The CISSP and CAP Prep Guide

Ronald L. Krutz, PhD, PE, CISSP, ISSEP, is Chief Knowledge Officer for Cybrinth, LLC. He was a faculty member in the Carnegie Mellon ECE Department and Associate Director of the Carnegie Mellon Research Institute. He was a former lead instructor for the ISC2 CISSP review seminars. Dr. Krutz is also a Distinguished Special Lecturer in the Center for Forensic Computer Investigation at the University of New Haven and consulting editor for the Wiley Infosec series. Russell Dean Vines, CISSP, CISM, Security +, CCNA, MCSE, MCNE, is President and Founder of The RDV Group Inc., a New York--based security consulting services firm. He has been active in the prevention, detection, and remediation of security vulnerabilities for international corporations, including government, finance, and new media organizations, for many years. He is the author of several bestselling information system security texts, a consulting editor for the Wiley Infosec series, and a professional musician and composer in the NY area.

About the Authors. Foreword. Acknowledgments. Introduction. PART 1: FOCUSED REVIEW OF THE CISSP TEN DOMAINS. Chapter 1. Information Security and Risk Management. Chapter 2. Access Control. Chapter 3. Telecommunications and Network Security. Chapter 4. Crytography. Chapter 5. Security Architecture and Design. Chapter 6. Operations Security. Chapter 7. Application Security. Chapter 8. Business Continuity Planning and Disaster Recovery Planning. Chapter 9. Legal, Regulations,Compliance, and Investigtions. Chapter 10. Physical (Environmental) Security. PART 2: THE CERTIFICATION AND ACCREDITATION PROFESSIONAL (CAP) CREDENTIAL. Chapter 11. Understanding Certification and Accreditation. Chapter 12. Initiation of the System Authorization Process. Chapter 13. The Certification Phase. Chapter 14. The Accreditation Phase. Chapter 15. Continuous Monitoring Process. Appendix A: Answers to Assessment Questions. Appendix B: Glossary of Terms and Acronyms. Appendix C: The Information System Security Architecture Professional (ISSAP) Certification. Appendix D: The Information System Security Engineering Professional (ISSEP) Certification. Appendix E: The Information System Security Management Professional (ISSMP) Certification. Appendix F: Security Control Catalog. Appendix G: Control baselines. Index.