The exam covers high level framework topics as well as detailed underlying processes that support framework implementation. This includes the framework core, tiers and profiles which allow CSIRT staff to evaluate risk and prioritize feature changes based on business needs and changes in the security landscape.
Dell Technologies provides free practice tests to assess your knowledge in preparation for the exam. Practice tests allow you to become familiar with the topics and question types you will find on the proctored exam. Your results on a practice test offer one indication of how prepared you are for the proctored exam and can highlight topics on which you need to study and train further. A passing score on the practice test does not guarantee a passing score on the certification exam.
Dell EMC Infrastructure Security Specialist Exam Summary:
| Exam Name | Dell EMC Certified Specialist - Infrastructure Security |
| Exam Code | DES-9131 |
| Exam Price | $230 (USD) |
| Duration | 90 mins |
| Number of Questions | 60 |
| Passing Score | 60% |
| Books / Training | Introduction to IT Frameworks and NIST (pre-requisite) - (ES101DSY00354/, ES131DSY00354) Implementing the NIST Cybersecurity Framework (ES102DSY00786/, ES132DSY00786) |
| Sample Questions | Dell EMC Infrastructure Security Specialist Sample Questions |
| Practice Exam | Dell EMC DES-9131 Certification Practice Exam |
Dell EMC DES-9131 Exam Syllabus Topics:
| Topic | Details | Weights |
| NIST Framework Overview | - Describe the NIST Framework architecture and purpose including the Core, Tiers, and Profiles - Describe the topics associated with the Category layer and explain how they align to the NIST Framework functions |
10% |
| NIST Framework: Identify Function | - Describe what constitutes an asset and which assets need to be protected - Describe the "who/what/why" of a continuously updated inventory - Describe how discovery and inventory facilitates the planning effortsassociated with Disaster Recovery, Incident Response, Communications, and Business Impact Analysis - Describe the controls for the inventory classification and explain the KPIs developed around these controls |
18% |
| NIST Framework: Protect Function | - Describe the need for creating and documenting a baseline configuration - Explain how the Business Impact Analysis is integral to the protect function - Describe the role of the Business Continuity Plan and Business Impact Analysis - Describe the maintenance and access control subcategory controls for the protect function - Describe the awareness training, data security and protective technology subcategory controls of the protect function |
23% |
| NIST Framework: Detect Function | - Describe the anatomy of a breach, including what constitutes a breach, why and how it happens, and the steps to avoid a breach - Identify the methods of detection and how detection can be implemented - Describe the concept and benefits of continuous monitoring - Identify and explain the subcategories associated with detection and analysis |
17% |
| NIST Framework: Respond Function | - Describe how to quantify the extent of a security breach - Describe how to contain a security breach - Understand and construct an effective Incident Response Plan - Describe the purpose and details of an effective Communications Plan - Describe the after action plan and review |
17% |
| NIST Framework: Recover Function | - Determine and describe the considerations when implementing a Disaster Recovery Plan (DRP) - Describe how the BCP (Business Continuity Plan) supports “timely recovery to normal operations to reduce the impact from a cybersecurity incident.” - Assess and describe the requirements and processes to return to "business as usual" - Describe the process of understanding the impact to the business, including reputation and revenue |
15% |
Posts
0 comments:
Post a Comment