Introduction xxxiii
Assessment Test xlii
Chapter 1 Security Governance Through Principles and Policies 1
Understand and Apply Concepts of Confidentiality, Integrity, and Availability 2
Evaluate and Apply Security Governance Principles 14
Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines 26
Understand and Apply Threat Modeling Concepts and Methodologies 30
Apply Risk-Based Management Concepts to the Supply Chain 38
Summary 40
Exam Essentials 42
Written Lab 44
Review Questions 45
Chapter 2 Personnel Security and Risk Management Concepts 49
Personnel Security Policies and Procedures 51
Security Governance 62
Understand and Apply Risk Management Concepts 63
Establish and Maintain a Security Awareness, Education, and Training Program 86
Manage the Security Function 87
Summary 88
Exam Essentials 89
Written Lab 92
Review Questions 93
Chapter 3 Business Continuity Planning 97
Planning for Business Continuity 98
Project Scope and Planning 99
Business Impact Assessment 105
Continuity Planning 111
Plan Approval and Implementation 114
Summary 119
Exam Essentials 119
Written Lab 120
Review Questions 121
Chapter 4 Laws, Regulations, and Compliance 125
Categories of Laws 126
Laws 129
Compliance 149
Contracting and Procurement 150
Summary 151
Exam Essentials 152
Written Lab 153
Review Questions 154
Chapter 5 Protecting Security of Assets 159
Identify and Classify Assets 160
Determining Ownership 178
Using Security Baselines 186
Summary 187
Exam Essentials 188
Written Lab 189
Review Questions 190
Chapter 6 Cryptography and Symmetric Key Algorithms 195
Historical Milestones in Cryptography 196
Cryptographic Basics 198
Modern Cryptography 214
Symmetric Cryptography 219
Cryptographic Lifecycle 228
Summary 229
Exam Essentials 229
Written Lab 231
Review Questions 232
Chapter 7 PKI and Cryptographic Applications 237
Asymmetric Cryptography 238
Hash Functions 242
Digital Signatures 246
Public Key Infrastructure 249
Asymmetric Key Management 253
Applied Cryptography 254
Cryptographic Attacks 265
Summary 268
Exam Essentials 269
Written Lab 270
Review Questions 271
Chapter 8 Principles of Security Models, Design, and Capabilities 275
Implement and Manage Engineering Processes Using Secure Design Principles 276
Understand the Fundamental Concepts of Security Models 281
Select Controls Based On Systems Security Requirements 295
Understand Security Capabilities of Information Systems 309
Summary 311
Exam Essentials 312
Written Lab 313
Review Questions 314
Chapter 9 Security Vulnerabilities, Threats, and Countermeasures 319
Assess and Mitigate Security Vulnerabilities 320
Client-Based Systems 342
Server-Based Systems 346
Database Systems Security 347
Distributed Systems and Endpoint Security 350
Internet of Things 358
Industrial Control Systems 359
Assess and Mitigate Vulnerabilities in Web-Based Systems 360
Assess and Mitigate Vulnerabilities in Mobile Systems 365
Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems 375
Essential Security Protection Mechanisms 379
Common Architecture Flaws and Security Issues 384
Summary 390
Exam Essentials 391
Written Lab 394
Review Questions 395
Chapter 10 Physical Security Requirements 399
Apply Security Principles to Site and Facility Design 400
Implement Site and Facility Security Controls 403
Implement and Manage Physical Security 422
Summary 431
Exam Essentials 432
Written Lab 434
Review Questions 435
Chapter 11 Secure Network Architecture and Securing Network Components 439
OSI Model 440
TCP/IP Model 451
Converged Protocols 470
Wireless Networks 472
Secure Network Components 486
Cabling, Wireless, Topology, Communications, and Transmission Media Technology 495
Summary 513
Exam Essentials 514
Written Lab 516
Review Questions 517
Chapter 12 Secure Communications and Network Attacks 521
Network and Protocol Security Mechanisms 522
Secure Voice Communications 525
Multimedia Collaboration 529
Manage Email Security 530
Remote Access Security Management 536
Virtual Private Network 540
Virtualization 546
Network Address Translation 549
Switching Technologies 553
WAN Technologies 556
Miscellaneous Security Control Characteristics 561
Security Boundaries 563
Prevent or Mitigate Network Attacks 564
Summary 569
Exam Essentials 571
Written Lab 573
Review Questions 574
Chapter 13 Managing Identity and Authentication 579
Controlling Access to Assets 580
Comparing Identification and Authentication 584
Implementing Identity Management 602
Managing the Identity and Access Provisioning Lifecycle 611
Summary 614
Exam Essentials 615
Written Lab 617
Review Questions 618
Chapter 14 Controlling and Monitoring Access 623
Comparing Access Control Models 624
Understanding Access Control Attacks 635
Summary 653
Exam Essentials 654
Written Lab 656
Review Questions 657
Chapter 15 Security Assessment and Testing 661
Building a Security Assessment and Testing Program 662
Performing Vulnerability Assessments 668
Testing Your Software 681
Implementing Security Management Processes 688
Summary 690
Exam Essentials 691
Written Lab 692
Review Questions 693
Chapter 16 Managing Security Operations 697
Applying Security Operations Concepts 698
Securely Provisioning Resources 710
Managing Configuration 718
Managing Change 719
Managing Patches and Reducing Vulnerabilities 723
Summary 728
Exam Essentials 729
Written Lab 731
Review Questions 732
Chapter 17 Preventing and Responding to Incidents 737
Managing Incident Response 738
Implementing Detective and Preventive Measures 745
Logging, Monitoring, and Auditing 773
Summary 790
Exam Essentials 792
Written Lab 795
Review Questions 796
Chapter 18 Disaster Recovery Planning 801
The Nature of Disaster 802
Understand System Resilience and Fault Tolerance 812
Recovery Strategy 818
Recovery Plan Development 827
Training, Awareness, and Documentation 835
Testing and Maintenance 836
Summary 838
Exam Essentials 838
Written Lab 839
Review Questions 840
Chapter 19 Investigations and Ethics 845
Investigations 846
Major Categories of Computer Crime 857
Ethics 861
Summary 864
Exam Essentials 864
Written Lab 865
Review Questions 866
Chapter 20 Software Development Security 871
Introducing Systems Development Controls 872
Establishing Databases and Data Warehousing 895
Storing Data and Information 904
Understanding Knowledge-Based Systems 906
Summary 909
Exam Essentials 909
Written Lab 910
Review Questions 911
Chapter 21 Malicious Code and Application Attacks 915
Malicious Code 916
Password Attacks 929
Application Attacks 933
Web Application Security 935
Reconnaissance Attacks 940
Masquerading Attacks 941
Summary 942
Exam Essentials 943
Written Lab 944
Review Questions 945
Appendix A Answers to Review Questions 949
Chapter 1: Security Governance Through Principles and Policies 950
Chapter 2: Personnel Security and Risk Management Concepts 951
Chapter 3: Business Continuity Planning 952
Chapter 4: Laws, Regulations, and Compliance 954
Chapter 5: Protecting Security of Assets 956
Chapter 6: Cryptography and Symmetric Key Algorithms 958
Chapter 7: PKI and Cryptographic Applications 960
Chapter 8: Principles of Security Models, Design, and Capabilities 961
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures 963
Chapter 10: Physical Security Requirements 965
Chapter 11: Secure Network Architecture and Securing Network Components 966
Chapter 12: Secure Communications and Network Attacks 968
Chapter 13: Managing Identity and Authentication 969
Chapter 14: Controlling and Monitoring Access 971
Chapter 15: Security Assessment and Testing 973
Chapter 16: Managing Security Operations 975
Chapter 17: Preventing and Responding to Incidents 977
Chapter 18: Disaster Recovery Planning 980
Chapter 19: Investigations and Ethics 981
Chapter 20: Software Development Security 983
Chapter 21: Malicious Code and Application Attacks 984
Appendix B Answers to Written Labs 987
Chapter 1: Security Governance Through Principles and Policies 988
Chapter 2: Personnel Security and Risk Management Concepts 988
Chapter 3: Business Continuity Planning 989
Chapter 4: Laws, Regulations, and Compliance 990
Chapter 5: Protecting Security of Assets 991
Chapter 6: Cryptography and Symmetric Key Algorithms 991
Chapter 7: PKI and Cryptographic Applications 992
Chapter 8: Principles of Security Models, Design, and Capabilities 992
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures 993
Chapter 10: Physical Security Requirements 994
Chapter 11: Secure Network Architecture and Securing Network Components 994
Chapter 12: Secure Communications and Network Attacks 995
Chapter 13: Managing Identity and Authentication 996
Chapter 14: Controlling and Monitoring Access 996
Chapter 15: Security Assessment and Testing 997
Chapter 16: Managing Security Operations 997
Chapter 17: Preventing and Responding to Incidents 998
Chapter 18: Disaster Recovery Planning 999
Chapter 19: Investigations and Ethics 999
Chapter 20: Software Development Security 1000
Chapter 21: Malicious Code and Application Attacks 1000
Index 1001
