CISSP study guide

Book Cover
Average Rating
Author
Conrad, Eric, 1967-
Published
Cambridge, MA : Syngress, [2023].
Status
Available Online

Description

Loading Description...

More Details

Format
Edition
Fourth edition.
Language
English
ISBN
9780443187353, 0443187355

Notes

General Note
Previous edition: 2015.
Bibliography
Includes bibliographical references and index.
Description
CISSP® Study Guide, Fourth Edition provides the latest updates on CISSP® certification, the most prestigious, globally-recognized, vendor neutral exam for information security professionals. In this new edition, readers will learn about what's included in the newest version of the exam's Common Body of Knowledge. The eight domains are covered completely and as concisely as possible. Each domain has its own chapter, including specially designed pedagogy to help readers pass the exam. Clearly stated exam objectives, unique terms/definitions, exam warnings, learning by example, hands-on exercises, and chapter ending questions help readers fully comprehend the material. Provides the most complete and effective study guide to prepare you for passing the CISSP® exam--contains only what you need to pass the test, with no fluff! Eric Conrad has prepared hundreds of professionals for passing the CISSP® exam through SANS, a popular and well-known organization for information security professionals Covers all of the new information in the Common Body of Knowledge updated in May 2021, and also provides tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix.
Local note
O'Reilly,O'Reilly Online Learning: Academic/Public Library Edition

Also in this Series

Checking series information...

More Like This

Loading more titles like this title...

Published Reviews

Reviews from GoodReads

Loading GoodReads Reviews.

Citations

APA Citation, 7th Edition (style guide)

Conrad, E., Misenar, S., & Feldman, J. (2023). CISSP study guide (Fourth edition.). Syngress.

Chicago / Turabian - Author Date Citation, 17th Edition (style guide)

Conrad, Eric, 1967-, Seth, Misenar and Joshua, Feldman. 2023. CISSP Study Guide. Cambridge, MA: Syngress.

Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)

Conrad, Eric, 1967-, Seth, Misenar and Joshua, Feldman. CISSP Study Guide Cambridge, MA: Syngress, 2023.

Harvard Citation (style guide)

Conrad, E., Misenar, S. and Feldman, J. (2023). CISSP study guide. Fourth edn. Cambridge, MA: Syngress.

MLA Citation, 9th Edition (style guide)

Conrad, Eric, Seth Misenar, and Joshua Feldman. CISSP Study Guide Fourth edition., Syngress, 2023.

Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.

Staff View

Grouped Work ID
a3c442a5-72dd-0528-652e-9c86e9942ba4-eng
Go To Grouped Work View in Staff Client

Grouping Information

Grouped Work IDa3c442a5-72dd-0528-652e-9c86e9942ba4-eng
Full titlecissp study guide
Authorconrad eric
Grouping Categorybook
Last Update2024-12-17 08:40:50AM
Last Indexed2024-12-17 08:40:58AM

Book Cover Information

Image SourcecontentCafe
First LoadedAug 17, 2023
Last UsedNov 24, 2024

Marc Record

First DetectedMar 07, 2023 02:26:32 PM
Last File Modification TimeDec 17, 2024 08:23:15 AM
SuppressedRecord had no items

MARC Record

LEADER13289cam a22005777i 4500
001on1367327645
003OCoLC
00520241217082158.0
006m     o  d        
007cr cnu---unuuu
008230131s2023    maua    ob    001 0 eng d
020 |a 9780443187353|q electronic book
020 |a 0443187355|q electronic book
035 |a (OCoLC)1367327645
037 |a 9780443187353|b O'Reilly Media
040 |a ORMDA|b eng|e rda|e pn|c ORMDA|d OPELS|d YDX|d OCLCF|d OCLCO|d OCLCL|d DXU|d OCLCO
049 |a MAIN
050 4|a QA76.3.C497|b C57 2023
08204|a 005.8|2 23/eng/20230131
1001 |a Conrad, Eric,|d 1967-|e author.|1 https://id.oclc.org/worldcat/entity/E39PCjygTj8ptYJwjYhKfbkWCP|1 https://isni.org/isni/0000000079345415
24510|a CISSP study guide /|c Eric Conrad, Seth Misenar, Joshua Feldman.
250 |a Fourth edition.
264 1|a Cambridge, MA :|b Syngress,|c [2023]
300 |a 1 online resource (1 volume) :|b illustrations.
336 |a text|b txt|2 rdacontent
337 |a computer|b c|2 rdamedia
338 |a online resource|b cr|2 rdacarrier
500 |a Previous edition: 2015.
504 |a Includes bibliographical references and index.
5050 |a Intro -- CISSP® Study Guide -- Copyright -- Contents -- About the authors -- Chapter 1: Introduction -- How to Prepare for the Exam -- The CISSP Exam Is a Management Exam -- The 2021 Update -- The Notes Card Approach -- Practice Tests -- Read the Glossary -- Readiness Checklist -- How to Take the Exam -- Steps to Becoming a CISSP -- Computer-Based Testing (CBT) -- CISSP CAT -- Taking the Exam -- After the Exam -- Good Luck! -- References -- Chapter 2: Domain 1: Security and Risk Management -- Unique Terms and Definitions -- Introduction -- Cornerstone Information Security Concepts -- Confidentiality, Integrity, and Availability -- Confidentiality -- Integrity -- Availability -- Tension Between the Concepts -- Disclosure, Alteration, and Destruction -- Identity and Authentication, Authorization, and Accountability (AAA) -- Identity and Authentication -- Authorization -- Accountability -- Non-repudiation -- Least Privilege and Need to Know -- Subjects and Objects -- Defense-in-Depth -- Due Care and Due Diligence -- Gross Negligence -- Legal and Regulatory Issues -- Compliance With Laws and Regulations -- Major Legal Systems -- Civil Law (Legal System) -- Common Law -- Religious Law -- Other Systems -- Criminal, Civil, and Administrative Law -- Criminal Law -- Civil Law -- Administrative Law -- Liability -- Due Care -- Due Diligence -- Legal Aspects of Investigations -- Evidence -- Real Evidence -- Direct Evidence -- Circumstantial Evidence -- Corroborative Evidence -- Hearsay -- Best Evidence Rule -- Secondary Evidence -- Evidence Integrity -- Chain of Custody -- Reasonable Searches -- Entrapment and Enticement -- Computer Crime -- Intellectual Property -- Trademark -- Patent -- Copyright -- Copyright Limitations -- Licenses -- Trade Secrets -- Intellectual Property Attacks -- Privacy -- European Union Privacy -- OECD Privacy Guidelines.
5058 |a General Data Protection Regulation -- EU-US Safe Harbor -- US Privacy Act of 1974 -- International Cooperation -- Import/Export Restrictions -- Trans-border Data Flow -- Important Laws and Regulations -- US Computer Fraud and Abuse Act -- HIPAA -- United States Breach Notification Laws -- Ethics -- The (ISC)2 Code of Ethics -- The (ISC)2 Code of Ethics Canons in Detail -- Computer Ethics Institute -- IABs Ethics and the Internet -- Information Security Governance -- Security Policy and Related Documents -- Policy -- Components of Program Policy -- Policy Types -- Procedures -- Standards -- Guidelines -- Baselines -- Personnel Security -- Candidate Screening and Hiring -- Onboarding -- Employee Termination -- Security Awareness and Training -- Gamification -- Security Champions -- Access Control Defensive Categories and Types -- Preventive -- Detective -- Corrective -- Recovery -- Deterrent -- Compensating -- Comparing Access Controls -- Risk Analysis -- Assets -- Threats and Vulnerabilities -- Risk=Threat x Vulnerability -- Impact -- Risk Analysis Matrix -- Calculating Annualized Loss Expectancy -- Asset Value -- Exposure Factor -- Single Loss Expectancy -- Annual Rate of Occurrence -- Annualized Loss Expectancy -- Total Cost of Ownership -- Return on Investment -- Budget and Metrics -- Risk Response -- Accept the Risk -- Risk Acceptance Criteria -- Mitigate the Risk -- Transfer the Risk -- Risk Avoidance -- Quantitative and Qualitative Risk Analysis -- The Risk Management Process -- Risk Maturity Modeling -- Security and Third Parties -- Service Provider Contractual Security -- Minimum Security Requirements -- Service Level Agreements and Service Level Requirements -- Attestation -- Right to Penetration Test/Right to Audit -- Supply Chain Risk Management -- Risks Associated With Hardware, Software, and Services -- Vendor Governance -- Acquisitions.
5058 |a Divestitures -- Third Party Assessment and Monitoring -- Outsourcing and Offshoring -- Types of Attackers -- Hackers -- Script Kiddies -- Outsiders -- Insiders -- Hacktivist -- Bots and Botnets -- Phishers and Spear Phishers -- Summary of Exam Objectives -- Self-Test -- Self-Test Quick Answer Key -- References -- Chapter 3: Domain 2: Asset Security -- Unique Terms and Definitions -- Introduction -- Classifying Data -- Labels -- Security Compartments -- Clearance -- Formal Access Approval -- Need to Know -- Sensitive Information/Media Security -- Sensitive Information -- Handling -- Storage -- Retention -- Ownership and Inventory -- Asset Inventory -- Asset Retention -- Business or Mission Owners -- Data Owners -- System Owner -- Custodian -- Users -- Data Controllers and Data Processors -- Data Location -- Data Maintenance -- Data Loss Prevention -- Digital Rights Management -- Cloud Access Security Brokers -- Data Collection Limitation -- Memory and Remanence -- Data Remanence -- Memory -- Cache Memory -- RAM and ROM -- DRAM and SRAM -- Firmware -- Flash Memory -- Solid State Drives (SSDs) -- Data Destruction -- Overwriting -- Degaussing -- Destruction -- Shredding -- Determining Data Security Controls -- Certification and Accreditation -- Standards and Control Frameworks -- Standards Selection -- PCI-DSS -- OCTAVE -- ISO 17799 and the ISO 27000 Series -- COBIT -- ITIL -- Scoping and Tailoring -- Data States -- Protecting Data in Use -- Protecting Data in Transit -- Drive and Tape Encryption -- Media Storage and Transportation -- Summary of Exam Objectives -- Self-Test -- Self-Test Quick Answer Key -- References -- Chapter 4: Domain 3: Security Architecture and Engineering -- Unique Terms and Definitions -- Introduction -- Secure Design Principles -- Threat Modeling -- Least Privilege and Defense-in-Depth -- Secure Defaults -- Privacy by Design.
5058 |a Fail Securely -- Separation of Duties (SoD) -- Keep It Simple -- Trust, but Verify -- Zero Trust -- Security Models -- Reading Down and Writing Up -- State Machine Model -- Bell-LaPadula Model -- Simple Security Property -- *Security Property (Star Security Property) -- Strong and Weak Tranquility Property -- Lattice-Based Access Controls -- Integrity Models -- Biba Model -- Simple Integrity Axiom -- * Integrity Axiom -- Clark-Wilson -- Well Formed Transactions -- Certification, Enforcement, and Separation of Duties -- Information Flow Model -- Chinese Wall Model -- Non-interference -- Take-Grant -- Access Control Matrix -- Zachman Framework for Enterprise Architecture -- Graham-Denning Model -- Harrison-Ruzzo-Ullman Model -- Evaluation Methods, Certification, and Accreditation -- The International Common Criteria -- Common Criteria Terms -- Levels of Evaluation -- Secure System Design Concepts -- Layering -- Abstraction -- Security Domains -- The Ring Model -- Open and Closed Systems -- Secure Hardware Architecture -- The System Unit and Motherboard -- The Computer Bus -- Northbridge and Southbridge -- The CPU -- Arithmetic Logic Unit and Control Unit -- Fetch and Execute -- Pipelining -- Interrupts -- Processes and Threads -- Multitasking and Multiprocessing -- Watchdog Timers -- CISC and RISC -- Memory Addressing -- Memory Protection -- Process Isolation -- Hardware Segmentation -- Virtual Memory -- Swapping and Paging -- BIOS -- WORM Storage -- Trusted Platform Module -- Data Execution Prevention and Address Space Layout Randomization -- Secure Operating System and Software Architecture -- The Kernel -- Reference Monitor -- Users and File Permissions -- Linux and UNIX permissions -- Microsoft NTFS Permissions -- Privileged Programs -- Virtualization, Cloud, and Distributed Computing -- Virtualization -- Hypervisor -- Virtualization Benefits.
5058 |a Virtualization Security Issues -- Cloud Computing -- Shared Responsibility -- Microservices, Containers, and Serverless -- Microservices -- Containers -- Containers vs. Virtualization -- Serverless -- High-Performance Computing (HPC) and Grid Computing -- Peer-to-Peer -- Thin Clients -- Diskless Workstations -- Thin Client Applications -- Embedded Systems and The Internet of Things (IoT) -- Distributed Systems and Edge Computing Systems -- Industrial Control Systems (ICS) -- System Vulnerabilities, Threats, and Countermeasures -- Emanations -- Covert Channels -- Covert Storage Channels -- Covert Timing Channels -- Backdoors -- Malicious Code (Malware) -- Computer Viruses -- Worms -- Trojans -- Rootkits -- Packers -- Logic Bombs -- Antivirus Software -- Server-Side Attacks -- Client-Side Attacks -- Web Architecture and Attacks -- Applets -- Java -- ActiveX -- OWASP -- XML -- Service Oriented Architecture (SOA) -- Database Security -- Polyinstantiation -- Inference and Aggregation -- Inference and Aggregation Controls -- Data Mining -- Data Analytics -- Countermeasures -- Mobile Device Attacks -- Mobile Device Defenses -- Cornerstone Cryptographic Concepts -- Key Terms -- Confidentiality, Integrity, Authentication, and Non-repudiation -- Confusion, Diffusion, Substitution, and Permutation -- Cryptographic Strength -- Monoalphabetic and Polyalphabetic Ciphers -- Modular Math -- Exclusive Or (XOR) -- Data at Rest and Data in Motion -- Protocol Governance -- Types of Cryptography -- Symmetric Encryption -- Stream and Block Ciphers -- Initialization Vectors and Chaining -- DES -- Modes of DES -- Electronic Code Book (ECB) -- Cipher Block Chaining (CBC) -- Cipher Feedback (CFB) -- Output Feedback (OFB) -- Counter Mode (CTR) -- Single DES -- Triple DES -- International Data Encryption Algorithm (IDEA) -- Advanced Encryption Standard (AES) -- Choosing AES.
520 |a CISSP® Study Guide, Fourth Edition provides the latest updates on CISSP® certification, the most prestigious, globally-recognized, vendor neutral exam for information security professionals. In this new edition, readers will learn about what's included in the newest version of the exam's Common Body of Knowledge. The eight domains are covered completely and as concisely as possible. Each domain has its own chapter, including specially designed pedagogy to help readers pass the exam. Clearly stated exam objectives, unique terms/definitions, exam warnings, learning by example, hands-on exercises, and chapter ending questions help readers fully comprehend the material. Provides the most complete and effective study guide to prepare you for passing the CISSP® exam--contains only what you need to pass the test, with no fluff! Eric Conrad has prepared hundreds of professionals for passing the CISSP® exam through SANS, a popular and well-known organization for information security professionals Covers all of the new information in the Common Body of Knowledge updated in May 2021, and also provides tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix.
588 |a Description based on online resource; title from digital title page (viewed on March 29, 2023).
590 |a O'Reilly|b O'Reilly Online Learning: Academic/Public Library Edition
650 0|a Computer networks|x Security measures|x Examinations|v Study guides.|9 93485
650 0|a Computer security|x Examinations|v Study guides.|9 93486
650 0|a Electronic data processing personnel|x Certification|v Study guides.|9 80404
655 7|a examination study guides.|2 aat
655 7|a Study guides|2 fast|9 404668
655 7|a Study guides.|2 lcgft|9 404668
655 7|a Guides de l'étudiant.|2 rvmgf
7001 |a Misenar, Seth,|e author.|1 https://id.oclc.org/worldcat/entity/E39PCjyg49drrQfRrYr7p9Fjbq|1 https://isni.org/isni/0000000079640609
7001 |a Feldman, Joshua,|e author.|1 https://id.oclc.org/worldcat/entity/E39PCjHqdP9cqYqt3d4hDPvQ4m|1 https://isni.org/isni/0000000079287657
758 |i has work:|a CISSP study guide (Text)|1 https://id.oclc.org/worldcat/entity/E39PCFQQGwYk9vy6QkbVTYw4hd|4 https://id.oclc.org/worldcat/ontology/hasWork
77608|i Print version:|a Conrad, Eric, 1967-|t CISSP study guide.|b Fourth edition.|d Rockland : Syngress, 2022|z 9780443187346|w (OCoLC)1347733110
85640|u https://library.access.arlingtonva.us/login?url=https://learning.oreilly.com/library/view/~/9780443187353/?ar|x O'Reilly|z eBook
994 |a 92|b VIA
999 |c 280465|d 280465