The process for determining whether a user attempting to gain access to a system is, in fact,the authorized holder of the appropriate credentials needed for access is called

DSST Fundamentals of Cybersecurity exam covers the basics of cybersecurity including application and systems security, implementing authentication and authorization technologies, compliance, security pertaining to networks and physical environments, and vulnerability management. The exam contains 100 questions to be answered in 2 hours.  DSST Fundamentals of Cybersecurity exam content, in brief: 1. Application & Systems Security – 15% a. Security Triad b. Accountability & non-repudiation c. Fundamentals of Cryptography d. Security development life cycle e. Best practices for migration... Show more

DSST Fundamentals of Cybersecurity exam covers the basics of cybersecurity including application and systems security, implementing authentication and authorization technologies, compliance, security pertaining to networks and physical environments, and vulnerability management.

The exam contains 100 questions to be answered in 2 hours. 

DSST Fundamentals of Cybersecurity exam content, in brief:

1. Application & Systems Security – 15%
a. Security Triad
b. Accountability & non-repudiation
c. Fundamentals of Cryptography
d. Security development life cycle
e. Best practices for migration from development environment to production
f. Anti-virus protection and malware detection
g. Software Development (Dev) and IT operations (Ops) and SecOps (Security + Operations)
2. Authentication, Authorization, & Access Controls – 12%
a. Implementing authentication technologies
b. Authorization
c. Access controls
d. Identity and Access Management
3. Compliance, & Governance – 12%
a. Security architecture
b. Audits and Risk Assessment
c. Outsourcing
d. Ethics and legal
e. Governance Risk & Compliance
4. Operational Security – 10%
a. Securing and monitoring the production environment
b. Policies, standards and procedures
5. Network Security – 16%
a. Protocols and services
b. Analysis tools and management
c. Infrastructure
d. Wireless i.e. 5G,Bluetooth,LTE
6. Vulnerability Management – 17%
a. Penetration Testing
b. Recognizing and mitigating threats
c. Tools
d. Security Awareness Training i.e. Preventing Social Engineering, Phishing etc
7. Physical & Environmental Security – 6%
a. Physical access controls and management
b. Logical Controls
8. Disaster Recovery & Business Continuity – 12%
a. Backup and Recovery, Retention, Offsite and Cloud Storage, Archiving
b. Business impact analysis
c. Disaster recovery planning
d. Business continuity planning
e. Plan testing and maintenance
f. Incident Response Planning

Show less