Table of contents : Cover About the Authors Title Page Copyright Page Dedication Contents at a Glance Contents Acknowledgments Introduction Chapter 1 Security Principles Security Fundamentals The CAI Triad Authentication Message Authenticity and Nonrepudiation Privacy Information Assurance Elements of a Typical Cyberattack 1. Conduct Research 2. Identify Targets 3. Exploit Targets 4. Do Bad Things Elements of a Typical Security Program Risk Management Security Governance and Management Security Controls Professional Ethics Chapter Review Quick Review Questions Questions and Answers Chapter 2 Access Controls Concepts Access Control Fundamentals Access Control Concepts Access Control Practices Identification, Authentication, Authorization, and Accountability Identity and Access Management Identity and Access Management Lifecycle Privileged Accounts Logical Access Controls Access Control Models Identity Management Technologies Monitoring Logical Access Physical Access Control Preventing and Controlling Physical Access Monitoring Physical Access Chapter Review Quick Review Questions Questions and Answers Chapter 3 Network Security Network Fundamentals Network Types Wired and Wireless Networks System Addresses Network Devices and Terminology Networking in Action Protocols Ports OSI Model TCP/IP IP Addressing Network Threats and Attacks Conducting Research Identifying Targets Exploiting Targets Doing Bad Things Network Defenses Firewalls Network Security Architecture Elements Network Access Control E-mail and Web Application Filtering Network Operations Elements Wireless Security Internet of Things Security Security Assessments and Testing Network Infrastructure On-Premises Datacenter Infrastructure Cloud Infrastructure Chapter Review Quick Review Questions Questions and Answers Chapter 4 Security Operations Data Security Data Lifecycle Cryptography Logging and Monitoring System Hardening Patch Management Configuration Baselines Configuration Management Best Practice Security Policies CC-Recommended Security Policies Security Awareness Training Components of Security Awareness Training Security Awareness Training Topics Chapter Review Quick Review Questions Questions and Answers Chapter 5 Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts Incident Response Incident Response Terminology Incident Response Governance Elements Incident Response Process Business Continuity Management Business Continuity Program Purpose and Governance Business Continuity Plan Business Continuity Activation Disaster Recovery IT Facility Recovery User Environment Recovery Data Recovery Chapter Review Quick Review Questions Questions and Answers Appendix About the Online Content System Requirements Your Total Seminars Training Hub Account Privacy Notice Single User License Terms and Conditions TotalTester Online Technical Support Glossary Index