CISSP (E-Book) von James Michael Stewart

Assessment Test xliv

Chapter 1 Access Control 1

Chapter 2 Access Control Attacks and Monitoring 47

Chapter 3 Secure Network Architecture and Securing Network Components 87

Chapter 4 Secure Communications and Network Attacks 151

Chapter 5 Security Governance Concepts, Principles, and Policies 205

Chapter 6 Risk and Personnel Management 239

Chapter 7 Software Development Security 275

Chapter 8 Malicious Code and Application Attacks 327

Chapter 9 Cryptography and Symmetric Key Algorithms 361

Chapter 10 PKI and Cryptographic Applications 403

Chapter 11 Principles of Security Models, Design, and Capabilities 437

Chapter 12 Security Architecture Vulnerabilities, Threats, and Countermeasures 477

Chapter 13 Security Operations 531

Chapter 14 Incident Management 571

Chapter 15 Business Continuity Planning 617

Chapter 16 Disaster Recovery Planning 643

Chapter 17 Laws, Regulations, and Compliance 681

Chapter 18 Incidents and Ethics 713

Chapter 19 Physical Security Requirements 745

Appendix A Answers to Review Questions 781

Appendix B Answers to Written Labs 815

Appendix C About the Additional Study Tools 829

Index 833

Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. This highly respected guide is updated to cover changes made to the CISSP Body of Knowledge in 2012. It also provides additional advice on how to pass each section of the exam. With expanded coverage of key areas, it also includes a full-length, 250-question practice exam.

• Fully updated for the 2012 CISSP Body of Knowledge, the industry-leading standard for IT professionals
  
• Thoroughly covers exam topics, including access control, application development security, business continuity and disaster recovery planning, cryptography, operations security, and physical (environmental) security
  
• Examines information security governance and risk management, legal regulations, investigations and compliance, and telecommunications and network security
  
• Features expanded coverage of biometrics, auditing and accountability, software security testing, and many more key topics

CISSP: Certified Information Systems Security Professional Study Guide, 6th Editionprepares you with both the knowledge and the confidence to pass the CISSP exam.

James M. Stewart,CISSP, is a security expert, technical trainer, and author of numerous publications, books, and courseware.Mike Chapple,PhD, CISSP, is an IT security professional at the University of Notre Dame. He was formerly CIO of Brand Institute.Darril Gibson,Security+, CISSP, ITIL v3, is the CEO of Security Consulting and Training, LLC.