The CISSP Prep Guide - Ronald L. Krutz, Russell Dean Vines

The CISSP Prep Guide

Mastering the Ten Domains of Computer Security
Buch | Hardcover
576 Seiten
2001
John Wiley & Sons Inc (Verlag)
978-0-471-41356-1 (ISBN)
65,16 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
The Certified Information Systems Security Professional (CISSP) is the industry standard test on IT security. This guide helps security professionals prepare for the exam while providing a reference on ten key information security areas.
With the growing threat of computer viruses and Internet security breaches, companies are fiercely headhunting for CISSP certified security professionals. The industry standard test on IT security, the Certified Information Systems Security Professionals (CISSP) exam is administered 16 times per year throughout the U.S. and Europe. This book serves both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book. Co-authored by Ronald Krutz, this handy guide explains the ten security domains covered by the exam, from security management to cryptography to disaster recovery planning to legal and ethical issues. Sample questions and answers are also included.

RONALD L. KRUTZ is a lead instructor for the CISSP CBK review seminars. He spent twenty-four years at Carnegie Mellon University as a faculty member and then as an R&D Director at the Carnegie Mellon University Research Institute. Dr. Krutz is a Senior Information Security Consultant for Corbett Technologies, specializing in information assurance appraisal methodologies. He holds a PhD in Computer Engineering, is a registered Professional Engineer, and is a CISSP. He is the author of two previous Wiley books, Microprocessors and Logic Design and Microcomputer Interfacing. RUSSELL DEAN VINES is President of the RDVGroup, a NYC-based security consulting services firm, and has been involved in computer security for nearly twenty years. He is a frequent speaker on security methodology, wireless security, and best practices in the information industry, and is also an instructor for the CISSP CBK review seminars. He has helped design and build the security architecture for Fortune 1000 Companies worldwide. He is a CISSP, CCNA, MCSE, MCNE, and a National Security Agency/IAM professional. Mr. Vines is also an accomplished jazz composer, performer, and educator.

Foreword; Introduction; Acknowledgments; About the Authors; Chapter 1: Security Management Practices; Our Goals; Domain Definition; Management Concepts; Information Classification Process; Security Policy Implementation; Roles and Responsibilities; Risk Management; Security Awareness; Sample Questions; Chapter 2: Access Control Systems; Rationale; Controls; Identification and Authentication; Some Access Control Issues; Sample Questions; Chapter 3: Telecommunications and Network Security; Our Goals; Domain Definition; Management Concepts; Technology Concepts; Sample Questions; Chapter 4: Cryptography; Introduction; Cryptographic Technologies; Secret Key Cryptography (Symmetric Key); Public (Asymmetric) Key Cryptosystems; Approaches to Escrowed Encryption; Internet Security Applications; Sample Questions; Chapter 5: Security Architecture and Models; Security Architecture; Assurance; Information Security Models; Sample Questions; Chapter 6: Operations Security; Our Goals; Domain Definition; Controls and Protections; Monitoring and Auditing; Threats and Vulnerabilities; Sample Questions; Chapter 7: Applications and Systems Development; The Software Life Cycle Development Process; The Software Capability Maturity Model (CMM); Object-Oriented Systems; Artificial Intelligence Systems; Database Systems; Application Controls; Sample Questions; Chapter 8: Business Continuity Planning and Disaster Recovery Planning; Our Goals; Domain Definition; Business Continuity Planning; Disaster Recovery Planning; Sample Questions; Chapter 9: Law, Investigation, and Ethics; Introduction; Law; Investigation; Liability; Ethics; Sample Questions; Chapter 10: Physical Security; Our Goals; Domain Definition; Threats to Physical Security; Controls for Physical Security; Sample Questions; Appendix A: Glossary of Terms and Acronyms; Appendix B: The RAINBOW Series; Appendix C: Answers to Sample Questions; Chapter 1-Security Management Practices; Chapter 2-Access Control Systems and Methodology; Chapter 3-Telecommunications and Network Security; Chapter 4-Cryptography; Chapter 5-Security Architecture and Models; Chapter 6-Operations Security; Chapter 7-Applications and Systems Development; Chapter 8-Business Continuity Planning and Disaster Recovery Planning; Chapter 9-Law, Investigation, and Ethics; Chapter 10-Physical Security; Appendix D: A Process Approach to HIPAA Compliance through a HIPAA-CMM; Appendix E: The NSA InfoSec Assessment Methodology; Appendix F: The Case for Ethical Hacking; Appendix G: The Common Criteria; Appendix H: References for Further Study; Appendix I: British Standard 7799; Index

Erscheint lt. Verlag 13.9.2001
Zusatzinfo Ill.
Verlagsort New York
Sprache englisch
Maße 194 x 242 mm
Gewicht 1191 g
Einbandart gebunden
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
ISBN-10 0-471-41356-9 / 0471413569
ISBN-13 978-0-471-41356-1 / 9780471413561
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00