ISC2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle 4th edition [Mīkstie vāki]

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition

Introduction xxxv

Assessment Test lx

Chapter 1 Security Governance Through Principles and Policies 1

Chapter 2 Personnel Security and Risk Management Concepts 49

Chapter 3 Business Continuity Planning 121

Chapter 4 Laws, Regulations, and Compliance 151

Chapter 5 Protecting Security of Assets 189

Chapter 6 Cryptography and Symmetric Key Algorithms 227

Chapter 7 PKI and Cryptographic Applications 271

Chapter 8 Principles of Security Models, Design, and Capabilities 317

Chapter 9 Security Vulnerabilities, Threats, and Countermeasures 359

Chapter 10 Physical Security Requirements 443

Chapter 11 Secure Network Architecture and Components 491

Chapter 12 Secure Communications and Network Attacks 581

Chapter 13 Managing Identity and Authentication 641

Chapter 14 Controlling and Monitoring Access 681

Chapter 15 Security Assessment and Testing 727

Chapter 16 Managing Security Operations 769

Chapter 17 Preventing and Responding to Incidents 809

Chapter 18 Disaster Recovery Planning 869

Chapter 19 Investigations and Ethics 919

Chapter 20 Software Development Security 951

Chapter 21 Malicious Code and Application Attacks 1005

Appendix A Answers to Review Questions 1055

Appendix B Answers to Written Labs 1115

Index 1133

ISC2 CISSP Certified Information Systems Security Professional Official Practice Tests, 4th Edition

Introduction xiii

Chapter 1 Security and Risk Management (Domain 1) 1

Chapter 2 Asset Security (Domain 2) 25

Chapter 3 Security Architecture and Engineering (Domain 3) 51

Chapter 4 Communication and Network Security (Domain 4) 75

Chapter 5 Identity and Access Management (Domain 5) 99

Chapter 6 Security Assessment and Testing (Domain 6) 123

Chapter 7 Security Operations (Domain 7) 147

Chapter 8 Software Development Security (Domain 8) 171

Chapter 9 Practice Test 1 197

Chapter 10 Practice Test 2 231

Chapter 11 Practice Test 3 257

Chapter 12 Practice Test 4 287

Appendix Answers to Review Questions 315

Index 475

Mike Chapple, Ph.D., CISSP, is Teaching Professor of IT, Analytics, and Operations at the University of Notre Dame. Mike spent 4 years in the information security research group at NSA and served as an intelligence officer in the U.S. Air Force. Mike provides cybersecurity certification resources at his website, CertMike.com.

James Michael Stewart, CISSP, CEH, CHFI, and Security+ has been working with technology for nearly thirty years. His work focuses on security, certification, and various operating systems. Recently, Michael has been teaching job skill and certification courses, such as CISSP, ethical hacking/penetration testing, computer forensics, and Security+. He is the author of numerous publications, books, and courseware.

David Seidl, CySA+, CISSP, PenTest+, is Vice President for Information Technology and CIO at Miami University. David previously co-led Notre Dame's move to the cloud, and has written multiple cybersecurity certification books.

Darril Gibson, CISSP (1958-2022) was the CEO of YCDA, LLC and regularly wrote and consulted on a wide variety of technical and security topics and holds numerous other certifications including MCSE, MCDBA, MCSD, MCITP, ITIL v3, and Security+. He authored or coauthored more than 30 books including multiple prior editions of the CISSP Study Guide. Darril was greatly respected in the cybersecurity, training, and education fields and will be missed.