Mike Wills - The Official (ISC)2 SSCP CBK Reference

Здесь есть возможность читать онлайн «Mike Wills - The Official (ISC)2 SSCP CBK Reference» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

The Official (ISC)2 SSCP CBK Reference: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «The Official (ISC)2 SSCP CBK Reference»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

The only official body of knowledge for SSCP—(ISC)2’s popular credential for hands-on security professionals—fully revised and updated 2021 SSCP Exam Outline.
The Official (ISC)2 SSCP CBK Reference
SSCP Study Guide
The Official (ISC)2 SSCP CBK Reference

The Official (ISC)2 SSCP CBK Reference — читать онлайн ознакомительный отрывок

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «The Official (ISC)2 SSCP CBK Reference», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема
Сбросить

Интервал:

Закладка:

Сделать

Table of Contents

1 Cover

2 Title Page The Official (ISC)2 ® SSCP ® CBK ® Reference Sixth Edition MICHAEL S. WILLS, SSCP, CISSP, CAMS

3 Copyright

4 Acknowledgments

5 About the Author

6 About the Technical Editor

7 Foreword

8 Introduction ABOUT THIS BOOK WHERE DO YOU GO FROM HERE? LET'S GET STARTED! HOW TO CONTACT THE PUBLISHER NOTES

9 CHAPTER 1: Security Operations and Administration COMPLY WITH CODES OF ETHICS UNDERSTAND SECURITY CONCEPTS DOCUMENT, IMPLEMENT, AND MAINTAIN FUNCTIONAL SECURITY CONTROLS PARTICIPATE IN ASSET MANAGEMENT IMPLEMENT SECURITY CONTROLS AND ASSESS COMPLIANCE PARTICIPATE IN CHANGE MANAGEMENT PARTICIPATE IN SECURITY AWARENESS AND TRAINING PARTICIPATE IN PHYSICAL SECURITY OPERATIONS SUMMARY

10 CHAPTER 2: Access Controls ACCESS CONTROL CONCEPTS IMPLEMENT AND MAINTAIN AUTHENTICATION METHODS SUPPORT INTERNETWORK TRUST ARCHITECTURES PARTICIPATE IN THE IDENTITY MANAGEMENT LIFECYCLE IMPLEMENT ACCESS CONTROLS SUMMARY

11 CHAPTER 3: Risk Identification, Monitoring, and Analysis DEFEATING THE KILL CHAIN ONE SKIRMISH AT A TIME UNDERSTAND THE RISK MANAGEMENT PROCESS PERFORM SECURITY ASSESSMENT ACTIVITIES OPERATE AND MAINTAIN MONITORING SYSTEMS ANALYZE MONITORING RESULTS SUMMARY NOTES

12 CHAPTER 4: Incident Response and Recovery SUPPORT THE INCIDENT LIFECYCLE UNDERSTAND AND SUPPORT FORENSIC INVESTIGATIONS UNDERSTAND AND SUPPORT BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN ACTIVITIES CIANA+PS AT LAYER 8 AND ABOVE SUMMARY

13 CHAPTER 5: Cryptography UNDERSTAND FUNDAMENTAL CONCEPTS OF CRYPTOGRAPHY CRYPTOGRAPHIC ATTACKS, CRYPTANALYSIS, AND COUNTERMEASURES UNDERSTAND THE REASONS AND REQUIREMENTS FOR CRYPTOGRAPHY UNDERSTAND AND SUPPORT SECURE PROTOCOLS UNDERSTAND PUBLIC KEY INFRASTRUCTURE SYSTEMS SUMMARY NOTES

14 CHAPTER 6: Network and Communications Security UNDERSTAND AND APPLY FUNDAMENTAL CONCEPTS OF NETWORKING IPV4 ADDRESSES, DHCP, AND SUBNETS IPV4 VS. IPV6: KEY DIFFERENCES AND OPTIONS UNDERSTAND NETWORK ATTACKS AND COUNTERMEASURES MANAGE NETWORK ACCESS CONTROLS MANAGE NETWORK SECURITY OPERATE AND CONFIGURE NETWORK-BASED SECURITY DEVICES OPERATE AND CONFIGURE WIRELESS TECHNOLOGIES SUMMARY NOTES

15 CHAPTER 7: Systems and Application Security SYSTEMS AND SOFTWARE INSECURITY INFORMATION SECURITY = INFORMATION QUALITY + INFORMATION INTEGRITY IDENTIFY AND ANALYZE MALICIOUS CODE AND ACTIVITY IMPLEMENT AND OPERATE ENDPOINT DEVICE SECURITY OPERATE AND CONFIGURE CLOUD SECURITY OPERATE AND SECURE VIRTUAL ENVIRONMENTS SUMMARY NOTES

16 Appendix: Cross-Domain Challenges PARADIGM SHIFTS IN INFORMATION SECURITY? PIVOT 1: TURN THE ATTACKERS' PLAYBOOKS AGAINST THEM PIVOT 2: CYBERSECURITY HYGIENE: THINK SMALL, ACT SMALL PIVOT 3: FLIP THE “DATA-DRIVEN VALUE FUNCTION” PIVOT 4: OPERATIONALIZE SECURITY ACROSS THE IMMEDIATE AND LONGER TERM PIVOT 5: ZERO-TRUST ARCHITECTURES AND OPERATIONS OTHER DANGERS ON THE WEB AND NET CURIOSITY AS COUNTERMEASURE NOTES

17 Index

18 End User License Agreement

List of Tables

1 IntroductionTABLE I.1 Kill Chain Phases Mapped to Chapters

2 Chapter 1TABLE 1.1 Forms of Intellectual Property Protection

3 Chapter 4TABLE 4.1 Indicators, Alarms, and IOCsTABLE 4.2 Security Events and Response Priorities

4 Chapter 5TABLE 5.1 Overview of Block CiphersTABLE 5.2 Common Stream Ciphers

5 Chapter 6TABLE 6.1 OSI and TCP/IP Datagram NamingTABLE 6.2 IPv4 Address ClassesTABLE 6.3 Address Classes and CIDRTABLE 6.4 Important Characteristics for Common Network Cabling TypesTABLE 6.5 Commonly Used Security and Access Control Protocols and Port Numbe...TABLE 6.6 Commonly Used Network Management Protocols and Port NumbersTABLE 6.7 Commonly Used Email Protocols and Port NumbersTABLE 6.8 Commonly Used Web Page Access Protocols and Port NumbersTABLE 6.9 Commonly Used Utility Protocols and Port NumbersTABLE 6.10 Wireless Connections OverviewTABLE 6.11 IEEE 802.11 Standard AmendmentsTABLE 6.12 Basic Overview of Cellular Wireless Technologies

List of Illustrations

1 IntroductionFIGURE I.1 MITRE's ATT&CK cybersecurity kill chain model

2 Chapter 1FIGURE 1.1 The DIKW knowledge pyramidFIGURE 1.2 ISO 27002 phasesFIGURE 1.3 AWS dashboard

3 Chapter 2FIGURE 2.1 Subjects and objectsFIGURE 2.2 US-CERT Traffic Light Protocol for information classification and...FIGURE 2.3 Bell–LaPadula (a) versus Biba access control models (b)FIGURE 2.4 Crossover error rate

4 Chapter 3FIGURE 3.1 Kill chain conceptual modelFIGURE 3.2 Target 2013 data breach kill chainFIGURE 3.3 Four bases of risk, viewed togetherFIGURE 3.4 Risk timelineFIGURE 3.5 ISO 31000 RMFFIGURE 3.6 PCI-DSS goals and requirements

5 Chapter 4FIGURE 4.1 Triage: from precursors to incident responseFIGURE 4.2 Incident response lifecycleFIGURE 4.3 NIST incident handling checklistFIGURE 4.4 Indicators of a kill chain in actionFIGURE 4.5 The descent from anomaly to organizational deathFIGURE 4.6 Continuity of operations planning and supporting planning process...FIGURE 4.7 Beyond the seventh layer

6 Chapter 5FIGURE 5.1 Crypto family treeFIGURE 5.2 Comparing hashing and encryption as functionsFIGURE 5.3 Notional S-boxFIGURE 5.4 Notional P-boxFIGURE 5.5 Feistel encryption and decryption (notional)FIGURE 5.6 CBC modeFIGURE 5.7 CFB modeFIGURE 5.8 CTR modeFIGURE 5.9 ECB with small block size weaknesses showingFIGURE 5.10 RC4 stream cipherFIGURE 5.11 Diffie-Hellman-Merkle shared key generation (conceptual)FIGURE 5.12 TLS handshakeFIGURE 5.13 The blockchain conceptFIGURE 5.14 Chains of trustFIGURE 5.15 Certification path validation algorithm

7 Chapter 6FIGURE 6.1 Wrapping: layer-by-layer encapsulationFIGURE 6.2 DNS resolver in actionFIGURE 6.3 DNS cachingFIGURE 6.4 Dynamic routing protocols family treeFIGURE 6.5 OSI Seven-Layer Reference ModelFIGURE 6.6 IPv4 packet formatFIGURE 6.7 TCP three-way handshakeFIGURE 6.8 OSI and TCP/IP side-by-side comparisonFIGURE 6.9 TCP flag fieldsFIGURE 6.10 Changes to packet header from IPv4 to IPv6FIGURE 6.11 A ring topographyFIGURE 6.12 A star topographyFIGURE 6.13 A mesh topographyFIGURE 6.14 Man-in-the-middle attackFIGURE 6.15 Smurfing attackFIGURE 6.16 Network access control in contextFIGURE 6.17 Remote access in contextFIGURE 6.18 Common areas of increased risk in remote accessFIGURE 6.19 Extranet advantages and disadvantagesFIGURE 6.20 Perimeter net and screened hosts

8 Chapter 7FIGURE 7.1 Cloud service models

9 AppendixFIGURE A.1 Zero-trust architecture logical core

Guide

1 Cover

2 Table of Contents

3 Title Page The Official (ISC)2 ® SSCP ® CBK ® Reference Sixth Edition MICHAEL S. WILLS, SSCP, CISSP, CAMS

4 Copyright

5 Acknowledgments

6 About the Author

7 About the Technical Editor

8 Foreword

9 Introduction

10 Begin Reading

11 Appendix: Cross-Domain Challenges

12 Index

13 End User License Agreement

Pages

1 iii

2 iv

3 v

4 vi

5 vii

6 ix

7 xxiii

8 xxiv

9 xxv

10 xxvi

11 xxvii

12 xxviii

13 xxix

14 xxx

15 xxxi

16 xxxii

17 xxxiii

18 xxxiv

19 xxxv

20 1

21 2

22 3

23 4

24 5

25 6

26 7

27 8

28 9

29 10

30 11

31 12

32 13

33 14

34 15

35 16

36 17

37 18

38 19

39 20

40 21

41 22

42 23

43 24

44 25

45 26

46 27

47 28

48 29

49 30

50 31

51 32

52 33

53 34

54 35

55 36

56 37

57 38

58 39

59 40

60 41

61 42

62 43

63 44

64 45

65 46

66 47

67 48

68 49

Читать дальше
Тёмная тема
Сбросить

Интервал:

Закладка:

Сделать

Похожие книги на «The Official (ISC)2 SSCP CBK Reference»

Представляем Вашему вниманию похожие книги на «The Official (ISC)2 SSCP CBK Reference» списком для выбора. Мы отобрали схожую по названию и смыслу литературу в надежде предоставить читателям больше вариантов отыскать новые, интересные, ещё непрочитанные произведения.


Отзывы о книге «The Official (ISC)2 SSCP CBK Reference»

Обсуждение, отзывы о книге «The Official (ISC)2 SSCP CBK Reference» и просто собственные мнения читателей. Оставьте ваши комментарии, напишите, что Вы думаете о произведении, его смысле или главных героях. Укажите что конкретно понравилось, а что нет, и почему Вы так считаете.

x