CISSP Study Guide

Front Cover
Syngress, Sep 16, 2010 - Computers - 640 pages
CISSP Study Guide serves as a review for those who want to take the Certified Information Systems Security Professional (CISSP) exam and obtain CISSP certification. The exam is designed to ensure that someone who is handling computer security in a company has a standardized body of knowledge. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. It also provides tips on how to prepare for the exam and take the exam. It also contains CISSP practice quizzes to test ones knowledge. The first domain provides information about risk analysis and mitigation. It also discusses security governance. The second domain discusses different techniques for access control, which is the basis for all the security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental for operating the system and software security components. Domain 6 is a critical domain in the Common Body of Knowledge, the Business Continuity Planning, and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domains 7, 8, and 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework in determining the laws about information system.
  • Clearly Stated Exam Objectives
  • Unique Terms / Definitions
  • Exam Warnings
  • Helpful Notes
  • Learning By Example
  • Stepped Chapter Ending Questions
  • Self Test Appendix
  • Detailed Glossary
  • Web Site (http://booksite.syngress.com/companion/conrad) Contains Two Practice Exams and Ten Podcasts-One for Each Domain
 

Selected pages

Contents

Introduction
1
Domain 1 Informationsecurity governance andrisk management
7
Domain 2 Access control
37
Domain 3 Cryptography
91
Domain 4 PhysicalEnvironmental security
131
Domain 5 Security architecture and design
165
Domain 6 Businesscontinuity and disasterrecovery planning
211
Domain 7 Telecommunications and network security
255
Domain 8 Application development security
329
Domain 9 Operations security
371
Domain 10 Legal regulations investigations and compliance
405
Self test
441
Glossary
489
Index
525
Add Page
569
Copyright

Other editions - View all

CISSP Study Guide
Eric Conrad,Seth Misenar,Joshua Feldman
Limited preview - 2015
CISSP Study Guide
Eric Conrad,Seth Misenar,Joshua Feldman
No preview available - 2010
CISSP Study Guide
Eric Conrad,Seth Misenar,Joshua Feldman
No preview available - 2015

Common terms and phrases

access control algorithm allows Annualized Loss Expectancy Answers and Explanations applications assets attack authentication availability BCP/DRP bits Business Continuity cable called cipher ciphertext CISSP client common confidentiality configuration connection Correct Answer create cryptographic database decrypt designed detection device Disaster Recovery disk disruptive event Domain encryption ensure Ethics EXAM WARNING example Figure firewall hardware hash ICMP implementation incident response incorrect information security integrity Internet IP address IPSec IPv4 IPv6 Kerberos Layer MAC address malicious malware memory Microsoft mode multiple nodes objects one-time pad operating system organization organization’s OSI model packet password password cracking patch Phishing physical plaintext Plan port protection Protocol RAID rainbow tables risk router routing scans Separation of duties server specific symmetric Table TCP/IP TCSEC testing threat tion traffic typically vulnerability wireless

About the author (2010)

Joshua Feldman (CISSP) is Senior Vice President for Security Technology at the Radian Group – a real estate and mortgage insurance conglomerate. His mission is focused on protecting over 10M US consumer financial records. He is the executive responsible for all aspects of Radian’s technical security program. Previous security roles included work at Moody’s Credit Ratings, Corning Inc, and the US Department of Defense and Department of State. In 2008, Joshua was Eric's student when studying for the CISSP exam and was so impressed with Eric’s mastery of the materials that he invited Eric to work with him at the DoD. Quickly after starting work, Eric invited Seth. That project ran successfully for over eight years – a testament to the value brought for US military cyber professionals. Joshua got his start in the cyber security field when he left his public-school science teaching position in 1997 and began working for Network Flight Recorder (NFR, Inc.), a small Washington, DC based startup making the first generation of Network Intrusion Detection Systems. He has a Bachelor’s of Science from the University of Maryland and a Master’s in Cyber Operations from National Defense University. He currently resides in Philadelphia with his little dog, Jacky-boy.

Seth Misenar (CISSP®, GSE, GDSA, GDAT, GMON, GCDA, GCIH, GCIA, GCFA) is a Fellow with the SANS Institute and also serves as Principal Consultant for Jackson, Mississippi-based Context Security, LLC. His cyber security background includes research, host-based and network intrusion detection, architecture design, and general security consulting. Seth previously served as a physical and network security consultant for Fortune 100 companies and a state government agency’s HIPAA and information security officer. He has partnered with the SANS Institute for over 15 years, teaching and authoring courseware and facilitating instructor development. Seth is pursuing a Master of Science degree in Information Security Engineering from the SANS Technology Institute and holds a Bachelor of Science degree from Millsaps College.

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GMON, GISP), is a SANS fellow and Chief Technology Officer of Backshore Communications, which provides threat hunting, penetration testing, incident handling, and intrusion detection consulting services. Eric started his professional career in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and healthcare, in positions ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He is coauthor of MGT414: SANS Training Program for the CISSP Certification, SEC511: Continuous Monitoring and Security Operations, and SEC542: Web App Penetration Testing and Ethical Hacking. Eric graduated from the SANS Technology Institute with a Master of Science degree in Information Security Engineering.

Bibliographic information

TitleCISSP Study Guide
AuthorsJoshua Feldman, Seth Misenar, Eric Conrad
Editionreprint
PublisherSyngress, 2010
ISBN1597495646, 9781597495646
Length640 pages
Subjects ›  › 

Business & Economics / Management
Computers / Certification Guides / General
Computers / Information Technology
Computers / Management Information Systems
Computers / Networking / General
Computers / Security / General
Computers / Security / Network Security
  
Export CitationBiBTeX EndNote RefMan