CISSP Study Guide -  Eric Conrad,  Joshua Feldman,  Seth Misenar

CISSP Study Guide (eBook)

eBook Download: EPUB
2010 | 1. Auflage
640 Seiten
Elsevier Science (Verlag)
978-1-59749-564-6 (ISBN)
Systemvoraussetzungen
47,40 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

The CISSP Study Guide is aligned to cover all of the material included in the exam, complete with special attention to recent updates. The ,10 domains are covered completely and as concisely as possible with an eye to passing the exam thr first time. Each of the 10 domains has its own chapter that includes specially-designed pedagogy to aid you in passing the exam.



  • Clearly Stated Exam Objectives
  • Unique Terms / Definitions
  • Exam Warnings
  • Helpful Notes
  • Learning By Example
  • Stepped Chapter Ending Questions
  • Self Test Appendix
  • Detailed Glossary
  • Web Site (http://booksite.syngress.com/companion/conrad) Contains Two Practice Exams and Ten Podcasts-One for Each Domain

 ,


CISSP Study Guide serves as a review for those who want to take the Certified Information Systems Security Professional (CISSP) exam and obtain CISSP certification. The exam is designed to ensure that someone who is handling computer security in a company has a standardized body of knowledge. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. It also provides tips on how to prepare for the exam and take the exam. It also contains CISSP practice quizzes to test ones knowledge. The first domain provides information about risk analysis and mitigation. It also discusses security governance. The second domain discusses different techniques for access control, which is the basis for all the security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental for operating the system and software security components. Domain 6 is a critical domain in the Common Body of Knowledge, the Business Continuity Planning, and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domains 7, 8, and 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework in determining the laws about information system. - Clearly Stated Exam Objectives- Unique Terms / Definitions- Exam Warnings- Helpful Notes- Learning By Example- Stepped Chapter Ending Questions- Self Test Appendix- Detailed Glossary- Web Site (http://booksite.syngress.com/companion/conrad) Contains Two Practice Exams and Ten Podcasts-One for Each Domain

Front Cover 1
CISSP® Study Guide 4
Copyright Page 5
Contents 6
Acknowledgments 18
About the authors 20
Lead Author 20
Contributing Authors 20
About the Technical Editor 21
Chapter 1: Introduction 22
How to prepare for the exam 23
How to take the exam 24
Good Luck! 27
Reference 27
Chapter 2: Domain 1: Informationsecurity governance andrisk management 28
Unique terms and definitions 28
Introduction 28
Cornerstone information security concepts 29
Risk analysis 34
Information security governance 43
Ethics 52
Summary of exam objectives 53
Self test 53
Self test quick answer key 55
References 56
Chapter 3: Domain 2: Access control 58
Unique terms and definitions 58
Introduction 58
Cornerstone access control concepts 59
Access control models 62
Procedural issues for access control 68
Access control defensive categories and types 71
Authentication methods 74
Access control technologies 88
Types of attackers 94
Assessing access control 100
Summary of exam objectives 106
Self test 106
Self test quick answer key 109
References 109
Chapter 4: Domain 3: Cryptography 112
Unique Terms and Definitions 112
Introduction 112
Cornerstone Cryptographic Concepts 112
History of Cryptography 116
Symmetric Encryption 126
Asymmetric Encryption 134
Hash Functions 137
Cryptographic Attacks 138
Implementing Cryptography 141
Summary of Exam Objectives 148
Self Test 148
Self Test Quick Answer Key 150
References 150
Chapter 5: Domain 4: Physical(Environmental) security 152
Unique terms and definitions 152
Introduction 152
Perimeter defenses 153
Site selection, design, and configuration 165
System defenses 167
Environmental controls 170
Summary of exam objectives 181
Self test 181
Self test quick answer key 184
References 184
Chapter 6: Domain 5: Security architecture and design 186
Unique Terms and Definitions 186
Introduction 186
Secure System Design Concepts 187
Secure Hardware Architecture 189
Secure Operating System and Software Architecture 198
System Vulnerabilities, Threats, and Countermeasures 204
Security Models 214
Evaluation Methods, Certification, and Accreditation 223
Summary of Exam Objectives 227
Self Test 228
Self Test Quick Answer Key 230
References 230
Chapter 7: Domain 6: Businesscontinuity and disasterrecovery planning 232
Unique terms and definitions 232
Introduction 232
BCP and DRP overview and process 233
Developing a BCP/DRP 244
Backups and availability 262
DRP testing, training, and awareness 266
Continued BCP/DRP maintenance 269
Specific BCP/DRP frameworks 270
Summary of exam objectives 272
Self test 272
Self test quick answer key 274
References 275
Chapter 8: Domain 7: Telecommunications and network security 276
Unique terms and definitions 276
Introduction 276
Network architecture and design 277
Network devices and protocols 312
Secure communications 333
Summary of exam objectives 345
Self test 346
Self test quick answer key 348
References 348
Chapter 9: Domain 8: Application development security 350
Unique Terms and Definitions 350
Introduction 350
Programming Concepts 351
Application Development Methods 356
Object-oriented Design and Programming 367
Software Vulnerabilities, Testing, and Assurance 372
Databases 377
Artificial Intelligence 383
Summary of Exam Objectives 386
Self Test 387
Self Test Quick Answer Key 389
References 389
Chapter 10: Domain 9: Operations security 392
Unique Terms and Definitions 392
Introduction 392
Administrative Security 393
Sensitive Information/Media Security 397
Asset Management 399
Continuity of Operations 404
Incident Response Management 411
Summary of Exam Objectives 419
Self Test 421
Self Test Quick Answer Key 424
References 424
Chapter 11: Domain 10: Legal, regulations, investigations, and compliance 426
Unique terms and definitions 426
Introduction 427
Major legal systems 427
Criminal, civil, and administrative law 428
Information security aspects of law 430
Legal aspects of investigations 441
Important laws and regulations 450
Ethics 454
Summary of exam objectives 456
Self test 457
Self test quick answer key 459
References 460
Appendix: Self test 462
Chapter 2 Domain 1: Information Securitygovernance and Risk Management 462
Chapter 3 Domain 2: Access Control 466
Chapter 4 Domain 3: Cryptography 471
Chapter 5 Domain 4: Physical (Environmental)Security 475
Chapter 6 Domain 5: Security Architecture Anddesign 480
Chapter 7 Domain 6: Business Continuity Anddisaster Recovery Planning 484
Chapter 8 Domain 7: Telecommunications Andnetwork Security 490
Chapter 9 Domain 8: Application Developmentsecurity 494
Chapter 10 Domain 9: Operations Security 499
Chapter 11 Domain 10: Legal, Regulations,Investigations, and Compliance 504
Glossary 510
Index 546
Add Page 590

Erscheint lt. Verlag 16.9.2010
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Weitere Themen Zertifizierung
Wirtschaft Betriebswirtschaft / Management Unternehmensführung / Management
ISBN-10 1-59749-564-6 / 1597495646
ISBN-13 978-1-59749-564-6 / 9781597495646
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99