SØG - mellem flere end 8 millioner bøger:
Viser: CISSP Cert Guide
CISSP Cert Guide
Robin Abernathy og Darren Hayes
(2024)
Sprog: Engelsk
Pearson Education, Limited
588,00 kr.
Denne bog er endnu ikke udgivet. Den forventes Aug 2024.
Detaljer om varen
- 5. Udgave
- Paperback: 944 sider
- Udgiver: Pearson Education, Limited (August 2024)
- Forfattere: Robin Abernathy og Darren Hayes
- ISBN: 9780135343999
In this comprehensive study guide, two leading experts help you master all the topics you need to know to succeed on the latest CISSP exam and advance your career in IT security. Their concise, focused approach explains every exam objective from a real-world perspective, helping you quickly identify weaknesses and retain everything you need to know.
Every feature of this book supports both efficient exam preparation and long-term mastery:
- Opening Topics Lists identify the topics you need to learn in each chapter and list (ISC)²'s official exam objectives
- Key Topic figures, tables, and lists call attention to the information that's most crucial for exam success
- Exam Preparation Tasks enable you to review key topics, complete memory tables, define key terms, work through scenarios, and answer review questions...going beyond mere facts to master the concepts that are crucial to passing the exam and enhancing your career
- Key Terms are listed in each chapter and defined in a complete glossary, explaining all the field's essential terminology
This study guide helps you master all the topics on the latest CISSP exam, deepening your knowledge of:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Introduction xlix
Chapter 1 Security and Risk Management 5 Foundation Topics 6 Security Terms 6 Security Governance Principles 11 Compliance 40 Legal and Regulatory Issues 42 Investigation Types 65 Professional Ethics 70 Security Documentation 72 Business Continuity 76 Personnel Security Policies and Procedures 89 Risk Management Concepts 95 Geographical Threats 133 Threat Modeling 142 Security Risks in the Supply Chain 148 Security Education, Training, and Awareness 153 Exam Preparation Tasks 155 Review All Key Topics 155 Complete the Tables and Lists from Memory 157 Define Key Terms 157 Answer Review Questions 158 Answers and Explanations 164
Chapter 2 Asset Security 171 Foundation Topics 172 Asset Security Concepts 172 Identify and Classify Information and Assets 175 Information and Asset Handling Requirements 183 Provision Resources Securely 185 Data Life Cycle 186 Asset Retention 201 Data Security Controls 203 Exam Preparation Tasks 211 Review All Key Topics 211 Define Key Terms 211 Answer Review Questions 212 Answers and Explanations 213
Chapter 3 Security Architecture and Engineering 219 Foundation Topics 220 Information Systems Life Cycle 220 Engineering Processes Using Secure Design Principles 223 Security Model Concepts 231 System Security Evaluation Models 255 Certification and Accreditation 267 Control Selection Based on Systems Security Requirements 268 Security Capabilities of Information Systems 269 Security Architecture Maintenance 272 Vulnerabilities of Security Architectures, Designs, and Solution Elements 273 Vulnerabilities in Web-Based Systems 296 Vulnerabilities in Mobile Systems 299 Vulnerabilities in Embedded Systems 304 Cryptographic Solutions 305 Cryptographic Types 317 Symmetric Algorithms 325 Asymmetric Algorithms 332 Public Key Infrastructure and Digital Certificates 335 Key Management Practices 343 Message Integrity 347 Digital Signatures and Non-repudiation 354 Applied Cryptography 354 Cryptanalytic Attacks 355 Digital Rights Management 360 Site and Facility Design 362 Site and Facility Security Controls 368 Exam Preparation Tasks 379 Review All Key Topics 379 Complete the Tables and Lists from Memory 381 Define Key Terms 381 Answer Review Questions 382 Answers and Explanations 387
Chapter 4 Communication and Network Security 391 Foundation Topics 392 Secure Network Design Principles 392 IP Networking 403 Protocols and Services 435 Converged Protocols 443 Wireless Networks 448 Communications Cryptography 468 Secure Network Components 473 Secure Communication Channels 520 Network Attacks 535 Exam Preparation Tasks 547 Review All Key Topics 547 Define Key Terms 548 Answer Review Questions 550 Answers and Explanations 555
Chapter 5 Identity and Access Management (IAM) 561 Foundation Topics 562 Access Control Process 562 Physical and Logical Access to Assets 563 Identification and Authentication Concepts 568 Identification and Authentication Implementation 588 Identity as a Service (IDaaS) Implementation 602 Third-Party Identity Services Integration 602 Authorization Mechanisms 603 Provisioning Life Cycle 612 Access Control Threats 618 Prevent or Mitigate Access Control Threats 625 Exam Preparation Tasks 625 Review All Key Topics 625 Define Key Terms 626 Answer Review Questions 627 Answers and Explanations 630
Chapter 6 Security Assessment and Testing 635 Foundation Topics 636 Design and Validate Assessment and Testing Strategies 636 Conduct Security Control Testing 639 Collect Security Process Data 655 Analyze Test Outputs and Generate a Report 659 Conduct or Facilitate Security Audits 659 Exam Preparation Tasks 661 Review All Key Topics 661 Define Key Terms 662 Answer Review Questions 662 Answers and Explanations 665
Chapter 7 Security Operations 673 Foundation Topics 674 Investigations 674 Logging and Monitoring Activities 690 Configuration and Change Management 697 Security Operations Concepts 702 Resource Protection 707 Incident Management 719 Detective and Preventive Measures 724 Patch and Vulnerability Management 729 Recovery Strategies 729 Disaster Recovery 747 Testing Disaster Recovery Plans 751 Business Continuity Planning and Exercises 753 Physical Security 754 Personnel Safety and Security 760 Exam Preparation Tasks 763 Review All Key Topics 763 Define Key Terms 764 Answer Review Questions 764 Answers and Explanations 768
Chapter 8 Software Development Security 773 Foundation Topics 774 Software Development Concepts 774 Security in the System and Software Development Life Cycle 783 Security Controls in Development 806 Assess Software Security Effectiveness 815 Security Impact of Acquired Software 817 Exam Preparation Tasks 825 Review All Key Topics 825 Define Key Terms 825 Answer Review Questions 826 Answers and Explanations 830
Chapter 9 Final Preparation 835 Tools for Final Preparation 835 Suggested Plan for Final Review/Study 839 Summary 840 Online Elements Appendix A Memory Tables Appendix B Memory Tables Answer Key Glossary 9780135343999, TOC, 7/24/24
Chapter 1 Security and Risk Management 5 Foundation Topics 6 Security Terms 6 Security Governance Principles 11 Compliance 40 Legal and Regulatory Issues 42 Investigation Types 65 Professional Ethics 70 Security Documentation 72 Business Continuity 76 Personnel Security Policies and Procedures 89 Risk Management Concepts 95 Geographical Threats 133 Threat Modeling 142 Security Risks in the Supply Chain 148 Security Education, Training, and Awareness 153 Exam Preparation Tasks 155 Review All Key Topics 155 Complete the Tables and Lists from Memory 157 Define Key Terms 157 Answer Review Questions 158 Answers and Explanations 164
Chapter 2 Asset Security 171 Foundation Topics 172 Asset Security Concepts 172 Identify and Classify Information and Assets 175 Information and Asset Handling Requirements 183 Provision Resources Securely 185 Data Life Cycle 186 Asset Retention 201 Data Security Controls 203 Exam Preparation Tasks 211 Review All Key Topics 211 Define Key Terms 211 Answer Review Questions 212 Answers and Explanations 213
Chapter 3 Security Architecture and Engineering 219 Foundation Topics 220 Information Systems Life Cycle 220 Engineering Processes Using Secure Design Principles 223 Security Model Concepts 231 System Security Evaluation Models 255 Certification and Accreditation 267 Control Selection Based on Systems Security Requirements 268 Security Capabilities of Information Systems 269 Security Architecture Maintenance 272 Vulnerabilities of Security Architectures, Designs, and Solution Elements 273 Vulnerabilities in Web-Based Systems 296 Vulnerabilities in Mobile Systems 299 Vulnerabilities in Embedded Systems 304 Cryptographic Solutions 305 Cryptographic Types 317 Symmetric Algorithms 325 Asymmetric Algorithms 332 Public Key Infrastructure and Digital Certificates 335 Key Management Practices 343 Message Integrity 347 Digital Signatures and Non-repudiation 354 Applied Cryptography 354 Cryptanalytic Attacks 355 Digital Rights Management 360 Site and Facility Design 362 Site and Facility Security Controls 368 Exam Preparation Tasks 379 Review All Key Topics 379 Complete the Tables and Lists from Memory 381 Define Key Terms 381 Answer Review Questions 382 Answers and Explanations 387
Chapter 4 Communication and Network Security 391 Foundation Topics 392 Secure Network Design Principles 392 IP Networking 403 Protocols and Services 435 Converged Protocols 443 Wireless Networks 448 Communications Cryptography 468 Secure Network Components 473 Secure Communication Channels 520 Network Attacks 535 Exam Preparation Tasks 547 Review All Key Topics 547 Define Key Terms 548 Answer Review Questions 550 Answers and Explanations 555
Chapter 5 Identity and Access Management (IAM) 561 Foundation Topics 562 Access Control Process 562 Physical and Logical Access to Assets 563 Identification and Authentication Concepts 568 Identification and Authentication Implementation 588 Identity as a Service (IDaaS) Implementation 602 Third-Party Identity Services Integration 602 Authorization Mechanisms 603 Provisioning Life Cycle 612 Access Control Threats 618 Prevent or Mitigate Access Control Threats 625 Exam Preparation Tasks 625 Review All Key Topics 625 Define Key Terms 626 Answer Review Questions 627 Answers and Explanations 630
Chapter 6 Security Assessment and Testing 635 Foundation Topics 636 Design and Validate Assessment and Testing Strategies 636 Conduct Security Control Testing 639 Collect Security Process Data 655 Analyze Test Outputs and Generate a Report 659 Conduct or Facilitate Security Audits 659 Exam Preparation Tasks 661 Review All Key Topics 661 Define Key Terms 662 Answer Review Questions 662 Answers and Explanations 665
Chapter 7 Security Operations 673 Foundation Topics 674 Investigations 674 Logging and Monitoring Activities 690 Configuration and Change Management 697 Security Operations Concepts 702 Resource Protection 707 Incident Management 719 Detective and Preventive Measures 724 Patch and Vulnerability Management 729 Recovery Strategies 729 Disaster Recovery 747 Testing Disaster Recovery Plans 751 Business Continuity Planning and Exercises 753 Physical Security 754 Personnel Safety and Security 760 Exam Preparation Tasks 763 Review All Key Topics 763 Define Key Terms 764 Answer Review Questions 764 Answers and Explanations 768
Chapter 8 Software Development Security 773 Foundation Topics 774 Software Development Concepts 774 Security in the System and Software Development Life Cycle 783 Security Controls in Development 806 Assess Software Security Effectiveness 815 Security Impact of Acquired Software 817 Exam Preparation Tasks 825 Review All Key Topics 825 Define Key Terms 825 Answer Review Questions 826 Answers and Explanations 830
Chapter 9 Final Preparation 835 Tools for Final Preparation 835 Suggested Plan for Final Review/Study 839 Summary 840 Online Elements Appendix A Memory Tables Appendix B Memory Tables Answer Key Glossary 9780135343999, TOC, 7/24/24
De oplyste priser er inkl. moms
Butikker og åbningstid
Handler du som firma
Forretningsbetingelser
Porto og forsendelse
Data & cookiepolitik
Handler du som firma
Forretningsbetingelser
Porto og forsendelse
Data & cookiepolitik
Find pensumliste
FAQ for studerende
Pensumlistegaranti
Sortiment og levering
Kompendier(for undervisere)
FAQ for studerende
Pensumlistegaranti
Sortiment og levering
Kompendier(for undervisere)
Polyteknisk Boghandel og Forlag A/S - Anker Engelundsvej 1 - 2800 Lyngby
Tlf 77 42 43 44 - email poly@polyteknisk.dk - CVR 34072655 - Sydbank Reg: 6748 Konto 0001107927
Tlf 77 42 43 44 - email poly@polyteknisk.dk - CVR 34072655 - Sydbank Reg: 6748 Konto 0001107927