Certified Information Systems Security Professional (CISSP) Exam Guide
Packt Publishing Limited (Verlag)
978-1-80056-761-0 (ISBN)
Purchase of this book unlocks access to online exam resources such as practice questions, flashcards, exam tips, and the eBook PDF
Key Features
Explore up-to-date content meticulously aligned with the latest CISSP exam objectives
Understand the value of governance, risk management, and compliance
Assess your exam readiness with practice questions that match exam-level difficulty
Book DescriptionThe (ISC)2 CISSP exam evaluates the competencies required to secure organizations, corporations, military sites, and government entities. The comprehensive CISSP certification guide offers up-to-date coverage of the latest exam syllabus, ensuring you can approach the exam with confidence, fully equipped to succeed.
Complete with interactive flashcards, invaluable exam tips, and self-assessment questions, this book helps you build and test your knowledge of all eight CISSP domains. Detailed answers and explanations for all questions will enable you to gauge your current skill level and strengthen weak areas.
This guide systematically takes you through all the information you need to not only pass the CISSP exam, but also excel in your role as a security professional. Starting with the big picture of what it takes to secure the organization through asset and risk management, it delves into the specifics of securing networks and identities. Later chapters address critical aspects of vendor security, physical security, and software security.
By the end of this book, you'll have mastered everything you need to pass the latest CISSP certification exam and have this valuable desktop reference tool for ongoing security needs.What you will learn
Get to grips with network communications and routing to secure them best
Understand the difference between encryption and hashing
Know how and where certificates and digital signatures are used
Study detailed incident and change management procedures
Manage user identities and authentication principles tested in the exam
Familiarize yourself with the CISSP security models covered in the exam
Discover key personnel and travel policies to keep your staff secure
Discover how to develop secure software from the start
Who this book is forThis book is for professionals seeking to obtain the ISC2 CISSP certification. You should have experience in at least two of the following areas: GRC, change management, network administration, systems administration, physical security, database management, or software development. Additionally, a solid understanding of network administration, systems administration, and change management is essential.
Ted Jordan, M.S., CISSP, Linux+, is a seasoned cybersecurity professional with over 30 years of experience. His career includes work with NASA, General Motors, Silicon Graphics, Sun Microsystems, Fakespace, and AM General. Ted has trained over 2,500 students to achieve their CISSP, Security+, and Linux+ certifications with The Training Camp and Learning Tree. He is also the author of five books on Linux and CISSP. In his free time, Ted enjoys a good game of tennis or watching the complexities of carom three-cushion billiards. Ricardo “Ric” Daza, PhD, is a cybersecurity mentor with the Tampa Bay Wave Accelerator, a committee member with West Florida ISACA, and a recipient of two NSA fellowships. He is also an adjunct cybersecurity professor and frequent speaker at regional and international conferences with a doctorate in Information Assurance and holds double CCIE² (R&S, Security), CISSP, CRISC, CISA, ISO 27001 Lead Auditor, PMP, and RHCE certifications. Dr. Daza builds networks and develops cybersecurity solutions for foreign and domestic government agencies, as well as Fortune 500 companies in the financial, technology, defense, healthcare, and manufacturing sectors. He contributes to the cyber defense of organizations across the Americas. He specializes in an evidence-based approach to tackling process and technology challenges, including networking, risk management, security analysis, incident response, risk communication, vulnerability management, metrics and maturity programs, data science, programming, and more. In addition to being a seasoned executive cybersecurity consultant, Dr. Daza was an exam content developer, crafting the tests like CISSP for ISC2, the largest cybersecurity certification body in the world. Hinne Hettema, a PhD in theoretical chemistry and philosophy of science, focuses especially on the implementation of security practices and mentoring others to become proficient security professionals. Working in IT since the early 1990s and focusing on security since the early 2000s, he has held a variety of roles working as a consultant, as part of a team, or as a leader of a security team. With over two decades of experience in the security field, Hinne has also served as an adjunct senior research fellow in cybersecurity at the University of Queensland, Australia. He has experience in developing, implementing and running security operations, incident response and security service definition and execution. He focuses current engagements primarily on how organizations can optimize current practices, develop improvements, and make sensible decisions about their future direction. To that end, he uses his skills in architecture, security posture management, data science, threat intelligence, risk assessment and situational awareness to ensure an optimal spend of the security dollar. He also has extensive experience in incident handling and response, including OT and ICS environments. He is a confident public speaker and can present to various audiences, from the general public to boards to cybersecurity experts to people needing training in specific aspects of cybersecurity. Hinne has authored several books including Agile Security Operation by Packt.
Table of Contents
Ethics, Security Concepts, and Governance Principles
Compliance, Regulation, and Investigations
Security Policies and Business Continuity
Risk Management, Threat Modeling, SCRM, and SETA
Asset and Privacy Protection
Information and Asset Handling
Secure Design Principles and Controls
Architecture Vulnerabilities and Cryptography
Facilities and Physical Security
Network Architecture Security
Securing Communication Channels
Identity, Access Management, and Federation
Identity Management Implementation
Designing and Conducting Security Assessments
Designing and Conducting Security Testing
Planning for Security Operations
Security Operations
Disaster Recovery
Business Continuity, Personnel, and Physical Security
Software Development Life Cycle Security
Software Development Security Controls
Securing Software Development
Secure Coding Guidelines, Third-Party Software, and Databases
Erscheinungsdatum | 01.06.2024 |
---|---|
Verlagsort | Birmingham |
Sprache | englisch |
Maße | 191 x 235 mm |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
Informatik ► Weitere Themen ► Zertifizierung | |
ISBN-10 | 1-80056-761-8 / 1800567618 |
ISBN-13 | 978-1-80056-761-0 / 9781800567610 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich