TIENE EN SU CESTA DE LA COMPRA
en total 0,00 €
CISSP Study Guide - fully updated for the 2018 CISSP Body of Knowledge
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 8th Edition has been completely updated for the latest 2018 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You´ll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you´ve learned with key topic exam essentials and chapter review questions.
Along with the book, you also get access to Sybex´s superior online interactive learning environment that includes:
Six unique 150 question practice exams to help you identify where you need to study more. Get more than 90 percent of the answers correct, and you´re ready to take the certification exam.
More than 700 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam
A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
Coverage of all of the exam topics in the book means you´ll be ready for:
Security and Risk Management
Asset Security
Security Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security
Introduction xxxiii
Assessment Test xlii
Chapter 1 Security Governance Through Principles and Policies 1
Understand and Apply Concepts of Confidentiality, Integrity, and Availability 2
Evaluate and Apply Security Governance Principles 14
Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines 26
Understand and Apply Threat Modeling Concepts and Methodologies 30
Apply Risk-Based Management Concepts to the Supply Chain 38
Summary 40
Exam Essentials 42
Written Lab 44
Review Questions 45
Chapter 2 Personnel Security and Risk Management Concepts 49
Personnel Security Policies and Procedures 51
Security Governance 62
Understand and Apply Risk Management Concepts 63
Establish and Maintain a Security Awareness, Education, and Training Program 86
Manage the Security Function 87
Summary 88
Exam Essentials 89
Written Lab 92
Review Questions 93
Chapter 3 Business Continuity Planning 97
Planning for Business Continuity 98
Project Scope and Planning 99
Business Impact Assessment 105
Continuity Planning 111
Plan Approval and Implementation 114
Summary 119
Exam Essentials 119
Written Lab 120
Review Questions 121
Chapter 4 Laws, Regulations, and Compliance 125
Categories of Laws 126
Laws 129
Compliance 149
Contracting and Procurement 150
Summary 151
Exam Essentials 152
Written Lab 153
Review Questions 154
Chapter 5 Protecting Security of Assets 159
Identify and Classify Assets 160
Determining Ownership 178
Using Security Baselines 186
Summary 187
Exam Essentials 188
Written Lab 189
Review Questions 190
Chapter 6 Cryptography and Symmetric Key Algorithms 195
Historical Milestones in Cryptography 196
Cryptographic Basics 198
Modern Cryptography 214
Symmetric Cryptography 219
Cryptographic Lifecycle 228
Summary 229
Exam Essentials 229
Written Lab 231
Review Questions 232
Chapter 7 PKI and Cryptographic Applications 237
Asymmetric Cryptography 238
Hash Functions 242
Digital Signatures 246
Public Key Infrastructure 249
Asymmetric Key Management 253
Applied Cryptography 254
Cryptographic Attacks 265
Summary 268
Exam Essentials 269
Written Lab 270
Review Questions 271
Chapter 8 Principles of Security Models, Design, and Capabilities 275
Implement and Manage Engineering Processes Using Secure Design Principles 276
Understand the Fundamental Concepts of Security Models 281
Select Controls Based On Systems Security Requirements 295
Understand Security Capabilities of Information Systems 309
Summary 311
Exam Essentials 312
Written Lab 313
Review Questions 314
Chapter 9 Security Vulnerabilities, Threats, and Countermeasures 319
Assess and Mitigate Security Vulnerabilities 320
Client-Based Systems 342
Server-Based Systems 346
Database Systems Security 347
Distributed Systems and Endpoint Security 350
Internet of Things 358
Industrial Control Systems 359
Assess and Mitigate Vulnerabilities in Web-Based Systems 360
Assess and Mitigate Vulnerabilities in Mobile Systems 365
Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems 375
Essential Security Protection Mechanisms 379
Common Architecture Flaws and Security Issues 384
Summary 390
Exam Essentials 391
Written Lab 394
Review Questions 395
Chapter 10 Physical Security Requirements 399
Apply Security Principles to Site and Facility Design 400
Implement Site and Facility Security Controls 403
Implement and Manage Physical Security 422
Summary 431
Exam Essentials 432
Written Lab 434
Review Questions 435
Chapter 11 Secure Network Architecture and Securing Network Components 439
OSI Model 440
TCP/IP Model 451
Converged Protocols 470
Wireless Networks 472
Secure Network Components 486
Cabling, Wireless, Topology, Communications, and Transmission Media Technology 495
Summary 513
Exam Essentials 514
Written Lab 516
Review Questions 517
Chapter 12 Secure Communications and Network Attacks 521
Network and Protocol Security Mechanisms 522
Secure Voice Communications 525
Multimedia Collaboration 529
Manage Email Security 530
Remote Access Security Management 536
Virtual Private Network 540
Virtualization 546
Network Address Translation 549
Switching Technologies 553
WAN Technologies 556
Miscellaneous Security Control Characteristics 561
Security Boundaries 563
Prevent or Mitigate Network Attacks 564
Summary 569
Exam Essentials 571
Written Lab 573
Review Questions 574
Chapter 13 Managing Identity and Authentication 579
Controlling Access to Assets 580
Comparing Identification and Authentication 584
Implementing Identity Management 602
Managing the Identity and Access Provisioning Lifecycle 611
Summary 614
Exam Essentials 615
Written Lab 617
Review Questions 618
Chapter 14 Controlling and Monitoring Access 623
Comparing Access Control Models 624
Understanding Access Control Attacks 635
Summary 653
Exam Essentials 654
Written Lab 656
Review Questions 657
Chapter 15 Security Assessment and Testing 661
Building a Security Assessment and Testing Program 662
Performing Vulnerability Assessments 668
Testing Your Software 681
Implementing Security Management Processes 688
Summary 690
Exam Essentials 691
Written