Introduction xxv Part I Introduction to Cybersecurity Chapter 1 Security Principles 2 "Do I Know This Already?" Quiz 2 Foundation Topics 4 The CIA Triad 4 Common Security Terms 5 Types of Attackers and Their Reasons for Attacks 7 Code of Ethics 9 Summary 10 Exam Preparation Tasks 11 Review All Key Topics 12 Define Key Terms 12 Complete Tables and Lists from Memory 12 Review Questions 12 Chapter 2 Common Threats, Attacks, and Vulnerabilities 14 "Do I Know This Already?" Quiz 15 Foundation Topics 16 Malware Variants 16 IoT Vulnerabilities 19 Distributed Denial of Service 19 On-Path Attacks 21 Insider Threats 23 Social Engineering Tactics 25 Phishing 26 Spear Phishing 26 Whaling 26 Vishing 26 Smishing 27 Piggybacking/Tailgating 27 Malvertising 27 Physical Attacks 27 Advanced Persistent Threats (APTs) 28 Summary 29 Exam Preparation Tasks 31 Review All Key Topics 31 Define Key Terms 31 Complete Tables and Lists from Memory 32 Review Questions 32 Chapter 3 Access Management 34 "Do I Know This Already?" Quiz 34 Foundation Topics 36 Introduction to AAA 36 Authentication 36 Multifactor Authentication (MFA) 37 Passwords and Password Policies 39 Authorization 41 Accounting 41 RADIUS 42 Summary 44 Exam Preparation Tasks 45 Review All Key Topics 45 Define Key Terms 45 Complete Tables and Lists from Memory 46 Review Questions 46 Chapter 4 Cryptography 48 "Do I Know This Already?" Quiz 49 Foundation Topics 51 Cryptography Overview 51 Encryption and Decryption 51 States of Data 52 Symmetric Cryptography 52 Asymmetric Cryptography 53 Confidentiality with Asymmetric Cryptography 53 Authentication with Asymmetric Cryptography 54 Combining Confidentiality and Authentication with Asymmetric Cryptography 54 Using Symmetric and Asymmetric Cryptography 55 Types of Ciphers 56 Symmetric Ciphers 56 Types of Asymmetric Algorithms 57 Certificates and PKI 58 SCEP 62 Digital Certificates 62 Lifetime of a Digital Certificate 63 PKI Infrastructure 65 Hashing 66 Shared Secret Keys and Salting with Hashing 68 Cryptography in the Real World 69 Web Browsing 69 VPNs 70 Remote Management 70 Cisco Next-Generation Cryptography 70 Summary 71 Exam Preparation Tasks 72 Review All Key Topics 72 Complete Tables and Lists from Memory 73 Define Key Terms 73 Review Questions 73 Part II Network Security Chapter 5 Introduction to Networking, Addressing, and TCP/IP Protocols 76 "Do I Know This Already?" Quiz 76 Foundation Topics 78 The TCP/IP Stack 78 Common TCP/IP Protocols and Their Vulnerabilities 81 Transmission Control Protocol (TCP) 81 User Datagram Protocol (UDP) 81 Internet Protocol Version 4 (IPv4) 82 Internet Protocol Version 6 (IPv6) 83 Media Access Control (MAC) 83 Address Resolution Protocol (ARP) 84 Hypertext Transfer Protocol (HTTP) 84 Internet Control Message Protocol (ICMP) 85 Dynamic Host Configuration Protocol (DHCP) 85 Domain Name System (DNS) 86 File Transfer Protocol (FTP) 86 Telnet 87 Secure Shell (SSH) 87 Network Addressing and Its Impact on Security 88 IPv4 and IPv6 88 CIDR Notation 89 Network Segmentation 89 Public Versus Private Networks 90 NAT 92 MAC Addressing 94 Summary 94 Exam Preparation Tasks 97 Review All Key Topics 97 Complete Tables and Lists from Memory 98 Define Key Terms 98 Review Questions 98 Chapter 6 Network Infrastructure 100 "Do I Know This Already?" Quiz 101 Foundation Topics 102 The Network Security Architecture 102 Screened Subnets, Virtualization, and the Cloud 103 Screened Subnet (DMZ) 103 Virtualization 105 Cloud 106 Proxy Servers 107 Forward Proxy 108 Reverse Proxy 109 Cisco WSA 111 Honeypots 112 Intrusion Detection/Prevention Systems 113 Intrusion Detection Systems (IDSs) 113 Intrusion Prevention Systems (IPSs) 113 Network-Based and Host-Based IDSs/IPSs 113 Signature-Based and Behavioral-Based Detection 113 Summary 114 Exam Preparation Tasks 115 Review All Key Topics 115 Complete Tables and Lists from Memory 116 Define Key Terms 116 Review Questions 116 Chapter 7 Controlling Network Access 118 "Do I Know This Already?" Quiz 118 Foundation Topics 120 Virtual Private Networks 120 Site-to-Site 121 Remote-Access 122 IPsec 124 Firewalls 125 NGFW 127 Cisco Firepower Next-Generation Firewall (NGFW) 128 Access Control Lists 129 Key Aspects and Uses of Access Control Lists 129 ACL Entries 130 Standard and Extended ACLs 132 Standard ACL 132 Extended ACL 133 ACL Evaluation 133 Network Access Control 134 Summary 137 Exam Preparation Tasks 138 Review All Key Topics 138 Complete Tables and Lists from Memory 139 Define Key Terms 139 Review Questions 139 Chapter 8 Wireless SOHO Security 142 "Do I Know This Already?" Quiz 143 Foundation Topics 144 Hardening Wireless Routers and Access Points 144 Administrative Interface 144 Updates 145 Wireless Encryption Standards 146 WEP 146 WPA 146 WPA2 146 WPA3 147 Wireless Authentication 148 Personal Mode 148 Enterprise Mode 149 WPA3 Enhanced Open 150 Wi-Fi Protected Setup, SSIDs, and MAC Address Filtering 150 Wi-Fi Protected Setup 151 SSID 151 MAC Address Filtering 152 Common Wireless Network Threats and Attacks 152 Rogue Access Points and Evil Twins 152 War Driving 154 Wireless Password Cracking 154 Protecting Yourself from Wireless Attacks 155 Summary 155 Exam Preparation Tasks 157 Review All Key Topics 157 Complete Tables and Lists from Memory 158 Define Key Terms 158 Review Questions 158 Part III Endpoint Security Chapter 9 Operating Systems and Tools 160 "Do I Know This Already?" Quiz 160 Foundation Topics 163 Host Security Features 163 Windows 164 Microsoft Defender 165 Virus & Threat Protection 165 Firewall & Network Protection 166 App & Browser Control 167 CMD and PowerShell 169 NTFS Permissions 170 BitLocker 172 Windows Updates 173 Event Viewer and Audit Logs 173 Linux 175 firewalld and UFW 175 Bash 176 Linux Permissions 178 SELinux and AppArmor 179 SELinux 179 AppArmor 180 dm-crypt and LUKS 180 Updates: yum, dnf, and apt 180 Linux Logs 181 macOS 183 Firewall 183 Zsh 184 APFS Permissions 184 FileVault 185 Updates 185 macOS Logs: Console 186 Tools 186 netstat and ss 186 nslookup and dig 187 nslookup 187 dig 188 tcpdump and Wireshark 188 tcpdump 188 Wireshark 189 syslog 190 Summary 191 Exam Preparation Tasks 192 Review All Key Topics 192 Complete Tables and Lists from Memory 192 Define Key Terms 193 Review Questions 193 Chapter 10 Endpoint Policies and Standards 196 "Do I Know This Already?" Quiz 196 Foundation Topics 198 Asset Management 198 Program Deployment 199 Backups 199 Local and Remote Backups 200 Full, Differential, and Incremental Backups 200 Bring Your Own Device (BYOD) 201 Pros and Cons of BYOD 202 Device and Configuration Management 202 Data Encryption 204 App Distribution 205 Regulatory Compliance 205 PCI-DSS 205 HIPAA 206 GDPR 206 Summary 207 Exam Preparation Tasks 207 Review All Key Topics 207 Complete Tables and Lists from Memory 208 Define Key Terms 208 Review Questions 208 Chapter 11 Network and Endpoint Malware Detection and Remediation 210 "Do I Know This Already?" Quiz 210 Foundation Topics 211 Monitoring and Detection 211 Signature Types 212 Scanning Systems 214 Cisco AMP 215 Reviewing Logs 216 Malware Remediation Best Practices 218 Summary 218 Exam Preparation Tasks 220 Review All Key Topics 220 Complete Tables and Lists from Memory 220 Define Key Terms 220 Review Questions 221 Chapter 12 Risk and Vulnerability Management 222 "Do I Know This Already?" Quiz 222 Foundation Topics 223 The Vocabulary of Risk 223 Vulnerabilities 224 The Vulnerability Management Lifecycle 225 Active and Passive Scanning 228 Port Scanning 229 Risk 229 Risk Prioritization 230 Risk Ranks and Levels 230 Data Types and Classification 231 Security Assessments 233 Risk Management 234 Risk Management Strategies 234 Summary 237 Exam Preparation Tasks 238 Review All Key Topics 238 Complete Tables and Lists from Memory 238 Define Key Terms 238 Review Questions 238 Chapter 13 Threat Intelligence 240 "Do I Know This Already?" Quiz 240 Foundation Topics 242 Threat Intelligence 242 Vulnerabilities Databases and Feeds 242 Pros and Cons of Vulnerability Databases 243 CVE and CVSS 244 Vulnerability Scanning and Assessment Tools 245 Additional Sources of Thr.