You are previewing CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide.
O'Reilly logo
CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide

Book Description

Trust the best selling Authorized Cert Guide series from Pearson IT Certification to help you learn, prepare, and practice for exam success. These guides are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

  • Master CompTIA® Advanced Security Practitioner (CASP) CAS-002 exam topics

  • Assess your knowledge with chapter-opening quizzes

  • Review key concepts with exam preparation tasks

  • This is the eBook edition of the CompTIA® Advanced Security Practitioner (CASP) CAS-002 Authorized Cert Guide. This eBook does not include the companion CD-ROM with practice exam that comes with the print edition.

    CompTIA® Advanced Security Practitioner (CASP) CAS-002 Authorized Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

    CompTIA® Advanced Security Practitioner (CASP) CAS-002 Authorized Cert Guide focuses specifically on the objectives for CompTIA’s CASP CAS-002 exam. Expert security certification training experts Robin Abernathy and Troy McMillan share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

    Well-regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this authorized study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

    The authorized study guide helps you master all the topics on the CompTIA CASP exam, including:

  • Enterprise security: cryptography; storage; network/security components, concepts, and architectures; host controls; application vulnerabilities/controls

  • Risk management and incident response: business influences/risks; risk mitigation; privacy policies / procedures; incident response/recovery

  • Research, analysis, and assessment: industry trends; securing the enterprise; assessment tools / methods

  • Integration of computing, communications, and business disciplines: business unit collaboration; secure communication / collaboration; security across the technology life cycle

  • Technical integration of enterprise components: host/storage/network/application integration; secure enterprise architecture; authentication and authorization

  • CompTIA Advanced Security Practitioner (CASP) CAS-002 Authorized Cert Guide is part of a recommended learning path from Pearson IT Certification that includes simulation, hands-on training, and self-study products. To find out more, please visit http://www.pearsonitcertification.com.

    Table of Contents

    1. About This eBook
    2. Title Page
    3. Copyright Page
    4. Contents at a Glance
    5. Table of Contents
    6. About the Authors
    7. Dedication
    8. Acknowledgments
    9. About the Reviewers
    10. We Want to Hear from You!
    11. Reader Services
    12. CompTIA®
    13. About the Book
      1. Goals and Methods
      2. Who Should Read This Book?
        1. Strategies for Exam Preparation
      3. CompTIA CASP Exam Topics
      4. How This Book Is Organized
      5. Pearson IT Certification Practice Test Engine and Questions on the Disc
        1. Install the Software from the Disc
        2. Activate and Download the Practice Exam
        3. Activating Other Exams
        4. Premium Edition
    14. Introduction. The CASP Exam
      1. The Goals of the CASP Certification
        1. Sponsoring Bodies
        2. Other Security Exams
        3. Stated Goals
      2. The Value of the CASP Certification
        1. To the Security Professional
        2. Department of Defense Directive 8570 (DoDD 8570)
        3. To the Enterprise
      3. CASP Exam Objectives
        1. 1.0 Enterprise Security
        2. 2.0 Risk Management and Incident Response
        3. 3.0 Research, Analysis and Assessment
        4. 4.0 Integration of Computing, Communications and Business Disciplines
        5. 5.0 Technical Integration of Enterprise Components
      4. Steps to Becoming a CASP
        1. Qualifying for the Exam
        2. Signing up for the Exam
        3. About the Exam
      5. CompTIA Authorized Materials Use Policy
    15. Part I: Enterprise Security
      1. Chapter 1. Cryptographic Concepts and Techniques
        1. Foundation Topics
          1. Cryptographic Techniques
          2. Cryptographic Concepts
          3. Cryptographic Implementations
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      2. Chapter 2. Enterprise Storage
        1. Foundation Topics
          1. Storage Types
          2. Storage Protocols
          3. Secure Storage Management
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      3. Chapter 3. Network and Security Components, Concepts, and Architectures
        1. Foundation Topics
          1. Advanced Network Design (Wired/Wireless)
          2. Security Devices
          3. Networking Devices
          4. Virtual Networking and Security Components
          5. Complex Network Security Solutions for Data Flow
          6. Secure Configuration and Baselining of Networking and Security Components
          7. Software-Defined Networking
          8. Cloud-Managed Networks
          9. Network Management and Monitoring Tools
          10. Advanced Configuration of Routers, Switches, and Other Network Devices
          11. Security Zones
          12. Network Access Control
          13. Operational and Consumer Network-Enabled Devices
          14. Critical Infrastructure/Supervisory Control and Data Acquisition (SCADA)/Industrial Control Systems (ICS)
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      4. Chapter 4. Security Controls for Hosts
        1. Foundation Topics
          1. Trusted OS
          2. Endpoint Security Software
          3. Host Hardening
          4. Security Advantages and Disadvantages of Virtualizing Servers
          5. Cloud-Augmented Security Services
          6. Boot Loader Protections
          7. Vulnerabilities Associated with Commingling of Hosts with Different Security Requirements
          8. Virtual Desktop Infrastructure (VDI)
          9. Terminal Services/Application Delivery Services
          10. Trusted Platform Module (TPM)
          11. Virtual TPM (VTPM)
          12. Hardware Security Module (HSM)
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      5. Chapter 5. Application Vulnerabilities and Security Controls
        1. Foundation Topics
          1. Web Application Security Design Considerations
          2. Specific Application Issues
          3. Application Sandboxing
          4. Application Security Frameworks
          5. Secure Coding Standards
          6. Software Development Methods
          7. Database Activity Monitoring (DAM)
          8. Web Application Firewalls (WAF)
          9. Client-Side Processing Versus Server-Side Processing
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
    16. Part II: Risk Management and Incident Response
      1. Chapter 6. Business Influences and Associated Security Risks
        1. Foundation Topics
          1. Risk Management of New Products, New Technologies, and User Behaviors
          2. New or Changing Business Models/Strategies
          3. Security Concerns of Integrating Diverse Industries
          4. Ensuring That Third-Party Providers Have Requisite Levels of Information Security
          5. Internal and External Influences
          6. Impact of De-perimiterization
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      2. Chapter 7. Risk Mitigation Planning, Strategies, and Controls
        1. Foundation Topics
          1. Classify Information Types into Levels of CIA Based on Organization/Industry
          2. Incorporate Stakeholder Input into CIA Decisions
          3. Implement Technical Controls Based on CIA Requirements and Policies of the Organization
          4. Determine the Aggregate CIA Score
          5. Extreme Scenario/Worst-Case Scenario Planning
          6. Determine Minimum Required Security Controls Based on Aggregate Score
          7. Conduct System-Specific Risk Analysis
          8. Make Risk Determination
          9. Recommend Which Strategy Should be Applied Based on Risk Appetite
          10. Risk Management Processes
          11. Enterprise Security Architecture Frameworks
          12. Continuous Improvement/Monitoring
          13. Business Continuity Planning
          14. IT Governance
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      3. Chapter 8. Security, Privacy Policies, and Procedures
        1. Foundation Topics
          1. Policy Development and Updates in Light of New Business, Technology, Risks, and Environment Changes
          2. Process/Procedure Development and Updates in Light of Policy, Environment, and Business Changes
          3. Support Legal Compliance and Advocacy by Partnering with HR, Legal, Management, and Other Entities
          4. Use Common Business Documents to Support Security
          5. Use General Privacy Principles for Sensitive Information (PII)
          6. Support the Development of Various Policies
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      4. Chapter 9. Incident Response and Recovery Procedures
        1. Foundation Topics
          1. E-Discovery
          2. Data Breach
          3. Design Systems to Facilitate Incident Response
          4. Incident and Emergency Response
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
    17. Part III: Research, Analysis, and Assessment
      1. Chapter 10. Industry Trends
        1. Foundation Topics
          1. Perform Ongoing Research
          2. Situational Awareness
          3. Vulnerability Management Systems
          4. Advanced Persistent Threats
          5. Zero-Day Mitigating Controls and Remediation
          6. Emergent Threats and Issues
          7. Research Security Implications of New Business Tools
          8. Global IA Industry/Community
          9. Research Security Requirements for Contracts
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      2. Chapter 11. Securing the Enterprise
        1. Foundation Topics
          1. Create Benchmarks and Compare to Baselines
          2. Prototype and Test Multiple Solutions
          3. Cost/Benefit Analysis
          4. Metrics Collection and Analysis
          5. Analyze and Interpret Trend Data to Anticipate Cyber Defense Needs
          6. Review Effectiveness of Existing Security Controls
          7. Reverse Engineer/Deconstruct Existing Solutions
          8. Analyze Security Solution Attributes to Ensure They Meet Business Needs
          9. Conduct a Lessons-Learned/After-Action Report
          10. Use Judgment to Solve Difficult Problems That Do Not Have a Best Solution
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      3. Chapter 12. Assessment Tools and Methods
        1. Foundation Topics
          1. Assessment Tool Types
          2. Assessment Methods
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
    18. Part IV: Integration of Computing, Communications, and Business Disciplines
      1. Chapter 13. Business Unit Collaboration
        1. Foundation Topics
          1. Interpreting Security Requirements and Goals to Communicate with Stakeholders from Other Disciplines
          2. Provide Objective Guidance and Impartial Recommendations to Staff and Senior Management on Security Processes and Controls
          3. Establish Effective Collaboration within Teams to Implement Secure Solutions
          4. IT Governance
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      2. Chapter 14. Secure Communication and Collaboration
        1. Foundation Topics
          1. Security of Unified Collaboration Tools
          2. Remote Access
          3. Mobile Device Management
          4. Over-the-Air Technologies Concerns
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      3. Chapter 15. Security Across the Technology Life Cycle
        1. Foundation Topics
          1. End-to-End Solution Ownership
          2. Systems Development Life Cycle (SDLC)
          3. Adapt Solutions to Address Emerging Threats and Security Trends
          4. Asset Management (Inventory Control)
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
    19. Part V: Technical Integration of Enterprise Components
      1. Chapter 16. Host, Storage, Network, and Application Integration into a Secure Enterprise Architecture
        1. Foundation Topics
          1. Secure Data Flows to Meet Changing Business Needs
          2. Standards
          3. Interoperability Issues
          4. Technical Deployment Models
          5. Logical and Physical Deployment Diagrams of Relevant Devices
          6. Secure Infrastructure Design
          7. Storage Integration (Security Considerations)
          8. Enterprise Application Integration Enablers
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
      2. Chapter 17. Authentication and Authorization Technologies
        1. Foundation Topics
          1. Authentication
          2. Authorization
          3. Attestation
          4. Identity Propagation
          5. Federation
          6. Advanced Trust Models
        2. Exam Preparation Tasks
          1. Review All Key Topics
        3. Review Questions
    20. Part VI: Appendixes
      1. Appendix A. Answers
        1. Chapter 1
        2. Chapter 2
        3. Chapter 3
        4. Chapter 4
        5. Chapter 5
        6. Chapter 6
        7. Chapter 7
        8. Chapter 8
        9. Chapter 9
        10. Chapter 10
        11. Chapter 11
        12. Chapter 12
        13. Chapter 13
        14. Chapter 14
        15. Chapter 15
        16. Chapter 16
        17. Chapter 17
      2. Appendix B. CASP CAS-002 Exam Updates
        1. Always Get the Latest at the Companion Website
          1. Technical Content
    21. Glossary
    22. Index
    23. Appendix C. Memory Tables
      1. Chapter 1
      2. Chapter 7
    24. Appendix D. Memory Tables Answer Key
      1. Chapter 1
      2. Chapter 7
    25. Practice Exam 1
      1. Chapter 1: Cryptographic Concepts and Techniques
      2. Chapter 1: Cryptographic Concepts and Techniques
      3. Chapter 1: Cryptographic Concepts and Techniques
      4. Chapter 1: Cryptographic Concepts and Techniques
      5. Chapter 1: Cryptographic Concepts and Techniques
      6. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      7. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      8. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      9. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      10. Chapter 8: Security, Privacy Policies, and Procedures
      11. Chapter 8: Security, Privacy Policies, and Procedures
      12. Chapter 8: Security, Privacy Policies, and Procedures
      13. Chapter 8: Security, Privacy Policies, and Procedures
      14. Chapter 9: Incident Response and Recovery Procedures
      15. Chapter 9: Incident Response and Recovery Procedures
      16. Chapter 9: Incident Response and Recovery Procedures
      17. Chapter 9: Incident Response and Recovery Procedures
      18. Chapter 10: Industry Trends
      19. Chapter 10: Industry Trends
      20. Chapter 10: Industry Trends
      21. Chapter 10: Industry Trends
      22. Chapter 10: Industry Trends
      23. Chapter 11: Securing the Enterprise
      24. Chapter 11: Securing the Enterprise
      25. Chapter 11: Securing the Enterprise
      26. Chapter 11: Securing the Enterprise
      27. Chapter 13: Business Unit Collaboration
      28. Chapter 13: Business Unit Collaboration
      29. Chapter 13: Business Unit Collaboration
      30. Chapter 13: Business Unit Collaboration
      31. Chapter 15: Security Across the Technology Life Cycle
      32. Chapter 15: Security Across the Technology Life Cycle
      33. Chapter 15: Security Across the Technology Life Cycle
      34. Chapter 15: Security Across the Technology Life Cycle
      35. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      36. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      37. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      38. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      39. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      40. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      41. Chapter 2: Enterprise Storage
      42. Chapter 2: Enterprise Storage
      43. Chapter 2: Enterprise Storage
      44. Chapter 2: Enterprise Storage
      45. Chapter 3: Network and Security Components, Concepts, and Architectures
      46. Chapter 3: Network and Security Components, Concepts, and Architectures
      47. Chapter 3: Network and Security Components, Concepts, and Architectures
      48. Chapter 3: Network and Security Components, Concepts, and Architectures
      49. Chapter 3: Network and Security Components, Concepts, and Architectures
      50. Chapter 4: Security Controls for Hosts
      51. Chapter 4: Security Controls for Hosts
      52. Chapter 4: Security Controls for Hosts
      53. Chapter 4: Security Controls for Hosts
      54. Chapter 4: Security Controls for Hosts
      55. Chapter 5: Application Vulnerabilities and Security Controls
      56. Chapter 5: Application Vulnerabilities and Security Controls
      57. Chapter 5: Application Vulnerabilities and Security Controls
      58. Chapter 5: Application Vulnerabilities and Security Controls
      59. Chapter 5: Application Vulnerabilities and Security Controls
      60. Chapter 6: Business Influences and Associated Security Risks
      61. Chapter 6: Business Influences and Associated Security Risks
      62. Chapter 6: Business Influences and Associated Security Risks
      63. Chapter 6: Business Influences and Associated Security Risks
      64. Chapter 12: Assessment Tools and Methods
      65. Chapter 12: Assessment Tools and Methods
      66. Chapter 12: Assessment Tools and Methods
      67. Chapter 12: Assessment Tools and Methods
      68. Chapter 12: Assessment Tools and Methods
      69. Chapter 14: Secure Communication and Collaboration
      70. Chapter 14: Secure Communication and Collaboration
      71. Chapter 14: Secure Communication and Collaboration
      72. Chapter 14: Secure Communication and Collaboration
      73. Chapter 17: Secure Communication and Collaboration
      74. Chapter 17: Authentication and Authorization Technologies
      75. Chapter 17: Authentication and Authorization Technologies
      76. Chapter 17: Authentication and Authorization Technologies
      77. Chapter 17: Authentication and Authorization Technologies
      78. Chapter 17: Authentication and Authorization Technologies
      79. Chapter 17: Authentication and Authorization Technologies
    26. Practice Exam 2
      1. Chapter 1: Cryptographic Concepts and Techniques
      2. Chapter 1: Cryptographic Concepts and Techniques
      3. Chapter 1: Cryptographic Concepts and Techniques
      4. Chapter 1: Cryptographic Concepts and Techniques
      5. Chapter 1: Cryptographic Concepts and Techniques
      6. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      7. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      8. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      9. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      10. Chapter 8: Security, Privacy Policies, and Procedures
      11. Chapter 8: Security, Privacy Policies, and Procedures
      12. Chapter 8: Security, Privacy Policies, and Procedures
      13. Chapter 8: Security, Privacy Policies, and Procedures
      14. Chapter 9: Incident Response and Recovery Procedures
      15. Chapter 9: Incident Response and Recovery Procedures
      16. Chapter 9: Incident Response and Recovery Procedures
      17. Chapter 9: Incident Response and Recovery Procedures
      18. Chapter 10: Industry Trends
      19. Chapter 10: Industry Trends
      20. Chapter 10: Industry Trends
      21. Chapter 10: Industry Trends
      22. Chapter 10: Industry Trends
      23. Chapter 11: Securing the Enterprise
      24. Chapter 11: Securing the Enterprise
      25. Chapter 11: Securing the Enterprise
      26. Chapter 11: Securing the Enterprise
      27. Chapter 13: Business Unit Collaboration
      28. Chapter 13: Business Unit Collaboration
      29. Chapter 13: Business Unit Collaboration
      30. Chapter 13: Business Unit Collaboration
      31. Chapter 15: Security Across the Technology Life Cycle
      32. Chapter 15: Security Across the Technology Life Cycle
      33. Chapter 15: Security Across the Technology Life Cycle
      34. Chapter 15: Security Across the Technology Life Cycle
      35. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      36. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      37. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      38. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      39. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      40. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      41. Chapter 2: Enterprise Storage
      42. Chapter 2: Enterprise Storage
      43. Chapter 2: Enterprise Storage
      44. Chapter 2: Enterprise Storage
      45. Chapter 3: Network and Security Components, Concepts, and Architectures
      46. Chapter 3: Network and Security Components, Concepts, and Architectures
      47. Chapter 3: Network and Security Components, Concepts, and Architectures
      48. Chapter 3: Network and Security Components, Concepts, and Architectures
      49. Chapter 3: Network and Security Components, Concepts, and Architectures
      50. Chapter 4: Security Controls for Hosts
      51. Chapter 4: Security Controls for Hosts
      52. Chapter 4: Security Controls for Hosts
      53. Chapter 4: Security Controls for Hosts
      54. Chapter 4: Security Controls for Hosts
      55. Chapter 5: Application Vulnerabilities and Security Controls
      56. Chapter 5: Application Vulnerabilities and Security Controls
      57. Chapter 5: Application Vulnerabilities and Security Controls
      58. Chapter 5: Application Vulnerabilities and Security Controls
      59. Chapter 5: Application Vulnerabilities and Security Controls
      60. Chapter 6: Business Influences and Associated Security Risks
      61. Chapter 6: Business Influences and Associated Security Risks
      62. Chapter 6: Business Influences and Associated Security Risks
      63. Chapter 6: Business Influences and Associated Security Risks
      64. Chapter 12: Assessment Tools and Methods
      65. Chapter 12: Assessment Tools and Methods
      66. Chapter 12: Assessment Tools and Methods
      67. Chapter 12: Assessment Tools and Methods
      68. Chapter 12: Assessment Tools and Methods
      69. Chapter 14: Secure Communication and Collaboration
      70. Chapter 14: Secure Communication and Collaboration
      71. Chapter 14: Secure Communication and Collaboration
      72. Chapter 14: Secure Communication and Collaboration
      73. Chapter 17: Secure Communication and Collaboration
      74. Chapter 17: Authentication and Authorization Technologies
      75. Chapter 17: Authentication and Authorization Technologies
      76. Chapter 17: Authentication and Authorization Technologies
      77. Chapter 17: Authentication and Authorization Technologies
      78. Chapter 17: Authentication and Authorization Technologies
      79. Chapter 17: Authentication and Authorization Technologies
    27. Practice Exam 3
      1. Chapter 1: Cryptographic Concepts and Techniques
      2. Chapter 1: Cryptographic Concepts and Techniques
      3. Chapter 1: Cryptographic Concepts and Techniques
      4. Chapter 1: Cryptographic Concepts and Techniques
      5. Chapter 1: Cryptographic Concepts and Techniques
      6. Chapter 1: Cryptographic Concepts and Techniques
      7. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      8. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      9. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      10. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      11. Chapter 7: Risk Mitigation Planning, Strategies, and Controls
      12. Chapter 8: Security, Privacy Policies, and Procedures
      13. Chapter 8: Security, Privacy Policies, and Procedures
      14. Chapter 8: Security, Privacy Policies, and Procedures
      15. Chapter 8: Security, Privacy Policies, and Procedures
      16. Chapter 9: Incident Response and Recovery Procedures
      17. Chapter 9: Incident Response and Recovery Procedures
      18. Chapter 9: Incident Response and Recovery Procedures
      19. Chapter 9: Incident Response and Recovery Procedures
      20. Chapter 10: Industry Trends
      21. Chapter 10: Industry Trends
      22. Chapter 10: Industry Trends
      23. Chapter 11: Securing the Enterprise
      24. Chapter 11: Securing the Enterprise
      25. Chapter 11: Securing the Enterprise
      26. Chapter 11: Securing the Enterprise
      27. Chapter 13: Business Unit Collaboration
      28. Chapter 13: Business Unit Collaboration
      29. Chapter 13: Business Unit Collaboration
      30. Chapter 13: Business Unit Collaboration
      31. Chapter 15: Security Across the Technology Life Cycle
      32. Chapter 15: Security Across the Technology Life Cycle
      33. Chapter 15: Security Across the Technology Life Cycle
      34. Chapter 15: Security Across the Technology Life Cycle
      35. Chapter 15: Security Across the Technology Life Cycle
      36. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      37. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      38. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      39. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      40. Chapter 16: Host, Storage, Network, and Application Integration Into a Secure Enterprise Architecture
      41. Chapter 2: Enterprise Storage
      42. Chapter 2: Enterprise Storage
      43. Chapter 2: Enterprise Storage
      44. Chapter 2: Enterprise Storage
      45. Chapter 3: Network and Security Components, Concepts, and Architectures
      46. Chapter 3: Network and Security Components, Concepts, and Architectures
      47. Chapter 3: Network and Security Components, Concepts, and Architectures
      48. Chapter 3: Network and Security Components, Concepts, and Architectures
      49. Chapter 3: Network and Security Components, Concepts, and Architectures
      50. Chapter 4: Security Controls for Hosts
      51. Chapter 4: Security Controls for Hosts
      52. Chapter 4: Security Controls for Hosts
      53. Chapter 4: Security Controls for Hosts
      54. Chapter 4: Security Controls for Hosts
      55. Chapter 5: Application Vulnerabilities and Security Controls
      56. Chapter 5: Application Vulnerabilities and Security Controls
      57. Chapter 5: Application Vulnerabilities and Security Controls
      58. Chapter 5: Application Vulnerabilities and Security Controls
      59. Chapter 5: Application Vulnerabilities and Security Controls
      60. Chapter 6: Business Influences and Associated Security Risks
      61. Chapter 6: Business Influences and Associated Security Risks
      62. Chapter 6: Business Influences and Associated Security Risks
      63. Chapter 6: Business Influences and Associated Security Risks
      64. Chapter 12: Assessment Tools and Methods
      65. Chapter 12: Assessment Tools and Methods
      66. Chapter 12: Assessment Tools and Methods
      67. Chapter 12: Assessment Tools and Methods
      68. Chapter 12: Assessment Tools and Methods
      69. Chapter 14: Secure Communication and Collaboration
      70. Chapter 14: Secure Communication and Collaboration
      71. Chapter 14: Secure Communication and Collaboration
      72. Chapter 14: Secure Communication and Collaboration
      73. Chapter 17: Secure Communication and Collaboration
      74. Chapter 17: Authentication and Authorization Technologies
      75. Chapter 17: Authentication and Authorization Technologies
      76. Chapter 17: Authentication and Authorization Technologies
      77. Chapter 17: Authentication and Authorization Technologies
      78. Chapter 17: Authentication and Authorization Technologies
      79. Chapter 17: Authentication and Authorization Technologies
    28. Code Snippets