Introduction xxvAssessment Test xlviiiPart I Getting Started as an SSCP 1Chapter 1 The Business Case for Decision Assurance and Information Security 3Information: The Lifeblood of Business 4Policy, Procedure, and Process: How Business Gets Business Done 10Who Runs the Business? 20Summary 24Exam Essentials 24Review Questions 26Chapter 2 Information Security Fundamentals 33The Common Needs for Privacy, Confidentiality, Integrity, and Availability 34Training and Educating Everybody 47SSCPs and Professional Ethics 47Summary 49Exam Essentials 50Review Questions 54Part II Integrated Risk Management and Mitigation 61Chapter 3 Integrated Information Risk Management 63It's a Dangerous World 64The Four Faces of Risk 75Getting Integrated and Proactive with Information Defense 83Risk Management: Concepts and Frameworks 89Risk Assessment 95Four Choices for Limiting or Containing Damage 107Summary 114Exam Essentials 114Review Questions 120Chapter 4 Operationalizing Risk Mitigation 127From Tactical Planning to Information Security Operations 128Operationalizing Risk Mitigation: Step by Step 134The Ongoing Job of Keeping Your Baseline Secure 164Ongoing, Continuous Monitoring 174Reporting to and Engaging with Management 182Summary 183Exam Essentials 183Review Questions 189Part III The Technologies of Information Security 197Chapter 5 Communications and Network Security 199Trusting Our Communications in a Converged World 200Internet Systems Concepts 206Two Protocol Stacks, One Internet 218Wireless Network Technologies 240IP Addresses, DHCP, and Subnets 243IPv4 vs. IPv6: Important Differences and Options 248CIANA Layer by Layer 251Securing Networks as Systems 262Summary 273Exam Essentials 273Review Questions 280Chapter 6 Identity and Access Control 285Identity and Access: Two Sides of the Same CIANA+PS Coin 286Identity Management Concepts 288Access Control Concepts 295Network Access Control 305Implementing and Scaling IAM 310User and Entity Behavior Analytics (UEBA) 329Zero Trust Architectures 332Summary 333Exam Essentials 334Review Questions 343Chapter 7 Cryptography 349Cryptography: What and Why 350Building Blocks of Digital Cryptographic Systems 358Keys and Key Management 367"Why Isn't All of This Stuff Secret?" 373Cryptography and CIANA+PS 375Public Key Infrastructures 381Applying Cryptography to Meet Different Needs 399Managing Cryptographic Assets and Systems 405Measures of Merit for Cryptographic Solutions 407Attacks and Countermeasures 408PKI and Trust: A Recap 418On the Near Horizon 420Summary 423Exam Essentials 424Review Questions 429Chapter 8 Hardware and Systems Security 435Infrastructure Security Is Baseline Management 437Securing the Physical Context 442Infrastructures 101 and Threat Modeling 444Endpoint Security 457Malware: Exploiting the Infrastructure's Vulnerabilities 462Privacy and Secure Browsing 466"The Sin of Aggregation" 469Updating the Threat Model 469Managing Your Systems' Security 470Summary 471Exam Essentials 472Review Questions 478Chapter 9 Applications, Data, and Cloud Security 483It's a Data-Driven World...At the Endpoint 484Software as Appliances 487Applications Lifecycles and Security 490CIANA+PS and Applications Software Requirements 498Application Vulnerabilities 504"Shadow IT:" The Dilemma of the User as Builder 507Information Quality and Information Assurance 511Protecting Data in Motion, in Use, and at Rest 514Into the Clouds: Endpoint App and Data Security Considerations 522Legal and Regulatory Issues 533Countermeasures: Keeping Your Apps and Data Safe and Secure 535Summary 536Exam Essentials 537Review Questions 548Part IV People Power: What Makes or Breaks Information Security 555Chapter 10 Incident Response and Recovery 557Defeating the Kill Chain One Skirmish at a Time 558Harsh Realities of Real Incidents 564Incident Response Framework 566Preparation 571Detection and Analysis 578Containment and Eradication 584Recovery: Getting Back to Business 587Post-Incident Activities 590Summary 594Exam Essentials 595Review Questions 601Chapter 11 Business Continuity via Information Security and People Power 607What Is a Disaster? 608Surviving to Operate: Plan for It! 609Timelines for BC/DR Planning and Action 615Options for Recovery 617Cloud- Based "Do- Over" Buttons for Continuity, Security, and Resilience 623People Power for BC/DR 626Security Assessment: For BC/DR and Compliance 633Converged Communications: Keeping Them Secure During BC/DR Actions 634Summary 637Exam Essentials 637Review Questions 641Chapter 12 Cross-Domain Challenges 647Operationalizing Security Across the Immediate and Longer Term 648Supply Chains, Security, and the SSCP 657Other Dangers on the Web and Net 662On Our Way to the Future 666Enduring Lessons 672Your Next Steps 677At the Close 678Exam Essentials 678Review Questions 683Appendix Answers to Review Questions 689Chapter 1: The Business Case for Decision Assurance and Information Security 690Chapter 2: Information Security Fundamentals 693Chapter 3: Integrated Information Risk Management 695Chapter 4: Operationalizing Risk Mitigation 698Chapter 5: Communications and Network Security 701Chapter 6: Identity and Access Control 704Chapter 7: Cryptography 707Chapter 8: Hardware and Systems Security 709Chapter 9: Applications, Data, and Cloud Security 712Chapter 10: Incident Response and Recovery 715Chapter 11: Business Continuity via Information Security and People Power 718Chapter 12: Cross- Domain Challenges 722Index 727

ABOUT THE AUTHORMichael S. Wills, SSCP, CISSP, CAMS, is Assistant Professor of Applied Information Technologies in the College of Business at the Embry-Riddle Aeronautical University's Worldwide Campus. He has many years of experience designing, building, and operating cutting-edge secure systems, and wrote (ISC)²'s official training courses for both the SSCP and CISSP. He is also the creator of ERAU's Master of Science in Information Security and Assurance degree program.