CBK 1 – Access Control

Authentication
Centralized Access Control
Models & Techniques

CBK 2 – Telecommunications & Network Security

7 OSI Layers
Firewall
VPN
Attacks

CBK 3 – Information Security Governance & Risk Management

Policies & Risks
Reducing Risks

CBK 4 – Software Development Security

Databases
Development Life Cycle

CBK 5 – Cryptography

Symmetric Cryptography
Asymmetric Cryptography

CBK 6 – Security Architecture and Design

System Evaluation
Security Models
Availability & Integrity

CBK 7 – Security Operations

IDS/IPS
Control Types
Separation of Duties
Backups & Malware

CBK 8 – Business Continuity and Disaster Recovery Planning

Plan B

CBK 9 – Legal, Regulations, Investigations, and Compliance

Evidence
Law
Investigation

CBK 10 – Physical (Environmental) Security

Fire
Physical Controls
Power & Location