 The CISSP Prep Guide, Gold Edition
ISBN: 978-0-471-26802-4
Hardcover
976 pages
October 2002
US $80.00
 Add to Cart
This price is valid for United States. Change location to view local pricing and availability. Other Available Formats: Adobe E-Book
|
Instructors may request an evaluation copy for this title.
|
Acknowledgments
Foreword
Introduction
About the Authors
Chapter 1. Security Management Practices
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 2. Access Control Systems
Rationale
Controls
Identification and Authentication
Some Access Control Issues
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 3. Telecommunications and Network Security
Our Goals
Domain Definition
Management Concepts
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 4. Cryptography
Introduction
Cryptographic Technologies
Secret Key Cryptography (Symmetric Key)
Public (Asymmetric) Key Cryptosystems
Approaches to Escrowed Encryption
Internet Security Applications
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 5. Security Architecture and Models
Security Architecture
Assurance
Information Security Models
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 6. Operations Security
Our Goals
Domain Definition
Controls and Protections
Monitoring and Auditing
Threats and Vulnerabilities
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 7. Applications and Systems Development
The Software Life Cycle
Development Process
The Software Capability Maturity Model (CMM)
Object-Oriented Systems
Artificial Intelligence Systems
Database Systems
Application Controls
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 8. Business Continuity Planning and Disaster Recovery Planning
Our Goals
Domain Definition
Business Continuity Planning
Disaster Recovery Planning
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 9. Law, Investigation, and Ethics
Types of Computer Crime
Law
Investigation
Liability
Ethics
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 10. Physical Security
Our Goals
Domain Definition
Threats to Physical Security
Controls for Physical Security
Sample Questions
Bonus Questions
Advanced Sample Questions
Appendix A: A Process Approach to HIPAA Compliance through a HIPAA-CMM
Background
HIPAA Security Requirements Mappings to PAs
HPAs
Defining and Using the HIPAA-CMM
Conclusion
References
Appendix A: HIPAA-CMM PA Overview
Appendix B: Glossary (SSE-CMM v2.0)
Appendix C: The Ideal Approach to Process Improvement
Appendix D: SSE-CMM MAPPINGS and General Considerations
Appendix B: The NSA InfoSec Assessment Methodology
History of the NIPC
About the ISSO
The InfoSec Assessment Methodology
PDD#63
Appendix C: The Case for Ethical Hacking
Rationale
Roles and Responsibilities
Implementation
Summary
Appendix D: The Common Criteria
Common Criteria: Launching the International Standard
Glossary
For More Information
Appendix E: BS7799
Appendix F: HIPAA Updates
Scope
Title II Administrative Simplification
Conclusion
Appendix G: References for Further Study
Web Sites
Appendix H: Answers to Sample and Bonus Questions
Chapter 1-Security Management Practices
Chapter 2-Access Control Systems and Methodology
Chapter 3-Telecommunications and Network Security
Chapter 4-Cryptography
Chapter 5-Security Architecture and Models
Chapter 6-Operations Security
Chapter 7-Applications and Systems Development
Chapter 8-Business Continuity Planning-Disaster Recovery Planning
Chapter 9-Law, Investigation, and Ethics
Chapter 10-Physical Security
Appendix I: Answers to Advanced Sample Questions
Chapter 1-Security Management Practices
Chapter 2-Access Control Systems and Methodology
Chapter 3-Telecommunications and Network Security
Chapter 4-Cryptography
Chapter 5-Security Architecture and Models
Chapter 6-Operations Security
Chapter 7-Applications and Systems Development
Chapter 8-Business Continuity Planning-Disaster Recovery Planning
Chapter 9-Law, Investigation, and Ethics
Chapter 10-Physical Security
Notes
Appendix J: What's on the CD-ROM
Glossary of Terms and Acronyms
Index.
Foreword
Introduction
About the Authors
Chapter 1. Security Management Practices
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 2. Access Control Systems
Rationale
Controls
Identification and Authentication
Some Access Control Issues
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 3. Telecommunications and Network Security
Our Goals
Domain Definition
Management Concepts
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 4. Cryptography
Introduction
Cryptographic Technologies
Secret Key Cryptography (Symmetric Key)
Public (Asymmetric) Key Cryptosystems
Approaches to Escrowed Encryption
Internet Security Applications
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 5. Security Architecture and Models
Security Architecture
Assurance
Information Security Models
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 6. Operations Security
Our Goals
Domain Definition
Controls and Protections
Monitoring and Auditing
Threats and Vulnerabilities
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 7. Applications and Systems Development
The Software Life Cycle
Development Process
The Software Capability Maturity Model (CMM)
Object-Oriented Systems
Artificial Intelligence Systems
Database Systems
Application Controls
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 8. Business Continuity Planning and Disaster Recovery Planning
Our Goals
Domain Definition
Business Continuity Planning
Disaster Recovery Planning
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 9. Law, Investigation, and Ethics
Types of Computer Crime
Law
Investigation
Liability
Ethics
Sample Questions
Bonus Questions
Advanced Sample Questions
Chapter 10. Physical Security
Our Goals
Domain Definition
Threats to Physical Security
Controls for Physical Security
Sample Questions
Bonus Questions
Advanced Sample Questions
Appendix A: A Process Approach to HIPAA Compliance through a HIPAA-CMM
Background
HIPAA Security Requirements Mappings to PAs
HPAs
Defining and Using the HIPAA-CMM
Conclusion
References
Appendix A: HIPAA-CMM PA Overview
Appendix B: Glossary (SSE-CMM v2.0)
Appendix C: The Ideal Approach to Process Improvement
Appendix D: SSE-CMM MAPPINGS and General Considerations
Appendix B: The NSA InfoSec Assessment Methodology
History of the NIPC
About the ISSO
The InfoSec Assessment Methodology
PDD#63
Appendix C: The Case for Ethical Hacking
Rationale
Roles and Responsibilities
Implementation
Summary
Appendix D: The Common Criteria
Common Criteria: Launching the International Standard
Glossary
For More Information
Appendix E: BS7799
Appendix F: HIPAA Updates
Scope
Title II Administrative Simplification
Conclusion
Appendix G: References for Further Study
Web Sites
Appendix H: Answers to Sample and Bonus Questions
Chapter 1-Security Management Practices
Chapter 2-Access Control Systems and Methodology
Chapter 3-Telecommunications and Network Security
Chapter 4-Cryptography
Chapter 5-Security Architecture and Models
Chapter 6-Operations Security
Chapter 7-Applications and Systems Development
Chapter 8-Business Continuity Planning-Disaster Recovery Planning
Chapter 9-Law, Investigation, and Ethics
Chapter 10-Physical Security
Appendix I: Answers to Advanced Sample Questions
Chapter 1-Security Management Practices
Chapter 2-Access Control Systems and Methodology
Chapter 3-Telecommunications and Network Security
Chapter 4-Cryptography
Chapter 5-Security Architecture and Models
Chapter 6-Operations Security
Chapter 7-Applications and Systems Development
Chapter 8-Business Continuity Planning-Disaster Recovery Planning
Chapter 9-Law, Investigation, and Ethics
Chapter 10-Physical Security
Notes
Appendix J: What's on the CD-ROM
Glossary of Terms and Acronyms
Index.
