ebook img

Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge PDF

868 Pages·2018·4.483 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge

ESSENTIAL CISSP Exam Guide Updated for the 2018 CISSP Body of Knowledge ESSENTIAL CISSP Exam Guide Updated for the 2018 CISSP Body of Knowledge Phil Martin Nearsighted Ninja Nonce Corp is an independent entity from (ISC)2 and is not affiliated with (ISC)2 in any manner. This study/training guide and/or material is not sponsored by, endorsed by, or affiliated with (ISC)2 in any manner. This publication may be used in assisting students to prepare for the Certified Information Systems Security Professional (CISSP®) exam. Neither (ISC)2 nor Nonce Corp warrant that use of this publication will ensure passing any exam. CISSP is a trademark or registered trademark of (ISC)2. All other trademarks are trademarks of their respective owners. An audio version of this print book is available on audible.com! Essential CISSP Exam Guide Copyright © 2018 by Nonce Corp. Printed in the United States of America. All rights reserved. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher. All trademarks or copyrights mentioned herein are the possession of their respective owners and Nonce Corp makes no claim of ownership by the mention of products that contain these marks. ISBN: 9781723901515 Information has been obtained by Nonce Corp from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, Nonce Corp does not guarantee the accuracy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information. Contents CONTENTS FIGURES ABOUT A E BOUT THE XAM A T B BOUT HIS OOK SECTION 1: SECURITY AND RISK MANAGEMENT DOMAIN CHAPTER 1: CIA AND AAA Q UESTIONS CHAPTER 2: FROM VULNERABILITY TO EXPOSURE Q UESTIONS CHAPTER 3: ADMINISTRATIVE, TECHNICAL AND PHYSICAL CONTROLS Q UESTIONS CHAPTER 4: SECURITY FRAMEWORKS ISO 27000 S ERIES E A D NTERPRISE RCHITECTURE EVELOPMENT A F T RCHITECTURE RAMEWORK ERMS F I RAMEWORKS FOR MPLEMENTATION P D ROCESS EVELOPMENT T P L C HE ROCESS IFE YCLE Q UESTIONS CHAPTER 5: COMPUTER CRIME LAW L AW C C OMPUTER RIME T L S YPES OF EGAL YSTEMS I P NTELLECTUAL ROPERTY P RIVACY Q UESTIONS CHAPTER 6: GOALS, STRATEGIES, POLICIES, STANDARDS, BASELINES, GUIDELINES AND PROCEDURES G S OALS AND TRATEGIES P OLICIES S TANDARDS B ASELINES G UIDELINES P ROCEDURES Q UESTIONS CHAPTER 7: ALL ABOUT RISK MANAGEMENT AND MODELING THREATS I S R M NFORMATION YSTEMS ISK ANAGEMENT T R M T HE ISK ANAGEMENT EAM T R M P HE ISK ANAGEMENT ROCESS V ULNERABILITIES T HREATS A TTACKS R A EDUCTION NALYSIS Q UESTIONS CHAPTER 8: ASSESSING AND ANALYZING RISK R A T ISK NALYSIS EAM C V ALCULATING ALUE I V T DENTIFYING ULNERABILITIES AND HREATS M R A ETHODOLOGIES FOR ISK SSESSMENT R A A ISK NALYSIS PPROACHES P M ROTECTION ECHANISMS T R . R R OTAL ISK VS ESIDUAL ISK O UTSOURCING Q UESTIONS CHAPTER 9: MANAGING RISK C I S ATEGORIZE NFORMATION YSTEM S S C ELECT ECURITY ONTROLS I S C MPLEMENT ECURITY ONTROLS A S C SSESS ECURITY ONTROLS A I S UTHORIZE NFORMATION YSTEM M S C ONITOR ECURITY ONTROLS Q UESTIONS CHAPTER 10: BUSINESS CONTINUITY AND DISASTER RECOVERY S B P TANDARDS AND EST RACTICES M BCM P E S P AKING A ART OF THE NTERPRISE ECURITY ROGRAM BCP P C ROJECT OMPONENTS Q UESTIONS CHAPTER 11: PERSONNEL SECURITY H IRING PRACTICES T ERMINATION S -A T ECURITY WARENESS RAINING Q UESTIONS CHAPTER 12: ETHICS Q UESTIONS SECTION 2: ASSET SECURITY DOMAIN CHAPTER 13: INFORMATION LIFE CYCLE AND CLASSIFICATION T I L C HE NFORMATION IFE YCLE C LASSIFICATION Q UESTIONS CHAPTER 14: LAYERS OF RESPONSIBILITY E M XECUTIVE ANAGEMENT D O ATA WNER D C ATA USTODIAN S O YSTEM WNER S A ECURITY DMINISTRATOR S UPERVISOR C C A HANGE ONTROL NALYST D A ATA NALYST U SER A UDITOR Q UESTIONS CHAPTER 15: RETENTION POLICIES Q UESTIONS CHAPTER 16: PRIVACY AND ASSET PROTECTION P P ROTECTING RIVACY P A ROTECTING SSETS D L ATA EAKAGE P O A ROTECTING THER SSETS Q UESTIONS SECTION 3: SECURITY ARCHITECTURE AND ENGINEERING DOMAIN CHAPTER 17: COMPUTER AND SYSTEM ARCHITECTURE C A OMPUTER RCHITECTURE S A YSTEM RCHITECTURE Q UESTIONS CHAPTER 18: OPERATING SYSTEMS P M ROCESS ANAGEMENT T M HREAD ANAGEMENT P A ROCESS CTIVITY M M EMORY ANAGEMENT V M IRTUAL EMORY I /O D M NPUT UTPUT EVICE ANAGEMENT CPU A I RCHITECTURE NTEGRATION O S A PERATING YSTEM RCHITECTURES V M IRTUAL ACHINES Q UESTIONS CHAPTER 19: SYSTEM SECURITY ARCHITECTURE AND MODELS S S A YSTEM ECURITY RCHITECTURE S M ECURITY ODELS Q UESTIONS CHAPTER 20: SYSTEMS EVALUATION, CERTIFICATION AND ACCREDITATION E VALUATION C . A ERTIFICATION VS CCREDITATION Q UESTIONS CHAPTER 21: DISTRIBUTED SYSTEM SECURITY C C LOUD OMPUTING P C ARALLEL OMPUTING D ATABASES W A EB PPLICATIONS M D OBILE EVICES C -P S YBER HYSICAL YSTEMS I C S NDUSTRIAL ONTROL YSTEMS Q UESTIONS CHAPTER 22: A FEW THREATS TO REVIEW Q UESTIONS CHAPTER 23: CRYPTOGRAPHY T H C HE ISTORY OF RYPTOGRAPHY K ’ P ERCKHOFFS RINCIPLE T S C HE TRENGTH OF THE RYPTOSYSTEM S C ERVICES OF RYPTOSYSTEMS O -T P NE IME AD R C C UNNING AND ONCEALMENT IPHERS S TEGANOGRAPHY Q UESTIONS CHAPTER 24: ENCRYPTION T C YPES OF IPHERS E M NCRYPTION ETHODS Q UESTIONS CHAPTER 25: TYPES OF SYMMETRIC SYSTEMS D E S ATA NCRYPTION TANDARD T -DES RIPLE A E S DVANCED NCRYPTION TANDARD I D E A NTERNATIONAL ATA NCRYPTION LGORITHM B LOWFISH RC4 RC5 RC6 Q UESTIONS CHAPTER 26: TYPES OF ASYMMETRIC SYSTEMS D -H A IFFIE ELLMAN LGORITHM RSA E G L AMAL E C C LLIPTIC URVE RYPTOSYSTEMS K NAPSACK Z K P ERO NOWLEDGE ROOF Q UESTIONS CHAPTER 27: MESSAGE INTEGRITY T O -W H HE NE AY ASH MD4 MD5 SHA-1

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.