Atjaunināt sīkdatņu piekrišanu

CCISO Certified Chief Information Security Officer All-in-One Exam Guide [Mīkstie vāki]

4.17/5 (19 ratings by Goodreads)
,
  • Formāts: Paperback / softback, 400 pages, height x width x depth: 231x185x23 mm, weight: 690 g, 100 Illustrations
  • Izdošanas datums: 06-Jan-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260463923
  • ISBN-13: 9781260463927
Citas grāmatas par šo tēmu:
  • Mīkstie vāki
  • Cena: 88,67 €
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Daudzums:
  • Ielikt grozā
  • Piegādes laiks - 4-6 nedēļas
  • Pievienot vēlmju sarakstam
CCISO Certified Chief Information Security Officer All-in-One Exam GuidePalielināt
  • Formāts: Paperback / softback, 400 pages, height x width x depth: 231x185x23 mm, weight: 690 g, 100 Illustrations
  • Izdošanas datums: 06-Jan-2021
  • Izdevniecība: McGraw-Hill Education
  • ISBN-10: 1260463923
  • ISBN-13: 9781260463927
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781260463927.html
Keywords:
Take the challenging CCISO exam with confidence using the comprehensive information contained in this effective study guide.

CCISO Certified Chief Information Security Officer All-in-One Exam Guide provides 100% coverage of all five CCISO domains. For each domain, the information presented includes clear explanations, examples, background information, and technical information explaining the core concepts. The book also contains stories, advice, and experiences from CISOs that help describe the challenges of the CISO in the real world. Written by information security engineers with over 50 years of combined experience helping organizations manage their risk by protecting their assets from cyber threats.

CCISO Certified Chief Information Security Officer All-in-One Exam Guide covers all CCISO domains, including:

          Governance and Risk Management           Information Security Controls, Compliance, and Audit Management           Security Program Management and Operations           Information Security Core Competencies           Strategic Planning, Finance, Procurement and Vendor Management

 Online content includes:







300 practice questions in the customizable Total Tester exam engine
Acknowledgments xv
Introduction xvii
Chapter 1 Governance and Risk Management
1(70)
Governance
2(7)
Information Security Governance
4(5)
Information Security Management Structure
9(3)
Sizing
9(1)
Management Structure
10(2)
Principles of Information Security
12(4)
The CIA Triad
12(1)
Security Vulnerabilities, Threats, Risks, and Exposures
13(1)
Cyberattack Elements
14(1)
Defense-In-Depth
15(1)
Risk Management
16(10)
Risk Management Program
17(8)
Best Practice Frameworks for Risk Management
25(1)
Management and Technical Information Security Elements
26(8)
Security Program Plan
26(2)
Security Policies, Standards, and Guidelines
28(1)
Asset Security
29(1)
Identity and Access Management
30(1)
Security Engineering
30(1)
Physical Security
31(1)
Security Operations
31(2)
Software Development Security
33(1)
Security Assessments and Testing
33(1)
Security Training and Awareness
33(1)
Business Continuity and Disaster Recovery
34(1)
Compliance
34(5)
Compliance Team
36(1)
Compliance Management
36(3)
Privacy
39(1)
Privacy Impact Assessment
40(1)
Privacy and Security
40(1)
Laws and Regulatory Drivers
40(10)
Federal Information Security Modernization Act
41(1)
Defense Federal Acquisition Regulation Supplement 252.204-7012
42(1)
Clinger-Cohen Act
43(1)
Payment Card Industry Data Security Standard
43(1)
Privacy Act of 1974
44(1)
Gramm-Leach-Bliley Act
45(1)
Health Insurance Portability and Accountability Act
46(1)
Family Educational Rights and Privacy Act
47(1)
Sarbanes-Oxley Act
47(1)
General Data Protection Regulation
48(1)
North American Electric Reliability Corporation Critical Infrastructure Protection
49(1)
Summary of Laws and Regulatory Drivers
50(1)
Standards and Frameworks
50(8)
ISO/IEC 27000 Series
51(1)
ISO/IEC 27001
52(1)
NIST Cybersecurity Framework
53(1)
Federal Information Processing Standards
54(1)
NIST Special Publications
55(1)
Privacy Shield
56(1)
Cobit
57(1)
Information Security Trends and Best Practices
58(1)
Open Web Application Security Project
58(1)
Cloud Security Alliance
58(1)
Center for Internet Security
58(1)
Information Security Training and Certifications
59(4)
International Information System Security Certification Consortium
59(1)
ISACA
59(1)
International Council of E-Commerce Consultants
60(1)
SANS Institute
60(2)
Computing Technology Industry Association
62(1)
International Association of Privacy Professionals
62(1)
Offensive Security
62(1)
Ethics
63(1)
Chapter Review
64(7)
Quick Review
65(2)
Questions
67(2)
Answers
69(2)
Chapter 2 Information Security Controls, Compliance, and Audit Management
71(50)
Information Security Controls
72(4)
Control Fundamentals
72(3)
Control Frameworks
75(1)
Information Security Control Life Cycle Frameworks
76(2)
NIST Risk Management Framework
76(1)
NIST Cybersecurity Framework
77(1)
ISO/IEC 27000
77(1)
Information Security Control Life Cycle
78(8)
Setp 1 Risk Assessment
78(2)
Setp 2 Design
80(1)
Setp 3 Implementation
81(1)
Setp 4 Assessment
82(2)
Setp 5 Monitoring
84(2)
Exploring Information Security Control Frameworks
86(10)
NIST SP 800-53
87(1)
NIST Cybersecurity Framework
88(2)
ISO/IEC 27002
90(2)
CIS Critical Security Controls
92(2)
CSA Cloud Controls Matrix
94(2)
Auditing for the CISO
96(18)
Audit Management
96(4)
Audit Process
100(8)
Control Self-Assessments
108(2)
Continuous Auditing
110(1)
Specific Types of Audits and Assessments
111(3)
Chapter Review
114(7)
Quick Review
114(3)
Questions
117(2)
Answers
119(2)
Chapter 3 Security Program Management and Operations
121(42)
Security Program Management
121(11)
Security Areas of Focus
122(3)
Security Streams of Work
125(4)
Asset Security Management
129(2)
Security Projects
131(1)
Security Program Budgets, Finance, and Cost Control
132(7)
Establishing the Budget
133(3)
Managing and Monitoring Spending
136(1)
Security Program Resource Management: Building the Security Team
136(3)
Project Management
139(3)
Project Management Fundamentals
139(1)
Project Management Training and Certifications
140(2)
Phases of Project Management
142(15)
Initiating
143(2)
Planning
145(8)
Executing
153(1)
Monitoring and Controlling
154(2)
Closing
156(1)
Chapter Review
157(6)
Quick Review
158(1)
Questions
159(2)
Answers
161(2)
Chapter 4 Information Security Core Competencies
163(134)
Malicious Software and Attacks
164(8)
Malware
164(6)
Scripting and Vulnerability-Specific Attacks
170(2)
Social Engineering
172(7)
Types of Social Engineering Attacks
172(2)
Why Employees Are Susceptible to Social Engineering
174(1)
Social Engineering Defenses
174(5)
Asset Security
179(7)
Asset Inventory and Configuration Management
180(1)
Secure Configuration Baselines
180(1)
Vulnerability Management
181(1)
Asset Security Techniques
182(4)
Data Security
186(6)
Data at Rest
187(1)
Data in Transit
187(1)
Data in Use
187(1)
Data Life Cycle
187(5)
Identity and Access Management
192(7)
Identity and Access Management Fundamentals
193(1)
Identity Management Technologies
194(1)
Authentication Factors and Mechanisms
195(1)
Access Control Principles
195(1)
Access Control Models
196(1)
Access Control Administration
197(1)
Identity and Access Management Life Cycle
198(1)
Communication and Network Security
199(17)
WANs and LANs
199(5)
IP Addressing
204(1)
Network Address Translation
205(1)
Network Protocols and Communications
206(5)
Wireless
211(1)
Network Technologies and Defenses
212(4)
Cryptography
216(13)
Cryptographic Definitions
217(1)
Cryptographic Services
218(1)
Symmetric, Asymmetric, and Hybrid Cryptosystems
218(5)
Hash Algorithms
223(2)
Message Authentication Codes
225(1)
Digital Signatures
226(1)
Public Key Infrastructure
227(2)
Cloud Security
229(3)
Cloud Computing Characteristics
229(1)
Cloud Deployment Models
230(1)
Cloud Service Models
230(1)
Cloud Security Risks and Assurance Levels
231(1)
Cloud Security Resources
232(1)
Physical Security
232(11)
Physical Security Threats
233(1)
Physical Security Program Planning
234(1)
Physical Security Resources
234(1)
Physical Security Controls
235(5)
Physical Security Auditing and Measurement
240(1)
Personnel Security
241(2)
Software Development Security
243(12)
Integrating Security into the SDLC
245(1)
Security SDLC Roles and Responsibilities
246(1)
Software Vulnerabilities
247(5)
Secure Coding Practices
252(1)
Software Vulnerability Analysis and Assessments
253(2)
Forensics, Incident Handling, and Investigations
255(10)
Relevant Law
255(2)
Logging and Monitoring
257(2)
Incident Response and Investigations
259(4)
Forensics and Digital Evidence
263(2)
Security Assessment and Testing
265(7)
Vulnerability Assessments
267(3)
Penetration Testing
270(1)
Regulatory Compliance Assessments
271(1)
Security Program Assessments
272(1)
Business Continuity and Disaster Recovery
272(16)
Continuity Planning Initiation
274(1)
Business Impact Analysis
275(4)
Identify Preventive Controls
279(1)
Develop Recovery Strategies and Solutions
279(5)
Develop the Plan
284(1)
Test the Plan
285(2)
Maintain the Plan
287(1)
Chapter Review
288(9)
Quick Review
289(2)
Questions
291(3)
Answers
294(3)
Chapter 5 Strategic Planning, Finance, Procurement, and Vendor Management
297(44)
Strategic Planning
297(10)
Organizational Strategic Planning
298(5)
Organizational Strategic Planning Teams
303(2)
Strategic Planning Process
305(1)
Security Strategic Plan Example
305(2)
Making Security Decisions
307(7)
Enterprise Architecture
308(6)
Financial Management
314(12)
Accounting and Finance Basics
314(9)
Information Security Annual Budget
323(3)
Procurement and Vendor Management
326(12)
Procurement Core Principles and Processes
326(5)
Types of Contracts
331(1)
Scope Agreements
332(1)
Third-Party Vendor Risk Management
333(5)
Chapter Review
338(1)
Quick Review
338(3)
Questions
339(1)
Answers
340(1)
Appendix About the Online Content
341(4)
System Requirements
341(1)
Your Total Seminars Training Hub Account
341(1)
Privacy Notice
341(1)
Single User License Terms and Conditions
341(2)
Total Tester Online
343(1)
Technical Support
343(2)
Glossary 345(12)
Index 357