Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
All-in-one
>
CISSP All-in-One Exam Guide, Seventh Edition
CITATION
Harris, Shon and
Maymi, Fernando
.
CISSP All-in-One Exam Guide, Seventh Edition
. New York: McGraw-Hill Education, 2016.
Add to Favorites
Email to a Friend
Download Citation
CISSP All-in-One Exam Guide, Seventh Edition
Authors:
Shon Harris
and
Fernando Maymi
Published:
June 2016
Pages:
1456
eISBN:
9780071849265
|
ISBN:
9780071849272
Open eBook
Book Description
Table of Contents
Cover
Title Page
Copyright Page
Contents
In Memory of Shon Harris
Foreword
Acknowledgments
From the Author
Why Become a CISSP?
Chapter 1 Security and Risk Management
Fundamental Principles of Security
Security Definitions
Control Types
Security Frameworks
The Crux of Computer Crime Laws
Complexities in Cybercrime
Intellectual Property Laws
Privacy
Data Breaches
Policies, Standards, Baselines, Guidelines, and Procedures
Risk Management
Threat Modeling
Risk Assessment and Analysis
Risk Management Frameworks
Business Continuity and Disaster Recovery
Personnel Security
Security Governance
Ethics
Summary
Quick Tips
Chapter 2 Asset Security
Information Life Cycle
Information Classification
Layers of Responsibility
Retention Policies
Protecting Privacy
Protecting Assets
Data Leakage
Protecting Other Assets
Summary
Quick Tips
Chapter 3 Security Engineering
System Architecture
Computer Architecture
Operating Systems
System Security Architecture
Security Models
Systems Evaluation
Certification vs. Accreditation
Open vs. Closed Systems
Distributed System Security
A Few Threats to Review
Cryptography in Context
Cryptography Definitions and Concepts
Types of Ciphers
Methods of Encryption
Types of Symmetric Systems
Types of Asymmetric Systems
Message Integrity
Public Key Infrastructure
Key Management
Trusted Platform Module
Attacks on Cryptography
Site and Facility Security
The Site Planning Process
Protecting Assets
Internal Support Systems
Summary
Quick Tips
Chapter 4 Communication and Network Security
Telecommunications
Open Systems Interconnection Reference Model
TCP/IP Model
Types of Transmission
Cabling
Networking Foundations
Networking Devices
Intranets and Extranets
Metropolitan Area Networks
Wide Area Networks
Remote Connectivity
Wireless Networks
Network Encryption
Network Attacks
Summary
Quick Tips
Chapter 5 Identity and Access Management
Security Principles
Identification, Authentication, Authorization, and Accountability
Access Control Models
Access Control Techniques and Technologies
Access Control Administration
Access Control Methods
Accountability
Access Control Practices
Access Control Monitoring
Threats to Access Control
Summary
Quick Tips
Chapter 6 Security Assessment and Testing
Audit Strategies
Auditing Technical Controls
Auditing Administrative Controls
Reporting
Management Review
Summary
Quick Tips
Chapter 7 Security Operations
The Role of the Operations Department
Administrative Management
Assurance Levels
Operational Responsibilities
Configuration Management
Physical Security
Secure Resource Provisioning
Network and Resource Availability
Preventative Measures
The Incident Management Process
Disaster Recovery
Insurance
Recovery and Restoration
Investigations
Liability and Its Ramifications
Compliance
Personal Safety Concerns
Summary
Quick Tips
Chapter 8 Software Development Security
Building Good Code
Where Do We Place Security?
Software Development Life Cycle
Secure Software Development Best Practices
Software Development Models
Integrated Product Team
Capability Maturity Model Integration
Change Control
Programming Languages and Concepts
Distributed Computing
Mobile Code
Web Security
Database Management
Malicious Software (Malware)
Assessing the Security of Acquired Software
Summary
Quick Tips
Appendix A: Comprehensive Questions
Answers
Appendix B: About the Download
System Requirements
Total Tester Premium Practice Exam Software
Hotspot and Drag-and-Drop Questions
Technical Support
Glossary
Index
