Apply common security techniques to computing resources

Secure baselines, hardening across target types (mobile, workstations, switches, routers, cloud, servers, ICS/SCADA, embedded, IoT), wireless security (WPA3, RADIUS, EAP-TLS), mobile solutions (MDM, BYOD/COPE/CYOD), and application security (input validation, code analysis, sandboxing).

Exam approach: “Given a scenario” — expect to select and apply the correct hardening actions for a described environment. Not just knowing what WPA3 is, but configuring it correctly for an enterprise vs. small business vs. public hotspot.

Offensive context: Every hardening action is a friction multiplier — you’re raising the cost of attack, not chasing perfection. Mobile hardening gets real when you consider state-level spyware: FLAG_SECURE, overlay detection, and the assumption that the OS is already compromised.