1 minute read
Security Assessment and Testing 12% 12
○ Artifacts have a new item in the investigations section of 7.1. (computer, network mobile device). Remains (information) left behind on a gadget can be used in investigations as artifacts ○ Log management, threat intelligence, and user and entity behavior analytics have been included to 7.2. (UEBA). ○ Provisioning, baselines, and automation are three of the many additions in 7.4. ○ 7.5 includes a new section for media protection approaches, such as encrypting media or using WORM technology to safeguard media in a virtual environment. ○ In 7.7, there are new examples of firewalls, such as next-generation, web application, and network. Machine learning and artificial intelligence (AI)-based tools are now included in this area. Make sure you grasp the advantages of these tools for incident management before using them. ○ A new lesson learnt item was added in 7.11. You should be able to articulate why and when an organization should make use of lessons learnt.
Software Development Security
Advertisement
○ Libraries, toolkits, IDEs, runtimes, CI/CD, SOAR, and application security testing are among the numerous new features in version 8.2. (SAST and DAST). ○ With the addition of additional items for COTS, open source, third-party, and managed services in 8.4, the software acquisition options are laid out in greater detail. Learn about software security and how it varies depending on how you obtain the programme. ○ Software-defined security has been added to 8.5.
