Sign in  |  Register
Advanced search
Publication Cover

CITATION

Rogers, Bobby E.. CISSP Passport. New York: McGraw Hill LLC, 2022.

CISSP Passport

Authors: Bobby E. Rogers

Published:  October 2022 Pages: 448

eISBN: 9781264277988 | ISBN: 9781264277971
Open eBook
  • Cover
  • About the Author
  • Title Page
  • Copyright Page
  • Dedication
  • Contents at a Glance
  • Contents
  • Acknowledgments
  • Introduction
  • 1.0 Security and Risk Management
  • Objective 1.1 Understand, adhere to, and promote professional ethics
  • Objective 1.2 Understand and apply security concepts
  • Objective 1.3 Evaluate and apply security governance principles
  • Objective 1.4 Determine compliance and other requirements
  • Objective 1.5 Understand legal and regulatory issues that pertain to information security in a holistic context
  • Objective 1.6 Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)
  • Objective 1.7 Develop, document, and implement security policy, standards, procedures, and guidelines
  • Objective 1.8 Identify, analyze, and prioritize Business Continuity (BC) requirements
  • Objective 1.9 Contribute to and enforce personnel security policies and procedures
  • Objective 1.10 Understand and apply risk management concepts
  • Objective 1.11 Understand and apply threat modeling concepts and methodologies
  • Objective 1.12 Apply Supply Chain Risk Management (SCRM) concepts
  • Objective 1.13 Establish and maintain a security awareness, education, and training program
  • 2.0 Asset Security
  • Objective 2.1 Identify and classify information and assets
  • Objective 2.2 Establish information and asset handling requirements
  • Objective 2.3 Provision resources securely
  • Objective 2.4 Manage data lifecycle
  • Objective 2.5 Ensure appropriate asset retention (e.g., End-of-Life (EOL), End-of-Support (EOS))
  • Objective 2.6 Determine data security controls and compliance requirements
  • 3.0 Security Architecture and Engineering
  • Objective 3.1 Research, implement, and manage engineering processes using secure design principles
  • Objective 3.2 Understand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)
  • Objective 3.3 Select controls based upon systems security requirements
  • Objective 3.4 Understand security capabilities of Information Systems (IS) (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
  • Objective 3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
  • Objective 3.6 Select and determine cryptographic solutions
  • Objective 3.7 Understand methods of cryptanalytic attacks
  • Objective 3.8 Apply security principles to site and facility design
  • Objective 3.9 Design site and facility security controls
  • 4.0 Communication and Network Security
  • Objective 4.1 Assess and implement secure design principles in network architectures
  • Objective 4.2 Secure network components
  • Objective 4.3 Implement secure communication channels according to design
  • 5.0 Identity and Access Management (IAM)
  • Objective 5.1 Control physical and logical access to assets
  • Objective 5.2 Manage identification and authentication of people, devices, and services
  • Objective 5.3 Federated identity with a third-party service
  • Objective 5.4 Implement and manage authorization mechanisms
  • Objective 5.5 Manage the identity and access provisioning lifecycle
  • Objective 5.6 Implement authentication systems
  • 6.0 Security Assessment and Testing
  • Objective 6.1 Design and validate assessment, test, and audit strategies
  • Objective 6.2 Conduct security control testing
  • Objective 6.3 Collect security process data (e.g., technical and administrative)
  • Objective 6.4 Analyze test output and generate report
  • Objective 6.5 Conduct or facilitate security audits
  • 7.0 Security Operations
  • Objective 7.1 Understand and comply with investigations
  • Objective 7.2 Conduct logging and monitoring activities
  • Objective 7.3 Perform Configuration Management (CM) (e.g., provisioning, baselining, automation)
  • Objective 7.4 Apply foundational security operations concepts
  • Objective 7.5 Apply resource protection
  • Objective 7.6 Conduct incident management
  • Objective 7.7 Operate and maintain detective and preventative measures
  • Objective 7.8 Implement and support patch and vulnerability management
  • Objective 7.9 Understand and participate in change management processes
  • Objective 7.10 Implement recovery strategies
  • Objective 7.11 Implement Disaster Recovery (DR) processes
  • Objective 7.12 Test Disaster Recovery Plans (DRP)
  • Objective 7.13 Participate in Business Continuity (BC) planning and exercises
  • Objective 7.14 Implement and manage physical security
  • Objective 7.15 Address personnel safety and security concerns
  • 8.0 Software Development Security
  • Objective 8.1 Understand and integrate security in the Software Development Life Cycle (SDLC)
  • Objective 8.2 Identify and apply security controls in software development ecosystems
  • Objective 8.3 Assess the effectiveness of software security
  • Objective 8.4 Assess security impact of acquired software
  • Objective 8.5 Define and apply secure coding guidelines and standards
  • A About the Online Content
  • System Requirements
  • Your Total Seminars Training Hub Account
  • Single User License Terms and Conditions
  • TotalTester Online
  • Technical Support
  • Index