Module 05: Security Operations (Domain 5)
π
Date Started: 2026-04-26
π
Date Completed: 2026-04-26
π― What I Learned:
- Data Security: Encryption (symmetric, asymmetric, hashing), data classification, labeling, retention, and secure destruction
- System Hardening: Configuration baselines, patch management, and update procedures
- Security Policies: Acceptable Use, Password, BYOD, Change Management, Privacy, and Data Handling policies
- Security Awareness Training: Social engineering recognition, password hygiene, and user responsibility
- Logging & Monitoring: Security event collection, analysis, and alerting fundamentals
π‘ Key Takeaways:
- Policies are only effective when enforced, reviewed, and communicated clearly
- Encryption protects data both in transit and at restβbut key management is equally critical
- Human factors remain the most common attack vector; continuous training is essential
π Links/Resources:
- ISC2 CC Security Operations Domain (https://www.isc2.org/certifications/cc/cc-certification-exam-outline)
- SANS Security Awareness Resources (https://www.sans.org/security-awareness-training/)
πΈ Screenshots:
Domain 5 completion badge