About this product

Product Information

The urgency for a global standard of excellence for those who protect the networked world has never been greater. (ISC)2 created the information security industry's first and only CBK(R), a global compendium of information security topics. Continually updated to incorporate rapidly changing technologies and threats, the CBK continues to serve as the basis for (ISC)2's education and certification programs. Unique and exceptionally thorough, the Official (ISC) 2 (R) Guide to the CISSP (R) CBK (R) provides a better understanding of the CISSP CBK -- a collection of topics relevant to information security professionals around the world. Although the book still contains the ten domains of the CISSP, some of the domain titles have been revised to reflect evolving terminology and changing emphasis in the security professional's day-to-day environment. The ten domains include information security and risk management, access control, cryptography, physical (environmental) security, security architecture and design, business continuity (BCP) and disaster recovery planning (DRP), telecommunications and network security, application security, operations security, legal, regulations, and compliance and investigations. Endorsed by the (ISC)2, this valuable resource follows the newly revised CISSP CBK, providing reliable, current, and thorough information. Moreover, the Official (ISC) 2 (R) Guide to the CISSP (R) CBK (R) helps information security professionals gain awareness of the requirements of their profession and acquire knowledge validated by the CISSP certification. The book is packaged with a CD that is an invaluable tool for those seeking certification. It includes sample exams that simulate the actual exam, providing the same number and types of questions with the same allotment of time allowed. It even grades the exam, provides correct answers, and identifies areas where more study is needed.

Product Identifiers

PublisherAuerbach Publishers, Incorporated

ISBN-100849382319

ISBN-139780849382314

eBay Product ID (ePID)52874343

Product Key Features

Number of Pages1112 Pages

LanguageEnglish

Publication NameOfficial (Isc) 2 Guide to the Cissp Cbk

Publication Year2006

SubjectSecurity / General, Certification Guides / General, Commerce, Information Technology

TypeTextbook

Subject AreaComputers, Business & Economics

AuthorSteven Hernandez

Series(Isc) 2 Press Ser.

FormatHardcover

Dimensions

Item Height2.2 in

Item Weight60.1 Oz

Item Length9.6 in

Item Width6.5 in

Additional Product Features

Edition Number2

LCCN2006-043032

Dewey Edition22

Target AudienceScholarly & Professional

IllustratedYes

Dewey Decimal004.6

Lc Classification NumberQa76.3.T565 2006

Table of ContentINFORMATION SECURITY AND RISK MANAGEMENT Introduction The Business Case for Information Security Management Core Information Security Principles: Availability, Integrity, Information Security Management Governance Organizational Behavior Security Awareness, Training, and Education Risk Management Ethics Data Classification Policy Data Handling Policy References Other References Sample Questions ACCESS CONTROL Introduction Definitions and Key Concepts Access Control Categories and Types Access Control Threats Access to Systems Access to Data Intrusion Detection and Prevention Systems Access Control Assurance References. Sample Questions CRYPTOGRAPHY Introduction Key Concepts and Definitions Encryption Systems Message Integrity Controls Digital Signatures Encryption Management Cryptanalysis and Attacks Encryption Usage References Sample Questions PHYSICAL (ENVIRONMENTAL) SECURITY Introduction Site Location The Layered Defense Model Information Protection and Management Services Summary References Sample Questions SECURITY ARCHITECTURE AND DESIGN Introduction Security Architecture and Design Components and Principles Security Models and Architecture Theory Security Product Evaluation Methods and Criteria Sample Questions BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Introduction Organization of the BCP/DRP Domain Chapter Terminology Appendix A: Addressing Legislative Compliance within Business Continuity Plans TELECOMMUNICATIONS AND NETWORK SECURITY Introduction Basic Concepts Layer 1: Physical Layer Layer 2: Data-Link Layer Layer 3: Network Layer Layer 4: Transport Layer Layer 5: Session Layer Layer 6: Presentation Layer Layer 7: Application Layer Trivial File Transfer Protocol (TFTP) General References Sample Questions Endnotes APPLICATION SECURITY Domain Description and Introduction Applications Development and Programming Concepts and Protection Audit and Assurance Mechanisms Malicious Software (Malware) The Database and Data Warehousing Environment Web Application Environment Summary References OPERATIONS SECURITY Introduction Privileged Entity Controls Resource Protection Continuity of Operations Change Control Management Summary References Sample Questions LEGAL, REGULATIONS, COMPLIANCE AND INVESTIGATIONS Introduction Major Legal Systems Information Technology Laws and Regulations Incident Response Computer Forensics Conclusions References Sample Questions ANSWERS TO SAMPLE QUESTIONS CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP®) CANDIDATE INFORMATION BULLETIN GLOSSARY INDEX