CompTIA CASP Objectives
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

CompTIA CASP Objectives

on

  • 425 views

 

Statistics

Views

Total Views
425
Views on SlideShare
385
Embed Views
40

Actions

Likes
0
Downloads
9
Comments
0

6 Embeds 40

http://casp-comptia.blogspot.com 31
http://casp-comptia.blogspot.ca 4
http://casp-comptia.blogspot.co.uk 2
http://casp-comptia.blogspot.in 1
http://casp-comptia.blogspot.com.es 1
http://casp-comptia.blogspot.it 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

CompTIA CASP Objectives Document Transcript

  • 1. CompTIA Advanced Security Practitioner Certification Exam Objectives 1 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.CompTIA Advanced Security PractitionerCertification Exam Objectives (CAS-001)INTRODUCTIONThe CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutralcredential. The CASP exam is an internationally targeted validation of advanced-levelsecurity skills and knowledge. While there is no required prerequisite, the CASPcertification is intended to follow CompTIA Security+ or equivalent experience and has atechnical, ―hands-on‖ focus at the enterprise level.The CASP exam will certify that the successful candidate has the technical knowledgeand skills required to conceptualize, design, and engineer secure solutions acrosscomplex enterprise environments. The candidate will apply critical thinking andjudgment across a broad spectrum of security disciplines to propose and implementsolutions that map to enterprise drivers.The CompTIA Advanced Security Practitioner (CASP) Certification is aimed at an IT securityprofessional who has: A minimum of 10 years experience in IT administration including at least 5 yearsof hands-on technical security experience.This examination blueprint includes domain weighting, test objectives, and examplecontent. Example topics and concepts are included to clarify the test objectives andshould not be construed as a comprehensive listing of all the content of this examination.The table below lists the domain areas measured by this examination and the approximateextent to which they are represented in the examination:Domain % of Examination1.0 Enterprise Security 40%2.0 Risk Mgmt, Policy/Procedure and Legal 24%3.0 Research & Analysis 14%4.0 Integration of Computing, Communications,and Business Disciplines22%Total 100%**Candidates should have basic knowledge of vendor specific tools and technologies, asthis knowledge may be required for the CompTIA CASP Certification Exam. CompTIAhas included a sample list of hardware and software at the end of this document toassist candidates as they prepare for the CASP exam. This list may also be helpful fortraining companies who wish to create a lab component to their training offering.
  • 2. CompTIA Advanced Security Practitioner Certification Exam Objectives 2 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.The lists of examples provided in bulleted format below each objective are not exhaustivelists. Other examples of technologies, processes or tasks pertaining to each objectivemay also be included on the exam although not listed or covered in this objectivesdocument.1.0 Enterprise Security1.1 Distinguish which cryptographic tools and techniques are appropriate for a givensituation. Cryptographic applications and proper implementation Advanced PKI conceptso Wild cardo OCSP vs. CRLo Issuance to entitieso Userso Systemso Applications Implications of cryptographic methods and designo Strength vs. performance vs. feasibility to implement vs. interoperability Transport encryption Digital signature Hashing Code signing Non-repudiation Entropy Pseudo random number generation Perfect forward secrecy Confusion Diffusion1.2 Distinguish and select among different types of virtualized, distributed and sharedcomputing Advantages and disadvantages of virtualizing servers and minimizing physicalspace requirements VLAN Securing virtual environments, appliances and equipment Vulnerabilities associated with a single physical server hosting multiplecompanies’ virtual machines Vulnerabilities associated with a single platform hosting multiple companies’virtual machines Secure use of on-demand / elastic cloud computingo Provisioningo De-provisioning
  • 3. CompTIA Advanced Security Practitioner Certification Exam Objectives 3 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.o Data remnants Vulnerabilities associated with co-mingling of hosts with different securityrequirementso VMEscapeo Privilege elevation Virtual Desktop Infrastructure (VDI) Terminal services1.3 Explain the security implications of enterprise storage Virtual storage NAS SAN vSAN iSCSI FCOE LUN masking HBA allocation Redundancy (location) Secure storage managemento Multipatho Snapshotso Deduplication1.4 Integrate hosts, networks, infrastructures, applications and storage into securecomprehensive solutions Advanced network designo Remote accesso Placement of security deviceso Critical infrastructure / Supervisory Control and Data Acquisition(SCADA)o VoIPo IPv6 Complex network security solutions for data flow Secure data flows to meet changing business needs Secure DNSo Securing zone transfero TSIG Secure directory serviceso LDAPo ADo Federated IDo Single sign on Network design considerationo Building layoutso Facilities management
  • 4. CompTIA Advanced Security Practitioner Certification Exam Objectives 4 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice. Multitier networking data design considerations Logical deployment diagram and corresponding physical deployment diagram ofall relevant devices Secure infrastructure design (e.g. decide where to place certain devices) Storage integration (security considerations) Advanced configuration of routers, switches and other network deviceso Transport securityo Trunking securityo Route protection ESB SOA SIEM Database Access Monitor (DAM) Service enabled WS-security1.5 Distinguish among security controls for hosts Host-based firewalls Trusted OS (e.g. how and when to use it) End point security softwareo Anti-malwareo Anti-viruso Anti-spywareo Spam filters Host hardeningo Standard operating environmento Security/group policy implementationo Command shell restrictionso Warning bannerso Restricted interfaces Asset management (inventory control) Data exfiltration HIPS / HIDS NIPS/NIDS1.6 Explain the importance of application security Web application security design considerationso Secure: by design, by default, by deployment Specific application issueso XSSo Click-jackingo Session managemento Input validationo SQL injection Application sandboxing
  • 5. CompTIA Advanced Security Practitioner Certification Exam Objectives 5 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice. Application security frameworkso Standard librarieso Industry accepted approaches Secure coding standards Exploits resulting from improper error and exception handling Privilege escalation Improper storage of sensitive data Fuzzing/false injection Secure cookie storage and transmission Client-side processing vs. server-side processingo AJAXo State managemento JavaScript Buffer overflow Memory leaks Integer overflows Race conditionso Time of checko Time of use Resource exhaustion1.7 Given a scenario, distinguish and select the method or tool that is appropriate toconduct an assessment Tool typeo Port scannerso Vulnerability scannerso Protocol analyzero Switchport analyzero Network enumeratoro Password crackero Fuzzero HTTP interceptoro Attacking tools/frameworks Methodso Vulnerability assessmento Penetration testingo Black boxo White boxo Grey Boxo Fingerprintingo Code reviewo Social engineering2.0 Risk Management, Policy / Procedure and Legal
  • 6. CompTIA Advanced Security Practitioner Certification Exam Objectives 6 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.2.1 Analyze the security risk implications associated with business decisions Risk management of new products, new technologies and user behaviors New or changing business models/strategieso Partnershipso Outsourcingo Mergers Internal and external influenceso Audit findingso Complianceo Client requirementso Top level management Impact of de-perimiterization (e.g. constantly changing network boundary)o Considerations of enterprise standard operating environment (SOE) vs.allowing personally managed devices onto corporate networks2.2 Execute and implement risk mitigation strategies and controls Classify information types into levels of CIA based on organization/industry Determine aggregate score of CIA Determine minimum required security controls based on aggregate score Conduct system specific risk analysis Make risk determinationo Magnitude of impacto Likelihood of threat Decide which security controls should be applied based on minimumrequirementso Avoido Transfero Mitigateo Accept Implement controls ESA frameworks Continuous monitoring2.3 Explain the importance of preparing for and supporting the incident response andrecovery process E-Discoveryo Electronic inventory and asset controlo Data retention policieso Data recovery and storageo Data ownershipo Data handling Data breacho Recoveryo Minimizationo Mitigation and response
  • 7. CompTIA Advanced Security Practitioner Certification Exam Objectives 7 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice. System design to facilitate incident response taking into account types ofviolationso Internal and externalo Privacy policy violationso Criminal actionso Establish and review system event and security logs Incident and emergency response2.4 Implement security and privacy policies and procedures based on organizationalrequirements. Policy development and updates in light of new business, technology andenvironment changes Process/procedure development and updated in light of policy, environment andbusiness changes Support legal compliance and advocacy by partnering with HR, legal,management and other entities Use common business documents to support securityo Interconnection Security Agreement (ISA)o Memorandum of Understanding (MOU)o Service Level Agreement (SLA)o Operating Level Agreement (OLA)o Non-Disclosure Agreement (NDA)o Business Partnership Agreement (BPA) Use general privacy principles for PII / Sensitive PII Support the development of policies that containo Separation of dutieso Job rotationo Mandatory vacationo Least privilegeo Incident responseo Forensic taskso On-going securityo Training and awareness for userso Auditing requirements and frequency3.0 Research and Analysis3.1 Analyze industry trends and outline potential impact to the enterprise Perform on-going researcho Best practiceso New technologieso New security systems and serviceso Technology evolution (e.g. RFCs, ISO) Situational awarenesso Latest client-side attacks
  • 8. CompTIA Advanced Security Practitioner Certification Exam Objectives 8 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.o Threatso Counter zero dayo Emergent issues Research security implications of new business toolso Social media/networkingo Integration within the business (e.g. advising on the placement ofcompany material for the general public) Global IA industry/communityo Conventionso Attackerso Emerging threat sources Research security requirements for contractso Request for Proposal (RFP)o Request for Quote (RFQ)o Request for Information (RFI)o Agreements3.2 Carry out relevant analysis for the purpose of securing the enterprise Benchmark Prototype and test multiple solutions Cost benefit analysis (ROI, TCO) Analyze and interpret trend data to anticipate cyber defense aids Review effectiveness of existing security Reverse engineer / deconstruct existing solutions Analyze security solutions to ensure they meet business needso Specify the performanceo Latencyo Scalabilityo Capabilityo Usabilityo Maintainabilityo Availability (MTTR, MTBF) Conduct a lessons-learned / after-action review Use judgment to solve difficult problems that do not have a best solution Conduct network traffic analysis4.0 Integration of Computing, Communications and BusinessDisciplines4.1 Integrate enterprise disciplines to achieve secure solutions Interpreting security requirements and goals to communicate with otherdisciplineso Programmerso Network engineerso Sales staff
  • 9. CompTIA Advanced Security Practitioner Certification Exam Objectives 9 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice. Provide guidance and recommendations to staff and senior management onsecurity processes and controls Establish effective collaboration within teams to implement secure solutions Disciplineso Programmero Database administratoro Network administratoro Managemento Stake holderso Financialo HRo Emergency response teamo Facilities managero Physical security manager4.2 Explain the security impact of inter-organizational change Security concerns of interconnecting multiple industrieso Rules, policies and regulations Design considerations during mergers, acquisitions and de-mergers Assuring third party products - only introduce acceptable risko Custom developedo COTS Network secure segmentation and delegation Integration of products and services4.3 Select and distinguish the appropriate security controls with regard tocommunications and collaboration Unified communication securityo Web conferencingo Video conferencingo Instant messagingo Desktop sharingo Remote assistanceo Presenceo Emailo Telephony VoIP security VoIP implementation Remote access Enterprise configuration management of mobile devices Secure external communications Secure implementation of collaboration platforms Prioritizing traffic (QoS) Mobile deviceso Smart phones, IP cameras, laptops, IP based devices
  • 10. CompTIA Advanced Security Practitioner Certification Exam Objectives 10 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.4.4 Explain advanced authentication tools, techniques and concepts Federated identity management (SAML) XACML SOAP Single sign on SPML Certificate based authentication Attestation4.5 Carry out security activities across the technology life cycle End to end solution ownership Understanding results of solutions in advanceo Operational activitieso Maintenanceo Decommissioningo General change management Systems Development Life Cycleo Security System Development Life Cycle (SSDLC) / SecurityDevelopment Life Cycle (SDL)o Security Requirements Traceability Matrix (SRTM) Adapt solutions to address emerging threats and security trends Validate system designs
  • 11. CompTIA Advanced Security Practitioner Certification Exam Objectives 11 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.CASP ACRONYMS3DES – Triple Digital Encryption StandardAAA – Authentication, Authorization, and AccountingACL – Access Control ListAD—Active DirectoryAES - Advanced Encryption StandardAES256 – Advanced Encryption Standards 256bitAH - Authentication HeaderALE - Annualized Loss ExpectancyAP - Access PointARO - Annualized Rate of OccurrenceARP - Address Resolution ProtocolAUP - Acceptable Use PolicyBCP – Business Continuity PlanningBIOS – Basic Input / Output SystemBOTS – Network RobotsBPA - Business Partnership AgreementCA – Certificate AuthorityCAC - Common Access CardCAN - Controller Area NetworkCCMP – Counter-Mode/CBC-Mac ProtocolCCTV - Closed-circuit televisionCERT – Computer Emergency Response TeamCHAP – Challenge Handshake Authentication ProtocolCIA - Cryptographic Information ApplicationCIA – Confidentiality, Integrity, and AvailabilityCIFS- Common Internet File SystemCIRT – Computer Incident Response TeamCISO – Chief Information Security OfficerCMDB- Configuration Management DatabaseCOOP- Continuity of OperationsCRC – Cyclical Redundancy CheckCredSSP – Credential Security Support ProviderCRL – Certification Revocation ListCRM- Customer Relationship ManagementDAC – Discretionary Access ControlDDOS – Distributed Denial of ServiceDEP – Data Execution PreventionDES – Digital Encryption StandardDHCP – Dynamic Host Configuration ProtocolDLL - Dynamic Link LibraryDLP - Data Loss PreventionDMZ – Demilitarized ZoneDNS – Domain Name Service (Server)DOS – Denial of Service
  • 12. CompTIA Advanced Security Practitioner Certification Exam Objectives 12 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.DRP – Disaster Recovery PlanDSA – Digital Signature AlgorithmEAP - Extensible Authentication ProtocolECC - Elliptic Curve CryptographyEFS – Encrypted File SystemELA- Enterprise License AgreementEMI – Electromagnetic InterferenceESA- Enterprise Security ArchitectureESB—Enterprise Service BusESP – Encapsulated Security PayloadFCOE – Fiber Channel Over EthernetFTP – File Transfer ProtocolGPU - Graphic Processing UnitGRC – Governance, Risk, & ComplianceGRE - Generic Routing EncapsulationHBA- Host Based AdapterHBA – Host Based AuthenticationHDD – Hard Disk DriveHIDS – Host Based Intrusion Detection SystemHIPS – Host Based Intrusion Prevention SystemHMAC – Hashed Message Authentication CodeHSM – Hardware Security ModuleHTTP – Hypertext Transfer ProtocolHTTPS – Hypertext Transfer Protocol over SSLHVAC – Heating, Ventilation Air ConditioningIaaS - Infrastructure as a ServiceICMP - Internet Control Message ProtocolID – IdentificationIDF- Intermediate Distribution FrameIdM- Identity ManagementIDP- Identity ProviderIDS – Intrusion Detection SystemIETF – Internet Engineering Task ForceIKE – Internet Key ExchangeIM - Instant messagingIMAP4 - Internet Message Access Protocol v4IP - Internet ProtocolIPS – Intrusion Prevention SystemsIPSec – Internet Protocol SecurityIRC - Internet Relay ChatISA--Interconnection Security AgreementISP – Internet Service ProviderIV - Initialization VectorKDC - Key Distribution CenterL2TP – Layer 2 Tunneling ProtocolLANMAN – Local Area Network Manager
  • 13. CompTIA Advanced Security Practitioner Certification Exam Objectives 13 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.LDAP – Lightweight Directory Access ProtocolLEAP – Lightweight Extensible Authentication ProtocolLUN – Link UninhibitMAC – Mandatory Access Control / Media Access ControlMAC - Message Authentication CodeMAN - Metropolitan Area NetworkMBR – Master Boot RecordMD5 – Message Digest 5MDF- Main Distribution FrameMFD- Multifunction DeviceMOA- Memorandum of AgreementMOU--Memorandum of UnderstandingMPLS – Multiprotocol Label SwitchingMSCHAP – Microsoft Challenge Handshake Authentication ProtocolMSS – Managed Security ServiceMTBF- Mean-Time Between FailureMTTR- Mean Time To RecoveryMTU - Maximum Transmission UnitNAC – Network Access ControlNAS- Network Attached StorageNAT – Network Address TranslationNDA--Non-Disclosure AgreementNIDS – Network Based Intrusion Detection SystemNIPS – Network Based Intrusion Prevention SystemNIST – National Institute of Standards & TechnologyNLA – Network Level AuthenticationNOS – Network Operating SystemNTFS - New Technology File SystemNTLM – New Technology LANMANNTP - Network Time ProtocolOCSP—Online Certificate Status ProtocolOLA--Operating Level AgreementORB- Object Request BrokerOS – Operating SystemOVAL – Open Vulnerability Assessment LanguagePaaS- Platform as a ServicePAP – Password Authentication ProtocolPAT - Port Address TranslationPBX – Private Branch ExchangePCI-DSS- Payment Card Industry Data Security StandardPDP- Policy Distribution PointPEAP – Protected Extensible Authentication ProtocolPED - Personal Electronic DevicePEP- Policy Enforcement PointPFS- Perfect Forward SecrecyPGP – Pretty Good Privacy
  • 14. CompTIA Advanced Security Practitioner Certification Exam Objectives 14 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.PII – Personally Identifiable InformationPII-Personal Identifiable InformationPIP- Policy Information PointPKI – Public Key InfrastructurePOTS – Plain Old Telephone ServicePPP - Point-to-point ProtocolPPTP – Point to Point Tunneling ProtocolPSK – Pre-Shared KeyPTZ – Pan-Tilt-ZoomQoS- Quality of ServiceRA – Recovery AgentRAD - Rapid application developmentRADIUS – Remote Authentication Dial-in User ServerRAID – Redundant Array of Inexpensive DisksRAS – Remote Access ServerRBAC – Role Based Access ControlRBAC – Rule Based Access ControlRFI- Request for InformationRFP- Request for ProposalRFQ- Request for QuoteRSA – Rivest, Shamir, & AdlemanRTO – Recovery Time ObjectiveRTP – Real-Time Transport ProtocolS/MIME – Secure / Multipurpose internet Mail ExtensionsSaaS - Software as a ServiceSAML--Security Assertions Markup LanguageSAN – Storage Area NetworkSCADA—Supervisory Control and Data AcquisitionSCAP - Security Content Automation ProtocolSCP- Secure CopySCSI - Small Computer System InterfaceSDL- Security Development Life CycleSDLC - Software Development Life CycleSDLM - Software Development Life Cycle MethodologySHA – Secure Hashing AlgorithmSHTTP – Secure Hypertext Transfer ProtocolSIEM- Security Information Event ManagementSIM – Subscriber Identity ModuleSLA – Service Level AgreementSLA--Service Level AgreementSLE - Single Loss ExpectancyS/MIME – Secure / Multipurpose Internet Mail ExtensionsSMS - Short Message ServiceSMTP – Simple Mail Transfer ProtocolSNMP - Simple Network Management ProtocolSOAP--Simple Object Access Protocol
  • 15. CompTIA Advanced Security Practitioner Certification Exam Objectives 15 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.SOA- Service Oriented ArchitectureSOA--Start of AuthoritySOE- Standard Operating EnvironmentSONET – Synchronous Optical Network TechnologiesSOX- Sarbanes–Oxley ActSP- Service ProviderSPIM - Spam over Internet MessagingSPIT- Spam over Internet TelephonySPML- Service Provisioning Markup LanguageSRTM- Software Requirements Traceability MatrixSRTP – Secure Real-time ProtocolSSD- Solid State DriveSSDLC-- Security System Development Life CycleSSH – Secure ShellSSL – Secure Sockets LayerSSO – Single Sign OnSTP – Shielded Twisted PairTACACS – Terminal Access Controller Access Control SystemTCO – Total Cost of OwnershipTCP/IP – Transmission Control Protocol / Internet ProtocolTKIP - Temporal Key Integrity ProtocolTLS – Transport Layer SecurityTOS- Type of ServiceTPM – Trusted Platform ModuleTSIG- Transaction Signature Interoperability GroupUAC – User Access ControlUAT - User Acceptance TestingUDDI- Universal Description Discovery and IntegrationUDP – User Datagram ProtocolUPS - Uninterruptable Power SupplyURL - Universal Resource LocatorUSB – Universal Serial BusUTP – Unshielded Twisted PairVDI—Virtual Desktop InfrastructureVLAN – Virtual Local Area NetworkVoIP - Voice over IPVPN – Virtual Private NetworkvSAN – Virtual Storage Area NetworkVTC – Video TeleconferencingWAC- Web Access ControlWAF- Web-Application FirewallWAP – Wireless Access PointWAYF- Where Are You FromWEP – Wired Equivalent PrivacyWIDS – Wireless Intrusion Detection SystemWIPS – Wireless Intrusion Prevention System
  • 16. CompTIA Advanced Security Practitioner Certification Exam Objectives 16 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.WPA – Wireless Protected AccessWSDL- Web Services Description LanguageXSRF - Cross-Site Request ForgeryCSRF- Cross-Site Request ForgeryXACML- eXtensible Access Control Markup LanguageXSS - Cross-Site ScriptingCASP Proposed Hardware and Software List**Candidates should have basic knowledge of vendor specific tools and technologies, asthis knowledge may be required for the CompTIA CASP Certification Exam. CompTIAhas included this sample list of hardware and software to assist candidates as they preparefor the CASP exam. This list may also be helpful for training companies who wish tocreate a lab component to their training offering.Equipment Laptops Virtualized appliances (firewall, IPS, SIEM solution, RSA authentication,Asterisk PBX) Basic server hardware (Email server/active directory server, trusted OS) Basic NAS (―Free NAS‖) Tokens Mobile devices 2 switches (managed switch) – IPv6 capable Router - IPv6 capable Gateway WAP WAF IPv6 and IPv4 Proxy server Load balancer CA serverSpare hardware NICs Power supplies External USB flash drive Access pointsSpare parts Patch cables
  • 17. CompTIA Advanced Security Practitioner Certification Exam Objectives 17 of 17Copyright 2011 by the Computing Technology Industry Association. All rights reserved.The CASP Certification Exam Objectives are subject to change without notice.Software Packet Sniffer Vulnerable web applications (web-goat, hacme bank, dvl) Windows Linux VMWare player / Virtualbox Vulnerability assessment tools Visio (diagramming software) Port scanner SSH and Telnet utilities Threat modeling tool Host IPS Helix software Backtrack CDOther Sample logs Sample network traffic (pcap) Sample organizational structure Sample network documentation