Table of Contents

PART I: Risk Management
Chapter 1: Security Influences and Risk
Chapter 2: Security Policies and Procedures
Chapter 3: Risk Mitigation, Strategies, and Controls
Chapter 4: Risk Metrics

PART II: Enterprise Security Architecture
Chapter 5: Network Security Components, Concepts and Architectures
Chapter 6: Security Controls for Host Devices
Chapter 7: Mobile Security Controls
Chapter 8: Vulnerabilities and Security Controls

PART III: Enterprise Security Operations
Chapter 9: Security Assessment
Chapter 10: Security Assessment Tools
Chapter 11: Incident Response and Recovery Procedures

PART IV: Technical Integration of Enterprise Security
Chapter 12: Hosts, Storage, Networks, and Applications
Chapter 13: Cloud and Virtualization
Chapter 14: Authentication and Authorization
Chapter 15: Cryptographic Techniques
Chapter 16: Securing Communications and Collaboration

PART V: Research, Development and Collaboration
Chapter 17: Research Methods and Industry Trends
Chapter 18: Technology Life Cycles and Security Activities
Chapter 19: Business Unit Interactions
Glossary

About the Author

Nicholas Lane, A+, Network+, Security+, CASP+, CISSP, (Las Vegas, NV) is a globally-recognized cybersecurity instructor and practitioner with 20 years of experience in the industry. He frequently travels to military bases to deliver advanced security certification courses and has trained the DoD, FBI Academy, United Nations, and many Fortune 500 organizations. He is one of a select few educators worldwide to be hand-picked by CompTIA to serve on the Network+ Advisory Committee, which oversees the development of all Network+ exam objectives. He also serves on CompTIA’s Instructor Network Advisory Committee which pools together the subject matter expertise of thousands of instructors worldwide for the furtherance of Information Technology.
Nick currently holds 18 IT certifications including CASP, CEH, CEI, CompTIA Security+, SMSP, MCT, MCSE, MCITP, CompTIA Network+, CompTIA A+, CompTIA Cloud+, CompTIA Cloud Essentials and others. He was named a “Cybersecurity Professional of the Year” finalist by the San Diego Business Journal, and was a contributing writer to McGraw-Hill Education’s Cloud+ Certification CV0-002 Study Guide, Second Edition, in addition to writing certification blogs for CompTIA. He has received distinguished training awards in Las Vegas, Palm Springs, Orlando, and Nashville. His security mission is to help all individuals from military commanders to the end-user embrace the reality that good security is supposed to be annoying, provided that it annoys the enemy just a little bit more. Wm. Arthur Conklin (Houston, TX), Security+, CISSP, is an Assistant Professor in the Information and Logistics Technology department at the University of Houston. In addition to his PhD, Mr. Conklin has a MBA from UTSA, and two graduate degrees in Electrical Engineering from the Naval Postgraduate School in Monterey, California. Dr. Conklin’s interests are information security, systems theory, and secure software design. Greg White (San Antonio, TX), Security+, CISSP, is an Associate Professor in the Department of Computer Science at the University of Texas at San Antonio. Dr. White is the Director of the Center for Infrastructure Assurance and Security at UTSA, and was the author of the first edition of the Security+ All-in-One Exam Guide from McGraw-Hill.