SUSTAINABLE DEVELOPMENT
Innovate. Sustain. Transform.
Save up to 30% on top Physical Sciences & Engineering titles!

The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. The newest edition of this acclaimed study guide i… Read more
SUSTAINABLE DEVELOPMENT
Save up to 30% on top Physical Sciences & Engineering titles!
The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. The newest edition of this acclaimed study guide is aligned to cover all of the material included in the newest version of the exam’s Common Body of Knowledge. The ten domains are covered completely and as concisely as possible with an eye to acing the exam.
Each of the ten domains has its own chapter that includes specially designed pedagogy to aid the test-taker in passing the exam, including: Clearly stated exam objectives; Unique terms/Definitions; Exam Warnings; Learning by Example; Hands-On Exercises; Chapter ending questions. Furthermore, special features include: Two practice exams; Tiered chapter ending questions that allow for a gradual learning curve; and a self-test appendix
Computer and Information Systems Managers, Systems Administrators, Application Developers, Network Administrators, Security Managers, Security Analysts, Directors of Security, Security Auditors, Security Engineers, Compliance Specialists.
Acknowledgments
About the authors
Lead Author
Contributing Authors
About the Technical Editor
Chapter 1. Introduction
Exam objectives in this chapter
How to Prepare for the Exam
Taking the Exam
Good Luck!
REFERENCES
Chapter 2. Domain 1: Access Control
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Cornerstone Information Security Concepts
Access Control Models
Procedural Issues for Access Control
Access Control Defensive Categories and Types
Authentication Methods
Access Control Technologies
Types of Attackers
Assessing Access Control
Summary of Exam Objectives
Self Test
Self-test quick answer key
REFERENCES
Chapter 3. Domain 2: Telecommunications and Network Security
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Network Architecture and Design
Network Devices and Protocols
Secure Communications
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 4. Domain 3: Information Security Governance and Risk Management
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Risk Analysis
Information Security Governance
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 5. Domain 4: Software Development Security
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Programming Concepts
Application Development Methods
Object-Orientated Design and Programming
Software Vulnerabilities, Testing, and Assurance
Databases
Artificial Intelligence
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 6. Domain 5: Cryptography
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Cornerstone Cryptographic Concepts
History of Cryptography
Symmetric Encryption
Asymmetric Encryption
Hash Functions
Cryptographic Attacks
Implementing Cryptography
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 7. Domain 6: Security Architecture and Design
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Secure System Design Concepts
Secure Hardware Architecture
Secure Operating System and Software Architecture
Virtualization and Distributed Computing
System Vulnerabilities, Threats, and Countermeasures
Security Models
Evaluation Methods, Certification, and Accreditation
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 8. Domain 7: Operations Security
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Administrative Security
Sensitive Information and Media Security
Asset Management
Continuity of Operations
Incident Response Management
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 9. Domain 8: Business Continuity and Disaster Recovery Planning
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
BCP and DRP Overview and Process
Developing a BCP/DRP
Backups and Availability
DRP Testing, Training, and Awareness
BCP/DRP Maintenance
Specific BCP/DRP Frameworks
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 10. Domain 9: Legal, Regulations, Investigations, and Compliance
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Major legal systems
Criminal, Civil, and Administrative Law
Information Security Aspects of Law
Forensics
Legal Aspects of Investigations
Important Laws and Regulations
Security and Third Parties
Ethics
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
Chapter 11. Domain 10: Physical (Environmental) Security
Exam objectives in this chapter
Unique Terms and Definitions
Introduction
Perimeter Defenses
Site Selection, Design, and Configuration
System Defenses
Environmental Controls
Summary of Exam Objectives
Self Test
Self Test Quick Answer Key
REFERENCES
APPENDIX: Self Test
Chapter 2, Domain 1: Access Control
Chapter 3, Domain 2: Telecommunications and Network Security
Chapter 4, Domain 3: Information Security Governance and Risk Management
Chapter 5, Domain 4: Software Development Security
Chapter 6, Domain 5: Cryptography
Chapter 7, Domain 6: Security Architecture and Design
Chapter 8, Domain 7: Operations Security
Chapter 9, Domain 8: Business Continuity and Disaster Recovery Planning
Chapter 10, Domain 9: Legal, Regulations, Investigations, and Compliance
Chapter 11, Domain 10: Physical (Environmental) Security
Glossary
Index
EC
SM
JF