Back to Domains
⚙️Domain 7

Security Operations

13%Exam Weight
15Subdomains
7.1

Understand and comply with investigations

Key Concepts

Evidence collectionEvidence handlingReportingDocumentationInvestigative techniquesDigital forensicsArtifacts
7.2

Conduct logging and monitoring activities

Key Concepts

IDPSSIEMContinuous monitoringEgress monitoringLog managementThreat intelligenceThreat feedsThreat huntingUEBA
7.3

Perform Configuration Management

Key Concepts

ProvisioningBaseliningAutomation
7.4

Apply foundational security operations concepts

Key Concepts

Need-to-knowLeast privilegeSeparation of DutiesPrivileged account managementJob rotationSLA
7.5

Apply resource protection

Key Concepts

Media managementMedia protectionData at restData in transit
7.6

Conduct incident management

Key Concepts

DetectionResponseMitigationReportingRecoveryRemediationLessons learned
7.7

Operate and maintain detection and preventative measures

Key Concepts

FirewallsNGFWWAFIDSIPSWhitelistingBlacklistingThird-party servicesSandboxingHoneypotsAnti-malwareML/AI tools
7.8

Implement and support patch and vulnerability management

Key Concepts

Patch managementVulnerability management
7.9

Understand and participate in change management processes

Key Concepts

Change management
7.10

Implement recovery strategies

Key Concepts

Backup storageCloud storageRecovery sitesCold sitesHot sitesMultiple processing sitesSystem resilienceHAQoSFault tolerance
7.11

Implement Disaster Recovery processes

Key Concepts

ResponsePersonnelCommunicationsAssessmentRestorationTrainingLessons learned
7.12

Test Disaster Recovery Plans

Key Concepts

Read-throughTabletopWalkthroughSimulationParallelFull interruptionCommunications
7.13

Participate in Business Continuity planning and exercises

Key Concepts

BC planningBC exercises
7.14

Implement and manage physical security

Key Concepts

Perimeter securityInternal security controls
7.15

Address personnel safety and security concerns

Key Concepts

TravelSecurity trainingInsider threatSocial media2FA fatigueEmergency managementDuress
Previous DomainAll DomainsNext Domain