LibCat » Книги » Приключения » unrecognised » Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide

Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide

Здесь есть возможность читать онлайн «Mike Chapple - (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide» — ознакомительный отрывок электронной книги совершенно бесплатно, а после прочтения отрывка купить полную версию. В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Жанр: unrecognised, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

Читать книгу

Название:
(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide
Автор:
Mike Chapple
Жанр:
unrecognised / на английском языке
Год:
неизвестен
ISBN:
нет данных
Рейтинг книги:
4 / 5. Голосов: 1
Избранное:

Добавить в избранное
Отзывы:
Написать комментарий
Ваша оценка:
- 80
- 1
- 2
- 3
- 4
- 5

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

CISSP Study Guide – fully updated for the 2021 CISSP Body of Knowledge (ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition The three co-authors of this book bring decades of experience as cybersecurity practitioners and educators, integrating real-world expertise with the practical knowledge you’ll need to successfully pass the CISSP exam. Combined, they’ve taught cybersecurity concepts to millions of students through their books, video courses, and live training programs.
Along with the book, you also get access to Sybex's superior online interactive learning environment that includes:
Over 900 new and improved practice test questions with complete answer explanations. This includes all of the questions from the book plus four additional online-only practice exams, each with 125 unique questions. You can use the online-only practice exams as full exam simulations. Our questions will help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam. More than 700 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
Author Mike Chapple reads the Exam Essentials for each chapter providing you with 2 hours and 50 minutes of new audio review for yet another way to reinforce your knowledge as you prepare. Coverage of all of the exam topics in the book means you'll be ready for:
Security and Risk Management Asset Security Security Architecture and Engineering Communication and Network Security Identity and Access Management (IAM) Security Assessment and Testing Security Operations Software Development Security

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide — читать онлайн ознакомительный отрывок

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема

Шрифт:

↓

↑

Сбросить

Интервал:

↓

↑

Закладка:

Сделать

Table of Contents

1 Cover

2 Title Page (ISC) 2® CISSP ® Certified Information Systems Security Professional Official Study Guide Ninth Edition Mike ChappleJames Michael StewartDarril Gibson

3 Copyright

4 Dedication

5 Acknowledgments

6 About the Authors

7 About the Technical Editors

8 Foreword

9 Introduction Overview of the CISSP Exam The Elements of This Study Guide Interactive Online Learning Environment and TestBank Study Guide Exam Objectives Objective Map Reader Support for This Book Assessment Test Answers to Assessment Test

10 Chapter 1: Security Governance Through Principles and Policies Security 101 Understand and Apply Security Concepts Security Boundaries Evaluate and Apply Security Governance Principles Manage the Security Function Security Policy, Standards, Procedures, and Guidelines Threat Modeling Supply Chain Risk Management Summary Exam Essentials Written Lab Review Questions

11 Chapter 2: Personnel Security and Risk Management Concepts Personnel Security Policies and Procedures Understand and Apply Risk Management Concepts Social Engineering Establish and Maintain a Security Awareness, Education, and Training Program Summary Exam Essentials Written Lab Review Questions

12 Chapter 3: Business Continuity Planning Planning for Business Continuity Project Scope and Planning Business Impact Analysis Continuity Planning Plan Approval and Implementation Summary Exam Essentials Written Lab Review Questions

13 Chapter 4: Laws, Regulations, and Compliance Categories of Laws Laws State Privacy Laws Compliance Contracting and Procurement Summary Exam Essentials Written Lab Review Questions

14 Chapter 5: Protecting Security of Assets Identifying and Classifying Information and Assets Establishing Information and Asset Handling Requirements Data Protection Methods Understanding Data Roles Using Security Baselines Summary Exam Essentials Written Lab Review Questions

15 Chapter 6: Cryptography and Symmetric Key Algorithms Cryptographic Foundations Modern Cryptography Symmetric Cryptography Cryptographic Lifecycle Summary Exam Essentials Written Lab Review Questions

16 Chapter 7: PKI and Cryptographic Applications Asymmetric Cryptography Hash Functions Digital Signatures Public Key Infrastructure Asymmetric Key Management Hybrid Cryptography Applied Cryptography Cryptographic Attacks Summary Exam Essentials Written Lab Review Questions

17 Chapter 8: Principles of Security Models, Design, and Capabilities Secure Design Principles Techniques for Ensuring CIA Understand the Fundamental Concepts of Security Models Select Controls Based on Systems Security Requirements Understand Security Capabilities of Information Systems Summary Exam Essentials Written Lab Review Questions

18 Chapter 9: Security Vulnerabilities, Threats, and Countermeasures Shared Responsibility Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements Client-Based Systems Server-Based Systems Industrial Control Systems Distributed Systems High-Performance Computing (HPC) Systems Internet of Things Edge and Fog Computing Embedded Devices and Cyber-Physical Systems Specialized Devices Microservices Infrastructure as Code Virtualized Systems Containerization Serverless Architecture Mobile Devices Essential Security Protection Mechanisms Common Security Architecture Flaws and Issues Summary Exam Essentials Written Lab Review Questions

19 Chapter 10: Physical Security Requirements Apply Security Principles to Site and Facility Design Implement Site and Facility Security Controls Implement and Manage Physical Security Summary Exam Essentials Written Lab Review Questions

20 Chapter 11: Secure Network Architecture and Components OSI Model TCP/IP Model Analyzing Network Traffic Common Application Layer Protocols Transport Layer Protocols Domain Name System Internet Protocol (IP) Networking ARP Concerns Secure Communication Protocols Implications of Multilayer Protocols Microsegmentation Wireless Networks Other Communication Protocols Cellular Networks Content Distribution Networks (CDNs) Secure Network Components Summary Exam Essentials Written Lab Review Questions

21 Chapter 12: Secure Communications and Network Attacks Protocol Security Mechanisms Secure Voice Communications Remote Access Security Management Multimedia Collaboration Load Balancing Manage Email Security Virtual Private Network Switching and Virtual LANs Network Address Translation Third-Party Connectivity Switching Technologies WAN Technologies Fiber-Optic Links Security Control Characteristics Prevent or Mitigate Network Attacks Summary Exam Essentials Written Lab Review Questions

22 Chapter 13: Managing Identity and Authentication Controlling Access to Assets Managing Identification and Authentication Implementing Identity Management Managing the Identity and Access Provisioning Lifecycle Summary Exam Essentials Written Lab Review Questions

23 Chapter 14: Controlling and Monitoring Access Comparing Access Control Models Implementing Authentication Systems Understanding Access Control Attacks Summary Exam Essentials Written Lab Review Questions

24 Chapter 15: Security Assessment and Testing Building a Security Assessment and Testing Program Performing Vulnerability Assessments Testing Your Software Implementing Security Management Processes Summary Exam Essentials Written Lab Review Questions

25 Chapter 16: Managing Security Operations Apply Foundational Security Operations Concepts Addressing Personnel Safety and Security Provision Resources Securely Apply Resource Protection Managed Services in the Cloud Perform Configuration Management (CM) Managing Change Managing Patches and Reducing Vulnerabilities Summary Exam Essentials Written Lab Review Questions

26 Chapter 17: Preventing and Responding to Incidents Conducting Incident Management Implementing Detective and Preventive Measures Logging and Monitoring Automating Incident Response Summary Exam Essentials Written Lab Review Questions

27 Chapter 18: Disaster Recovery Planning The Nature of Disaster Understand System Resilience, High Availability, and Fault Tolerance Recovery Strategy Recovery Plan Development Training, Awareness, and Documentation Testing and Maintenance Summary Exam Essentials Written Lab Review Questions

28 Chapter 19: Investigations and Ethics Investigations Major Categories of Computer Crime Ethics Summary Exam Essentials Written Lab Review Questions

29 Chapter 20: Software Development Security Introducing Systems Development Controls Establishing Databases and Data Warehousing Storage Threats Understanding Knowledge-Based Systems Summary Exam Essentials Written Lab Review Questions

30 Chapter 21: Malicious Code and Application Attacks Malware Malware Prevention Application Attacks Injection Vulnerabilities Exploiting Authorization Vulnerabilities Exploiting Web Application Vulnerabilities Application Security Controls Secure Coding Practices Summary Exam Essentials Written Lab Review Questions

31 Appendix A: Answers to Review QuestionsChapter 1: Security Governance Through Principles and Policies Chapter 2: Personnel Security and Risk Management Concepts Chapter 3: Business Continuity Planning Chapter 4: Laws, Regulations, and Compliance Chapter 5: Protecting Security of Assets Chapter 6: Cryptography and Symmetric Key Algorithms Chapter 7: PKI and Cryptographic Applications Chapter 8: Principles of Security Models, Design, and Capabilities Chapter 9: Security Vulnerabilities, Threats, and Countermeasures Chapter 10: Physical Security Requirements Chapter 11: Secure Network Architecture and Components Chapter 12: Secure Communications and Network Attacks Chapter 13: Managing Identity and Authentication Chapter 14: Controlling and Monitoring Access Chapter 15: Security Assessment and Testing Chapter 16: Managing Security Operations Chapter 17: Preventing and Responding to Incidents Chapter 18: Disaster Recovery Planning Chapter 19: Investigations and Ethics Chapter 20: Software Development Security Chapter 21: Malicious Code and Application Attacks