Official (ISC)2 Guide to the CISSP CBK
The urgency for a global standard of excellence for those who protect the networked world has never been greater. (ISC)2 created the information security industry's first and only CBK®, a global compendium of information security topics.. Continually updated to incorporate rapidly changing tech...
Đã lưu trong:
| Những tác giả chính: | , |
|---|---|
| Định dạng: | Sách |
| Ngôn ngữ: | English |
| Được phát hành: |
CRC Press
2009
|
| Truy cập trực tuyến: | https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1520 |
| Các nhãn: |
Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
|
| Thư viện lưu trữ: | Thư viện Trường Đại học Đà Lạt |
|---|
| id |
oai:scholar.dlu.edu.vn:DLU123456789-1520 |
|---|---|
| record_format |
dspace |
| institution |
Thư viện Trường Đại học Đà Lạt |
| collection |
Thư viện số |
| language |
English |
| description |
The urgency for a global standard of excellence for those who protect the networked world has never been greater. (ISC)2 created the information security industry's first and only CBK®, a global compendium of information security topics.. Continually updated to incorporate rapidly changing technologies and threats, the CBK continues to serve as the basis for (ISC)2's education and certification programs.
Written as an authoritative reference, the Official (ISC)2® Guide to the CISSP® CBK® provides a better understanding of the CISSP CBK - a collection of topics relevant to information security professionals around the world. Although the book still contains the ten domains of the CISSP, some of the domain titles have been revised to reflect changing terminology and emphasis in the security professional's day-to-day environment. The ten domains include: information security and risk management, access control, cryptography, physical (environmental) security, security architecture and design, business continuity (BCP) and disaster recovery planning (DRP), telecommunications and network security, application security, operations security, legal, regulations, and compliance and investigations.
Endorsed by the (ISC)2, this valuable resource follows the newly revised CISSP CBK, providing reliable, current, and thorough information. Moreover, the Official (ISC)2® Guide to the CISSP® CBK® helps information security professionals gain awareness of the requirements of their profession and acquire knowledge validated by the CISSP certification. |
| format |
Book |
| author |
Tipton, Harold Henry, Kevin |
| spellingShingle |
Tipton, Harold Henry, Kevin Official (ISC)2 Guide to the CISSP CBK |
| author_facet |
Tipton, Harold Henry, Kevin |
| author_sort |
Tipton, Harold |
| title |
Official (ISC)2 Guide to the CISSP CBK |
| title_short |
Official (ISC)2 Guide to the CISSP CBK |
| title_full |
Official (ISC)2 Guide to the CISSP CBK |
| title_fullStr |
Official (ISC)2 Guide to the CISSP CBK |
| title_full_unstemmed |
Official (ISC)2 Guide to the CISSP CBK |
| title_sort |
official (isc)2 guide to the cissp cbk |
| publisher |
CRC Press |
| publishDate |
2009 |
| url |
https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1520 |
| _version_ |
1819783127971659776 |
| spelling |
oai:scholar.dlu.edu.vn:DLU123456789-15202009-12-03T09:30:32Z Official (ISC)2 Guide to the CISSP CBK Tipton, Harold Henry, Kevin The urgency for a global standard of excellence for those who protect the networked world has never been greater. (ISC)2 created the information security industry's first and only CBK®, a global compendium of information security topics.. Continually updated to incorporate rapidly changing technologies and threats, the CBK continues to serve as the basis for (ISC)2's education and certification programs. Written as an authoritative reference, the Official (ISC)2® Guide to the CISSP® CBK® provides a better understanding of the CISSP CBK - a collection of topics relevant to information security professionals around the world. Although the book still contains the ten domains of the CISSP, some of the domain titles have been revised to reflect changing terminology and emphasis in the security professional's day-to-day environment. The ten domains include: information security and risk management, access control, cryptography, physical (environmental) security, security architecture and design, business continuity (BCP) and disaster recovery planning (DRP), telecommunications and network security, application security, operations security, legal, regulations, and compliance and investigations. Endorsed by the (ISC)2, this valuable resource follows the newly revised CISSP CBK, providing reliable, current, and thorough information. Moreover, the Official (ISC)2® Guide to the CISSP® CBK® helps information security professionals gain awareness of the requirements of their profession and acquire knowledge validated by the CISSP certification. INFORMATION SECURITY AND RISK MANAGEMENT Introduction The Business Case for Information Security Management Core Information Security Principles: Availability, Integrity, Information Security Management Governance Organizational Behavior Security Awareness, Training, and Education Risk Management Ethics Data Classification Policy Data Handling Policy References Other References Sample Questions ACCESS CONTROL Introduction Definitions and Key Concepts Access Control Categories and Types Access Control Threats Access to Systems Access to Data Intrusion Detection and Prevention Systems Access Control Assurance References. Sample Questions CRYPTOGRAPHY Introduction Key Concepts and Definitions Encryption Systems Message Integrity Controls Digital Signatures Encryption Management Cryptanalysis and Attacks Encryption Usage References Sample Questions PHYSICAL (ENVIRONMENTAL) SECURITY Introduction Site Location The Layered Defense Model Information Protection and Management Services Summary References Sample Questions SECURITY ARCHITECTURE AND DESIGN Introduction Security Architecture and Design Components and Principles Security Models and Architecture Theory Security Product Evaluation Methods and Criteria Sample Questions BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING Introduction Organization of the BCP/DRP Domain Chapter Terminology Appendix A: Addressing Legislative Compliance within Business Continuity Plans TELECOMMUNICATIONS AND NETWORK SECURITY Introduction Basic Concepts Layer 1: Physical Layer Layer 2: Data-Link Layer Layer 3: Network Layer Layer 4: Transport Layer Layer 5: Session Layer Layer 6: Presentation Layer Layer 7: Application Layer Trivial File Transfer Protocol (TFTP) General References Sample Questions Endnotes APPLICATION SECURITY Domain Description and Introduction Applications Development and Programming Concepts and Protection Audit and Assurance Mechanisms Malicious Software (Malware) The Database and Data Warehousing Environment Web Application Environment Summary References OPERATIONS SECURITY Introduction Privileged Entity Controls Resource Protection Continuity of Operations Change Control Management Summary References Sample Questions LEGAL, REGULATIONS, COMPLIANCE AND INVESTIGATIONS Introduction Major Legal Systems Information Technology Laws and Regulations Incident Response Computer Forensics Conclusions References Sample Questions ANSWERS TO SAMPLE QUESTIONS CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL (CISSP®) CANDIDATE INFORMATION BULLETIN GLOSSARY INDEX 2009-12-03T09:30:32Z 2009-12-03T09:30:32Z 2006 Book https://scholar.dlu.edu.vn/thuvienso/handle/DLU123456789/1520 en application/rar CRC Press |