Protecting a
Cybersecurity Domain

A practical, multi-layered guide to securing systems, data, and infrastructure; from endpoint hardening to physical perimeter defense. Written from real lab work and hands-on implementation.

Security Domains

Published

360°

Coverage

Multi

Vendor

Hosts & Endpoints Secure Comms Wireless & Mobile Data Protection Physical Security Remote Access Admin Best Practices Monitoring & Logging +7 more coming

Security Domains

Domain 01

Securing Hosts & Endpoints

OS hardening, anti-malware, patch management and host-based security; the first line of defense.

Domain 02

Secure Communication Channels

VPN technologies, encrypted tunnels and secure remote access protocols protecting data in transit.

Domain 03

Securing Wireless & Mobile

Wi-Fi encryption standards, mobile device management and protection against rogue access points.

Domain 04

Data Protection at Host Level

File permissions, encryption, backup strategies and DLP protecting information assets from unauthorized access.

Domain 05

Securing Workstations Physically

Cable locks, access controls, tracking systems and environmental protections against physical breaches.

Domain 06

Secure Remote Access

RDP, SSH, VPN access and monitoring systems enabling remote work without compromising security posture.

Domain 07

Administrator Best Practices

Privileged accounts, MFA enforcement and security policy frameworks for admin governance.

Domain 08

Monitoring & Logging

Centralized log management, anomaly detection and forensic analysis for security visibility.

Domain 09 – 13

Server, Network & Physical Security

Data center security, network infrastructure, core services, IoT, voice/video, and physical perimeter defense.

Term	Definition
Antimalware	Software designed to detect, prevent, and remove malicious software like viruses and spyware
Baseline	A set of benchmark configurations or performance metrics used to measure the integrity and security of a system.
BitLocker	A Microsoft encryption feature that protects data by encrypting entire drives.
CDP/LLDP	Cisco Discovery Protocol and Link Layer Discovery Protocol, used for device discovery on a local network
EFS (Encrypting File System	Windows file-level encryption linked to a user account.
Firewall	A hardware or software system that controls traffic between different parts of a network
Group Policies	Rules in Windows environments that manage users, passwords, and security configurations centrally.
HIDS (Host-based Intrusion Detection System)	Security software that monitors a host for suspicious activity.
IoT (Internet of Things	A category of devices (e.g., sensors, cameras) that connect to the internet and may transmit data.
NTP (Network Time Protocol	A protocol that synchronizes time across devices on a network.
Patch Management	The process of updating software to fix vulnerabilities or improve functionality.
Port Security	A feature that restricts access to a switch port based on MAC addresses.
Privileged Account	An account with administrative access to sensitive systems and configurations.
Rogue Access Point	An unauthorized wireless access point that can intercept or manipulate network traffic.
SNMP (Simple Network Management Protocol	A protocol used to monitor and manage devices on a network.
Syslog	A standardized protocol used for system message logging.
TPM (Trusted Platform Module)	A hardware chip used for secure key storage and encryption operations.
VPN (Virtual Private Network)	A secure, encrypted connection over a public network.
WEP/WPA/WPA2	Wi-Fi encryption protocols that protect wireless communication; WPA2 is currently the industry standard
VLAN (Virtual LAN	A method of segmenting networks logically rather than physically.
UPS (Uninterruptible Power Supply)	A backup power system that allows devices to shut down gracefully in case of a power failure

Protecting aCybersecurity Domain

Cookie Preferences

Protecting a
Cybersecurity Domain