O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Eleventh Hour CISSP®, 3rd Edition

Book Description

Eleventh Hour CISSP: Study Guide, Third Edition provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information, and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted.

The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. Over 100,000 professionals are certified worldwide, with many more joining their ranks. This new third edition is aligned to cover all of the material in the most current version of the exam’s Common Body of Knowledge. All domains are covered as completely and concisely as possible, giving users the best possible chance of acing the exam.

  • Completely updated for the most current version of the exam’s Common Body of Knowledge
  • Provides the only guide you need for last-minute studying
  • Answers the toughest questions and highlights core topics
  • Streamlined for maximum efficiency of study, making it ideal for professionals updating their certification or for those taking the test for the first time

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Author biography
  6. Chapter 1: Domain 1: Security risk management
    1. Abstract
    2. Introduction
    3. Cornerstone Information Security Concepts
    4. Legal and Regulatory Issues
    5. Security and Third Parties
    6. Ethics
    7. Information Security Governance
    8. Access Control Defensive Categories and Types
    9. Risk Analysis
    10. Types of Attackers
    11. Summary of Exam Objectives
    12. Top Five Toughest Questions
    13. Answers
  7. Chapter 2: Domain 2: Asset security
    1. Abstract
    2. Introduction
    3. Classifying Data
    4. Ownership
    5. Memory and Remanence
    6. Data Destruction
    7. Determining Data Security Controls
    8. Summary of Exam Objectives
    9. Top Five Toughest Questions
    10. Answers
  8. Chapter 3: Domain 3: Security engineering
    1. Abstract
    2. Introduction
    3. Security Models
    4. Secure System Design Concepts
    5. Secure Hardware Architecture
    6. Secure Operating System and Software Architecture
    7. Virtualization and Distributed Computing
    8. System Vulnerabilities, Threats, and Countermeasures
    9. Cornerstone Cryptographic Concepts
    10. Types of Cryptography
    11. Cryptographic Attacks
    12. Implementing Cryptography
    13. Perimeter Defenses
    14. Site Selection, Design, and Configuration
    15. System Defenses
    16. Environmental Controls
    17. Summary of Exam Objectives
    18. Top Five Toughest Questions
    19. Answers
  9. Chapter 4: Domain 4: Communication and network security
    1. Abstract
    2. Introduction
    3. Network Architecture and Design
    4. Secure Network Devices and Protocols
    5. Secure Communications
    6. Summary of Exam Objectives
    7. Top Five Toughest Questions
    8. Answers
  10. Chapter 5: Domain 5: Identity and access management (controlling access and managing identity)
    1. Abstract
    2. Introduction
    3. Authentication Methods
    4. Access Control Technologies
    5. Access Control Models
    6. Summary of Exam Objectives
    7. Top Five Toughest Questions
    8. Answers
  11. Chapter 6: Domain 6: Security assessment and testing
    1. Abstract
    2. Introduction
    3. Assessing Access Control
    4. Software Testing Methods
    5. Summary of Exam Objectives
    6. Top Five Toughest Questions
    7. Answers
  12. Chapter 7: Domain 7: Security operations
    1. Abstract
    2. Introduction
    3. Administrative Security
    4. Forensics
    5. Incident Response Management
    6. Operational Preventive and Detective Controls
    7. Asset Management
    8. Continuity of Operations
    9. BCP and DRP overview and process
    10. Developing a BCP/DRP
    11. Backups and Availability
    12. DRP Testing, Training, and Awareness
    13. Continued BCP/DRP Maintenance
    14. Specific BCP/DRP Frameworks
    15. Summary of Exam Objectives
    16. Top Five Toughest Questions
    17. Answers
  13. Chapter 8: Domain 8: Software development security
    1. Abstract
    2. Introduction
    3. Programming Concepts
    4. Application Development Methods
    5. Databases
    6. Object-Oriented Programming
    7. Assessing the Effectiveness of Software Security
    8. Summary of Exam Objectives
    9. Top Five Toughest Questions
    10. Answers
  14. Index