CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)
By Dr. Wm Arthur Conklin, Dr. Gregory White, Chuck Cothren, Roger L Davis and Dwayne Williams
Contents:
Preface
Acknowledgments
Introduction
Objective Map: Exam SY0-601
Part I Threats, Attacks, and Vulnerabilities
Chapter 1 Social Engineering Techniques
Social Engineering Methods
Tools
Phishing
Smishing
Vishing
Spam
Spam over Instant Messaging (SPIM)
Spear Phishing
Dumpster Diving
Shoulder Surfing
Pharming
Tailgating
Eliciting Information
Whaling
Prepending
Identity Fraud
Invoice Scams
Credential Harvesting
Reconnaissance
Hoax
Impersonation
Third-Party Authorization
Contractors/Outside Parties
Online Attacks
Defenses
Watering Hole Attack
Typosquatting
Pretexting
Influence Campaigns
Principles (Reasons for Effectiveness)
Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency
Defenses
Chapter Review
Questions
Answers
Chapter 2 Type of Attack Indicators
Malware
Ransomware
Trojans
Worms
Potentially Unwanted Programs
Fileless Viruses
Command and Control
Bots
Crypto-malware
Logic Bombs
Spyware
Keyloggers
Remote-Access Trojans (RATs)
Rootkit
Backdoors
Password Attacks
Spraying
Dictionary
Brute Force
Rainbow Tables
Plaintext/Unencrypted
Physical Attacks
Malicious Universal Serial Bus (USB) Cable
Malicious Flash Drives
Card Cloning
Skimming
Adversarial Artificial Intelligence (AI)
Tainted Training Data for Machine Learning (ML)
Security of Machine Learning Algorithms
Supply-Chain Attacks
Cloud-Based vs. On-Premises Attacks
Cryptographic Attacks
Birthday
Collision
Downgrade
Chapter Review
Questions
Answers
Chapter 3 Application Attack Indicators
Privilege Escalation
Cross-Site Scripting
Injection Attacks
Structured Query Language (SQL)
Dynamic-Link Library (DLL)
Lightweight Directory Access Protocol (LDAP)
Extensible Markup Language (XML)
Pointer/Object Dereference
Directory Traversal
Buffer Overflow
Race Condition
Time of Check/Time of Use
Improper Error Handling
Improper Input Handling
Replay Attacks
Session Replay
Integer Overflow
Request Forgery
Server-Side Request Forgery
Cross-Site Request Forgery
Application Programming Interface (API) Attacks
Resource Exhaustion
Memory Leak
Secure Sockets Layer (SSL) Stripping
Driver Manipulation
Shimming
Refactoring
Pass the Hash
Chapter Review
Questions
Answers
Chapter 4 Network Attack Indicators
Wireless
Evil Twin
Rogue Access Point
Bluesnarfing
Bluejacking
Disassociation
Jamming
Radio Frequency Identification (RFID)
Near Field Communication (NFC)
Initialization Vector (IV)
On-path Attack
Layer 2 Attacks
Address Resolution Protocol (ARP) Poisoning
Media Access Control (MAC) Flooding
MAC Cloning
Domain Name System (DNS)
Domain Hijacking
DNS Poisoning
Universal Resource Locator (URL) Redirection
Domain Reputation
Distributed Denial-of-Service (DDoS)
Network
Application
Operational Technology (OT)
Malicious Code and Script Execution
PowerShell
Python
Bash
Macros
Visual Basic for Applications (VBA)
Chapter Review
Questions
Answers
Chapter 5 Threat Actors, Vectors, and Intelligence Sources
Actors and Threats
Advanced Persistent Threats (APTs)
Insider Threats
State Actors
Hacktivists
Script Kiddies
Criminal Syndicates
Hackers
Shadow IT
Competitors
Attributes of Actors
Internal/External
Level of Sophistication/Capability
Resources/Funding
Intent/Motivation
Vectors
Direct Access
Wireless
Supply Chain
Social Media
Removable Media
Cloud
Threat Intelligence Sources
Open Source Intelligence (OSINT)
Closed/Proprietary
Vulnerability Databases
Public/Private Information Sharing Centers
Dark Web
Indicators of Compromise
Automated Indicator Sharing (AIS)
Structured Threat Information Expression (STIX) /
Trusted Automated Exchange of Intelligence
Information (TAXII)
Predictive Analysis
Threat Maps
File/Code Repositories
Research Sources
Vendor Websites
Vulnerability Feeds
Conferences
Academic Journals
Requests for Comment (RFCs)
Local Industry Groups
Social Media
Threat Feeds
Adversary Tactics, Techniques, and Procedures (TTPs)
Chapter Review
Questions
Answers
Chapter 6 Vulnerabilities
Cloud-based vs. On-premises Vulnerabilities
Zero Day
Weak Configurations
Open Permissions
Unsecure Root Accounts
Errors
Weak Encryption
Unsecure Protocols
Default Settings
Open Ports and Services
Third-Party Risks
Vendor Management
Supply Chain
Outsourced Code Development
Data Storage
Improper or Weak Patch Management
Firmware
Operating System (OS)
Applications
Legacy Platforms
Impacts
Data Loss
Data Breaches
Data Exfiltration
Identity Theft
Financial
Reputation
Availability Loss
Chapter Review
Questions
Answers
Chapter 7 Security Assessments
Threat Hunting
Intelligence Fusion
Threat Feeds
Advisories and Bulletins
Maneuver
Vulnerability Scans
False Positives
False Negatives
Log Reviews
Credentialed vs. Non-Credentialed
Intrusive vs. Non-Intrusive
Application
Web Application
Network
Common Vulnerabilities and Exposures
(CVE)/Common Vulnerability Scoring System
(CVSS)
Configuration Review
Syslog/Security Information and Event Management (SIEM)
Review Reports
Packet Capture
Data Inputs
User Behavior Analysis
Sentiment Analysis
Security Monitoring
Log Aggregation
Log Collectors
Security Orchestration, Automation, and Response (SOAR)
Chapter Review
Questions
Answers
Chapter 8 Penetration Testing
Penetration Testing
Known Environment
Unknown Environment
Partially Known Environment
Rules of Engagement
Lateral Movement
Privilege Escalation
Persistence
Cleanup
Bug Bounty
Pivoting
Passive and Active Reconnaissance
Drones
War Flying
War Driving
Footprinting
OSINT
Exercise Types
Red Team
Blue Team
White Team
Purple Team
Chapter Review
Questions
Answers
Part II Architecture and Design
Chapter 9 Enterprise Security Architecture
Configuration Management
Diagrams
Baseline Configuration
Standard Naming Conventions
Internet Protocol (IP) Schema
Data Sovereignty
Data Protection
Data Loss Prevention (DLP)
Masking
Encryption
At Rest
In Transit/Motion
In Processing
Tokenization
Rights Management
Geographical Considerations
Response and Recovery Controls
Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
Inspection
Hashing
API Considerations
Site Resiliency
Hot Sites
Warm Sites
Cold Sites
Deception and Disruption
Honeypots
Honeyfiles
Honeynets
Fake Telemetry
DNS Sinkhole
Chapter Review
Questions
Answers
Chapter 10 Virtualization and Cloud Security
Cloud Models
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
Anything as a Service (XaaS)
Level of Control in the Hosting Models
Public
Community
Private
Hybrid
Cloud Service Providers
Managed Service Provider (MSP) / Managed Security Service
Provider (MSSP)
On-Premises vs. Off-Premises
Fog Computing
Edge Computing
Thin Client
Containers
Microservices/API
Infrastructure as Code
Software-Defined Networking (SDN)
Software-Defined Visibility (SDV)
Serverless Architecture
Services Integration
Resource Policies
Transit Gateway
Virtualization
Type I
Type II
Virtual Machine (VM) Sprawl Avoidance
VM Escape Protection
Chapter Review
Questions
Answers
Chapter 11 Secure Application Development, Deployment, and
Automation Concepts
Environment
Development
Test
Staging
Production
Quality Assurance (QA)
Provisioning and Deprovisioning
Integrity Measurement
Secure Coding Techniques
Normalization
Stored Procedures
Obfuscation/Camouflage
Code Reuse and Dead Code
Server-Side vs. Client-Side Execution and Validation
Memory Management
Use of Third-Party Libraries and Software
Development Kits (SDKs)
Data Exposure
Open Web Application Security Project (OWASP)
Software Diversity
Compilers
Binaries
Automation/Scripting
Automated Courses of Action
Continuous Monitoring
Continuous Validation
Continuous Integration
Continuous Delivery
Continuous Deployment
Elasticity
Scalability
Version Control
Chapter Review
Questions
Answers
Chapter 12 Authentication and Authorization
Authentication Methods
Directory Services
Federation
Attestation
Technologies
Smart Card Authentication
Biometrics
Fingerprint
Retina
Iris
Facial
Voice
Vein
Gait Analysis
Efficacy Rates
False Acceptance
False Rejection
Crossover Error Rate
Multifactor Authentication (MFA) Factors and Attributes
Factors
Attributes
Authentication, Authorization, and Accounting (AAA)
Cloud vs. On-premises Requirements
Chapter Review
Questions
Answers
Chapter 13 Cybersecurity Resilience
Redundancy
Geographic Dispersal
Disk
Network
Power
Replication
Storage Area Network (SAN)
VM
On-premises vs. Cloud
Backup Types
Full
Incremental
Snapshot
Differential
Tape
Disk
Copy
Network Attached Storage (NAS)
Storage Area Network (SAN)
Cloud
Image
Online vs. Offline
Distance Considerations
Nonpersistence
Revert to Known State
Last Known-Good Configuration
Live Boot Media
High Availability
Scalability
Restoration Order
Diversity
Technologies
Vendors
Crypto
Controls
Chapter Review
Questions
Answers
Chapter 14 Embedded and Specialized Systems
Embedded Systems
Raspberry Pi
Field Programmable Gate Arrays (FPGAs)
Arduino
Supervisory Control and Data Acquisition (SCADA) /
Industrial Control System (ICS)
Facilities
Industrial
Manufacturing
Energy
Logistics
Internet of Things (IoT)
Sensors
Smart Devices
Wearables
Facility Automation
Weak Defaults
Specialized Systems
Medical Systems
Vehicle Systems
Aircraft Systems
Smart Meters
Voice over IP (VoIP)
Heating, Ventilation, Air Conditioning (HVAC)
Drones
Multifunction Printers (MFPs)
Real-time Operating Systems (RTOSs)
Surveillance Systems
System on a Chip (SoC)
Communication Considerations
5G
Narrow-Band Radio
Baseband Radio
Subscriber Identity Module (SIM) Cards
Zigbee
Constraints
Power
Compute
Network
Cryptographic Functions
Inability to Patch
Authentication
Range
Cost
Implied Trust
Chapter Review
Questions
Answers
Chapter 15 Physical Security Controls
Bollards/Barricades
Access Control Vestibules
Badges
Alarms
Signage
Cameras
Motion Recognition
Object Detection
Closed-Circuit Television (CCTV)
Industrial Camouflage
Personnel
Guards
Robot Sentries
Reception
Two-Person Integrity/Control
Locks
Biometrics
Electronic
Physical
Cable Locks
USB Data Blocker
Lighting
Fencing
Fire Suppression
Sensors
Motion Detection
Noise Detection
Proximity Reader
Moisture Detection
Cards
Temperature
Drones
Visitor Logs
Faraday Cages
Air Gap
Screened Subnet
Protected Cable Distribution
Secure Areas
Air Gap
Vault
Safe
Hot and Cold Aisles
Secure Data Destruction
Burning
Shredding
Pulping
Pulverizing
Degaussing
Purging
Third-Party Solutions
Chapter Review
Questions
Answers
Chapter 16 Cryptographic Concepts
General Cryptographic Concepts
Fundamental Methods
Digital Signatures
Key Length
Key Stretching
Salting
Hashing
Key Exchange
Elliptic Curve Cryptography
Perfect Forward Secrecy
Quantum Cryptography
Post-Quantum Era
Ephemeral Keys
Modes of Operation
Authenticated
Counter
Unauthenticated
Blockchain
Cipher Suites
Block
Stream
Symmetric vs. Asymmetric
Lightweight Cryptography
Steganography
Homomorphic Encryption
Common Use Cases
Low-Power Devices
Low-Latency Operations
High-Resiliency Systems
Support for Confidentiality
Support for Integrity
Support for Obfuscation
Supporting Authentication
Support for Nonrepudiation
Limitations
Speed
Size
Weak Keys
Time
Longevity
Predictability
Reuse
Entropy
Computational Overhead
Resource vs. Security Constraints
Weak/Deprecated Algorithms
Chapter Review
Questions
Answers
Part III Implementation
Chapter 17 Secure Protocols
Protocols
Domain Name System Security Extensions (DNSSEC)
SSH
Secure/Multipurpose Internet Mail Extensions
(S/MIME)
Secure Real-time Transport Protocol (SRTP)
Lightweight Directory Access Protocol over SSL
(LDAPS)
File Transfer Protocol, Secure (FTPS)
SSH File Transfer Protocol (SFTP)
Simple Network Management Protocol, Version 3
(SNMPv3)
Hypertext Transfer Protocol over SSL/TLS (HTTPS)
IPSec
Post Office Protocol (POP) / Internet Message Access
Protocol (IMAP)
Use Cases
Voice and Video
Time Synchronization
E-mail and Web
File Transfer
Directory Services
Remote Access
Domain Name Resolution
Routing and Switching
Network Address Allocation
Subscription Services
Chapter Review
Questions
Answers
Chapter 18 Host and Application Security
Endpoint Protection
Antivirus
Anti-Malware
Endpoint Detection and Response (EDR)
DLP
Next-Generation Firewall (NGFW)
Host-based Intrusion Detection System (HIDS)
Host-based Intrusion Prevention System (HIPS)
Host-based Firewall
Boot Integrity
Boot Security/Unified Extensible Firmware Interface
(UEFI)
Measured Boot
Boot Attestation
Database
Tokenization
Salting
Hashing
Application Security
Input Validations
Secure Cookies
Hypertext Transfer Protocol (HTTP) Headers
Code Signing
Allow List
Block List/Deny List
Secure Coding Practices
Static Code Analysis
Dynamic Code Analysis
Fuzzing
Hardening
Open Ports and Services
Registry
Disk Encryption
OS
Patch Management
Third-Party Updates
Auto-Update
Self-Encrypting Drive (SED)/Full Disk Encryption (FDE)
Opal
Hardware Root of Trust
Trusted Platform Module (TPM)
Sandboxing
Chapter Review
Questions
Answers
Chapter 19 Secure Network Design
Load Balancing
Active/Active
Active/Passive
Scheduling
Virtual IP
Persistence
Network Segmentation
Virtual Local Area Network (VLAN)
Screened Subnet (Previously Known as Demilitarized
Zone)
East-West Traffic
Extranet
Intranet
Zero Trust
Virtual Private Network (VPN)
Always On
Split Tunnel vs. Full Tunnel
Remote Access vs. Site-to-Site
IPSec
SSL/TLS
HTML5
Layer 2 Tunneling Protocol (L2TP)
DNS
Network Access Control (NAC)
Agent and Agentless
Out-of-Band Management
Port Security
Broadcast Storm Prevention
Bridge Protocol Data Unit (BPDU) Guard
Loop Prevention
Dynamic Host Configuration Protocol (DHCP)
Snooping
Media Access Control (MAC) Filtering
Network Appliances
Jump Servers
Proxy Servers
Network-based Intrusion Detection System
(NIDS)/Network-based Intrusion Prevention System
(NIPS)
HSM
Sensors
Collectors
Aggregators
Firewalls
Access Control List (ACL)
Route Security
Quality of Service (QoS)
Implications of IPv6
Port Spanning/Port Mirroring
Port Taps
Monitoring Services
File Integrity Monitors
Chapter Review
Questions
Answers
Chapter 20 Wireless Security
Cryptographic Protocols
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access 3 (WPA3)
Counter Mode/CBC-MAC Protocol (CCMP)
Simultaneous Authentication of Equals (SAE)
Authentication Protocols
Extensible Authentication Protocol (EAP)
Protected Extensible Authentication Protocol (PEAP)
EAP-FAST
EAP-TLS
EAP-TTLS
IEEE 802.1X
Remote Authentication Dial-in User Service (RADIUS)
Federation
Methods
Pre-shared Key (PSK) vs. Enterprise vs. Open
Wi-Fi Protected Setup (WPS)
Captive Portals
Installation Considerations
Site Surveys
Heat Maps
Wi-Fi Analyzers
Channel Overlays
Wireless Access Point (WAP) Placement
Controller and Access Point Security
Chapter Review
Questions
Answers
Chapter 21 Secure Mobile Solutions
Connection Methods and Receivers
Cellular
Wi-Fi
Bluetooth
NFC
Infrared
USB
Point-to-Point
Point-to-Multipoint
Global Positioning System (GPS)
RFID
Mobile Device Management (MDM)
Application Management
Content Management
Remote Wipe
Geofencing
Geolocation
Screen Locks
Push Notification Services
Passwords and PINs
Biometrics
Context-Aware Authentication
Containerization
Storage Segmentation
Full Device Encryption
Mobile Devices
MicroSD Hardware Security Module (HSM)
MDM/Unified Endpoint Management (UEM)
Mobile Application Management (MAM)
SEAndroid
Enforcement and Monitoring
Third-Party Application Stores
Rooting/Jailbreaking
Sideloading
Custom Firmware
Carrier Unlocking
Firmware OTA Updates
Camera Use
SMS/Multimedia Message Service (MMS)/Rich
Communication Services (RCS)
External Media
USB On-The-Go (USB OTG)
Recording Microphone
GPS Tagging
Wi-Fi Direct/Ad Hoc
Tethering
Hotspot
Payment Methods
Deployment Models
Bring Your Own Device (BYOD)
Corporate-Owned, Personally Enabled (COPE)
Choose Your Own Device (CYOD)
Corporate-Owned
Virtual Desktop Infrastructure (VDI)
Chapter Review
Questions
Answers
Chapter 22 Implementing Cloud Security
Cloud Security Controls
High Availability Across Zones
Resource Policies
Secrets Management
Integration and Auditing
Storage
Network
Compute
Solutions
CASB
Application Security
Next-Generation Secure Web Gateway (SWG)
Firewall Considerations in a Cloud Environment
Cloud-Native Controls vs. Third-Party Solutions
Chapter Review
Questions
Answers
Chapter 23 Identity and Account Management Controls
Identity
Identity Provider (IdP)
Attributes
Certificates
Tokens
SSH Keys
Smart Cards
Account Types
User Account
Shared and Generic Accounts/Credentials
Guest Accounts
Service Accounts
Account Policies
Password Complexity
Password History
Password Reuse
Time of Day
Network Location
Geofencing
Geotagging
Geolocation
Time-based Logins
Access Policies
Account Permissions
Account Audits
Impossible Travel Time/Risky Login
Lockout
Disablement
Chapter Review
Questions
Answers
Chapter 24 Implement Authentication and Authorization
Authentication Management
Password Keys
Password Vaults
TPM
HSM
Knowledge-based Authentication
Authentication
EAP
Challenge-Handshake Authentication Protocol (CHAP)
Password Authentication Protocol (PAP)
802.1X
RADIUS
Single Sign-On (SSO)
Security Assertion Markup Language (SAML)
Terminal Access Controller Access Control System
Plus (TACACS+)
OAuth
OpenID
Kerberos
Access Control Schemes
Attribute-Based Access Control (ABAC)
Role-Based Access Control
Rule-Based Access Control
MAC
Discretionary Access Control (DAC)
Conditional Access
Privileged Access Management
File System Permissions
Chapter Review
Questions
Answers
Chapter 25 Public Key Infrastructure
Public Key Infrastructure (PKI)
Key Management
Certificate Authority (CA)
Intermediate CA
Registration Authority (RA)
Certificate Revocation List (CRL)
Certificate Attributes
Online Certificate Status Protocol (OCSP)
Certificate Signing Request (CSR)
CN
Subject Alternative Name (SAN)
Expiration
Types of Certificates
Wildcard Certificates
Subject Alternative NameSAN
Code-Signing Certificates
Self-Signed Certificates
Machine/Computer
User
Root
Domain Validation
Extended Validation
Certificate Formats
KEY
Distinguished Encoding Rules (DER)
Privacy-Enhanced Mail (PEM)
Personal Information Exchange (PFX)
CER
P12
P7B
Concepts
Online vs. Offline CA
Stapling
Pinning
Trust Model
Key Escrow
Certificate Chaining
Chapter Review
Questions
Answers
Part IV Operations and Incident Response
Chapter 26 Tools/Assess Organizational Security
Network Reconnaissance and Discovery
tracert/traceroute
nslookup/dig
ipconfig/ifconfig
nmap
ping/pathping
hping
netstat
netcat
IP Scanners
arp
route
curl
theHarvester
sn1per
scanless
dnsenum
Nessus
Cuckoo
File Manipulation
head
tail
cat
grep
chmod
logger
Shell and Script Environments
SSH
PowerShell
Python
OpenSSL
Packet Capture and Replay
Tcpreplay
Tcpdump
Wireshark
Forensics
dd
memdump
WinHex
FTK Imager
Autopsy
Exploitation Frameworks
Password Crackers
Data Sanitization
Chapter Review
Questions
Answers
Chapter 27 Incident Response Policies, Processes, and Procedures
Incident Response Plans
Incident Response Process
Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned
Exercises
Tabletop
Walkthroughs
Simulations
Attack Frameworks
MITRE ATT&CK
The Diamond Model of Intrusion Analysis
Cyber Kill Chain
Stakeholder Management
Communication Plan
Disaster Recovery Plan
Business Continuity Plan
Continuity of Operation Planning (COOP)
Incident Response Team
Retention Policies
Chapter Review
Questions
Answers
Chapter 28 Investigations
Vulnerability Scan Output
SIEM Dashboards
Sensor
Sensitivity
Trends
Alerts
Correlation
Log Files
Network
System
Application
Security
Web
DNS
Authentication
Dump Files
VoIP and Call Managers
Session Initiation Protocol (SIP) Traffic
Syslog/Rsyslog/Syslog-ng
Journalctl
NXLog
Bandwidth Monitors
Metadata
Mobile
Web
File
NetFlow/sFlow
IPFIX
Protocol Analyzer Output
Chapter Review
Questions
Answers
Chapter 29 Mitigation Techniques and Controls
Reconfigure Endpoint Security Solutions
Application Approved List
Application Blocklist/Deny List
Quarantine
Configuration Changes
Firewall Rules
MDM
DLP
Content Filter/URL Filter
Update or Revoke Certificates
Isolation
Containment
Segmentation
Secure Orchestration, Automation, and Response (SOAR)
Runbooks
Playbooks
Chapter Review
Questions
Answers
Chapter 30 Digital Forensics
Documentation/Evidence
Legal Hold
Video
Admissibility
Chain of Custody
Timelines of Sequence of Events
Tags
Reports
Event Logs
Interviews
Acquisition
Order of Volatility
Disk
Random-Access Memory (RAM)
Swap/Pagefile
Operating System (OS)
Device
Firmware
Snapshot
Cache
Network
Artifacts
On-premises vs. Cloud
Right to Audit Clauses
Regulatory/Jurisdiction
Data Breach Notification Laws
Integrity
Hashing
Checksums
Provenance
Preservation
E-Discovery
Data Recovery
Nonrepudiation
Strategic Intelligence/Counterintelligence
Chapter Review
Questions
Answers
Part V Governance, Risk, and Compliance
Chapter 31 Security Controls
Security Controls
Categories
Managerial
Operational
Technical
Control Types
Preventative
Detective
Corrective
Deterrent
Compensating
Physical
Chapter Review
Questions
Answers
Chapter 32 Regulations, Standards, and Frameworks
Regulations, Standards, and Legislation
General Data Protection Regulation (GDPR)
National, Territory, or State Laws
Payment Card Industry Data Security Standard (PCI
DSS)
Key Frameworks
Center for Internet Security (CIS)
National Institute of Standards and Technology (NIST)
Risk Management Framework (RMF)/Cybersecurity
Framework (CSF)
International Organization for Standardization (ISO)
27001/27002/27701/31000
SSAE SOC 2 Type I/II
Cloud Security Alliance
Benchmarks and Secure Configuration Guides
Platform/Vendor-Specific Guides
Chapter Review
Questions
Answers
Chapter 33 Organizational Policies
Personnel
Acceptable Use Policy
Job Rotation
Mandatory Vacation
Separation of Duties
Least Privilege
Clean Desk Space
Background Checks
Nondisclosure Agreement (NDA)
Social Media Analysis
Onboarding
Offboarding
User Training
Diversity of Training Techniques
Third-Party Risk Management
Vendors
Supply Chain
Business Partners
Service Level Agreement (SLA)
Memorandum of Understanding (MOU)
Measurement Systems Analysis (MSA)
Business Partnership Agreement (BPA)
End of Life (EOL)
End of Service Life (EOSL)
NDA
Data
Classification
Governance
Retention
Credential Policies
Personnel
Third Party
Devices
Service Accounts
Administrator/Root Accounts
Organizational Policies
Change Management
Change Control
Asset Management
Chapter Review
Questions
Answers
Chapter 34 Risk Management
Risk Types
External
Internal
Legacy Systems
Multiparty
IP Theft
Software Compliance/Licensing
Risk Management Strategies
Acceptance
Avoidance
Transference
Risk Analysis
Risk Register
Risk Matrix/Heat Map
Risk Control Assessment
Risk Control Self-Assessment
Risk Awareness
Inherent Risk
Residual Risk
Control Risk
Risk Appetite
Regulations That Affect Risk Posture
Risk Assessment Types
Likelihood of Occurrence
Impact
Asset Value
Single-Loss Expectancy (SLE)
Annualized Loss Expectancy (ALE)
Annualized Rate of Occurrence (ARO)
Disasters
Environmental
Person-made
Internal vs. External
Business Impact Analysis
Recovery Time Objective (RTO)
Recovery Point Objective (RPO)
Mean Time to Repair (MTTR)
Mean Time Between Failures (MTBF)
Functional Recovery Plans
Single Point of Failure
Disaster Recovery Plan (DRP)
Mission-Essential Functions
Identification of Critical Systems
Site Risk Assessment
Chapter Review
Questions
Answers
Chapter 35 Privacy
Organizational Consequences of Privacy Breaches
Reputation Damage
Identity Theft
Fines
IP Theft
Notifications of Breaches
Escalation
Public Notifications and Disclosures
Data Types
Classifications
Personally Identifiable Information (PII)
Privacy-Enhancing Technologies
Data Minimization
Data Masking
Tokenization
Anonymization
Pseudo-Anonymization
Roles and Responsibilities
Data Owners
Data Controller
Data Processor
Data Custodian/Steward
Data Privacy Officer (DPO)
Information Lifecycle
Impact Assessment
Terms of Agreement
Privacy Notice
Chapter Review
Questions
Answers
Part VI Appendixes and Glossary
Appendix A OSI Model and Internet Protocols
Appendix B About the Online Content
Glossary
Index