did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780849317071

Official (ISC)2 Guide to the CISSP Exam

by ;
  • ISBN13:

    9780849317071

  • ISBN10:

    084931707X

  • Edition: CD
  • Format: Hardcover
  • Copyright: 2003-12-15
  • Publisher: Auerbach Pub
  • View Upgraded Edition
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $69.95

Summary

Candidates for the CISSP exam can now go directly to the source for study materials that are indispensable in achieving certification. Official (ISC)2 Guide to the CISSP Exam is derived from the real CISSP review course created and administered by (ISC)2. Both of the Guide's co-authors are CISSPs, and the text has been reviewed and approved by Hal Tipton, co-founder and past president of ISSA and co-founder of (ISC)2. The ten subject areas included, each a section from the Common Body of Knowledge (CBK), have been reviewed by multiple CISSPs, all of whom are recognized leaders in their fields.

Table of Contents

Information Security Management
1(78)
Introduction
3(1)
Purposes of Information Security Management
3(5)
Concepts: Availability, Integrity, Confidentiality
3(5)
Risk Analysis and Assessment
8(23)
Information Protection Requirements
8(7)
Information Protection Environment
15(5)
Security Technology and Tools
20(9)
Assurance, Trust, and Confidence Mechanisms
29(1)
Information Protection and Management Services
30(1)
Information Classification
31(15)
Information Protection Requirements
31(1)
Information Protection Environment
32(1)
Security Technology and Tools
33(5)
Assurance, Trust, and Confidence Mechanisms
38(2)
Information Protection and Management Services
40(6)
Policies, Procedures, Standards, Baselines, Guidelines
46(9)
Information Protection Requirements
46(1)
Information Protection Environment
47(1)
Security Technology and Tools
48(6)
Information Protection Requirements
54(1)
Setting the Goal
55(2)
Information Protection Environment
56(1)
Social Engineering
57(11)
Implementation (Delivery) Options
68(4)
Security Technology and Tools
68(1)
Assurance, Trust, and Confidence Mechanisms
69(1)
Information Protection and Management Services
70(2)
Common Body of Knowledge (CBK)
72(3)
Components
72(1)
Examples
73(2)
Sample Questions for the CISSP Exam
75(4)
Security Architecture and Models
79(68)
Introduction
80(1)
Information Protection Requirements
81(1)
The A-I-C Triad
81(1)
Information Protection Environment
81(33)
Platform Architecture
82(15)
Network Environment
97(4)
Enterprise Architecture
101(2)
Security Models
103(11)
Security Technology and Tools
114(13)
Network Protection
125(2)
Assurance, Trust, and Confidence Mechanisms
127(10)
Trusted Computer Security Evaluation Criteria (TCSEC)
129(2)
The Trusted Network Interpretation (TNI)
131(1)
Information Technology Security Evaluation Criteria (ITSEC)
131(3)
The Common Criteria (CC)
134(2)
Certification and Accreditation
136(1)
Information Protection and Management Services
137(2)
Summary
138(1)
Common Body of Knowledge (CBK)
139(3)
Sample Questions for the CISSP Exam
142(5)
Access Control Systems and Methodology
147(78)
Introduction
147(1)
Information Protection Requirements
148(2)
Information Protection Environment
150(14)
Security Technology and Tools
164(41)
Centralized Access Control Methodologies
184(6)
Decentralized/Distributed Access Control Methodologies
190(9)
Access to Data
199(6)
Assurance, Trust, and Confidence Mechanisms
205(9)
Intrusion Detection
205(2)
Analysis Engine Methods
207(7)
Information Protection and Management Services
214(2)
Summary
216(1)
Common Body of Knowledge (CBK)
216(3)
Sample Qeustions for the CISSP Exam
219(6)
Applications and Systems Development
225(100)
Introduction
225(2)
Information Protection Requirements
227(1)
The A-I-C Triad
227(1)
Information Protection Environment
228(29)
Open Source Code and Closed Source Code
229(1)
Software Environment
230(9)
The Database and Data Warehousing Environment
239(1)
DBMS Architecture
239(8)
Database Interface Languages
247(4)
Security Assertion Markup Language (SAML)
251(1)
Data Warehousing
251(4)
Database Vulnerabilities and Threats
255(2)
Security Technology and Tools
257(55)
System Life Cycle and Systems Development
257(1)
System (Software) Development Methods
258(7)
Including Security in a Systems Development Method
265(8)
Programming Languages
273(1)
Assemblers, Compilers, and Interpreters
274(15)
Programming Language and Security
289(1)
Software Protection Mechanisms
290(14)
DBMS Controls
304(8)
Assurance, Trust, and Confidence Mechanisms
312(2)
Information Integrity
313(1)
Information Accuracy
313(1)
Information Auditing
313(1)
Evaluation/Certification and Accreditation
314(1)
Information Protection and Management Services
314(1)
Configuration Management
314(1)
Summary
315(1)
Common Body of Knowledge (CBK)
315(3)
Sample Questions for the CISSP Exam
318(7)
Operations Security
325(52)
Introduction
325(1)
Information Protection Requirements
326(3)
Information Protection Environment
329(11)
Security Technology and Tools
340(17)
Assurance, Trust, and Confidence Mechanisms
357(6)
Information Protection and Management Services
363(3)
Summary
366(1)
Common Body of Knowledge (CBK)
366(6)
Sample Questions for the CISSP Exam
372(5)
Cryptography
377(72)
Introduction
377(1)
Information Protection Requirements
378(1)
The A-I-C Triad
378(1)
Information Protection Environment
379(17)
Introduction
379(1)
Definitions
379(10)
Cryptanlysis and Attacks
389(4)
Import/Export Issues
393(3)
Security Technology and Tools
396(30)
Basic Concepts of Cryptography
396(7)
Encryption Systems
403(5)
Symmetric Key Cryptography Algorithms
408(6)
Asymmetric Key Cryptography Algorithms
414(9)
Message Integrity Controls
423(3)
Assurance, Trust, and Confidence Mechanisms
426(8)
Digital Signatures and Certificate Authorities
426(5)
Public Key Infrastructure (PKI)
431(3)
Information Protection and Management Services
434(7)
Key Management
434(1)
Key Management Functions
435(1)
Key Generation
435(1)
Distribution
435(1)
Installation
436(1)
Storage
436(1)
Change
436(1)
Control
437(1)
Disposal
437(1)
Modern Key Management
437(2)
Principles of Key Management
439(2)
Summary
441(1)
Common Body of Knowledge (CBK)
441(3)
Components
441(1)
Examples
442(2)
Sample Questions for the CISSP Exam
444(5)
Physical Security
449(66)
Introduction
451(1)
Information Protection Requirements
452(2)
The A-I-C Triad
452(2)
Information Protection Environment
454(10)
Crime Prevention through Environmental Design (CPTED)
455(9)
Security Technology and Tools
464(41)
Perimeter and Building Grounds Boundary Protection
466(15)
Building Entry Points
481(8)
Inside the Building Building Floors, Office Suites, Offices
489(7)
Penetration (Intrusion) Detection Systems
496(9)
Assurance, Trust, and Confidence Mechanisms
505(1)
Drills/Exercises/Testing
505(1)
Vulnerability/Penetration Tests
505(1)
Creating a Checklist
505(1)
Maintenance and Service
505(1)
Information Protection and Management Services
506(1)
Awareness and Training
506(1)
Summary
507(1)
Common Body of Knowledge (CBK)
507(2)
Components
508(1)
Examples
508(1)
Sample Questions for the CISSP Exam
509(6)
Telecommunications, Network, and Internet Security
515(148)
Information Protection Requirements
516(1)
Information Protection Environment
516(77)
Data Networks
516(34)
Remote Access Services
550(1)
Network Protocols
551(27)
Network Threats and Attacks
578(15)
Security Technology and Tools
593(57)
Content Filtering and Inspection
626(1)
Intrusion Detection
627(23)
Assurance, Trust, and Confidence Mechanisms
650(4)
Information Protection and Management Services
654(1)
Summary
655(1)
Common Body of Knowledge (CBK)
655(3)
Sample Questions for the CISSP Exam
658(5)
Business Continuity Planning
663(46)
Introduction
663(3)
Defining a Disaster
666(1)
Information Protection Requirements
667(1)
Information Protection Environment
668(1)
Security Technology and Tools
669(29)
Phase I: Project Management and Initiation
670(2)
Phase II: Business Impact Analysis (BIA)
672(7)
Phase III: Recovery Strategies
679(12)
Phase IV: Plan Development and Implementation
691(7)
Phase V: Testing, Maintenance, Awareness, and Training
698(1)
Assurance, Trust, and Confidence Mechanisms
698(3)
Information Protection and Management Services
701(2)
Summary
702(1)
Common Body of Knowledge (CBK)
703(2)
Sample Questions for the CISSP Exam
705(4)
Law, Investigation, and Ethics
709(64)
Law
711(21)
Information Protection Requirements
711(2)
Information Protection Environment
713(12)
Privacy
725(5)
Recommended Course of Action
730(1)
Security Technology and Tools
731(1)
Assurance, Trust, and Confidence Mechanisms
732(1)
Information Protection and Management Services
732(1)
Investigation
732(23)
Information Protection Requirements
732(1)
Information Protection Environment
733(1)
Security Technology and Tools
734(20)
Assurance, Trust, and Confidence Mechanisms
754(1)
Information Protection and Management Services
754(1)
Ethics
755(12)
Information Protection Requirements
755(1)
Computer Ethics
756(1)
Information Protection Environment
757(8)
Security Technology and Tools
765(1)
Assurance, Trust, and Confidence Mechanisms
766(1)
Information Protection and Management Services
766(1)
Summary
766(1)
Common Body of Knowledge (CBK)
767(2)
Sample Question for the CISSP Exam
769(4)
Appendix A Glossary 773(50)
Appendix B Annotated Bibliography 823(8)
Appendix C Answers to Sample Test Questions 831(44)
Index 875

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program