Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.
Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.
Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.
Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics.
Expanded to support organizational risk management and compliance to regulations, such as PCI- DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.