Chapter 1 Security from the Ground Up - This starts with a very relatable (important for undergraduates with no business experience) small business scenario ("Alice's Arts") then introduces the NIST Risk Management Framework (SP800-30, -37, -60, -53, FIPS 199) along with related concepts (the CIA triad, various attacks, controls, etc.). There is no mention of ISO 27005, FAIR and other approaches.
Chapter 2 Controlling a Computer - Essentially "Platform Architecture" - computer architecture, software concepts, programs, processes, buffer overflows, etc.
Chapter 3 Controlling Files - essentially a high-level look at access control and execution policies, with a discussion of malware and a small section on vulnerability and patch management. Curiously, there is no discussion of mandatory access control systems, especially multi-level (Bell-LaPadula) access control, role-based access control, etc. (although capabilities are discussed briefly) - but see below.
Chapter 4 Sharing Fil...es - This chapter focuses on discretionary access control: the permissions in *ix and ACL's in MacOS and Windows. It then digresses into a discussion of logging and monitoring, and a discussion of standards compliance is tacked on at the end.
Chapter 5 Storing Files - This chapter places a description of storage media and disk formats within the context of forensic investigation. Towards the end, it digresses into a discussion of operating system layering and I/O operations.
Chapter 6 Authenticating People - Here we come to discussion of authentication factors, password systems (in some detail), tokens and biometrics, with some discussion of threats and policy mixed in.
Chapter 7 Encrypting Files - This chapter provides an introduction to the basic concepts of cryptology; some discussion of classical cryptosystems is followed by a nicely-pitched discussion of some fundamental concepts such as block and stream ciphers, Vernam encryption, etc. before turning to coverage of practical file encryption programs and finally a brief treatment of DRM.
Chapter 8 Secret and Public Keys - This chapter addresses the key exchange problem along with other issues in key management. There is a minimal mathematical treatment of Diffie-Hellman and RSA, as well as hash functions, digital signatures and certificates. Good to see quantum cryptanalysis and post-quantum cryptography getting some discussion, too.
Chapter 9 Encrypting Volumes - This chapter further refines the ideas introduced in Chapter 7, providing more detail on DES and AES, and discussion of block cipher modes before building up a good description of a trusted boot operation. Along the way, various attacks are discussed.
Chapter 10 Connecting Computers - lays down the basics of networking with a security perspective.
Chapter 11 Networks of Networks - looks at the evolution of the modern Internet, routing protocols, IP and also introduces tools like nmap and Wireshark.
Chapter 12 End-to-End Networking - Transport layer protocols, DBS, firewalls & NAT and authentication protocols.
Chapter 13 Network Encryption - This chapter discusses the implementation of crypto at different levels of the protocol stack; along the way it addresses policy issues, problems of key management and distribution and the practicalities of SSL/TLS, IPSec and WPA2.
Chapter 14 Internet Services and Email - This chapter introduces the basic operation of SMTP, POP and IMAP and then discusses the related security issues: spam, scams, phishing, viruses, etc. Enterprise firewalls reappear towards the end of this chapter.
Chapter 15 The World Wide Web - The final chapter deals with the operation of the Web and the security and management challenges it poses. The latter part of the chapter deals with web application architecture, various attacks (XSS, injection, etc.) and the OWASP Top 10.