This test is designed for IT security professionals to measure knowledge and ability to secure computing and information systems. It covers the key concepts of authentication; confidentiality, integrity and availability (CIA); business continuity management (BCM) and disaster recovery (DR); physical security; risk management; and processes to control alterations to information processing environments. It also covers knowledge of cryptology, certificate security, intrusion detection and prevention software and managing security for VoIP and cloud computing.