Nicht aus der Schweiz? Besuchen Sie lehmanns.de
CISSP Cert Guide - Robin Abernathy, Troy McMillan

CISSP Cert Guide

Media-Kombination
896 Seiten
2018 | 3rd edition
Pearson IT Certification
978-0-7897-5969-6 (ISBN)
CHF 89,95 inkl. MwSt
zur Neuauflage
  • Titel erscheint in neuer Auflage
  • Artikel merken
Zu diesem Artikel existiert eine Nachauflage
 

Robin M. Abernathy has been working in the IT certification preparation industry at Kaplan IT Training for more than 18 years. Robin has written and edited certification preparation materials for many (ISC)2, Microsoft, CompTIA, PMI, ITIL, ISACA, and GIAC certifications and holds multiple IT certifications from these vendors. Robin provides training on computer hardware and software, networking, security, and project management. Over the past decade, she has ventured into the traditional publishing industry by technically editing several publications and co-authoring Pearson’s CISSP Cert Guide and CASP Cert Guide and authoring Pearson’s Project+ Cert Guide. She presents at technical conferences and hosts webinars on IT certification topics. Troy McMillan writes practice tests, study guides, and online course materials for Kaplan IT Training, while also running his own consulting and training business. He holds more than 30 industry certifications and also appears in training videos for Oncourse Learning and Pearson.

Introduction xlv

Chapter 1 Security and Risk Management 2

Security Terms 5

    CIA 5

    Auditing and Accounting 6

    Non-Repudiation 7

    Default Security Posture 7

    Defense in Depth 7

    Abstraction 8

    Data Hiding 8

    Encryption 8

Security Governance Principles 8

    Security Function Alignment 9

    Organizational Processes 12

    Organizational Roles and Responsibilities 14

    Security Control Frameworks 17

    Due Care and Due Diligence 32

Compliance 33

    Contractual, Legal, Industry Standards, and Regulatory Compliance 34

    Privacy Requirements Compliance 35

Legal and Regulatory Issues 35

    Computer Crime Concepts 36

    Major Legal Systems 38

    Licensing and Intellectual Property 40

    Cyber Crimes and Data Breaches 44

    Import/Export Controls 45

    Trans-Border Data Flow 45

    Privacy 45

Professional Ethics 52

     (ISC)2 Code of Ethics 52

    Computer Ethics Institute 53

    Internet Architecture Board 54

    Organizational Code of Ethics 54

Security Documentation 54

    Policies 55

    Processes 57

    Procedures 57

    Standards 57

    Guidelines 58

    Baselines 58

Business Continuity 58

    Business Continuity and Disaster Recovery Concepts 58

    Scope and Plan 61

    BIA Development 65

Personnel Security Policies and Procedures 68

    Candidate Screening and Hiring 69

    Employment Agreements and Policies 70

    Employee Onboarding and Offboarding Policies 71

    Vendor, Consultant, and Contractor Agreements and Controls 72

    Compliance Policy Requirements 72

    Privacy Policy Requirements 72

    Job Rotation 73

    Separation of Duties 73

Risk Management Concepts 73

    Asset and Asset Valuation 73

    Vulnerability 74

    Threat 74

    Threat Agent 74

    Exploit 75

    Risk 75

    Exposure 75

    Countermeasure 75

    Risk Appetite 76

    Attack 76

    Breach 76

    Risk Management Policy 77

    Risk Management Team 77

    Risk Analysis Team 77

    Risk Assessment 78

    Implementation 82

    Control Categories 83

    Control Types 84

    Controls Assessment, Monitoring, and Measurement 89

    Reporting and Continuous Improvement 89

    Risk Frameworks 90

Geographical Threats 108

    Internal Versus External Threats 108

    Natural Threats 109

    System Threats 110

    Human-Caused Threats 111

    Politically Motivated Threats 114

Threat Modeling 115

    Threat Modeling Concepts 116

    Threat Modeling Methodologies 116

    Identifying Threats 119

    Potential Attacks 120

    Remediation Technologies and Processes 121

Security Risks in the Supply Chain 121

    Risks Associated with Hardware, Software, and Services 121

    Third-party Assessment and Monitoring 122

    Minimum Service-Level and Security Requirements 123

    Service-Level Requirements 123

Security Education, Training, and Awareness 124

    Levels Required 124

    Methods and Techniques 125

    Periodic Content Reviews 126

Exam Preparation Tasks 126

Chapter 2 Asset Security 140

Asset Security Concepts 141

    Data Policy 141

    Roles and Responsibilities 143

    Data Quality 144

    Data Documentation and Organization 145

Identify and Classify Information and Assets 146

    Data and Asset Classification 146

    Sensitivity and Criticality 146

    Private Sector Classifications 151

    Military and Government Classifications 152

    Information Life Cycle 153

    Databases 155

    Data Audit 160

Information and Asset Ownership 160

Protect Privacy 161

    Owners 161

    Data Processors 162

    Data Remanence 162

    Collection Limitation 163

Asset Retention 164

Data Security Controls 166

    Data Security 166

    Data States 166

    Data Access and Sharing 167

    Data Storage and Archiving 168

    Baselines 169

    Scoping and Tailoring 170

    Standards Selection 170

    Data Protection Methods 171

Information and Asset Handling Requirements 172

    Marking, Labeling, and Storing 172

    Destruction 173

Exam Preparation Tasks 173

Chapter 3 Security Architecture and Engineering 178

Engineering Processes Using Secure Design Principles 180

    Objects and Subjects 181

    Closed Versus Open Systems 182

Security Model Concepts 182

    Confidentiality, Integrity, and Availability 182

    Confinement 183

    Bounds 183

    Isolation 183

    Security Modes 183

    Defense in Depth 185

    Security Model Types 185

    Security Models 188

    System Architecture Steps 192

    ISO/IEC 42010:2011 193

    Computing Platforms 193

    Security Services 196

    System Components 196

System Security Evaluation Models 205

    TCSEC 206

    ITSEC 209

    Common Criteria 211

    Security Implementation Standards 213

    Controls and Countermeasures 217

Certification and Accreditation 217

Control Selection Based upon Systems Security Requirements 218

Security Capabilities of Information Systems 219

    Memory Protection 219

    Virtualization 220

    Trusted Platform Module 220

    Interfaces 221

    Fault Tolerance 221

    Policy Mechanisms 222

    Encryption/Decryption 223

Security Architecture Maintenance 223

Vulnerabilities of Security Architectures, Designs, and Solution Elements 224

    Client-Based Systems 224

    Server-Based Systems 225

    Database Systems 226

    Cryptographic Systems 227

    Industrial Control Systems 227

    Cloud-Based Systems 230

    Large-Scale Parallel Data Systems 236

    Distributed Systems 237

    Grid Computing 237

    Peer-to-Peer Computing 237

    Internet of Things 238

Vulnerabilities in Web-Based Systems 242

    Maintenance Hooks 242

    Time-of-Check/Time-of-Use Attacks 243

    Web-Based Attacks 243

    XML 244

    SAML 244

    OWASP 244

Vulnerabilities in Mobile Systems 244

    Device Security 245

    Application Security 246

    Mobile Device Concerns 246

    NIST SP 800-164 248

Vulnerabilities in Embedded Devices 250

Cryptography 250

    Cryptography Concepts 250

    Cryptography History 253

    Cryptosystem Features 256

    NIST SP 800-175A and B 257

    Cryptographic Mathematics 258

    Cryptographic Life Cycle 261

Cryptographic Types 262

    Running Key and Concealment Ciphers 263

    Substitution Ciphers 263

    Transposition Ciphers 265

    Symmetric Algorithms 266

    Asymmetric Algorithms 268

    Hybrid Ciphers 269

Symmetric Algorithms 269

    DES and 3DES 270

    AES 274

    IDEA 274

    Skipjack 274

    Blowfish 275

    Twofish 275

    RC4/RC5/RC6/RC7 275

    CAST 275

Asymmetric Algorithms 276

    Diffie-Hellman 277

    RSA 277

    El Gamal 278

    ECC 278

    Knapsack 279

    Zero-knowledge Proof 279

Public Key Infrastructure 279

    Certification Authority and Registration Authority 279

    Certificates 280

    Certificate Life Cycle 281

    Certificate Revocation List 283

    OCSP 284

    PKI Steps 284

    Cross-Certification 285

Key Management Practices 285

Message Integrity 293

    Hashing 294

    Message Authentication Code 297

    Salting 299

Digital Signatures 299

    DSS 300

Applied Cryptography 300

    Link Encryption Versus End-to-End Encryption 300

    Email Security 300

    Internet Security 300

Cryptanalytic Attacks 301

    Ciphertext-Only Attack 302

    Known Plaintext Attack 302

    Chosen Plaintext Attack 302

    Chosen Ciphertext Attack 302

    Social Engineering 302

    Brute Force 302

    Differential Cryptanalysis 303

    Linear Cryptanalysis 303

    Algebraic Attack 303

    Frequency Analysis 303

    Birthday Attack 303

    Dictionary Attack 303

    Replay Attack 304

    Analytic Attack 304

    Statistical Attack 304

    Factoring Attack 304

    Reverse Engineering 304

    Meet-in-the-Middle Attack 304

    Ransomware Attack 304

    Side-Channel Attack 305

Digital Rights Management 305

    Document DRM 306

    Music DRM 306

    Movie DRM 306

    Video Game DRM 306

    E-book DRM 307

Site and Facility Design 307

    Layered Defense Model 307

    CPTED 307

    Physical Security Plan 308

    Facility Selection Issues 309

Site and Facility Security Controls 312

    Doors 312

    Locks 313

    Biometrics 315

    Glass Entries 315

    Visitor Control 315

    Wiring Closets/Intermediate Distribution Facilities 316

    Work Areas 316

    Environmental Security 317

    Equipment Security 321

Exam Preparation Tasks 323

Chapter 4 Communication and Network Security 334

Secure Network Design Principles 335

    OSI Model 335

    TCP/IP Model 340

IP Networking 345

    Common TCP/UDP Ports 346

    Logical and Physical Addressing 347

    IPv4 348

    Network Transmission 353

    IPv6 357

    Network Types 370

Protocols and Services 372

    ARP/RARP 372

    DHCP/BOOTP 373

    DNS 374

    FTP, FTPS, SFTP, TFTP 374

    HTTP, HTTPS, S-HTTP 375

    ICMP 375

    IGMP 376

    IMAP 376

    LDAP 376

    LDP 376

    NAT 376

    NetBIOS 376

    NFS 377

    PAT 377

    POP 377

    CIFS/SMB 377

    SMTP 377

    SNMP 377

    SSL/TLS 378

    Multilayer Protocols 378

Converged Protocols 379

    FCoE 379

    MPLS 380

    VoIP 381

    iSCSI 381

Wireless Networks 381

    FHSS, DSSS, OFDM, VOFDM, FDMA, TDMA, CDMA, OFDMA, and GSM 382

    WLAN Structure 384

    WLAN Standards 384

    WLAN Security 387

Communications Cryptography 392

    Link Encryption 392

    End-to-End Encryption 393

    Email Security 393

    Internet Security 394

Secure Network Components 396

    Hardware 397

    Transmission Media 415

    Network Access Control Devices 435

    Endpoint Security 437

    Content-Distribution Networks 438

Secure Communication Channels 438

    Voice 439

    Multimedia Collaboration 439

    Remote Access 440

    Data Communications 450

    Virtualized Networks 450

Network Attacks 451

    Cabling 451

    Network Component Attacks 453

    ICMP Attacks 454

    DNS Attacks 456

    Email Attacks 458

    Wireless Attacks 459

    Remote Attacks 460

    Other Attacks 460

Exam Preparation Tasks 462

Chapter 5 Identity and Access Management (IAM) 474

Access Control Process 475

    Identify Resources 475

    Identify Users 476

    Identify the Relationships Between Resources and Users 476

Physical and Logical Access to Assets 477

    Access Control Administration 477

    Information 478

    Systems 478

    Devices 479

    Facilities 479

Identification and Authentication Concepts 480

    NIST SP 800-63 480

    Five Factors for Authentication 484

    Single-Factor Versus Multi-Factor Authentication 495

    Device Authentication 495

Identification and Authentication Implementation 496

    Separation of Duties 496

    Least Privilege/Need-to-Know 497

    Default to No Access 497

    Directory Services 498

    Single Sign-on 498

    Session Management 503

    Registration and Proof of Identity 503

    Credential Management Systems 504

    Accountability 505

Identity as a Service (IDaaS) Implementation 507

Third-Party Identity Services Integration 507

Authorization Mechanisms 508

    Permissions, Rights, and Privileges 508

    Access Control Models 508

    Access Control Policies 514

Provisioning Life Cycle 514

    Provisioning 515

    User and System Account Access Review 516

    Account Revocation 516

Access Control Threats 516

    Password Threats 517

    Social Engineering Threats 518

    DoS/DDoS 520

    Buffer Overflow 520

    Mobile Code 520

    Malicious Software 521

    Spoofing 521

    Sniffing and Eavesdropping 521

    Emanating 522

    Backdoor/Trapdoor 522

    Access Aggregation 522

    Advanced Persistent Threat 523

Prevent or Mitigate Access Control Threats 523

Exam Preparation Tasks 524

Chapter 6 Security Assessment and Testing 532

Design and Validate Assessment and Testing Strategies 533

    Security Testing 534

    Security Assessments 534

    Security Auditing 535

    Internal, External, and Third-party Security Assessment, Testing, and Auditing 535

Conduct Security Control Testing 535

    Vulnerability Assessment 535

    Penetration Testing 539

    Log Reviews 541

    Synthetic Transactions 546

    Code Review and Testing 546

    Misuse Case Testing 549

    Test Coverage Analysis 549

    Interface Testing 549

Collect Security Process Data 550

    NIST SP 800-137 550

    Account Management 551

    Management Review and Approval 551

    Key Performance and Risk Indicators 552

    Backup Verification Data 553

    Training and Awareness 553

    Disaster Recovery and Business Continuity 553

Analyze and Report Test Outputs 553

Conduct or Facilitate Security Audits 554

Exam Preparation Tasks 555

Chapter 7 Security Operations 564

Investigations 566

    Forensic and Digital Investigations 566

    Evidence Collection and Handling 574

    Digital Forensic Tools, Tactics, and Procedures 579

Investigation Types 581

    Operations/Administrative 581

    Criminal 582

    Civil 582

    Regulatory 582

    Industry Standards 582

    eDiscovery 585

Logging and Monitoring Activities 585

    Audit and Review 585

    Intrusion Detection and Prevention 587

    Security Information and Event Management (SIEM) 588

    Continuous Monitoring 588

    Egress Monitoring 588

Resource Provisioning 589

    Asset Inventory and Management 590

    Configuration Management 592

Security Operations Concepts 593

    Need to Know/Least Privilege 593

    Managing Accounts, Groups, and Roles 594

    Separation of Duties and Responsibilities 594

    Privilege Account Management 595

    Job Rotation and Mandatory Vacation 595

    Two-Person Control 596

    Sensitive Information Procedures 596

    Record Retention 596

    Information Life Cycle 596

    Service-Level Agreements 597

Resource Protection 597

    Protecting Tangible and Intangible Assets 597

    Asset Management 599

Incident Management 608

    Event Versus Incident 608

    Incident Response Team and Incident Investigations 609

    Rules of Engagement, Authorization, and Scope 609

    Incident Response Procedures 610

    Incident Response Management 610

    Detect 610

    Respond 611

    Mitigate 611

    Report 611

    Recover 612

    Remediate 612

    Lessons Learned and Review 612

Detective and Preventive Measures 612

    IDS/IPS 612

    Firewalls 613

    Whitelisting/Blacklisting 613

    Third-Party Security Services 613

    Sandboxing 614

    Honeypots/Honeynets 614

    Anti-malware/Antivirus 614

    Clipping Levels 614

    Deviations from Standards 615

    Unusual or Unexplained Events 615

    Unscheduled Reboots 615

    Unauthorized Disclosure 615

    Trusted Recovery 615

    Trusted Paths 616

    Input/Output Controls 616

    System Hardening 616

    Vulnerability Management Systems 616

Patch and Vulnerability Management 617

Change Management Processes 618

Recovery Strategies 618

    Create Recovery Strategies 619

    Backup Storage Strategies 626

    Recovery and Multiple Site Strategies 628

    Redundant Systems, Facilities, and Power 630

    Fault-Tolerance Technologies 631

    Insurance 631

    Data Backup 632

    Fire Detection and Suppression 632

    High Availability 632

    Quality of Service 633

    System Resilience 633

Disaster Recovery 633

    Response 634

    Personnel 634

    Communications 636

    Assessment 636

    Restoration 637

    Training and Awareness 637

Testing Disaster Recovery Plans 637

    Read-Through Test 638

    Checklist Test 638

    Table-Top Exercise 638

    Structured Walk-Through Test 638

    Simulation Test 639

    Parallel Test 639

    Full-Interruption Test 639

    Functional Drill 639

    Evacuation Drill 639

Business Continuity Planning and Exercises 639

Physical Security 640

    Perimeter Security Controls 640

    Building and Internal Security Controls 645

Personnel Safety and Security 645

    Duress 646

    Travel 646

    Monitoring 646

    Emergency Management 646

    Security Training and Awareness 647

Exam Preparation Tasks 647

Chapter 8 Software Development Security 658

Software Development Concepts 659

    Machine Languages 659

    Assembly Languages and Assemblers 660

    High-Level Languages, Compilers, and Interpreters 660

    Object-Oriented Programming 660

    Distributed Object-Oriented Systems 663

    Mobile Code 664

Security in the System and Software Development Life Cycles 668

    System Development Life Cycle 668

    Software Development Life Cycle 670

    Software Development Methods and Maturity Models 674

    Operation and Maintenance 684

    Integrated Product Team 685

Security Controls in Development 686

    Software Development Security Best Practices 686

    Software Environment Security 687

    Source Code Analysis Tools 688

    Code Repository Security 688

    Software Threats 688

    Software Protection Mechanisms 694

Assess Software Security Effectiveness 695

    Auditing and Logging 695

    Risk Analysis and Mitigation 695

    Regression and Acceptance Testing 696

Security Impact of Acquired Software 696

Secure Coding Guidelines and Standards 697

    Security Weaknesses and Vulnerabilities at the Source Code Level 697

    Security of Application Programming Interfaces 700

    Secure Coding Practices 701

Exam Preparation Tasks 702

Chapter 9 Final Preparation 712

Tools for Final Preparation 713

    Pearson Test Prep Practice Test Engine and Questions on the Website 713

    Customizing Your Exams 715

    Updating Your Exams 716

    Memory Tables 717

    Chapter-Ending Review Tools 717

Suggested Plan for Final Review/Study 717

Summary 718

Glossary 721

 

Online Elements

Appendix A Memory Tables

Appendix B Memory Tables Answer Key

Glossary

 

9780789759696   TOC   6/27/2018

 

Erscheint lt. Verlag 7.11.2018
Reihe/Serie Certification Guide
Verlagsort Upper Saddle River
Sprache englisch
Maße 200 x 240 mm
Gewicht 1626 g
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Weitere Themen Zertifizierung
ISBN-10 0-7897-5969-1 / 0789759691
ISBN-13 978-0-7897-5969-6 / 9780789759696
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
nach DSGVO und BDSG

von Andreas Schaupp

Druckwerk (2023)
Deutscher Apotheker Verlag
CHF 72,95
Datenschutz (Kombi-Ausgabe), Mitarbeiter-Merkblatt Datenschutz und …
Media-Kombination (2022)
Forum Verlag Herkert
CHF 419,95