Eleventh Hour CISSP®
View on ScienceDirect

Eleventh Hour CISSP®

Study Guide

3rd Edition - September 3, 2016

Write a review

  • Authors: Eric Conrad, Seth Misenar, Joshua Feldman
  • eBook ISBN: 9780128113776
  • Paperback ISBN: 9780128112489

Purchase options

Purchase options
DRM-free (EPub, PDF, Mobi)
eBook Format Help
Available
Sales tax will be calculated at check-out

Institutional Subscription

Support CenterReturns & Refunds
Free Global Shipping
No minimum order

Description

Eleventh Hour CISSP: Study Guide, Third Edition provides readers with a study guide on the most current version of the Certified Information Systems Security Professional exam. This book is streamlined to include only core certification information, and is presented for ease of last-minute studying. Main objectives of the exam are covered concisely with key concepts highlighted. The CISSP certification is the most prestigious, globally-recognized, vendor neutral exam for information security professionals. Over 100,000 professionals are certified worldwide, with many more joining their ranks. This new third edition is aligned to cover all of the material in the most current version of the exam’s Common Body of Knowledge. All domains are covered as completely and concisely as possible, giving users the best possible chance of acing the exam.

Key Features

  • Completely updated for the most current version of the exam’s Common Body of Knowledge
  • Provides the only guide you need for last-minute studying
  • Answers the toughest questions and highlights core topics
  • Streamlined for maximum efficiency of study, making it ideal for professionals updating their certification or for those taking the test for the first time

Readership

Computer and Information Systems Managers, Systems Administrators, Application Developers, Network Administrators, Security Managers, Security Analysts, Directors of Security, Security Auditors, Security Engineers, Compliance Specialists

Table of Contents

    • Author biography
    • Chapter 1: Domain 1: Security risk management
      • Abstract
      • Introduction
      • Cornerstone Information Security Concepts
      • Legal and Regulatory Issues
      • Security and Third Parties
      • Ethics
      • Information Security Governance
      • Access Control Defensive Categories and Types
      • Risk Analysis
      • Types of Attackers
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 2: Domain 2: Asset security
      • Abstract
      • Introduction
      • Classifying Data
      • Ownership
      • Memory and Remanence
      • Data Destruction
      • Determining Data Security Controls
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 3: Domain 3: Security engineering
      • Abstract
      • Introduction
      • Security Models
      • Secure System Design Concepts
      • Secure Hardware Architecture
      • Secure Operating System and Software Architecture
      • Virtualization and Distributed Computing
      • System Vulnerabilities, Threats, and Countermeasures
      • Cornerstone Cryptographic Concepts
      • Types of Cryptography
      • Cryptographic Attacks
      • Implementing Cryptography
      • Perimeter Defenses
      • Site Selection, Design, and Configuration
      • System Defenses
      • Environmental Controls
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 4: Domain 4: Communication and network security
      • Abstract
      • Introduction
      • Network Architecture and Design
      • Secure Network Devices and Protocols
      • Secure Communications
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 5: Domain 5: Identity and access management (controlling access and managing identity)
      • Abstract
      • Introduction
      • Authentication Methods
      • Access Control Technologies
      • Access Control Models
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 6: Domain 6: Security assessment and testing
      • Abstract
      • Introduction
      • Assessing Access Control
      • Software Testing Methods
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 7: Domain 7: Security operations
      • Abstract
      • Introduction
      • Administrative Security
      • Forensics
      • Incident Response Management
      • Operational Preventive and Detective Controls
      • Asset Management
      • Continuity of Operations
      • BCP and DRP overview and process
      • Developing a BCP/DRP
      • Backups and Availability
      • DRP Testing, Training, and Awareness
      • Continued BCP/DRP Maintenance
      • Specific BCP/DRP Frameworks
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Chapter 8: Domain 8: Software development security
      • Abstract
      • Introduction
      • Programming Concepts
      • Application Development Methods
      • Databases
      • Object-Oriented Programming
      • Assessing the Effectiveness of Software Security
      • Summary of Exam Objectives
      • Top Five Toughest Questions
      • Answers
    • Index

Product details

  • No. of pages: 238
  • Language: English
  • Copyright: © Syngress 2016
  • Published: September 3, 2016
  • Imprint: Syngress
  • eBook ISBN: 9780128113776
  • Paperback ISBN: 9780128112489

About the Authors

Eric Conrad

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GMON, GISP), is a SANS fellow and Chief Technology Officer of Backshore Communications, which provides threat hunting, penetration testing, incident handling, and intrusion detection consulting services. Eric started his professional career in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and healthcare, in positions ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He is coauthor of MGT414: SANS Training Program for the CISSP Certification, SEC511: Continuous Monitoring and Security Operations, and SEC542: Web App Penetration Testing and Ethical Hacking. Eric graduated from the SANS Technology Institute with a Master of Science degree in Information Security Engineering.

Affiliations and Expertise

Fellow, SANS Institute, Bethesda, MD, USA; Chief Technology Officer, Backshore Communications LLC., Peaks Island, ME, USA

Seth Misenar

Seth Misenar (CISSP, GIAC GSE #28, GSEC, GCIA, GCIH, GCWN, GCFA, GMON, GWAPT, GCDA, GPEN, GDAT, GSTRT, CCSK) is a Fellow with the SANS Institute and also serves as Principal Consultant for Jackson, Mississippi-based Context Security, LLC. His cyber security background includes research, host-based and network intrusion detection, architecture design, and general security consulting. Seth previously served as a physical and network security consultant for Fortune 100 companies and a state government agency’s HIPAA and information security officer. He has partnered with the SANS Institute for over 15 years, teaching and authoring courseware and facilitating instructor development. Seth is pursuing a Master of Science degree in Information Security Engineering from the SANS Technology Institute and holds a Bachelor of Science degree from Millsaps College.

Affiliations and Expertise

Fellow, SANS Institute, Bethesda, MD, USA; Principal Consultant, Context Security, LLC., Jackson, MI, USA

Joshua Feldman

Joshua Feldman (CISSP) is Senior Vice President for Security Technology at the Radian Group – a real estate and mortgage insurance conglomerate. His mission is focused on protecting over 10M US consumer financial records. He is the executive responsible for all aspects of Radian’s technical security program. Previous security roles included work at Moody’s Credit Ratings, Corning Inc, and the US Department of Defense and Department of State. In 2008, Joshua was Eric's student when studying for the CISSP exam and was so impressed with Eric’s mastery of the materials that he invited Eric to work with him at the DoD. Quickly after starting work, Eric invited Seth. That project ran successfully for over eight years – a testament to the value brought for US military cyber professionals. Joshua got his start in the cyber security field when he left his public-school science teaching position in 1997 and began working for Network Flight Recorder (NFR, Inc.), a small Washington, DC based startup making the first generation of Network Intrusion Detection Systems. He has a Bachelor’s of Science from the University of Maryland and a Master’s in Cyber Operations from National Defense University. He currently resides in Philadelphia with his little dog, Jacky-boy.

Affiliations and Expertise

Senior Vice President for Security Technology, Radian Group, Philadelphia, PA, USA

Ratings and Reviews

Write a review

Latest reviews

(Total rating for all reviews)

  • Kamwi M. Sat Nov 13 2021

    11th Hour CISSP review

    I was a bit skeptical about the book since it's so short and compact especially when compare to other CISSP study guides, but I have to say I was presently surprised. In short, I would describe the book as compact, precise, no fluffs and covers all domain objectives well.

  • AnoopPremanandan Mon Dec 24 2018

    Comprehensive and condensed

    This book is worth as a quick reference on all domain topics. It is presented in an easy to understand manner to help your conceptual understanding of topics.

  • Bernard Y. Mon Mar 12 2018

    Great supplemental material

    Great last minute read before test to review everything.

  • Aamir J. Thu Dec 28 2017

    11th hour CISSP

    Good book. Compact and to the point concepts.