課程名稱:CompTIA SecurityX 國際認可證書課程
- 簡稱:SecurityX Training Course |
1. Designing a Secure Network Architecture
1.1 Physical, virtual, and cloud network security controls
1.1.1 OSI model
1.1.2 Unified threat management
1.1.3 More about Next-Generation Firewall and virtual appliance
1.1.4 IDS/IPS
1.1.5 Network IDS versus NIPS
1.1.6 Wireless IPS
1.1.7 Inline Encryptors
1.1.8 Network access control
1.1.9 SIEM
1.1.10 Switches
1.1.11 Firewalls
1.1.12 Routers
1.1.13 Proxy
1.1.14 Network address translation gateway
1.1.15 Load balancer
1.1.16 Hardware Root of Trust
1.2 Application- and protocol-aware technologies
1.2.1 DLP
1.2.2 WAF
1.2.3 Database activity monitoring
1.2.4 Spam filter
1.2.5 Advanced network design
1.2.6 Remote access
1.2.7 VPN
1.2.8 IPsec
1.2.9 SSH
1.2.10 Remote Desktop Protocol
1.2.11 Virtual Network Computing
1.2.12 Reverse proxy
1.2.13 Network authentication methods
1.2.14 Placement of hardware and applications
1.2.15 NetFlow
1.2.16 sFlow
1.2.17 Data flow diagram
1.2.18 Secure configuration and baselining of networking and security components
1.2.19 Software-defined networking
1.3 Network management and monitoring tools
1.3.1 Alert definitions and rule writing
1.3.2 Advanced configuration of network devices
1.3.3 Transport security
1.3.4 Port security
1.3.5 Route protection
1.3.6 Distributed DoS protection
1.3.7 Remotely triggered black hole
1.3.8 Modern DDoS Mitigation Strategy:
1.4 Security zones
1.4.1 Implementing Microsegmentation in the Cloud
1.4.2 DMZ
1.4.3 DMZ Cloud-Native Equivalent
1.5 Chapter Summary - Architecting for a Zero Trust World
2. Integrating Software Applications into the Enterprise
2.1 Integrating security into the development life cycle
2.1.1 Systems development life cycle
2.1.2 The DevSecOps Lifecycle: A Continuous and Automated Approach
2.1.3 Development approaches
2.1.4 Versioning with Source Code Management (SCM)
2.2 Software Assurance: Securing the Software Supply Chain
2.2.1 Development, Staging, and Production Environments
2.2.2 Validating third-party libraries
2.2.3 Automating Third-Party and Open-Source Library Validation
2.2.4 SecDevOps
2.2.5 Defining the DevOps pipeline
2.3 Baseline and templates
2.3.1 Secure coding standards
2.3.2 Automatic the Application vetting processes
2.3.3 Hypertext Transfer Protocol
2.3.4 (HTTP) headers
2.3.5 Application Programming Interface (API) management
2.4 Considerations when integrating enterprise applications
2.4.1 Customer relationship management (CRM)
2.4.2 Enterprise resource planning (ERP)
2.4.3 Configuration Management Database (CMDB)
2.4.4 Content management systems
2.5 Integration enablers
2.5.1 Directory and Identitiy services
2.5.2 Domain name system
2.5.3 Service-oriented architecture
2.5.4 Enterprise service bus
2.6 Chapter Summary of Integrating Software Applications into the Enterprise
3. Enterprise Data Security, Including Secure Cloud and Virtualization Solutions
3.1 Implementing data loss prevention
3.1.1 Blocking the use of external media
3.1.2 Print blocking
3.1.3 Remote Desktop Protocol blocking
3.1.4 Watermarking
3.1.5 Digital rights management
3.1.6 Network traffic decryption/deep packet inspection
3.1.7 Network traffic analysis
3.1.8 DLP in the Cloud (Data at Rest and in Motion)
3.2 Enabling data protection
3.2.1 Data classification
3.2.2 Metadata/attributes
3.2.3 Obfuscation
3.2.4 Anonymization
3.2.5 Encrypted versus unencrypted
3.2.6 Data life cycle
3.2.7 Data inventory and mapping
3.2.8 Data integrity management
3.2.9 Data Classification Lifecycle
3.2.10 Data storage, backup, and recovery
3.2.11 Redundant array of inexpensive disks
3.2.12 The Modern Approach: Cloud-Native Durability and Availability
3.3 Implementing secure cloud and virtualization solutions
3.3.1 Virtualization strategies
3.3.2 Security considerations for virtualization
3.4 Investigating cloud deployment models
3.4.1 Deployment models and considerations
3.4.2 Private cloud
3.4.3 Public cloud
3.4.4 Hybrid cloud
3.4.5 Cloud Hosting Models: Shared vs. Dedicated Tenancy
3.4.6 Service models
3.4.7 Software as a service
3.4.8 Platform as a service
3.4.9 Infrastructure as a service
3.4.10 Cloud provider limitations
3.5 Extending appropriate on-premises controls
3.5.1 Micro-segmentation
3.5.2 Jump box
3.5.3 Examining cloud storage models
3.5.4 File-based storage
3.5.5 Database storage
3.5.6 Block storage
3.5.7 Blob storage
3.5.8 Key/value pairs
3.6 Chapter Summary of Enterprise Data Security, Including Secure Cloud and Virtualization Solutions
4. Deploying Enterprise Authentication and Authorization Controls
4.1 Credential management
4.1.1 Single Sign-On (SSO) as an Architectural Pattern
4.1.2 Password repository applications
4.1.3 On-premises versus cloud password repository
4.1.4 Hardware key manager
4.1.5 Privileged access management
4.1.6 Password policies
4.2 Identity federation
4.2.1 Transitive trust
4.2.2 OpenID
4.2.3 Security Assertion Markup Language (SAML)
4.3 Access control
4.3.1 Mandatory Access Control (MAC)
4.3.2 Discretionary Access Control (DAC)
4.3.3 Role-based access control
4.3.4 Rule-based access control
4.3.5 Attribute-based access control
4.4 Authentication and Authorization protocols
4.4.1 Remote Authentication Dial-In User Server (RADIUS)
4.4.2 Terminal Access Controller Access Control System (TACACS)
4.4.3 Diameter
4.4.4 Lightweight Directory Access Protocol (LDAP)
4.4.5 Kerberos
4.4.6 OAuth 2.0 and OpenID Connect (OIDC)
4.4.7 802.1X
4.4.8 Extensible Authentication Protocol (EAP) - The Framework for 802.1X Authentication
4.5 Multi-Factor Authentication (MFA)
4.5.1 Two-Factor Authentication (2FA)
4.5.2 Two-step verification
4.5.3 In-band authentication
4.5.4 Out-of-Band Authentication (OOBA)
4.5.5 One-Time Password (OTP)
4.5.6 HMAC-based One-Time Password (HOTP)
4.5.7 Time-based One-Time Password (TOTP)
4.5.8 Hardware root of trust
4.5.9 JWT
4.6 Chapter Summary of Deploying Enterprise Authentication and Authorization Controls
5. Threat and Vulnerability Management
5.1 Intelligence types
5.1.1 Tactical intelligence
5.1.2 Strategic intelligence
5.1.3 Operational intelligence
5.1.4 Commodity malware
5.1.5 Targeted attacks
5.2 Actor types
5.2.1 Advanced persistent threat – nation-state
5.2.2 Insider threat
5.2.3 Competitor and Corporate Espionage
5.2.4 Hacktivist
5.2.5 Script kiddie
5.2.6 Organized crime
5.3 Threat actor properties
5.3.1 Resources
5.3.2 Time
5.3.3 Money
5.3.4 Supply chain access
5.3.5 Capabilities and sophistication
5.3.6 Identifying techniques
5.4 Intelligence collection methods
5.4.1 Intelligence feeds
5.4.2 Deep web
5.4.3 Proprietary and Closed-Source Intelligence
5.4.4 Open source intelligence
5.4.5 Human intelligence
5.5 Frameworks
5.5.1 MITRE adversarial tactics, techniques, and common knowledge (ATT&CK)
5.5.2 ATT&CK for industrial control systems
5.5.3 The Diamond model of intrusion analysis
5.5.4 Cyber Kill Chain
5.5.5 Threat hunting
5.5.6 Threat emulation
5.6 Indicators of Compromise (IoC) and Indicators of Attack (IoA)
5.6.1 Packet capture
5.6.2 Logs
5.6.3 Network logs
5.6.4 Vulnerability logs
5.6.5 Operating system logs
5.6.6 Access logs
5.6.7 NetFlow logs
5.6.8 Notifications
5.6.9 File integrity monitoring alerts
5.6.10 SIEM alerts
5.6.11 Data loss prevention alerts
5.6.12 Intrusion detection system and intrusion prevention system alerts
5.6.13 Antivirus alerts
5.6.14 Notification severity and priorities
5.7 Responses
5.7.1 Network Enforcement- Dynamic Firewalling and Segmentation
5.7.2 Intrusion prevention system and intrusion detection system rules
5.7.3 Access control list rules
5.7.4 Signature rules
5.7.5 Behavior rules
5.7.6 Data loss prevention rules
5.7.7 Scripting and Regular Expressions in SecOps
5.8 Chapter Summary of Threat and Vulnerability Management
6. Risk-Based Vulnerability Management (RBVM) and Continuous Security Validation
6.1 Designing a Risk-Based Vulnerability Management (RBVM) Program
6.1.1 Credentialed versus non-credentialed scans
6.1.2 Architectural Deployment: Agent-Based vs. Agentless
6.1.3 Risk Prioritization and Context
6.1.4 Active versus passive scans
6.2 Security Content Automation Protocol (SCAP) and Interoperability
6.2.1 Extensible Configuration Checklist Description Format (XCCDF)
6.2.2 Open Vulnerability and Assessment Language (OVAL)
6.2.3 Common Platform Enumeration (CPE)
6.2.4 Common Vulnerabilities and Exposures (CVE)
6.2.5 Common Vulnerability Scoring System (CVSS)
6.2.6 Common Configuration Enumeration (CCE)
6.2.7 Asset Reporting Format (ARF)
6.2.8 Validation Strategy: Self-Assessment vs. Third-Party
6.2.9 Patch management
6.3 Leveraging Vulnerability Feeds and Threat Intelligence
6.3.1 Security Advisories and Zero-Day Response
6.3.2 Bulletins
6.3.3 Vendor websites
6.3.4 Information Sharing and Analysis
6.3.5 News reports
6.4 Assessment Methodologies (Static, Dynamic, and Interactive Analysis)
6.4.1 Static analysis (SAST)
6.4.2 Dynamic analysis
6.4.3 Interactive Analysis (IAST) and Advanced Techniques
6.4.4 Wireless Assessment and Site Surveys
6.4.5 Software Composition Analysis (SCA) and Supply Chain Security
6.4.6 Fuzz testing (Fuzzing)
6.5 Offensive Security: Penetration Testing, Red Teaming, and BAS
6.5.1 Defining Strategic Requirements
6.5.2 Scoping and Rules of Engagement (RoE)
6.5.3 Post-Exploitation and Impact Analysis
6.5.4 Persistence Mechanisms
6.5.5 Pivoting and Lateral Movement
6.5.6 Remediation Validation and Regression Testing
6.6 Selecting and Configuring Assessment Tools
6.6.1 SCAP scanner
6.6.2 Network traffic analyzer
6.6.3 Vulnerability scanner
6.6.4 Protocol analyzer
6.6.5 Port Scanners and Network Enumeration (Nmap)
6.6.6 HTTP interceptor
6.6.7 Exploit Frameworks (Metasploit)
6.6.8 Password Auditing Tools (Hashcat & John the Ripper)
6.6.9 Dependency Management and SBOM Tools
6.7 Chapter Summary of Vulnerability Management and Offensive Security Operations
7. Risk Mitigation Controls and Software Security Architecture
7.1 Understanding application vulnerabilities
7.1.1 Race conditions
7.1.2 Buffer overflows
7.1.3 Integer overflow
7.1.4 Broken Access Control
7.1.5 Insecure Direct Object References (IDOR)
7.1.6 Improper Error Handling and Information Leakage
7.1.7 Security Misconfiguration (OWASP A05)
7.1.8 Information Disclosure and Sensitive Data Exposure
7.1.9 Certificate Validation Failures and PKI Misconfiguration
7.1.10 Weak Cryptography and Protocol Deprecation
7.1.11 Weak ciphers
7.1.12 Software Composition Analysis (SCA) and Supply Chain Risk
7.1.13 Use of vulnerable frameworks and software modules
7.1.14 Use of unsafe functions
7.1.15 Third-Party Libraries and SDKs
7.1.16 Transitive Dependencies and External Services
7.1.17 End-of-Life (EOL) and End-of-Support (EOS)
7.1.18 Regression Issues and Testing Strategies
7.2 Assessing Risks in Web Technologies (AJAX, SOAP, REST, HTML5)
7.2.1 Client-Side vs. Server-Side Processing: The Trust Boundary
7.2.2 JSON and Representational State Transfer (REST)
7.2.3 Browser extensions
7.2.4 Hypertext Markup Language 5 (HTML5)
7.2.5 Asynchronous JavaScript and XML (AJAX)
7.2.6 Simple Object Access Protocol (SOAP)
7.3 Recognizing common attacks
7.3.1 Directory Traversal (Path Traversal)
7.3.2 Cross-site scripting
7.3.3 Cross-site request forgery
7.3.4 Injection attacks
7.3.5 Sandbox escape
7.3.6 VM Hopping and Virtual Network Attacks
7.3.7 VM escape
7.3.8 Border Gateway Protocol (BGP) Hijacking
7.3.9 Interception attacks
7.3.10 Denial of Service (DoS) and Distributed Denial of Service (DDoS)
7.3.11 Social engineering
7.3.12 VLAN hopping
7.4 Proactive and detective risk reduction
7.4.1 Proactive Threat Hunting
7.4.2 Developing countermeasures
7.4.3 Deceptive technologies
7.4.4 Security data analytics
7.5 Preventative Controls: Application Control and Automation
7.5.1 Application Control and Execution Policies
7.5.2 Security Automation and Orchestration
7.5.3 Physical Security Architecture and Convergence
7.6 Chapter Summary: Risk Mitigation and Security Engineering
8. Implementing Incident Response and Forensics Procedures
8.1 Architecting the Incident Response Plan (IRP)
8.1.1 Understanding the incident response process
8.1.2 Preparation
8.1.3 Detection
8.1.4 Analysis
8.1.5 Containment
8.1.6 Eradication and recovery
8.1.7 Lessons learned
8.1.8 Specific response playbooks/processes
8.1.9 Non-automated response methods
8.1.10 Automated response methods
8.1.11 Communication plan
8.2 Executing the Incident Response Lifecycle (PICERL)
8.2.1 Step 1. Prepare
8.2.2 Step 2. Identify
8.2.3 Step 3. Contain
8.2.4 Step 5. Recover
8.2.5 Step 6. Lessons Learned
8.3 Forensic process
8.3.1 Chain of custody
8.3.2 Order of volatility
8.3.3 Memory snapshots
8.3.4 Images
8.3.5 Evidence preservation
8.3.6 Cryptanalysis
8.3.7 Steganalysis
8.4 Digital Forensics Principles and Chain of Custody
8.4.1 File carving tools
8.4.2 Binary analysis tools
8.4.3 Advanced Reverse Engineering Tools
8.4.4 Windows User-Mode Debuggers (OllyDbg & x64dbg)
8.4.5 Static Disassembly (Objdump)
8.4.6 Behavioral Profiling (Strace)
8.4.7 Dependency Analysis (ldd)
8.4.8 File Classification (file)
8.4.9 Forensic Analysis Suites and Specialized Tools
8.4.10 Forensic Imaging Tools (FTK & dc3dd)
8.4.11 Hashing utilities
8.4.12 Fuzzy Hashing (Similarity Analysis)
8.4.13 Live Response: Network and Process Analysis
8.4.14 Netcat (The TCP/IP Swiss Army Knife) and Secure Transfer
8.4.15 Command-Line Packet Capture (tcpdump)
8.4.16 Firewall State Analysis (Conntrack)
8.4.17 Advanced Protocol Analysis (Wireshark & TShark)
8.5 Chapter Summary of Implementing Incident Response and Forensics Procedures
9. Architecting Enterprise Mobility and Endpoint Security
9.1 Architecting Unified Endpoint Management (UEM) Strategies
9.1.1 Managed Configurations and Security Profiles
9.1.2 Application control
9.1.3 Architecting Identity Assurance: Authentication and Biometrics
9.1.4 Automated Patch Management and FOTA Strategies
9.1.5 Data Sanitization and Remote Wipe Strategies
9.1.6 Wireless Security Architecture: WPA3 and SAE
9.1.7 PKI Integration: SCEP, EST, and Device Identity
9.1.8 Configuration Profiles and Context-Aware Assignment
9.1.9 Short-Range Wireless Security: Bluetooth and NFC
9.1.10 Peripherals
9.1.11 Geofencing
9.1.12 Geotagging
9.1.13 Full Device Encryption (FDE) and Boot Integrity
9.1.14 Tethering and Network Bridging Risks
9.1.15 RF Isolation (Airplane Mode) and Management Blackout
9.1.16 Location services
9.1.17 Secure DNS Protocols: DoH and DoT
9.1.18 Custom DNS Configuration and Enforcement
9.1.19 Deployment scenarios
9.1.20 BYOD: The Zero Trust Endpoint
9.1.21 Corporate-Owned, Fully Managed
9.1.22 Corporate-Owned, Personally Enabled (COPE)
9.1.23 CYOD and Managing Fragmentation
9.2 Mobile Deployment Models (BYOD, COPE, CYOD) and Privacy
9.2.1 Configuration State and Tamper Resistance
9.2.2 Securing Data in Transit and Network Isolation
9.2.3 Counter-Surveillance and Sensor Control
9.2.4 Privacy Architecture: Containerization and Liability
9.2.5 Regulatory Compliance (GDPR/HIPAA) and Selective Wipe
9.2.6 Wearable Technology and Shadow IoT Risks
9.2.7 Mobile Forensics and Acquisition Challenges
9.2.8 Sideloading, Jailbreaking, and Root of Trust Compromise
9.2.9 Containerization and Data Separation Architecture
9.2.10 OEM/Carrier Fragmentation and Patch Latency
9.2.11 Hardware Supply Chain Risks and Pre-installed Malware
9.2.12 Hardware Root of Trust: eFuse and Anti-Rollback
9.3 Endpoint Protection: EPP, EDR, and XDR
9.3.1 Hardening techniques
9.3.2 Compensating Controls and Layered Defense
9.4 Chapter Summary: Architecting Endpoint and Mobile Security
10. Security Considerations Impacting Specific Sectors and Operational Technologies
10.1 Identifying regulated business sectors
10.1.1 Energy sector
10.1.2 Manufacturing
10.1.3 Healthcare
10.1.4 Public utilities
10.1.5 Public services
10.1.6 Facility services
10.2 Understanding embedded systems
10.2.1 Internet of things
10.2.2 System on a chip
10.2.3 Application-specific integrated circuits
10.2.4 Field-programmable gate array
10.3 Understanding ICS/SCADA
10.3.1 PLCs
10.3.2 Historian
10.3.3 Ladder logic
10.3.4 Safety instrumented system
10.3.5 Heating, ventilation, and air conditioning
10.4 Understanding OT protocols
10.4.1 Controller area network bus (CANBus)
10.4.2 Modbus
10.4.3 Distributed Network Protocol 3.0
10.4.4 Zigbee
10.4.5 Common Industrial Protocol
10.4.6 Data Distribution Service
11. Implementing Cryptographic Protocols and Algorithms
11.1 Understanding hashing algorithms
11.1.1 Secure Hashing Algorithm (SHA)
11.1.2 Hash-Based Message Authentication Code (HMAC)
11.1.3 Message Digest (MD)
11.1.4 RACE integrity primitives evaluation message digest (RIPEMD)
11.2 Understanding symmetric encryption algorithms
11.2.1 Block ciphers
11.2.2 Stream ciphers
11.3 Understanding asymmetric encryption algorithms
11.3.1 Rivest, Shamir, and Adleman (RSA)
11.3.2 Digital Signature Algorithm (DSA)
11.3.3 Elliptic-curve Digital Signature Algorithm (ECDSA)
11.3.4 Diffie-Hellman (DH)
11.3.5 Elliptic-curve Cryptography (ECC)
11.3.6 Elliptic-curve Diffie-Hellman (ECDH)
11.4 Understanding encryption protocols
11.4.1 Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
11.4.2 Secure/Multipurpose Internet Mail Extensions (S/MIME)
11.4.3 Internet Protocol Security (IPSec)
11.4.4 Secure Shell (SSH)
11.4.5 Key stretching
11.4.6 Password salting
11.4.7 Password-based key derivation function 2 (PBKDF2)
11.5 Understanding emerging security technologies
11.5.1 Quantum computing
11.5.2 Blockchain
11.5.3 Homomorphic encryption
11.5.4 Biometric impersonation
11.5.5 3D printing
11.6 Chapter Summary of Implementing Cryptographic Protocols and Algorithms
12. Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs
12.1 Understanding the PKI hierarchy
12.1.1 Certificate authority
12.1.2 Registration authority
12.1.3 Certificate revocation list
12.1.4 Online Certificate Status Protocol
12.2 Understanding certificate types
12.2.1 Wildcard certificate
12.2.2 Extended validation
12.2.3 Multi-domain
12.2.4 General-purpose
12.2.5 Certificate usages/templates
12.3 Understanding PKI security and interoperability
12.3.1 Trusted certificate providers
12.3.2 Trust models
12.3.3 Cross-certification certificate
12.3.4 Life cycle management
12.3.5 Certificate pinning
12.3.6 Certificate stapling
12.3.7 CSRs
12.3.8 Common PKI use cases
12.3.9 Key escrow
12.4 Troubleshooting issues with cryptographic implementations
12.4.1 Key rotation
12.4.2 Mismatched keys
12.4.3 Improper key handling
12.4.4 Embedded keys
12.4.5 Exposed private keys
12.4.6 Crypto shredding
12.4.7 Cryptographic obfuscation
12.4.8 Compromised keys
12.5 Chapter Summary of Implementing Appropriate PKI Solutions, Cryptographic Protocols, and Algorithms for Business Needs
13. Applying Appropriate Risk Strategies
13.1 Understanding risk assessments
13.1.1 Qualitative risk assessments
13.1.2 Quantitative risk assessments
13.1.3 Gap analysis
13.2 Implementing risk-handling techniques
13.2.1 Transfer
13.2.2 Accept
13.2.3 Avoid
13.2.4 Mitigate
13.2.5 Risk types
13.3 Understanding the risk management life cycle
13.3.1 Department of Defense Risk Management Framework
13.3.2 NIST Cybersecurity Framework (CSF)
13.3.3 Understanding risk controls
13.4 Understanding risk tracking
13.4.1 Key performance indicators
13.4.2 Key risk indicators
13.4.3 Risk appetite
13.4.4 Risk tolerance
13.4.5 Trade-off analysis
13.5 Managing risk with policies and security practices
13.5.1 Separation of duties (SoD)
13.5.2 Job rotation
13.5.3 Mandatory vacation
13.5.4 Least privilege
13.5.5 Employment and termination procedures
13.5.6 Training and awareness for users
13.5.7 Auditing requirements and frequency
13.6 Explaining the importance of managing and mitigating vendor risk
13.6.1 Vendor lock-in
13.6.2 Vendor Lock-Out
13.6.3 Vendor viability
13.6.4 Merger or acquisition risk
13.6.5 Meeting client requirements
13.6.6 Ongoing vendor assessment tools
13.7 Chapter Summary of Applying Appropriate Risk Strategies
14. Compliance Frameworks, Legal Considerations, and Their Organizational Impact
14.1 Security concerns associated with integrating diverse industries
14.1.1 Data considerations
14.1.2 Understanding geographic considerations
14.1.3 Third-party attestation of compliance
14.2 Understanding regulations, accreditations, and standards
14.2.1 Understanding legal considerations
14.2.2 Application of contract and agreement types
15. Business Continuity and Disaster Recovery Concepts
15.1 Conducting a business impact analysis
15.1.1 Maximum Tolerable Downtime (MTD)
15.1.2 Recovery Time Objective (RTO)
15.1.3 Recovery Point Objective (RPO)
15.1.4 Recovery service level
15.1.5 Mission-essential functions
15.1.6 Privacy Impact Assessment (PIA)
15.1.7 Preparing a Disaster Recovery Plan/Business Continuity Plan
15.1.8 Backup and recovery methods
15.2 Planning for high availability and automation
15.2.1 Scalability
15.2.2 Resiliency
15.2.3 Automation
15.2.4 Testing plans
15.3 Explaining how cloud technology aids enterprise resilience
15.3.1 Using cloud solutions for business continuity and disaster recovery (BCDR)
15.3.2 Infrastructure versus serverless computing
15.3.3 Collaboration tools
15.3.4 Storage configurations
15.3.5 Cloud Access Security Broker (CASB)
|
繳付學費,過程簡便!
