The lowest-priced, brand-new, unused, unopened, undamaged item in its original packaging (where packaging is applicable).Packaging should be the same as what is found in a retail store, unless the item is handmade or was packaged by the manufacturer in non-retail packaging, such as an unprinted box or plastic bag.See details for additional description.
206 black & white illustrations, 81 black & white tables
Unsewn / adhesive bound
4th Revised edition
Table Of Contents
Domain 1 - Security & Risk Management Security & Risk Management Confidentiality, Integrity, and Availability Security Governance The Complete and Effective Security Program Compliance Global Legal and Regulatory Issues Understand Professional Ethics Develop and Implement Security Policy Business Continuity (BC) & Disaster Recovery (DR) Requirements Manage Personnel Security Risk Management Concepts Threat Modeling Acquisitions Strategy and Practice Security Education, Training, and Awareness Domain 2 - Asset Security Asset Security Data Management: Determine and Maintain Ownership Data Standards Longevity and Use Classify Information and Supporting Assets Asset Management Protect Privacy Ensure Appropriate Retention Determine Data Security Controls Standards Selection Domain 3 - Security Engineering Security Engineering The Engineering Lifecycle Using Security Design Principles Fundamental Concepts of Security Models Information Systems Security Evaluation Models Security Capabilities of Information Systems Vulnerabilities of Security Architectures Database Security Software and System Vulnerabilities and Threats Vulnerabilities in Mobile Systems Vulnerabilities in Embedded Devices and Cyber-Physical Systems The Application and Use of Cryptography Site and Facility Design Considerations Site Planning Implementation and Operation of Facilities Security Domain 4 - Communications & Network Security Communications & Network Security Secure Network Architecture and Design Implications of Multi-Layer Protocols Converged Protocols Securing Network Components Secure Communication Channels Network Attacks Domain 5 - Identity & Access Management Identity & Access Management Physical and Logical Access to Assets Identification and Authentication of People and Devices Identity Management Implementation Identity as a Service (IDaaS) Integrate Third-Party Identity Services Implement and Manage Authorization Mechanisms Prevent or Mitigate Access Control Attacks Identity and Access Provisioning Lifecycle Domain 6 - Security Assessment & Testing Security Assessment & Testing Assessment and Test Strategies Collect Security Process Data Internal and Third-Party Audits Domain 7 - Security Operations Security Operations Investigations Provisioning of Resources through Configuration Management Resource Protection Incident Response Preventative Measures against Attacks Patch and Vulnerability Management Change and Configuration Management The Disaster Recovery Process Test Plan Review Business Continuity and Other Risk Areas Access Control Personnel Safety Domain 8 - Security in the Software Development Life Cycle Security in the Software Development Life Cycle Software Development Security Outline Environment and Security Controls Security of the Software Environment Software Protection Mechanisms Assess the Effectiveness of Software Security Assess Software Acquisition Security