Introduction xixChapter 1 Threats, Attacks, and Vulnerabilities 11.1 Compare and contrast different types of social engineering techniques 51.2 Given a scenario, analyze potential indicators to determine the type of attack 201.3 Given a scenario, analyze potential indicators associated with application attacks 371.4 Given a scenario, analyze potential indicators associated with network attacks 571.5 Explain different threat actors, vectors, and intelligence sources 801.6 Explain the security concerns associated with various types of vulnerabilities 911.7 Summarize the techniques used in security assessments 991.8 Explain the techniques used in penetration testing 109Review Questions 118Chapter 2 Architecture and Design 1232.1 Explain the importance of security concepts in an enterprise environment 1282.2 Summarize virtualization and cloud computing concepts 1392.3 Summarize secure application development, deployment, and automation concepts 1522.4 Summarize authentication and authorization design concepts 1672.5 Given a scenario, implement cybersecurity resilience 1832.6 Explain the security implications of embedded and specialized systems 1962.7 Explain the importance of physical security controls 2082.8 Summarize the basics of cryptographic concepts 220Review Questions 240Chapter 3 Implementation 2453.1 Given a scenario, implement secure protocols 2483.2 Given a scenario, implement host or application security solutions 2623.3 Given a scenario, implement secure network designs 2803.4 Given a scenario, install and configure wireless security settings 3043.5 Given a scenario, implement secure mobile solutions 3153.6 Given a scenario, apply cybersecurity solutions to the cloud 3303.7 Given a scenario, implement identity and account management controls 3363.8 Given a scenario, implement authentication and authorization solutions 3443.9 Given a scenario, implement public key infrastructure 355Review Questions 370Chapter 4 Operations and Incident Response 3754.1 Given a scenario, use the appropriate tool to assess organizational security 3774.2 Summarize the importance of policies, processes, and procedures for incident response 3984.3 Given an incident, utilize appropriate data sources to support an investigation 4094.4 Given an incident, apply mitigation techniques or controls to secure an environment 4184.5 Explain the key aspects of digital forensics 422Review Questions 435Chapter 5 Governance, Risk, and Compliance 4415.1 Compare and contrast various types of controls 4435.2 Explain the importance of applicable regulations, standards, or frameworks that impact organizational security posture 4465.3 Explain the importance of policies to organizational security 4565.4 Summarize risk management processes and concepts 4695.5 Explain privacy and sensitive data concepts in relation to security 486Review Questions 494Appendix Answers to Review Questions 499Chapter 1: Threats, Attacks, and Vulnerabilities 500Chapter 2: Architecture and Design 505Chapter 3: Implementation 508Chapter 4: Operations and Incident Response 511Chapter 5: Governance, Risk, and Compliance 514Index 519