CISSP: Certified Information Systems Security Professional Study Guide

Front Cover
John Wiley & Sons, Jul 10, 2012 - Computers - 936 pages
Fully updated Sybex Study Guide for the industry-leading security certification: CISSP


Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. This highly respected guide is updated to cover changes made to the CISSP Body of Knowledge in 2012. It also provides additional advice on how to pass each section of the exam. With expanded coverage of key areas, it also includes a full-length, 250-question practice exam.


  • Fully updated for the 2012 CISSP Body of Knowledge, the industry-leading standard for IT professionals
  • Thoroughly covers exam topics, including access control, application development security, business continuity and disaster recovery planning, cryptography, operations security, and physical (environmental) security
  • Examines information security governance and risk management, legal regulations, investigations and compliance, and telecommunications and network security
  • Features expanded coverage of biometrics, auditing and accountability, software security testing, and many more key topics

CISSP: Certified Information Systems Security Professional Study Guide, 6th Edition prepares you with both the knowledge and the confidence to pass the CISSP exam.

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Introduction
xxxv
Assessment Test
xliv
Access Control
1
Access Control
4
Access Control Attacks and Monitoring
47
Secure Network Architecture and Securing
87
Chapter Secure Communications and Network Attacks 4
151
Virtual Private Network
155
Implement Preventive Measures Against Attacks
578
Understand System Resilience and Fault
603
Exam Essentials
609
Business Continuity Planning
617
263
640
Disaster Recovery Planning
643
Laws Regulations and Compliance
681
Compliance
698

Switching Technologies
170
Miscellaneous Security Control Characteristics
179
Secure Voice Communications
186
Chapter Security Governance Concepts Principles and Policies 5
205
Risk and Personnel Management
239
Chapter Software Development Security
275
Databases and Data Warehousing
282
DataInformation Storage
293
Summary
319
Chapter Malicious Code and Application Attacks
327
Chapter Cryptography and Symmetric Key Algorithms
361
PKI and Cryptographic Applications
403
Hash Functions
409
Public Key Infrastructure
415
Principles of Security Models Design and Capabilities
437
Security Architecture Vulnerabilities
446
Threats and Countermeasures
477
Security Operations
531
Incident Management
571
Contracting and Procurement
704
Incidents and Ethics
713
Physical Security Requirements
745
Appendices
782
Appendix B Answers to Written Labs
816
About the Additional Study Tools
832
275
835
477
841
87
843
571
853
99
854
681
856
114
860
579
865
151
866
205
870
239
877
Copyright

Common terms and phrases

About the author (2012)

James Michael Stewart (Austin, TX), CISSP, is a security expert who has authored numerous publications, books, and courseware. Michael is also an instructor of CISSP and a variety of ethical hacking classes.

Mike Chapple (Miami, FL), Ph.D., CISSP, is an information security professional with the University of Notre Dame. In the past, he was chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S. Air Force. His primary areas of expertise include network intrusion detection and access controls. Mike is a frequent contributor to TechTarget's SearchSecurity site, author of several information security titles including. Both Stewart and Chapple co-authored previous editions of the CISSP: Certified Information Systems Security Professional Study Guide.

Darril Gibson (Virginia Beach, VA), Security+, CISSP, ITIL v3, is the CEO of Security Consulting and Training, LLC. He regularly teaches, writes, and consults on a wide variety of security and technical topics. He's been a Microsoft Certified Trainer since August 1999 and holds several certifications. He has authored, coauthored, or contributed to 14 books on a wide range of topics including Security+ and other security topics.

Bibliographic information