Competencies: Security

Security

Overview

Information security encompasses protecting information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This domain covers identity and access management, network access control, cryptography, offensive and defensive security, application security, governance and compliance, cloud security, forensics, and security architecture.

Industry Frameworks

CISSP — comprehensive security management and architecture
CompTIA Security+/CySA+/CASP+ — vendor-neutral security progression
NICE Cybersecurity Workforce Framework — role-based security competencies
OWASP — application security
MITRE ATT&CK — adversarial tactics and techniques

Subdomains

Subdomain	Topics	Personal Coverage	Avg Level
Cryptography & PKI	18	High	Advanced
Defensive Security	18	Moderate	Intermediate
Network Access Control	18	High	Expert
Application Security	17	Low	Beginner
Governance, Risk & Compliance	15	Moderate	Intermediate
Identity & Access Management	15	Moderate	Intermediate
Security Architecture	15	Low	Beginner
Cloud Security	14	Low	Beginner
Forensics & Incident Response	14	None	—
Offensive Security	14	None	—

Subdomain

Topics

Personal Coverage

Avg Level

Cryptography & PKI

High

Advanced

Defensive Security

Moderate

Intermediate

Network Access Control

High