Atjaunināt sīkdatņu piekrišanu

E-grāmata: (ISC)2 SSCP Systems Security Certified Practitioner Official Study Guide

3.80/5 (12 ratings by Goodreads)
(Embry-Riddle Aeronautical University)
  • Formāts: PDF+DRM
  • Sērija : Sybex Study Guide
  • Izdošanas datums: 07-Jan-2022
  • Izdevniecība: Sybex Inc.,U.S.
  • Valoda: eng
  • ISBN-13: 9781119855002
Citas grāmatas par šo tēmu:
  • Formāts - PDF+DRM
  • Cena: 56,51 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Ielikt grozā
  • Pievienot vēlmju sarakstam
  • Šī e-grāmata paredzēta tikai personīgai lietošanai. E-grāmatas nav iespējams atgriezt un nauda par iegādātajām e-grāmatām netiek atmaksāta.
(ISC)2 SSCP Systems Security Certified Practitioner Official Study GuidePalielināt
  • Formāts: PDF+DRM
  • Sērija : Sybex Study Guide
  • Izdošanas datums: 07-Jan-2022
  • Izdevniecība: Sybex Inc.,U.S.
  • Valoda: eng
  • ISBN-13: 9781119855002
Citas grāmatas par šo tēmu:

DRM restrictions

  • Kopēšana (kopēt/ievietot):

    nav atļauts

  • Drukāšana:

    nav atļauts

  • Lietošana:

    Digitālo tiesību pārvaldība (Digital Rights Management (DRM))
    Izdevējs ir piegādājis šo grāmatu šifrētā veidā, kas nozīmē, ka jums ir jāinstalē bezmaksas programmatūra, lai to atbloķētu un lasītu. Lai lasītu šo e-grāmatu, jums ir jāizveido Adobe ID. Vairāk informācijas šeit. E-grāmatu var lasīt un lejupielādēt līdz 6 ierīcēm (vienam lietotājam ar vienu un to pašu Adobe ID).

    Nepieciešamā programmatūra
    Lai lasītu šo e-grāmatu mobilajā ierīcē (tālrunī vai planšetdatorā), jums būs jāinstalē šī bezmaksas lietotne: PocketBook Reader (iOS / Android)

    Lai lejupielādētu un lasītu šo e-grāmatu datorā vai Mac datorā, jums ir nepieciešamid Adobe Digital Editions (šī ir bezmaksas lietotne, kas īpaši izstrādāta e-grāmatām. Tā nav tas pats, kas Adobe Reader, kas, iespējams, jau ir jūsu datorā.)

    Jūs nevarat lasīt šo e-grāmatu, izmantojot Amazon Kindle.

The only SSCP study guide officially approved by (ISC)2

The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is a well-known vendor-neutral global IT security certification. The SSCP is designed to show that holders have the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures.

This comprehensive Official Study Guide—the only study guide officially approved by (ISC)2—covers all objectives of the seven SSCP domains.

  • Security Operations and Administration
  • Access Controls
  • Risk Identification, Monitoring, and Analysis
  • Incident Response and Recovery
  • Cryptography
  • Network and Communications Security
  • Systems and Application Security

This updated Third Edition covers the SSCP exam objectives effective as of November 2021. Much of the new and more advanced knowledge expected of an SSCP is now covered in a new chapter "Cross-Domain Challenges." If you're an information security professional or student of cybersecurity looking to tackle one or more of the seven domains of the SSCP, this guide gets you prepared to pass the exam and enter the information security workforce with confidence.

Introduction xxv
Assessment Test xlviii
Part I Getting Started as an SSCP 1(60)
Chapter 1 The Business Case for Decision Assurance and Information Security
3(30)
Information: The Lifeblood of Business
4(6)
Data, Information, Knowledge, Wisdom S Information Is Not Information Technology
8(2)
Policy, Procedure, and Process: How Business Gets Business Done
10(10)
Who Is the Business?
11(1)
"What's the Business Case for That?"
12(1)
Purpose, Intent, Goals, Objectives
13(1)
Business Logic and Business Processes: Transforming Assets into Opportunity, Wealth, and Success
14(1)
The Value Chain
15(2)
Being Accountable
17(3)
Who Runs the Business?
20(4)
Owners and Investors
20(1)
Boards of Directors
20(1)
Managing or Executive Directors and the "C-Suite"
21(1)
Layers of Function, Structure, Management, and Responsibility
21(2)
Plans and Budgets, Policies, and Directives
23(1)
Summary
24(1)
Exam Essentials
24(2)
Review Questions
26(7)
Chapter 2 Information Security Fundamentals
33(28)
The Common Needs for Privacy, Confidentiality, Integrity, and Availability
34(13)
Privacy
34(4)
Confidentiality
38(1)
Integrity
39(1)
Availability
40(1)
Privacy vs. Security, or Privacy and Security?
41(2)
CIANA+PS Needs of Individuals
43(1)
Private Business's Need for CIANA+PS
44(1)
Government's Need for CIANA+PS
45(1)
The Modern Military's Need for CIA
45(1)
Do Societies Need CIANA+PS?
46(1)
Training and Educating Everybody
47(1)
SSCPs and Professional Ethics
47(2)
Summary
49(1)
Exam Essentials
50(4)
Review Questions
54(7)
Part II Integrated Risk Management and Mitigation 61(136)
Chapter 3 Integrated Information Risk Management
63(64)
It's a Dangerous World
64(11)
What Is Risk?
66(3)
Risk: When Surprise Becomes Disruption
69(2)
Information Security: Delivering Decision Assurance
71(3)
"Common Sense" and Risk Management
74(1)
The Four Faces of Risk
75(8)
Outcomes-Based Risk
77(1)
Process-Based Risk
78(1)
Asset-Based Risk
79(1)
Threat-Based (or Vulnerability-Based) Risk
79(4)
Getting Integrated and Proactive with Information Defense
83(6)
Lateral Movement: Mitigate with Integrated C3
86(1)
Trust, but Verify
87(1)
Due Care and Due Diligence: Whose Jobs Are These?
87(1)
Be Prepared: First, Set Priorities
88(1)
Risk Management: Concepts and Frameworks
89(6)
The SSCP and Risk Management
92(1)
Plan, Do, Check, Act
93(2)
Risk Assessment
95(12)
Establish Consensus about Information Risk
95(1)
Information Risk Impact Assessment
96(1)
Information Classification and Categorization
97(2)
Risk Analysis
99(6)
The Business Impact Analysis
105(1)
From Assessments to Information Security Requirements
106(1)
Four Choices for Limiting or Containing Damage
107(7)
Deter
109(1)
Detect
110(1)
Prevent
110(1)
Avoid
111(3)
Summary
114(1)
Exam Essentials
114(6)
Review Questions
120(7)
Chapter 4 Operationalizing Risk Mitigation
127(70)
From Tactical Planning to Information Security Operations
128(6)
Operationally Outthinking Your Adversaries
130(2)
Getting Inside the Other Side's OODA Loop
132(1)
Defeating the Kill Chain
133(1)
Operationalizing Risk Mitigation: Step by Step
134(30)
Step 1: Assess the Existing Architectures
135(7)
Step 2: Assess Vulnerabilities and Threats
142(10)
Step 3: Select Risk Treatment and Controls
152(7)
Step 4: Implement Controls
159(4)
Step 5: Authorize: Senior Leader Acceptance and Ownership
163(1)
The Ongoing Job of Keeping Your Baseline Secure
164(10)
Build and Maintain User Engagement with Risk Controls
165(1)
Participate in Security Assessments
166(3)
Manage the Architectures: Asset Management and Change Control
169(5)
Ongoing, Continuous Monitoring
174(8)
Exploiting What Monitoring and Event Data Is Telling You
177(4)
Incident Investigation, Analysis, and Reporting
181(1)
Reporting to and Engaging with Management
182(1)
Summary
183(1)
Exam Essentials
183(6)
Review Questions
189(8)
Part III The Technologies of Information Security 197(358)
Chapter 5 Communications and Network Security
199(86)
Trusting Our Communications in a Converged World
200(6)
CIANA+PS: Applying Security Needs to Networks
203(2)
Threat Modeling for Communications Systems
205(1)
Internet Systems Concepts
206(12)
Datagrams and Protocol Data Units
207(1)
Handshakes
208(1)
Packets and Encapsulation
209(2)
Addressing, Routing, and Switching
211(1)
Network Segmentation
212(1)
URLs and the Web
212(1)
Topologies
213(4)
"Best Effort" and Trusting Designs
217(1)
Two Protocol Stacks, One Internet
218(22)
Complementary, Not Competing, Frameworks
218(4)
Layer 1: The Physical Layer
222(1)
Layer 2: The Data Link Layer
223(2)
Layer 3: The Network Layer
225(1)
Layer 4: The Transport Layer
226(4)
Layer 5: The Session Layer
230(1)
Layer 6: The Presentation Layer
231(1)
Layer 7: The Application Layer
232(1)
Cross-Layer Protocols and Services
233(1)
IP and Security
234(1)
Layers or Planes?
235(1)
Network Architectures
236(1)
DMZs and Botnets
237(1)
Software-Defined Networks
238(1)
Virtual Private Networks
239(1)
Wireless Network Technologies
240(3)
Wi-Fi
241(1)
Bluetooth
242(1)
Near-Field Communication
242(1)
IP Addresses, DHCP, and Subnets
243(5)
DHCP Leases: IPv4 and IPv6
243(2)
IPv4 Address Classes
245(2)
Subnetting in IPv4
247(1)
IPv4 vs. IPv6: Important Differences and Options
248(3)
CIANA Layer by Layer
251(11)
CIANA at Layer 1: Physical
251(3)
CIANA at Layer 2: Data Link
254(2)
CIANA at Layer 3: Network
256(1)
CIANA at Layer 4: Transport
257(1)
CIANA at Layer 5: Session
258(2)
CIANA at Layer 6: Presentation
260(1)
CIANA at Layer 7: Application
260(2)
Securing Networks as Systems
262(11)
Network Security Devices and Services
263(1)
Wireless Network Access and Security
264(1)
CIANA+PS and Wireless
265(2)
Monitoring and Analysis for Network Security
267(2)
A SOC Is Not a NOC
269(1)
Tools for the SOC and the NOC
270(1)
Integrating Network and Security Management
271(2)
Summary
273(1)
Exam Essentials
273(7)
Review Questions
280(5)
Chapter 6 Identity and Access Control
285(64)
Identity and Access: Two Sides of the Same CIANA+PS Coin
286(2)
Identity Management Concepts
288(7)
Identity Provisioning and Management
289(4)
Identity and AAA
293(2)
Access Control Concepts
295(10)
Subjects and Objects-Everywhere!
296(1)
Data Classification and Access Control
297(2)
Bell-LaPadula and Biba Models
299(3)
Role-Based
302(1)
Attribute-Based
303(1)
Subject-Based
303(1)
Object-Based
304(1)
Rule-Based Access Control
304(1)
Risk-Based Access Control
304(1)
Mandatory vs. Discretionary Access Control
305(1)
Network Access Control
305(5)
IEEE 802.1X Concepts
307(1)
RADIUS Authentication
308(1)
TACACS and TACACS+
309(1)
Implementing and Scaling IAM
310(19)
Choices for Access Control Implementations
311(2)
"Built-in" Solutions?
313(1)
Other Protocols for IAM
314(1)
Multifactor Authentication
315(4)
Server-Based IAM
319(1)
Integrated IAM systems
320(1)
Single Sign-On
321(1)
OpenID Connect
322(1)
Identity as a Service (IDaaS)
322(1)
Federated IAM
322(1)
Session Management
323(2)
Kerberos
325(1)
Credential Management
326(2)
Trust Frameworks and Architectures
328(1)
User and Entity Behavior Analytics (UEBA)
329(3)
Zero Trust Architectures
332(1)
Summary
333(1)
Exam Essentials
334(9)
Review Questions
343(6)
Chapter 7 Cryptography
349(86)
Cryptography: What and Why
350(8)
Codes and Ciphers: Defining Our Terms
352(5)
Cryptography, Cryptology, or...?
357(1)
Building Blocks of Digital Cryptographic Systems
358(9)
Cryptographic Algorithms
359(1)
Cryptographic Keys
360(2)
Hashing as One-Way Cryptography
362(3)
A Race Against Time
365(1)
"The Enemy Knows Your System"
366(1)
Keys and Key Management
367(3)
Key Storage and Protection
367(1)
Key Revocation and Disposal
368(2)
Modern Cryptography: Beyond the "Secret Decoder Ring"
370(3)
Symmetric Key Cryptography
370(1)
Asymmetric Key Cryptography
370(1)
Hybrid Cryptosystems
371(1)
Design and Use of Cryptosystems
371(1)
Cryptanalysis, Ethical and Unethical
372(1)
Cryptographic Primitives
373(1)
Cryptographic Engineering
373(1)
"Why Isn't All of This Stuff Secret?"
373(2)
Cryptography and CIANA+PS
375(6)
Confidentiality
376(1)
Authentication
376(1)
Integrity
376(1)
Nonrepudiation
377(1)
"But I Didn't Get That Email..."
378(1)
Availability
379(1)
Privacy
380(1)
Safety
381(1)
Public Key Infrastructures
381(18)
Diffie-Hellman-Merkle Public Key Exchange
382(3)
RSA Encryption and Key Exchange
385(1)
ElGamal Encryption
385(1)
Elliptical Curve Cryptography (ECC)
386(1)
Digital Signatures
387(1)
Digital Certificates and Certificate Authorities
387(1)
Hierarchies (or Webs) of Trust
388(4)
Pretty Good Privacy
392(1)
TLS
393(1)
HTTPS
394(1)
Symmetric Key Algorithms and PKI
395(1)
Encapsulation for Security: IPSec, ISAKMP, and Others
396(3)
Applying Cryptography to Meet Different Needs
399(6)
Message Integrity Controls
399(1)
S/MIME
400(1)
DKIM
400(1)
Blockchain
401(2)
Data Storage, Content Distribution, and Archiving
403(1)
Steganography
404(1)
Access Control Protocols
404(1)
Managing Cryptographic Assets and Systems
405(2)
Measures of Merit for Cryptographic Solutions
407(1)
Attacks and Countermeasures
408(10)
Social Engineering for Key Discovery
409(1)
Implementation Attacks
410(1)
Brute Force and Dictionary Attacks
410(1)
Side Channel Attacks
411(1)
Numeric (Algorithm or Key) Attacks
412(1)
Traffic Analysis, "Op Intel," and Social Engineering Attacks
413(1)
Massively Parallel Systems Attacks
414(1)
Supply Chain Vulnerabilities
414(1)
The "Sprinkle a Little Crypto Dust on It" Fallacy
415(1)
Countermeasures
416(2)
PKI and Trust: A Recap
418(2)
On the Near Horizon
420(3)
Pervasive and Homomorphic Encryption
420(1)
Quantum Cryptography and Post-Quantum Cryptography
421(1)
AI, Machine Learning, and Cryptography
422(1)
Summary
423(1)
Exam Essentials
424(5)
Review Questions
429(6)
Chapter 8 Hardware and Systems Security
435(48)
Infrastructure Security Is Baseline Management
437(5)
It's About Access Control...
437(2)
It's Also About Supply Chain Security
439(1)
Do Clouds Have Boundaries?
439(3)
Securing the Physical Context
442(2)
Facilities Security
442(1)
Services Security
443(1)
OT-Intensive (or Reliant) Contexts
444(1)
Infrastructures 101 and Threat Modeling
444(13)
Protecting the Trusted Computing Base
447(1)
Hardware Vulnerabilities
447(2)
Firmware Vulnerabilities
449(2)
Operating Systems Vulnerabilities
451(3)
Virtual Machines and Vulnerabilities
454(1)
Network Operating Systems
455(2)
Endpoint Security
457(5)
MDM, COPE, and BYOD
459(1)
BYOI? BYOC?
460(2)
Malware: Exploiting the Infrastructure's Vulnerabilities
462(4)
Countering the Malware Threat
465(1)
Privacy and Secure Browsing
466(3)
"The Sin of Aggregation"
469(1)
Updating the Threat Model
469(1)
Managing Your Systems' Security
470(1)
Summary
471(1)
Exam Essentials
472(6)
Review Questions
478(5)
Chapter 9 Applications, Data, and Cloud Security
483(72)
It's a Data-Driven World...At the Endpoint
484(3)
Software as Appliances
487(3)
Applications Lifecycles and Security
490(8)
The Software Development Lifecycle (SDLC)
491(3)
Why Is (Most) Software So Insecure?
494(3)
Hard to Design It Right, Easy to Fix It?
497(1)
CIANA+PS and Applications Software Requirements
498(6)
Positive and Negative Models for Software Security
502(1)
Is Negative Control Dead? Or Dying?
503(1)
Application Vulnerabilities
504(3)
Vulnerabilities Across the Lifecycle
505(1)
Human Failures and Frailties
506(1)
"Shadow IT:" The Dilemma of the User as Builder
507(4)
Data and Metadata as Procedural Knowledge
509(2)
Information Quality and Information Assurance
511(3)
Information Quality Lifecycle
512(1)
Preventing (or Limiting) the "Garbage In" Problem
513(1)
Protecting Data in Motion, in Use, and at Rest
514(8)
Data Exfiltration I: The Traditional Threat
516(2)
Detecting Unauthorized Data Acquisition
518(1)
Preventing Data Loss
519(2)
Detecting and Preventing Malformed Data Attacks
521(1)
Into the Clouds: Endpoint App and Data Security Considerations
522(11)
Cloud Deployment Models and Information Security
524(1)
Cloud Service Models and Information Security
525(2)
Edge and Fog Security: Virtual Becoming Reality
527(1)
Clouds, Continuity, and Resiliency
528(1)
Clouds and Threat Modeling
529(2)
Cloud Security Methods
531(1)
Integrate and Correlate
532(1)
SLAB, TORs, and Penetration Testing
532(1)
Data Exfiltration II: Hiding in the Clouds
533(1)
Legal and Regulatory Issues
533(2)
Countermeasures: Keeping Your Apps and Data Safe and Secure
535(1)
Summary
536(1)
Exam Essentials
537(11)
Review Questions
548(7)
Part IV People Power: What Makes or Breaks Information Security 555(134)
Chapter 10 Incident Response and Recovery
557(50)
Defeating the Kill Chain One Skirmish at a Time
558(6)
Kill Chains: Reviewing the Basics
560(2)
Events vs. Incidents
562(2)
Harsh Realities of Real Incidents
564(2)
Mitre's Attack Framework
564(2)
Learning from Others' Painful Experiences
566(1)
Incident Response Framework
566(5)
Incident Response Team: Roles and Structures
568(2)
Incident Response Priorities
570(1)
Preparation
571(7)
Preparation Planning
572(2)
Put the Preparation Plan in Motion
574(1)
Are You Prepared?
575(3)
Detection and Analysis
578(6)
Warning Signs
578(2)
Initial Detection
580(1)
Timeline Analysis
581(1)
Notification
582(1)
Prioritization
583(1)
Containment and Eradication
584(3)
Evidence Gathering, Preservation, and Use
585(1)
Constant Monitoring
586(1)
Recovery: Getting Back to Business
587(3)
Data Recovery
588(1)
Post-Recovery: Notification and Monitoring
589(1)
Post-Incident Activities
590(4)
Learning the Lessons
591(1)
Orchestrate and Automate
592(1)
Support Ongoing Forensics Investigations
592(1)
Information and Evidence Retention
593(1)
Information Sharing with the Larger IT Security Community
594(1)
Summary
594(1)
Exam Essentials
595(6)
Review Questions
601(6)
Chapter 11 Business Continuity via Information Security and People Power
607(40)
What Is a Disaster?
608(1)
Surviving to Operate: Plan for It!
609(6)
Business Continuity
610(1)
IS Disaster Recovery Plans
610(1)
Plans, More Plans, and Triage
611(4)
Timelines for BC/DR Planning and Action
615(2)
Options for Recovery
617(6)
Backups, Archives, and Image Copies
618(2)
Cryptographic Assets and Recovery
620(1)
"Golden Images" and Validation
621(1)
Scan Before Loading: Blocking Historical Zero-Day Attacks
622(1)
Restart from a Clean Baseline
622(1)
Cloud-Based "Do-Over" Buttons for Continuity, Security, and Resilience
623(3)
Restoring a Virtual Organization
625(1)
People Power for BC/DR
626(7)
Threat Vectors: It Is a Dangerous World Out There
628(3)
"Blue Team's" C3I
631(1)
Learning from Experience
632(1)
Security Assessment: For BC/DR and Compliance
633(1)
Converged Communications: Keeping Them Secure During BC/DR Actions
634(3)
POTS and VoIP Security
635(1)
People Power for Secure Communications
636(1)
Summary
637(1)
Exam Essentials
637(4)
Review Questions
641(6)
Chapter 12 Cross-Domain Challenges
647(42)
Operationalizing Security Across the Immediate and Longer Term
648(9)
Continuous Assessment and Continuous Compliance
650(1)
SDNs and SDS
651(2)
SOAR: Strategies for Focused Security Effort
653(2)
A "DevSecOps" Culture: SOAR for Software Development
655(1)
Just-in-Time Education, Training, and Awareness
656(1)
Supply Chains, Security, and the SSCP
657(5)
ICS, IoT, and SCADA: More Than SUNBURST
658(2)
Extending Physical Security: More Than Just Badges and Locks
660(1)
All-Source, Proactive Intelligence: The SOC as a Fusion Center
661(1)
Other Dangers on the Web and Net
662(4)
Surface, Deep, and Dark Webs
662(2)
Deep and Dark: Risks and Countermeasures
664(1)
DNS and Namespace Exploit Risks
665(1)
On Our Way to the Future
666(6)
Cloud Security: Edgier and Foggier
667(1)
AI, ML, and Analytics: Explicability and Trustworthiness
667(2)
Quantum Communications, Computing, and Cryptography
669(1)
Paradigm Shifts in Information Security?
669(2)
Perception Management and Information Security
671(1)
Widespread Lack of Useful Understanding of Core Technologies
672(1)
Enduring Lessons
672(5)
You Cannot Legislate Security (But You Can Punish Noncompliance)
673(1)
It's About Managing Our Security and Our Systems
673(1)
People Put It Together
674(1)
Maintain Flexibility of Vision
675(1)
Accountability-It's Personal. Make It So
675(1)
Stay Sharp
676(1)
Your Next Steps
677(1)
At the Close
678(1)
Exam Essentials
678(5)
Review Questions
683(6)
Appendix Answers to Review Questions 689(38)
Chapter 1: The Business Case for Decision Assurance and Information Security
690(3)
Chapter 2: Information Security Fundamentals
693(2)
Chapter 3: Integrated Information Risk Management
695(3)
Chapter 4: Operationalizing Risk Mitigation
698(3)
Chapter 5: Communications and Network Security
701(3)
Chapter 6: Identity and Access Control
704(3)
Chapter 7: Cryptography
707(2)
Chapter 8: Hardware and Systems Security
709(3)
Chapter 9: Applications, Data, and Cloud Security
712(3)
Chapter 10: Incident Response and Recovery
715(3)
Chapter 11: Business Continuity via Information Security and People Power
718(4)
Chapter 12: Cross-Domain Challenges
722(5)
Index 727
ABOUT THE AUTHOR

Michael S. Wills, SSCP, CISSP, CAMS, is Assistant Professor of Applied Information Technologies in the College of Business at the Embry-Riddle Aeronautical Universitys Worldwide Campus. He has many years of experience designing, building, and operating cutting-edge secure systems, and wrote (ISC)2s official training courses for both the SSCP and CISSP. He is also the creator of ERAUs Master of Science in Information Security and Assurance degree program.
Biežāk uzdotie jautājumi par e-grāmatām Biežāk uzdotie jautājumi par e-grāmatām
Permanent link: https://www.kriso.lv/db/97811198550022e.html
Keywords: