0132786796 CISSP All In One Exam Guide 6e
CISSP%20All-in-One%20Exam%20Guide%206e
CISSP%20All-in-One%20Exam%20Guide%206e
User Manual:
Open the PDF directly: View PDF
Page Count: 1472 [warning: Documents this large are best viewed by clicking the View PDF Link!]
- Cover Page
- Title Page
- Copyright Page
- Contents
- Foreword
- Acknowledgments
- Chapter 1 Becoming a CISSP
- Chapter 2 Information Security Governance and Risk Management
- Fundamental Principles of Security
- Security Definitions
- Control Types
- Security Frameworks
- Security Management
- Risk Management
- Risk Assessment and Analysis
- Policies, Standards, Baselines, Guidelines, and Procedures
- Information Classification
- Layers of Responsibility
- Security Steering Committee
- Audit Committee
- Data Owner
- Data Custodian
- System Owner
- Security Administrator
- Security Analyst
- Application Owner
- Supervisor
- Change Control Analyst
- Data Analyst
- Process Owner
- Solution Provider
- User
- Product Line Manager
- Auditor
- Why So Many Roles?
- Personnel Security
- Hiring Practices
- Termination
- Security-Awareness Training
- Degree or Certification?
- Security Governance
- Summary
- Quick Tips
- Chapter 3 Access Control
- Access Controls Overview
- Security Principles
- Identification, Authentication, Authorization, and Accountability
- Access Control Models
- Access Control Techniques and Technologies
- Access Control Administration
- Access Control Methods
- Accountability
- Access Control Practices
- Access Control Monitoring
- Threats to Access Control
- Summary
- Quick Tips
- Chapter 4 Security Architecture and Design
- Computer Security
- System Architecture
- Computer Architecture
- Operating System Architectures
- System Security Architecture
- Security Models
- Security Modes of Operation
- Systems Evaluation Methods
- The Orange Book and the Rainbow Series
- Information Technology Security Evaluation Criteria
- Common Criteria
- Certification vs. Accreditation
- Open vs. Closed Systems
- A Few Threats to Review
- Summary
- Quick Tips
- Chapter 5 Physical and Environmental Security
- Chapter 6 Telecommunications and Network Security
- Chapter 7 Cryptography
- The History of Cryptography
- Cryptography Definitions and Concepts
- Types of Ciphers
- Methods of Encryption
- Types of Symmetric Systems
- Types of Asymmetric Systems
- Message Integrity
- Public Key Infrastructure
- Key Management
- Trusted Platform Module
- Link Encryption vs. End-to-End Encryption
- E-mail Standards
- Internet Security
- Attacks
- Summary
- Quick Tips
- Chapter 8 Business Continuity and Disaster Recovery Planning
- Chapter 9 Legal, Regulations, Investigations, and Compliance
- The Many Facets of Cyberlaw
- The Crux of Computer Crime Laws
- Complexities in Cybercrime
- Intellectual Property Laws
- Privacy
- Liability and Its Ramifications
- Compliance
- Investigations
- Incident Management
- Incident Response Procedures
- Computer Forensics and Proper Collection of Evidence
- International Organization on Computer Evidence
- Motive, Opportunity, and Means
- Computer Criminal Behavior
- Incident Investigators
- The Forensics Investigation Process
- What Is Admissible in Court?
- Surveillance, Search, and Seizure
- Interviewing and Interrogating
- A Few Different Attack Types
- Cybersquatting
- Ethics
- Summary
- Quick Tips
- Chapter 10 Software Development Security
- Software’s Importance
- Where Do We Place Security?
- System Development Life Cycle
- Software Development Life Cycle
- Secure Software Development Best Practices
- Software Development Models
- Capability Maturity Model Integration
- Change Control
- Programming Languages and Concepts
- Distributed Computing
- Mobile Code
- Web Security
- Database Management
- Expert Systems/Knowledge-Based Systems
- Artificial Neural Networks
- Malicious Software (Malware)
- Summary
- Quick Tips
- Chapter 11 Security Operations
- Appendix A: Comprehensive Questions
- Appendix B: About the Download
- Glossary
- Index