CISSP Cert Guide, 3rd Edition

CISSP Cert Guide, 3rd Edition

by Robin Abernathy, Troy McMillan
Released May 2018
Publisher(s): Pearson IT Certification
ISBN: 9780134999661

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Learn, prepare, and practice for CISSP exam success with this Cert Guide from Pearson IT Certification, a leader in IT Certification learning.

  • Master the latest CISSP exam topics

  • Assess your knowledge with chapter-ending quizzes

  • Review key concepts with exam preparation tasks

  • Practice with realistic exam questions

Get practical guidance for test taking strategies

CISSP Cert Guide, Third Edition is a best-of-breed exam study guide. Leading IT certification experts Robin Abernathy and Troy McMillan share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion website contains the powerful Pearson Test Prep practice test software engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CISSP study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.

The ISC2 study guide helps you master all the topics on the CISSP exam, including Access control Telecommunications and network security Information security governance and risk management Software development security Cryptography Security architecture and design Operation security Business continuity and disaster recovery planning Legal, regulations, investigations, and compliance Physical (environmental) security

Table of contents

  1. Cover
  2. About This E-Book
  3. Title Page
  4. Copyright Page
  5. Contents at a Glance
  6. Table of Contents
  7. About the Authors
  8. Dedication
  9. Acknowledgments
  10. About the Technical Reviewer
  11. We Want to Hear from You!
  12. Reader Services
  13. Introduction
    1. The Goals of the CISSP Certification
    2. The Value of the CISSP Certification
    3. The Common Body of Knowledge
    4. Steps to Becoming a CISSP
    5. Facts About the CISSP Exam
    6. About the CISSP Cert Guide, Third Edition
    7. Companion Website
    8. Pearson Test Prep Practice Test Software
  14. Chapter 1 Security and Risk Management
    1. Foundation Topics
    2. Security Terms
    3. Security Governance Principles
    4. Compliance
    5. Legal and Regulatory Issues
    6. Professional Ethics
    7. Security Documentation
    8. Business Continuity
    9. Personnel Security Policies and Procedures
    10. Risk Management Concepts
    11. Geographical Threats
    12. Threat Modeling
    13. Security Risks in the Supply Chain
    14. Security Education, Training, and Awareness
    15. Exam Preparation Tasks
    16. Review All Key Topics
    17. Complete the Tables and Lists from Memory
    18. Define Key Terms
    19. Answer Review Questions
    20. Answers and Explanations
  15. Chapter 2 Asset Security
    1. Foundation Topics
    2. Asset Security Concepts
    3. Identify and Classify Information and Assets
    4. Information and Asset Ownership
    5. Protect Privacy
    6. Asset Retention
    7. Data Security Controls
    8. Information and Asset Handling Requirements
    9. Exam Preparation Tasks
    10. Answer Review Questions
    11. Answers and Explanations
  16. Chapter 3 Security Architecture and Engineering
    1. Foundation Topics
    2. Engineering Processes Using Secure Design Principles
    3. Security Model Concepts
    4. System Security Evaluation Models
    5. Certification and Accreditation
    6. Control Selection Based upon Systems Security Requirements
    7. Security Capabilities of Information Systems
    8. Security Architecture Maintenance
    9. Vulnerabilities of Security Architectures, Designs, and Solution Elements
    10. Vulnerabilities in Web-Based Systems
    11. Vulnerabilities in Mobile Systems
    12. Vulnerabilities in Embedded Devices
    13. Cryptography
    14. Cryptographic Types
    15. Symmetric Algorithms
    16. Asymmetric Algorithms
    17. Public Key Infrastructure
    18. Key Management Practices
    19. Message Integrity
    20. Digital Signatures
    21. Applied Cryptography
    22. Cryptanalytic Attacks
    23. Digital Rights Management
    24. Site and Facility Design
    25. Site and Facility Security Controls
    26. Exam Preparation Tasks
    27. Complete the Tables and Lists from Memory
    28. Answer Review Questions
    29. Answers and Explanations
  17. Chapter 4 Communication and Network Security
    1. Foundation Topics
    2. Secure Network Design Principles
    3. IP Networking
    4. Protocols and Services
    5. Converged Protocols
    6. Wireless Networks
    7. Communications Cryptography
    8. Secure Network Components
    9. Secure Communication Channels
    10. Network Attacks
    11. Exam Preparation Tasks
    12. Answer Review Questions
    13. Answers and Explanations
  18. Chapter 5 Identity and Access Management (IAM)
    1. Foundation Topics
    2. Access Control Process
    3. Physical and Logical Access to Assets
    4. Identification and Authentication Concepts
    5. Identification and Authentication Implementation
    6. Identity as a Service (IDaaS) Implementation
    7. Third-Party Identity Services Integration
    8. Authorization Mechanisms
    9. Provisioning Life Cycle
    10. Access Control Threats
    11. Prevent or Mitigate Access Control Threats
    12. Exam Preparation Tasks
    13. Answer Review Questions
    14. Answers and Explanations
  19. Chapter 6 Security Assessment and Testing
    1. Foundation Topics
    2. Design and Validate Assessment and Testing Strategies
    3. Conduct Security Control Testing
    4. Collect Security Process Data
    5. Analyze and Report Test Outputs
    6. Conduct or Facilitate Security Audits
    7. Exam Preparation Tasks
    8. Answer Review Questions
    9. Answers and Explanations
  20. Chapter 7 Security Operations
    1. Foundation Topics
    2. Investigations
    3. Investigation Types
    4. Logging and Monitoring Activities
    5. Resource Provisioning
    6. Security Operations Concepts
    7. Resource Protection
    8. Incident Management
    9. Detective and Preventive Measures
    10. Patch and Vulnerability Management
    11. Change Management Processes
    12. Recovery Strategies
    13. Disaster Recovery
    14. Testing Disaster Recovery Plans
    15. Business Continuity Planning and Exercises
    16. Physical Security
    17. Personnel Safety and Security
    18. Exam Preparation Tasks
    19. Answer Review Questions
    20. Answers and Explanations
  21. Chapter 8 Software Development Security
    1. Foundation Topics
    2. Software Development Concepts
    3. Security in the System and Software Development Life Cycles
    4. Security Controls in Development
    5. Assess Software Security Effectiveness
    6. Security Impact of Acquired Software
    7. Secure Coding Guidelines and Standards
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Answer Review Questions
    12. Answers and Explanations
  22. Chapter 9 Final Preparation
    1. Tools for Final Preparation
    2. Suggested Plan for Final Review/Study
    3. Summary
  23. Glossary
  24. Index
  25. Online Elements
    1. Appendix A: Memory Tables
    2. Appendix B: Memory Tables Answer Key
    3. Glossary
  26. Code Snippets

Product information

  • Title: CISSP Cert Guide, 3rd Edition
  • Author(s): Robin Abernathy, Troy McMillan
  • Release date: May 2018
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780134999661