×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Official (ISC)2 Guide to the CISSP CBK / Edition 2
  • Alternative view 1 of Official (ISC)2 Guide to the CISSP CBK / Edition 2
  • Alternative view 2 of Official (ISC)2 Guide to the CISSP CBK / Edition 2
     

Official (ISC)2 Guide to the CISSP CBK / Edition 2

by Steven Hernandez, CISSP
 

ISBN-10: 1439809593

ISBN-13: 9781439809594

Pub. Date: 12/21/2009

Publisher: Taylor & Francis

With each new advance in connectivity and convenience comes a new wave of threats to privacy and security capable of destroying a company’s reputation, violating a consumer’s privacy, compromising intellectual property, and in some cases endangering personal safety. This is why it is essential for information security professionals to stay up to date

Overview

With each new advance in connectivity and convenience comes a new wave of threats to privacy and security capable of destroying a company’s reputation, violating a consumer’s privacy, compromising intellectual property, and in some cases endangering personal safety. This is why it is essential for information security professionals to stay up to date with the latest advances in technology and the new security threats they create.

Recognized as one of the best tools available for the information security professional and especially for candidates studying for the (ISC)2 CISSP examination, the Official (ISC) Guide to the CISSP® CBK®, Second Edition has been updated and revised to reflect the latest developments in this ever-changing field. Endorsed by the (ISC)2, this book provides unrivaled preparation for the certification exam that is both up to date and authoritative. Compiled and reviewed by CISSPs and (ISC)2 members, the text provides an exhaustive review of the 10 current domains of the CBK—and the high-level topics contained in each domain.

Earning your CISSP is a deserving achievement that makes you a member of an elite network of professionals. This book not only provides you with the tools to effectively study for the exam, but also supplies you with ready access to best practices for implementing new technologies, dealing with current threats, incorporating new security tools, and managing the human factor of security—that will serve you well into your career.

Product Details

ISBN-13:
9781439809594
Publisher:
Taylor & Francis
Publication date:
12/21/2009
Series:
(ISC)2 Press Series , #11
Edition description:
Book and CD-ROM
Pages:
939
Product dimensions:
6.42(w) x 9.42(h) x 1.96(d)

Related Subjects

Table of Contents

INFORMATION SECURITY AND RISK MANAGEMENT
Introduction The Business Case for Information Security Management Core Information Security Principles: Availability, Integrity,
Information Security Management Governance Organizational Behavior Security Awareness, Training, and Education Risk Management Ethics Data Classification Policy Data Handling Policy References Other References Sample Questions
ACCESS CONTROL
Introduction Definitions and Key Concepts Access Control Categories and Types Access Control Threats Access to Systems Access to Data Intrusion Detection and Prevention Systems Access Control Assurance References.
Sample Questions
CRYPTOGRAPHY
Introduction Key Concepts and Definitions Encryption Systems Message Integrity Controls Digital Signatures Encryption Management Cryptanalysis and Attacks Encryption Usage References Sample Questions
PHYSICAL (ENVIRONMENTAL) SECURITY
Introduction Site Location The Layered Defense Model Information Protection and Management Services Summary References Sample Questions
SECURITY ARCHITECTURE AND DESIGN
Introduction Security Architecture and Design Components and Principles Security Models and Architecture Theory Security Product Evaluation Methods and Criteria Sample Questions
BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING
Introduction Organization of the BCP/DRP Domain Chapter Terminology Appendix A: Addressing Legislative Compliance within Business Continuity Plans
TELECOMMUNICATIONS AND NETWORK SECURITY
Introduction Basic Concepts Layer 1: Physical Layer Layer 2: Data-Link Layer Layer 3: Network Layer Layer 4: Transport Layer Layer 5: Session Layer Layer 6: Presentation Layer Layer 7: Application Layer Trivial File Transfer Protocol (TFTP)
General References Sample Questions Endnotes
APPLICATION SECURITY
Domain Description and Introduction Applications Development and Programming Concepts and Protection Audit and Assurance Mechanisms Malicious Software (Malware)
The Database and Data Warehousing Environment Web Application Environment Summary References
OPERATIONS SECURITY
Introduction Privileged Entity Controls Resource Protection Continuity of Operations Change Control Management Summary References Sample Questions
LEGAL, REGULATIONS, COMPLIANCE AND INVESTIGATIONS
Introduction Major Legal Systems Information Technology Laws and Regulations Incident Response Computer Forensics Conclusions References Sample Questions
ANSWERS TO SAMPLE QUESTIONS
CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP®) CANDIDATE INFORMATION BULLETIN
GLOSSARY
INDEX

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews