You are previewing CISSP Exam Cram, Third Edition.
O'Reilly logo
CISSP Exam Cram, Third Edition

Book Description

This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book. Access to the digital edition of the Cram Sheet is available through product registration at Pearson IT Certification; or see instructions in back pages of your eBook.

CISSP Exam Cram, Third Edition, is the perfect study guide to help you pass the tough new electronic version of the CISSP exam. It provides coverage and practice questions for every exam topic, including substantial new coverage of encryption, cloud security, information lifecycles, security management/governance, and more. The book contains an extensive set of preparation tools, such as quizzes, Exam Alerts, and two practice exams.

·          Covers the critical information you’ll need to pass the CISSP exam!

·          Enforce effective physical security throughout your organization

·          Apply reliable authentication, authorization, and accountability

·          Design security architectures that can be verified, certified, and accredited

·          Understand the newest attacks and countermeasures

·          Use encryption to safeguard data, systems, and networks

·          Systematically plan and test business continuity/disaster recovery programs

·          Protect today’s cloud, web, and database applications

·          Address global compliance issues, from privacy to computer forensics

·          Develop software that is secure throughout its entire lifecycle

·          Implement effective security governance and risk management

·          Use best-practice policies, procedures, guidelines, and controls

·          Ensure strong operational controls, from background checks to security audits

Table of Contents

  1. Title Page
  2. Copyright Page
  3. Contents at a Glance
  4. Table of Contents
  5. About the Author
  6. About the Technical Reviewers
  7. Dedication
  8. Acknowledgments
  9. We Want to Hear from You!
  10. Reader Services
  11. Introduction
    1. How to Prepare for the Exam
    2. Taking a Certification Exam
    3. About This Book
    4. Pearson IT Certification Practice Test Engine and Questions on the CD
    5. Contacting the Author
    6. Self-Assessment
  12. Chapter 1. The CISSP Certification Exam
    1. Introduction
    2. Assessing Exam Readiness
    3. Taking the Exam
    4. Multiple-Choice Question Format
    5. Exam Strategy
    6. Question-Handling Strategies
    7. Mastering the Inner Game
    8. Need to Know More?
  13. Chapter 2. Physical Security
    1. Introduction
    2. Physical Security Risks
    3. Facility Concerns and Requirements
    4. Perimeter Controls
    5. Employee Access Control
    6. Environmental Controls
    7. Electrical Power
    8. Equipment Life Cycle
    9. Fire Prevention, Detection, and Suppression
    10. Alarm Systems
    11. Exam Prep Questions
    12. Answers to Exam Prep Questions
    13. Suggested Reading and Resources
  14. Chapter 3. Access Control Systems and Methodology
    1. Introduction
    2. Identification, Authentication, and Authorization
    3. Single Sign-On
    4. Authorization and Access Controls Techniques
    5. Access Control Methods
    6. Access Control Types
    7. Audit and Monitoring
    8. Access Control Attacks
    9. Exam Prep Questions
    10. Answers to Exam Prep Questions
    11. Suggesting Reading and Resources
  15. Chapter 4. Cryptography
    1. Introduction
    2. Cryptographic Basics
    3. History of Encryption
    4. Steganography
    5. Algorithms
    6. Cipher Types and Methods
    7. Symmetric Encryption
    8. Asymmetric Encryption
    9. Hybrid Encryption
    10. Integrity and Authentication
    11. Public Key Infrastructure
    12. Email Protection Mechanisms
    13. Securing TCP/IP with Cryptographic Solutions
    14. Cryptographic Attacks
    15. Exam Prep Questions
    16. Answers to Exam Prep Questions
    17. Need to Know More?
  16. Chapter 5. Security Architecture and Models
    1. Introduction
    2. Computer System Architecture
    3. Security Architecture
    4. Security Models
    5. Documents and Guidelines
    6. System Validation
    7. Security Architecture Threats
    8. Exam Prep Questions
    9. Answers to Exam Prep Questions
    10. Need to Know More?
  17. Chapter 6. Telecommunications and Network Security
    1. Introduction
    2. Network Models and Standards
    3. TCP/IP
    4. LANs and Their Components
    5. Communication Standards
    6. Network Equipment
    7. Routing
    8. WANs and Their Components
    9. Cloud Computing
    10. Voice Communications and Wireless Communications
    11. Network Security
    12. Remote Access
    13. Message Privacy
    14. Threats to Network Security
    15. Exam Prep Questions
    16. Answers to Exam Prep Questions
    17. Need to Know More?
  18. Chapter 7. Business Continuity and Disaster Recovery Planning
    1. Introduction
    2. Threats to Business Operations
    3. Disaster Recovery and Business Continuity Management
    4. Disaster Life Cycle
    5. Exam Prep Questions
    6. Answers to Exam Prep Questions
    7. Need to Know More?
  19. Chapter 8. Legal, Regulations, Investigations, and Compliance
    1. Introduction
    2. United States Legal System and Laws
    3. International Legal Systems and Laws
    4. International Property Laws
    5. Privacy Laws and Protection of Personal Information
    6. Computer Crime Laws
    7. Regulatory Compliance and Process Control
    8. Ethics
    9. Computer Crime and Criminals
    10. Well-Known Computer Crimes
    11. How Computer Crime Has Changed
    12. Attack Vectors
    13. Investigating Computer Crime
    14. Forensics
    15. Investigations
    16. Trial
    17. Exam Prep Questions
    18. Answers to Exam Prep Questions
    19. Need to Know More?
  20. Chapter 9. Software Development Security
    1. Introduction
    2. Software Development
    3. System Development Methods
    4. Change Management
    5. Programming Languages
    6. Database Management
    7. Malicious Code
    8. Exam Prep Questions
    9. Answers to Exam Prep Questions
    10. Need to Know More?
  21. Chapter 10. Information Security Governance and Risk Management
    1. Introduction
    2. Basic Security Principles
    3. Security Management and Governance
    4. Asset Identification
    5. Risk Assessment
    6. Policies Development
    7. Implementation
    8. Training and Education
    9. Auditing Your Security Infrastructure
    10. The Risk of Poor Security Management
    11. Exam Prep Questions
    12. Answers to Exam Prep Questions
    13. Need to Know More?
  22. Chapter 11. Security Operations
    1. Introduction
    2. Security Operations
    3. Accountability
    4. Controls
    5. Auditing and Monitoring
    6. Telecommunication Controls
    7. Backup, Fault Tolerance, and Recovery Controls
    8. Security Assessments
    9. Operational Security Threats and Vulnerabilities
    10. Exam Prep Questions
    11. Answers to Exam Prep Questions
    12. Need to Know More?
  23. Practice Exam I
    1. Practice Exam Questions
  24. Answers to Practice Exam I
  25. Practice Exam II
    1. Practice Exam Questions
  26. Answers to Practice Exam II
  27. Index
  28. Glossary