solutions.

What you will learn

• Security Architecture
  Analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.
• Governance, Risk, and Compliance
  Prove an organization’s overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST and CCPA
• Security Operations
  Address advanced threat management, vulnerability management, risk mitigation, incident response tactics and digital forensics analysis
• Security Engineering and Cryptography
  Configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions

Requirements
Minimum of 10 years of general IT experience, with 5 years focused on IT security
Familiarity with concepts like governance frameworks, cryptography, and risk management
Access to basic lab hardware and software, such as virtualized appliances, Linux distributions, and scripting tools

• Introduction
• Governance
  • Governance
  • Security Program Documentation
  • Awareness and Training Considerations
  • Governance Frameworks
  • Governance, Risk, and Compliance (GRC) Tools
  • Management Involvement
  • Change and Configuration Management
  • The Data Lifecycle
  • Communication Considerations
• Risk Management
  • Confidentiality Risk Considerations
  • Integrity Risk Considerations
  • Availability Risk Considerations
  • Privacy Risk Considerations
  • Risk Assessment Frameworks
  • Risk Assessment
  • Risk Response
  • Impact Analysis
  • Third-Party Risk Management
• Compliance
  • Industry Compliance
  • Industry Standards
  • Security Frameworks
  • Security Organziation Control Type 2 (SOC 2)
  • NIST Cybersecurity Framework (CSF)
  • Cloud Security Alliance (CSA)
  • Privacy Regulations
  • Security Reviews
  • Cross-Jurisdictional Compliance
• Resilient System Design
  • Security Devices
  • Monitoring and Detection
  • Network Traffic Management
  • Application Layer Security
  • Availability Considerations
  • Scaling Considerations
  • Recovery Strategies
  • Deployment Strategies
• Secure Architecture Design
  • Data States
  • Data Classification
  • Data Labeling and Tagging
  • Data Loss Prevention (DLP)
  • Hybrid Infrastructures
  • Third-Party Integrations
  • Attack Surface Management
  • Control Effectiveness
• Security in Systems
  • Hardware Assurance
  • Security Requirements
  • Software Assurance
  • Supply Chain Assurance
  • Pre-Deployment Testing
  • Post-Deployment Testing
  • Continuous Integration/Continuous Deployment (CI/CD) Management
  • Continuous Integration/Continuous Deployment (CI/CD) Testing
  • End-of-Life (EOL) Considerations
• Access, Authentication, Authorization
  • Access Control Systems
  • Access Provision
  • Rule-Based Access Control
  • Role-Based Access Control (RBAC)
  • Identity and Authentication
  • Access Control Policies
  • Monitoring and Oversight
• Zero Trust Design
  • Security Boundaries
  • VPN Architecture
  • Segmentation
  • Deperimeterization
  • Access Management
  • Application Programming Interface (API) Integeration and Validation
  • Asset Control
• Hardware Security
  • Roots of Trust
  • Boot Options
  • Security Coprocessors
  • Self-Encrypting Drives (SED)
  • Host-Based Encryption
  • Self-Healing Hardware
  • Virtual Hardware