CISSP Study Guide

2nd Edition

Authors: Eric Conrad Seth Misenar Joshua Feldman
Paperback ISBN: 9781597499613
eBook ISBN: 9781597499682
Imprint: Syngress
Published Date: 28th August 2012
Page Count: 600
59.95 + applicable tax
36.99 + applicable tax
45.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. The newest edition of this acclaimed study guide is aligned to cover all of the material included in the newest version of the exam’s Common Body of Knowledge. The ten domains are covered completely and as concisely as possible with an eye to acing the exam.

Each of the ten domains has its own chapter that includes specially designed pedagogy to aid the test-taker in passing the exam, including: Clearly stated exam objectives; Unique terms/Definitions; Exam Warnings; Learning by Example; Hands-On Exercises; Chapter ending questions. Furthermore, special features include: Two practice exams; Tiered chapter ending questions that allow for a gradual learning curve; and a self-test appendix

Key Features

  • Provides the most complete and effective study guide to prepare you for passing the CISSP exam—contains only what you need to pass the test, with no fluff!
  • Eric Conrad has prepared hundreds of professionals for passing the CISSP exam through SANS, a popular and well-known organization for information security professionals
  • Covers all of the new information in the Common Body of Knowledge updated in January 2012, and also provides two practice exams, tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix

Readership

Computer and Information Systems Managers, Systems Administrators, Application Developers, Network Administrators, Security Managers, Security Analysts, Directors of Security, Security Auditors, Security Engineers, Compliance Specialists.

Table of Contents

Acknowledgments

About the authors

Lead Author

Contributing Authors

About the Technical Editor

Chapter 1. Introduction

Exam objectives in this chapter

How to Prepare for the Exam

Taking the Exam

Good Luck!

REFERENCES

Chapter 2. Domain 1: Access Control

Exam objectives in this chapter

Unique Terms and Definitions

Introduction

Cornerstone Information Security Concepts

Access Control Models

Procedural Issues for Access Control

Access Control Defensive Categories and Types

Authentication Methods

Access Control Technologies

Types of Attackers

Assessing Access Control

Summary of Exam Objectives

Self Test

Self-test quick answer key

REFERENCES

Chapter 3. Domain 2: Telecommunications and Network Security

Exam objectives in this chapter

Unique Terms and Definitions

Introduction

Network Architecture and Design

Network Devices and Protocols

Secure Communications

Summary of Exam Objectives

Self Test

Self Test Quick Answer Key

REFERENCES

Chapter 4. Domain 3: Information Security Governance and Risk Management

Exam objectives in this chapter

Unique Terms and Definitions

Introduction

Risk Analysis

Information Security Governance

Summary of Exam Objectives

Self Test

Self Test Quick Answer Key

REFERENCES

Chapter 5. Domain 4: Software Development Security

Exam objectives in this chapter

Unique Terms and Definitions

Introduction

Programming Concepts

Application Development Methods

Object-Orientated Design and Programming

Software Vulnerabilities, Testing, and Assurance

Databases

Artificial Intelligence

Summary of Exam Objectives

Details

No. of pages:
600
Language:
English
Copyright:
© Syngress 2012
Published:
Imprint:
Syngress
eBook ISBN:
9781597499682
Paperback ISBN:
9781597499613

About the Author

Eric Conrad

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, Security+), is a SANS-certified instructor and President of Backshore Communications, which provides information warfare, penetration testing, incident handling, and intrusion detection consulting services. Eric started his professional career in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and healthcare, in positions ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He has taught more than a thousand students in courses such as SANS Management 414: CISSP, Security 560: Network Penetration Testing and Ethical Hacking, Security 504: Hacker Techniques, and Exploits and Incident Handling. Eric graduated from the SANS Technology Institute with a Master of Science degree in Information Security Engineering.

Affiliations and Expertise

CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GISP, GCED, Senior SANS instructor and CTO, Backshore Communications

Seth Misenar

Seth Misenar (CISSP, GPEN, GCIH, GCIA, GCFA, GWAPT, GCWN, GSEC, MCSE, MCDBA), is a certified instructor with the SANS Institute and serves as lead consultant for Context Security, which is based in Jackson, Mississippi. His background includes security research, network and Web application penetration testing, vulnerability assessment, regulatory compliance, security architecture design, and general security consulting. Seth previously served as a physical and network security consultant for Fortune 100 companies and as the HIPAA and information security officer for a state government agency. He teaches a variety of courses for the SANS Institute, including Security Essentials, Web Application Penetration Testing, Hacker Techniques, and the CISSP course. Seth is pursuing a Master of Science degree in Information Security Engineering from the SANS Technology Institute and holds a Bachelor of Science degree from Millsaps College, Jackson, Mississippi.

Affiliations and Expertise

CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GWAPT, GCWN, GSEC, Senior SANS instructor and Lead Consultant, Context Security, LLC.

Joshua Feldman

Joshua Feldman (CISSP), is currently employed by SAIC, Inc. He has been involved in the Department of Defense Information Systems Agency (DISA) Information Assurance Education, Training, and Awareness program since 2002, where he has contributed to a variety of DoD-wide Information Assurance and Cyber Security policies, specifically the 8500.2 and 8570 series. Joshua has taught more than a thousand DoD students through his "DoD IA Boot Camp" course. He is a subject matter expert for the Web-based DoD Information Assurance Awareness-yearly training of every DoD user is required as part of his or her security awareness curriculum. Also, he is a regular presenter and panel member at the annual Information Assurance Symposium hosted jointly by DISA and NSA. Before joining the support team at DoD/DISA, Joshua spent time as an IT security engineer at the Department of State's Bureau of Diplomatic Security. He got his start in the IT security field with NFR Security Software, a company that manufactures Intrusion Detection Systems. There, he worked as both a trainer and an engineer, implementing IDS technologies and instructing customers how in properly configuring them.

Affiliations and Expertise

CISSP, Vice President, IT Risk, Moody's Investments

Reviews

"Gives you everything you need and nothing you don't. One of the temptations you face as an author of a certification prep book or course is to include information that you feel is important, but not related to preparation for the certification. Eric Conrad has shown incredible discipline in keeping this book focused on preparing you to take the CISSP." --Stephen Northcutt, President, The SANS Technology Institute