Unit 4: Securing Devices

Unit Overview

Unit 4 focuses on securing individual devices such as computers, mobile devices, and other endpoints within an organization's network. Students explore device vulnerabilities, authentication mechanisms, and protective measures that prevent unauthorized access and malicious activities. The unit emphasizes the importance of endpoint security as a critical component of an organization's overall security posture.

Students work through professional scenarios that demonstrate how cybersecurity professionals secure and monitor devices in enterprise environments.

Lessons in This Unit

4.1 Device Vulnerabilities and Attacks

Identify common vulnerabilities and attack methods that target individual devices and endpoints.

4.2 Authentication

Explore various authentication methods and technologies used to verify user identities and secure device access.

4.3 Protecting Devices

Learn about technical and managerial controls used to secure devices and prevent unauthorized access or compromise.

4.4 Detecting Attacks on Devices

Understand monitoring techniques and tools used to identify malicious activities targeting devices and endpoints.

Course Skills Emphasized

  • Skill 1.A: Identify, with and without the support of AI, vulnerabilities, threats, and attack methods, and explain how they generate risk.
  • Skill 1.B: Determine ways adversaries exploit vulnerabilities to compromise an asset.
  • Skill 2.A: Identify security controls, and explain how they mitigate risks.
  • Skill 2.B: Determine layered security controls that address vulnerabilities.
  • Skill 3.A: Identify methods for monitoring systems, and explain how they detect attacks.
  • Skill 3.D: Detect and classify cyberattacks by analyzing digital evidence with and without the support of AI.

Key Topics Covered

  • Device and endpoint vulnerabilities
  • Malware types and infection vectors
  • Authentication factors and methods
  • Multi-factor authentication (MFA) implementation
  • Device encryption and data protection
  • Endpoint detection and response (EDR) systems
  • Mobile device management (MDM)
  • Patch management and software updates
  • Device access controls and policies
  • Incident response for device compromises
  • Forensic analysis of compromised devices

AP Cybersecurity Curriculum

Made with ❤️ for students by students

This is an independent educational resource and is not affiliated with, endorsed by, or sponsored by the College Board. AP® is a trademark registered by the College Board, which is not affiliated with, and does not endorse, this website.

Quick Links

HomeLessonsAboutContact

Get in Touch

Contact form will load when visible.

© 2025 AP Cybersecurity Curriculum. All rights reserved.
Privacy PolicyTerms of Service