O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Eleventh Hour CISSP

Book Description

Eleventh Hour CISSP Study Guide serves as a guide for those who want to be information security professionals. The main job of an information security professional is to evaluate the risks involved in securing assets and to find ways to mitigate those risks. Information security jobs include firewall engineers, penetration testers, auditors, and the like.
The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. The first domain provides information about risk analysis and mitigation, and it discusses security governance. The second domain discusses techniques of access control, which is the basis for all security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental in operating the system and software security components. Domain 6 is one of the critical domains in the Common Body of Knowledge, the Business Continuity Planning and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domain 7, Domain 8 and Domain 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework for determining laws about information system.
  • The only guide you need for last-minute studying
  • Answers the toughest questions and highlights core topics
  • Can be paired with any other study guide so you are completely prepared

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Syngress Eleventh Hour Series
  5. Copyright
  6. About the Authors
  7. Chapter 1. Domain 1: Information Security Governance and Risk Management
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Risk analysis
    4. Information security governance
    5. Summary of exam objectives
    6. Top five toughest questions
  8. Chapter 2. Domain 2: Access Control
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Access control models
    4. Procedural issues for access control
    5. Access control defensive categories and types
    6. Authentication methods
    7. Access control technologies
    8. Assessing access control
    9. Summary of exam objectives
    10. Top five toughest questions
  9. Chapter 3. Domain 3: Cryptography
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Cornerstone cryptographic concepts
    4. Symmetric encryption
    5. Asymmetric encryption
    6. Hash functions
    7. Cryptographic attacks
    8. Implementing cryptography
    9. Summary of exam objectives
    10. Top five toughest questions
  10. Chapter 4. Domain 4: Physical (Environmental) Security
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Perimeter defenses
    4. Site selection, design, and configuration
    5. System defenses
    6. Environmental controls
    7. Summary of exam objectives
    8. Top five toughest questions
  11. Chapter 5. Domain 5: Security Architecture and Design
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Secure system design concepts
    4. Secure hardware architecture
    5. Secure operating system and software architecture
    6. System vulnerabilities, threats, and countermeasures
    7. Security models
    8. Evaluation methods, certification, and accreditation
    9. Summary of exam objectives
    10. Top five toughest questions
  12. Chapter 6. Domain 6: Business Continuity and Disaster Recovery Planning
    1. Exam Objectives in this Chapter
    2. Introduction
    3. BCP and DRP overview and process
    4. Developing a BCP/DRP
    5. DRP testing, training, and awareness
    6. Continued BCP/DRP maintenance
    7. Specific BCP/DRP frameworks
    8. Summary of exam objectives
    9. Top five toughest questions
  13. Chapter 7. Domain 7: Telecommunications and Network Security
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Network architecture and design
    4. Network devices
    5. Secure communications
    6. Summary of exam objectives
    7. Top five toughest questions
  14. Chapter 8. Domain 8: Application Development Security
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Programming concepts
    4. Application development methods
    5. Object-oriented programming
    6. Software vulnerabilities, testing, and assurance
    7. Databases
    8. Summary of exam objectives
    9. Top five toughest questions
  15. Chapter 9. Domain 9: Operations Security
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Administrative security
    4. Sensitive information/media security
    5. Continuity of operations
    6. Computer and network attacks
    7. Summary of exam objectives
    8. Top five toughest questions
  16. Chapter 10. Domain 10: Legal, Regulations, Investigations, and Compliance
    1. Exam Objectives in this Chapter
    2. Introduction
    3. Major legal systems
    4. Criminal, civil, and administrative law
    5. Information security aspects of law
    6. Legal aspects of investigations
    7. Important laws and regulations
    8. Ethics
    9. Summary of exam objectives
    10. Top five toughest questions
  17. Glossary
  18. Index