Updated annually, this handbook has become the standard on which all IT security programs and certifications are based. It provides a compilation of the fundamental knowledge, skills, techniques, and tools required by all IT security professionals. This edition reflects the changes to the Common Body of Knowledge (CBK) in response to new technologies and new laws in different countries and regions. It presents new information on mobile device security, adaptive threat defense, Web 2.0, virtualization, data leakage, and governance. Additional chapters cover risk management, business continuity planning, disaster recovery planning, and cryptography, among other topics.