 |
CISSP Training Guide (ISC) Certified Info. Systems Security Professional View Larger Image | Roberta Bragg
Que, Paperback, Bk&CD edition, Published November 2002, 727 pages, ISBN 078972801X | List Price: $74.99
Our Price: $40.95
You Save: $34.04 (45% Off)
| | | Availability: Out-Of-Stock |
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - CISSP Exam Cram 2; Michael Gregg, $18.95, 46% Off!
- Hacking Exposed: Network Security Secrets & Solutions, 5th Edition; Joel Scambray, et al, $30.50, 39% Off!
- Hacking Exposed Computer Forensics; Chris Davis, et al, $29.95, 40% Off!
- Microsoft Windows Server 2003 PKI and Certificate Security; Brian Komar, $36.95, 38% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
The CISSP (Certified Information Systems Security Professionals) exam is a
six-hour, monitored paper-based exam covering 10 domains of information system
security knowledge, each representing a specific area of expertise. The CISSP
examination consists of 250 multiple choice questions, covering topics such
as Access Control Systems, Cryptography, and Security Management Practices,
and is administered by the International Information Systems Security Certification
Consortium or (ISC)2. (ISC)2 promotes the CISSP exam as an aid to evaluating
personnel performing information security functions. Candidates for this exam
are typically network security professionals and system administrators with
at least 3 years of direct work experience in one or more of the 10 test domains.
This book maps to the exam objectives and offers numerous features such as exam
tips, case studies, and practice exams. In addition, the CD includes PrepLogic
Practice Tests, Preview Edition, making it the ultimate guide for those studying
for the CISSP exam.
Table of Contents
I. Exam Preparation.
1. Access Control Systems and Methodology.
Introduction. Accountability. Access Control
Techniques. Access Control Administration. Access Control Models. Identification
and Authentication Techniques. Access Control Methodologies. Methods of Attacks.
Monitoring. Penetration Testing.
2. Telecommunications and Network Security.
Introduction. The Open Systems Interconnection
Model. Network Characteristics and Topologies. Network Topologies. LAN Devices.
WAN Technologies. Providing Remote Access Capabilities. Networking Protocols.
Protecting the Integrity, Availability, and Confidentiality of Network Data.
Fault Tolerance and Data Restoration.
3. Security Management and Practices.
Introduction. Defining Security Principles.
Security Management Planning. Risk Management and Analysis. Policies, Standards,
Guidelines, and Procedures. Examining Roles and Responsibility. Management
Responsibility. Understanding Protection Mechanisms. Classifying Data. Employment
Policies and Practices. Managing Change Control. Security Awareness Training.
4. Applications and Systems Development Security.
Introduction. Software Applications and Issues.
Attacking Software. Understanding Malicious Code. Implementing System Development
Controls. Using Coding Practices That Reduce System Vulnerability.
5. Cryptography.
Introduction. Uses of Cryptography. Cryptographic
Concepts, Methodologies, and Practices. PKI and Key Management. Methods of
Attack.
6. Security Architecture and Models.
Introduction. Requirements for Security Architecture
and Models. Security Models. Security System Architecture. Information System
Security Standards. Common Criteria. IPSec.
7. Operations Security.
Introduction. Examining the Key Roles of Operations
Security. The Roles of Auditing and Monitoring. Developing Countermeasures
to Threats. The Role of Administrative Management. Concepts and Best Practices.
8. Business Continuity Planning and Disaster Recovery Planning.
Introduction. What Are the Disasters That
Interrupt Business Operation? Quantifying the Difference Between DRP and BCP.
Examining the Business Continuity Planning Process. Defining Disaster Recovery
Planning. Developing a Backup Strategy.
9. Law, Investigation, and Ethics.
Introduction. Fundamentals of Law. Criminal
Law and Computer Crime. Computer Security Incidents. Legal Evidence. Computer
Forensics. Computer Ethics.
10. Physical Security.
Introduction. Classifying Assets to Simplify
Physical Security Discussions. Vulnerabilities. Selecting, Designing, Constructing,
and Maintaining a Secure Site. Tape and Media Library Retention Policies.
Document (Hard-Copy) Libraries. Waste Disposal. Physical Intrusion Detection.
II. Final Review.
Fast Facts.
Domain 1, "Access Control". Domain 2, "Network
Security and Telecommunications". Domain 3, "Security Management and Practices".
Domain 4, "Applications and Systems Development Security". Domain 5, "Cryptography".
Domain 6, "Security Architecture and Models". Domain 7, "Operations Security".
Domain 8, "Business Continuity Planning and Disaster Recovery Planning". Domain
9, "Law, Investigation, and Ethics". Domain 10, "Physical Security".
Study and Exam Prep Tips.
Learning As a Process. Study Tips. Exam Prep
Tips.
Practice Exam.
Exam Questions.
III. Appendixes.
Appendix A. Glossary.
Appendix B. Overview of the Certification Process.
Description of the Path to Certification.
About the Certification Program.
Appendix C. What's on the CD-ROM.
PrepLogic Practice Tests, Preview Edition.
Exclusive Electronic Version of Text.
Appendix D. Using the PrepLogic Practice Tests, Preview Edition Software.
Exam Simulation. Software Requirements. Contacting
PrepLogic. License Agreement.
Index.
|
|
