Atnaujinkite slapukų nuostatas

CISSP Exam Cram with MyITCertificationlab Bundle 2nd edition [Multiple-component retail product]

  • Formatas: Multiple-component retail product, 624 pages, aukštis x plotis x storis: 151x228x36 mm, weight: 885 g, Contains 1 Paperback / softback and 1 CD-ROM
  • Išleidimo metai: 04-Feb-2010
  • Leidėjas: Pearson IT Certification
  • ISBN-10: 0789744791
  • ISBN-13: 9780789744791
Kitos knygos pagal šią temą:
CISSP Exam Cram with MyITCertificationlab Bundle 2nd editionDidesnis paveikslėlis
  • Formatas: Multiple-component retail product, 624 pages, aukštis x plotis x storis: 151x228x36 mm, weight: 885 g, Contains 1 Paperback / softback and 1 CD-ROM
  • Išleidimo metai: 04-Feb-2010
  • Leidėjas: Pearson IT Certification
  • ISBN-10: 0789744791
  • ISBN-13: 9780789744791
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9780789744791.html
This is a complete package for a course in preparation for the CISSP exam. It consists of the print book CISSP Exam Cram, ISBN 9780789738066, bundled with an access code for the online tool myITcertificationlabs for CISSP. This follows the very successful MyLab format used by many disciplines by Pearson Higher Ed. It provides students with the most robust online study environment available, and provides instructors with unparalleled assessment tools.

 





Contains CISSP Exam Cram, 9780789738066, and myITcertificationlabs for the CISSP exam Uses the MyLab format known by many professors and students, with a proven track record of success The simulation perfectly complements the complete reference material contained in the printed text myITcertificationlabs should be used in an instructor led classroom and are not intended for individual study
Introduction 1(14)
The CISSP Certification Exam
15(8)
Introduction
16(1)
Assessing Exam Readiness
16(1)
Taking the Exam
17(2)
Multiple-Choice Question Format
19(1)
Exam Strategy
19(2)
Question-Handling Strategies
21(1)
Mastering the Inner Game
21(1)
Need to Know More?
22(1)
Physical Security
23(40)
Introduction
24(1)
Physical Security Risks
24(4)
Natural Disasters
25(1)
Man-Made Threats
26(1)
Technical Problems
27(1)
Facility Concerns and Requirements
28(6)
CPTED
28(1)
Area Concerns
29(1)
Location
30(1)
Construction
30(1)
Doors, Walls, Windows, and Ceilings
31(3)
Asset Placement
34(1)
Perimeter Controls
34(10)
Fences
34(2)
Gates
36(1)
Bollards
37(1)
CCTV Cameras
38(1)
Lighting
39(1)
Guards and Dogs
40(1)
Locks
41(3)
Employee Access Control
44(3)
Badges, Tokens, and Cards
44(2)
Biometric Access Controls
46(1)
Environmental Controls
47(2)
Heating, Ventilating, and Air Conditioning
48(1)
Electrical Power
49(1)
Uninterruptible Power Supply
50(1)
Equipment Life Cycle
50(1)
Fire Prevention, Detection, and Suppression
51(4)
Fire-Detection Equipment
52(1)
Fire Suppression
52(3)
Alarm Systems
55(3)
Intrusion Detection Systems
55(1)
Monitoring and Detection
56(2)
Exam Prep Questions
58(2)
Answers to Exam Prep Questions
60(1)
Suggested Reading and Resources
61(2)
Access Control Systems and Methodology
63(54)
Introduction
64(1)
Identification, Authentication, and Authorization
65(13)
Authentication
65(13)
Single Sign-On
78(3)
Kerberos
78(3)
SESAME
81(1)
Authorization and Access Controls Techniques
81(5)
Discretionary Access Control
81(1)
Mandatory Access Control
82(2)
Role-Based Access Control
84(1)
Other Types of Access Controls
85(1)
Access Control Methods
86(4)
Centralized Access Control
86(3)
Decentralized Access Control
89(1)
Access Control Types
90(3)
Administrative Controls
90(1)
Technical Controls
91(1)
Physical Controls
91(1)
Access Control Categories
92(1)
Audit and Monitoring
93(8)
Monitoring Access and Usage
93(1)
Intrusion Detection Systems
94(4)
Intrusion Prevention Systems
98(1)
Network Access Control
98(1)
Keystroke Monitoring
99(1)
Emanation Security
100(1)
Access Control Attacks
101(10)
Password Attacks
101(4)
Spoofing
105(1)
Sniffing
105(1)
Eavesdropping and Shoulder Surfing
105(1)
Wiretapping
106(1)
Identity Theft
106(1)
Denial of Service Attacks
107(2)
Distributed Denial of Service Attacks
109(1)
Botnets
109(2)
Exam Prep Questions
111(2)
Answers to Exam Prep Questions
113(2)
Suggesting Reading and Resources
115(2)
Cryptography
117(54)
Introduction
118(1)
Cryptographic Basics
118(3)
History of Encryption
121(5)
Steganography
126(2)
Steganography Operation
127(1)
Digital Watermark
128(1)
Algorithms
128(2)
Cipher Types and Methods
130(1)
Symmetric Encryption
131(8)
Data Encryption Standard
133(3)
Triple-DES
136(2)
Advanced Encryption Standard
138(1)
International Data Encryption Algorithm
138(1)
Rivest Cipher Algorithms
139(1)
Asymmetric Encryption
139(6)
Diffie-Hellman
141(1)
RSA
142(1)
El Gamal
143(1)
Elliptical Curve Cryptosystem
144(1)
Merkle-Hellman Knapsack
144(1)
Review of Symmetric and Asymmetric Cryptographic Systems
145(1)
Hybrid Encryption
145(1)
Integrity and Authentication
146(5)
Hashing and Message Digests
147(3)
Digital Signatures
150(1)
Cryptographic System Review
151(1)
Public Key Infrastructure
151(5)
Certificate Authority
152(1)
Registration Authority
152(1)
Certificate Revocation List
153(1)
Digital Certificates
153(2)
The Client's Role in PKI
155(1)
Email Protection Mechanisms
156(1)
Pretty Good Privacy
156(1)
Other Email Security Applications
157(1)
Securing TCP/IP with Cryptographic Solutions
157(6)
Application/Process Layer Controls
158(1)
Host to Host Layer Controls
159(1)
Internet Layer Controls
160(1)
Network Access Layer Controls
161(1)
Link and End to End Encryption
162(1)
Cryptographic Attacks
163(3)
Exam Prep Questions
166(2)
Answers to Exam Prep Questions
168(2)
Need to Know More?
170(1)
Security Architecture and Models
171(42)
Introduction
172(1)
Computer System Architecture
172(8)
Central Processing Unit
172(3)
Storage Media
175(3)
I/O Bus Standards
178(1)
Virtual Memory and Virtual Machines
178(1)
Computer Configurations
179(1)
Security Architecture
180(8)
Protection Rings
180(2)
Trusted Computer Base
182(3)
Open and Closed Systems
185(1)
Security Modes of Operation
185(1)
Operating States
186(1)
Recovery Procedures
187(1)
Process Isolation
188(1)
Security Models of Control
188(7)
State Machine Model
189(1)
Confidentiality
190(1)
Integrity
191(3)
Other Models
194(1)
Documents and Guidelines
195(5)
The Rainbow Series
195(2)
The Red Book: Trusted Network Interpretation
197(1)
Information Technology Security Evaluation Criteria
198(1)
Common Criteria
199(1)
British Standard 7799
200(1)
System Validation
200(4)
Certification and Accreditation
201(1)
Governance and Enterprise Architecture
202(2)
Security Architecture Threats
204(3)
Buffer Overflow
204(1)
Back Doors
205(1)
Asynchronous Attacks
205(1)
Covert Channels
205(1)
Incremental Attacks
206(1)
Exam Prep Questions
207(2)
Answers to Exam Prep Questions
209(2)
Need to Know More?
211(2)
Telecommunications and Network Security
213(66)
Introduction
214(1)
Network Models and Standards
214(8)
OSI Model
215(6)
Encapsulation/De-encapsulation
221(1)
TCP/IP
222(10)
Network Access Layer
222(1)
Internet Layer
223(3)
Host-to-Host (Transport) Layer
226(3)
Application Layer
229(3)
LANs and Their Components
232(7)
LAN Communication Protocols
233(1)
Network Topologies
233(3)
LAN Cabling
236(2)
Network Types
238(1)
Communication Standards
239(1)
Network Equipment
240(4)
Repeaters
240(1)
Hubs
240(1)
Bridges
240(1)
Switches
241(1)
Routers
242(1)
Brouters
243(1)
Gateways
243(1)
Routing
244(2)
WANs and Their Components
246(5)
Packet Switching
246(2)
Circuit Switching
248(3)
Voice Communications and Wireless Communications
251(10)
Voice over IP
251(1)
Cell Phones
252(1)
802.11 Wireless Networks and Standards
253(8)
Network Security
261(4)
Firewalls
261(2)
Demilitarized Zone
263(1)
Firewall Design
264(1)
Remote Access
265(3)
Point-to-Point Protocol
265(1)
Virtual Private Networks
266(1)
Remote Authentication Dial-in User Service
267(1)
Terminal Access Controller Access Control System
267(1)
IPSec
268(1)
Message Privacy
268(1)
Threats to Network Security
269(5)
DoS Attacks
269(1)
Disclosure Attacks
270(1)
Destruction, Alteration, or Theft
271(3)
Exam Prep Questions
274(3)
Answers to Exam Prep Questions
277(1)
Need to Know More?
278(1)
Business Continuity and Disaster Recovery Planning
279(40)
Introduction
280(1)
Threats to Business Operations
280(1)
Disaster Recovery and Business Continuity Management
281(29)
Project Management and Initiation
283(2)
Business Impact Analysis
285(5)
Recovery Strategy
290(13)
Plan Design and Development
303(3)
Implementation
306(1)
Testing
307(2)
Monitoring and Maintenance
309(1)
Disaster Life Cycle
310(4)
Teams and Responsibilities
312(2)
Exam Prep Questions
314(2)
Answers to Exam Prep Questions
316(2)
Need to Know More?
318(1)
Legal, Regulations, Compliance, and Investigations
319(46)
Introduction
320(1)
United States Legal System and Laws
320(1)
International Legal Systems and Laws
321(2)
International Property Laws
323(2)
Piracy and Issues with Copyrights
323(2)
Privacy Laws and Protection of Personal Information
325(3)
Privacy Impact Assessment
327(1)
Computer Crime Laws
328(1)
Ethics
328(4)
ISC2 Code of Ethics
329(1)
Computer Ethics Institute
330(1)
Internet Architecture Board
331(1)
NIST 800-14
332(1)
Computer Crime and Criminals
332(3)
Pornography
335(1)
Well-Known Computer Crimes
335(1)
How Computer Crime Has Changed
336(2)
Attack Vectors
338(4)
Keystroke Logging
338(1)
Wiretapping
339(1)
Spoofing Attacks
339(1)
Manipulation Attacks
340(1)
Social Engineering
341(1)
Dumpster Diving
341(1)
Investigating Computer Crime
342(5)
Computer Crime Jurisdiction
343(1)
Incident Response
343(4)
Forensics
347(7)
Standardization of Forensic Procedures
349(1)
Computer Forensics
349(5)
Investigations
354(3)
Search, Seizure, and Surveillance
354(1)
Interviews and Interrogations
355(1)
Honeypots and Honeynets
355(1)
Evidence Types
356(1)
Trial
357(2)
The Evidence Life Cycle
358(1)
Exam Prep Questions
359(3)
Answers to Exam Prep Questions
362(2)
Need to Know More?
364(1)
Applications and Systems-Development Security
365(40)
Introduction
366(1)
System Development
366(10)
Avoiding System Failure
367(2)
The System Development Life Cycle
369(7)
System Development Methods
376(4)
The Waterfall Model
376(1)
The Spiral Model
376(1)
Joint Application Development
377(1)
Rapid Application Development
377(1)
Incremental Development
377(1)
Prototyping
378(1)
Computer-Aided Software Engineering
378(1)
Agile Development Methods
378(1)
Capability Maturity Model
379(1)
Scheduling
380(1)
Change Management
380(2)
Programming Languages
382(3)
Object-Oriented Programming
384(1)
CORBA
385(1)
Database Management
385(6)
Database Terms
386(2)
Integrity
388(1)
Transaction Processing
388(1)
Data Warehousing
388(1)
Data Mining
389(1)
Knowledge Management
390(1)
Artificial Intelligence and Expert Systems
390(1)
Malicious Code
391(9)
Viruses
391(2)
Worms
393(1)
Spyware
394(1)
Back Doors and Trapdoors
394(1)
Change Detection
395(1)
Malformed Input (SQL Injection)
395(1)
Mobile Code
396(1)
Financial Attacks
396(1)
Buffer Overflow
397(1)
Denial of Service
398(1)
Distributed Denial of Service
399(1)
Exam Prep Questions
400(2)
Answers to Exam Prep Questions
402(2)
Need to Know More?
404(1)
Information Security and Risk Management Practices
405(44)
Introduction
406(1)
Basic Security Principles
406(2)
Security Management and Governance
408(2)
Asset Identification
410(1)
Risk Assessment
411(16)
Risk Management
412(15)
Policies Development
427(7)
Security Policy
428(2)
Standards
430(1)
Baselines
430(1)
Guidelines
431(1)
Procedures
431(1)
Data Classification
431(3)
Implementation
434(4)
Roles and Responsibility
434(2)
Security Controls
436(2)
Training and Education
438(3)
Security Awareness
439(1)
Social Engineering
440(1)
Auditing Your Security Infrastructure
441(1)
The Risk of Poor Security Management
442(1)
Exam Prep Questions
443(2)
Answers to Exam Prep Questions
445(2)
Need to Know More?
447(2)
Operations Security
449(52)
Introduction
450(1)
Operational Security
450(4)
Employee Recruitment
451(1)
New-Hire Orientation
452(1)
Separation of Duties
452(1)
Job Rotation
452(1)
Least Privilege
453(1)
Mandatory Vacations
453(1)
Termination
454(1)
Accountability
454(2)
Controls
456(9)
Security Controls
456(2)
Operational Controls
458(7)
Auditing and Monitoring
465(7)
Auditing
466(1)
Monitoring Controls
467(1)
Clipping Levels
468(1)
Intrusion Detection
469(1)
Keystroke Monitoring
470(1)
Antivirus
470(1)
Facility Access Control
471(1)
Telecommunication Controls
472(4)
Fax
472(1)
PBX
473(1)
Email
474(2)
Backup, Fault Tolerance, and Recovery Controls
476(7)
Backups
477(1)
Fault Tolerance
478(2)
RAID
480(2)
Recovery Controls
482(1)
Security Assessments
483(6)
Policy Reviews
484(1)
Vulnerability Scanning
484(1)
Penetration Testing
485(4)
Operational Security Threats and Vulnerabilities
489(5)
Common Attack Methodologies
490(2)
Attack Terms and Techniques
492(2)
Exam Prep Questions
494(3)
Answers to Exam Prep Questions
497(2)
Need to Know More?
499(2)
Practice Exam I
501(14)
Answers to Practice Exam I
515(16)
Practice Exam II
531(14)
Answers to Practice Exam II
545(14)
What's on the CD 559(4)
Index 563
Michael Gregg is the president of Superior Solutions, Inc., a Houston based training and consulting firm. Shon Harris is the foremost expert and author on IT security certification.