Book description
CISSP Study Guide - fully updated for the 2021 CISSP Body of Knowledge
(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex Study Guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.
The three co-authors of this book bring decades of experience as cybersecurity practitioners and educators, integrating real-world expertise with the practical knowledge you’ll need to successfully pass the CISSP exam. Combined, they’ve taught cybersecurity concepts to millions of students through their books, video courses, and live training programs.
Along with the book, you also get access to Sybex's superior online interactive learning environment that includes:
- Over 900 new and improved practice test questions with complete answer explanations. This includes all of the questions from the book plus four additional online-only practice exams, each with 125 unique questions. You can use the online-only practice exams as full exam simulations. Our questions will help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam.
- More than 700 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam
- A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
- New for the 9th edition: Audio Review. Author Mike Chapple reads the Exam Essentials for each chapter providing you with 2 hours and 50 minutes of new audio review for yet another way to reinforce your knowledge as you prepare.
Coverage of all of the exam topics in the book means you'll be ready for:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Table of contents
- Cover
- Title Page
- Copyright
- Dedication
- Acknowledgments
- About the Authors
- About the Technical Editors
- Foreword
- Introduction
-
Chapter 1: Security Governance Through Principles and Policies
- Security 101
- Understand and Apply Security Concepts
- Security Boundaries
- Evaluate and Apply Security Governance Principles
- Manage the Security Function
- Security Policy, Standards, Procedures, and Guidelines
- Threat Modeling
- Supply Chain Risk Management
- Summary
- Exam Essentials
- Written Lab
- Review Questions
- Chapter 2: Personnel Security and Risk Management Concepts
- Chapter 3: Business Continuity Planning
- Chapter 4: Laws, Regulations, and Compliance
- Chapter 5: Protecting Security of Assets
- Chapter 6: Cryptography and Symmetric Key Algorithms
- Chapter 7: PKI and Cryptographic Applications
- Chapter 8: Principles of Security Models, Design, and Capabilities
-
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
- Shared Responsibility
- Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements
- Client-Based Systems
- Server-Based Systems
- Industrial Control Systems
- Distributed Systems
- High-Performance Computing (HPC) Systems
- Internet of Things
- Edge and Fog Computing
- Embedded Devices and Cyber-Physical Systems
- Specialized Devices
- Microservices
- Infrastructure as Code
- Virtualized Systems
- Containerization
- Serverless Architecture
- Mobile Devices
- Essential Security Protection Mechanisms
- Common Security Architecture Flaws and Issues
- Summary
- Exam Essentials
- Written Lab
- Review Questions
- Chapter 10: Physical Security Requirements
-
Chapter 11: Secure Network Architecture and Components
- OSI Model
- TCP/IP Model
- Analyzing Network Traffic
- Common Application Layer Protocols
- Transport Layer Protocols
- Domain Name System
- Internet Protocol (IP) Networking
- ARP Concerns
- Secure Communication Protocols
- Implications of Multilayer Protocols
- Microsegmentation
- Wireless Networks
- Other Communication Protocols
- Cellular Networks
- Content Distribution Networks (CDNs)
- Secure Network Components
- Summary
- Exam Essentials
- Written Lab
- Review Questions
-
Chapter 12: Secure Communications and Network Attacks
- Protocol Security Mechanisms
- Secure Voice Communications
- Remote Access Security Management
- Multimedia Collaboration
- Load Balancing
- Manage Email Security
- Virtual Private Network
- Switching and Virtual LANs
- Network Address Translation
- Third-Party Connectivity
- Switching Technologies
- WAN Technologies
- Fiber-Optic Links
- Security Control Characteristics
- Prevent or Mitigate Network Attacks
- Summary
- Exam Essentials
- Written Lab
- Review Questions
- Chapter 13: Managing Identity and Authentication
- Chapter 14: Controlling and Monitoring Access
- Chapter 15: Security Assessment and Testing
-
Chapter 16: Managing Security Operations
- Apply Foundational Security Operations Concepts
- Addressing Personnel Safety and Security
- Provision Resources Securely
- Apply Resource Protection
- Managed Services in the Cloud
- Perform Configuration Management (CM)
- Managing Change
- Managing Patches and Reducing Vulnerabilities
- Summary
- Exam Essentials
- Written Lab
- Review Questions
- Chapter 17: Preventing and Responding to Incidents
- Chapter 18: Disaster Recovery Planning
- Chapter 19: Investigations and Ethics
- Chapter 20: Software Development Security
- Chapter 21: Malicious Code and Application Attacks
-
Appendix A: Answers to Review Questions
- Chapter 1: Security Governance Through Principles and Policies
- Chapter 2: Personnel Security and Risk Management Concepts
- Chapter 3: Business Continuity Planning
- Chapter 4: Laws, Regulations, and Compliance
- Chapter 5: Protecting Security of Assets
- Chapter 6: Cryptography and Symmetric Key Algorithms
- Chapter 7: PKI and Cryptographic Applications
- Chapter 8: Principles of Security Models, Design, and Capabilities
- Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
- Chapter 10: Physical Security Requirements
- Chapter 11: Secure Network Architecture and Components
- Chapter 12: Secure Communications and Network Attacks
- Chapter 13: Managing Identity and Authentication
- Chapter 14: Controlling and Monitoring Access
- Chapter 15: Security Assessment and Testing
- Chapter 16: Managing Security Operations
- Chapter 17: Preventing and Responding to Incidents
- Chapter 18: Disaster Recovery Planning
- Chapter 19: Investigations and Ethics
- Chapter 20: Software Development Security
- Chapter 21: Malicious Code and Application Attacks
-
Appendix B: Answers to Written Labs
- Chapter 1: Security Governance Through Principles and Policies
- Chapter 2: Personnel Security and Risk Management Concepts
- Chapter 3: Business Continuity Planning
- Chapter 4: Laws, Regulations, and Compliance
- Chapter 5: Protecting Security of Assets
- Chapter 6: Cryptography and Symmetric Key Algorithms
- Chapter 7: PKI and Cryptographic Applications
- Chapter 8: Principles of Security Models, Design, and Capabilities
- Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
- Chapter 10: Physical Security Requirements
- Chapter 11: Secure Network Architecture and Components
- Chapter 12: Secure Communications and Network Attacks
- Chapter 13: Managing Identity and Authentication
- Chapter 14: Controlling and Monitoring Access
- Chapter 15: Security Assessment and Testing
- Chapter 16: Managing Security Operations
- Chapter 17: Preventing and Responding to Incidents
- Chapter 18: Disaster Recovery Planning
- Chapter 19: Investigations and Ethics
- Chapter 20: Software Development Security
- Chapter 21: Malicious Code and Application Attacks
- Index
- End User License Agreement
Product information
- Title: (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition
- Author(s):
- Release date: June 2021
- Publisher(s): Sybex
- ISBN: 9781119786238
You might also like
audiobook
(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 9th Edition
(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated …
book
(ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests, 3rd Edition
Full-length practice tests covering all CISSP domains for the ultimate exam prep The (ISC)2 CISSP Official …
book
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition
The only official study guide for the new CCSP exam objectives effective from 2022-2025 (ISC)2 CCSP …
book
(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 2nd Edition
The only official study guide for the new CCSP exam (ISC)2 CCSP Certified Cloud Security Professional …