Verfügbarkeit: (ISC)2 CISSP certified information systems security professional official study guide

(ISC)2 CISSP certified information systems security professional official study guide:

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Chapple, Mike 1975- (VerfasserIn)
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Hoboken, New Jersey John Wiley & Sons [2021]
Ausgabe:	Ninth edition
Schlagworte:	CISSP Zertifikat Informationssicherheit Computersicherheit
Online-Zugang:	DE-522 DE-188
Beschreibung:	Im Titel ist "2" hochgestellt
Beschreibung:	1 Online-Ressource (lxxiv, 1171 Seiten) Illustrationen
ISBN:	9781119786245 9781119786337

Internformat

MARC


LEADER	00000nmm a2200000zc 4500
001	BV047468953
003	DE-604
005	20241104
007	cr\|uuu---uuuuu
008	210915s2021 \|\|\|\| o\|\|u\| \|\|\|\|\|\|eng d
020			\|a 9781119786245 \|c EBook \|9 978-1-119-78624-5
020			\|a 9781119786337 \|9 978-1-119-78633-7
035			\|a (ZDB-30-PQE)EBC6647278
035			\|a (ZDB-30-PAD)EBC6647278
035			\|a (ZDB-89-EBL)EBL6647278
035			\|a (OCoLC)1269387256
035			\|a (DE-599)BVBBV047468953
040			\|a DE-604 \|b ger \|e rda
041	0		\|a eng
049			\|a DE-522 \|a DE-188
100	1		\|a Chapple, Mike \|d 1975- \|e Verfasser \|0 (DE-588)108422027X \|4 aut
245	1	0	\|a (ISC)2 CISSP certified information systems security professional official study guide
246	1	3	\|a (ISC) 2 CISSP certified information systems security professional official study guide
250			\|a Ninth edition
264		1	\|a Hoboken, New Jersey \|b John Wiley & Sons \|c [2021]
264		4	\|c © 2021
300			\|a 1 Online-Ressource (lxxiv, 1171 Seiten) \|b Illustrationen
336			\|b txt \|2 rdacontent
337			\|b c \|2 rdamedia
338			\|b cr \|2 rdacarrier
500			\|a Im Titel ist "2" hochgestellt
650	0	7	\|a CISSP \|0 (DE-588)4744965-2 \|2 gnd \|9 rswk-swf
650	0	7	\|a Zertifikat \|0 (DE-588)4190760-7 \|2 gnd \|9 rswk-swf
650	0	7	\|a Informationssicherheit \|0 (DE-588)1217680330 \|2 gnd \|9 rswk-swf
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a CISSP \|0 (DE-588)4744965-2 \|D s
689	0	1	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0	2	\|a Zertifikat \|0 (DE-588)4190760-7 \|D s
689	0		\|5 DE-604
689	1	0	\|a CISSP \|0 (DE-588)4744965-2 \|D s
689	1	1	\|a Informationssicherheit \|0 (DE-588)1217680330 \|D s
689	1	2	\|a Zertifikat \|0 (DE-588)4190760-7 \|D s
689	1		\|5 DE-604
700	1		\|a Stewart, James Michael \|d 1970- \|e Sonstige \|0 (DE-588)173229565 \|4 oth
700	1		\|a Gibson, Darril \|d 1958-2022 \|e Sonstige \|0 (DE-588)1013456904 \|4 oth
776	0	8	\|i Erscheint auch als \|n Druck-Ausgabe, Paperback \|z 978-1-119-78623-8
912			\|a ZDB-4-EBA \|a ZDB-30-PQE
943	1		\|a oai:aleph.bib-bvb.de:BVB01-032870639
966	e		\|u https://ebookcentral.proquest.com/lib/th-brandenburg/detail.action?docID=6647278 \|l DE-522 \|p ZDB-30-PQE \|q BFB_Kauf \|x Aggregator \|3 Volltext
966	e		\|u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=2953985 \|l DE-188 \|p ZDB-4-EBA \|q ZDB-4-EBA 2024 \|x Aggregator \|3 Volltext

Datensatz im Suchindex

_version_	1814789509690163200
adam_text
adam_txt
any_adam_object
any_adam_object_boolean
author	Chapple, Mike 1975-
author_GND	(DE-588)108422027X (DE-588)173229565 (DE-588)1013456904
author_facet	Chapple, Mike 1975-
author_role	aut
author_sort	Chapple, Mike 1975-
author_variant	m c mc
building	Verbundindex
bvnumber	BV047468953
collection	ZDB-4-EBA ZDB-30-PQE
contents	Cover -- Title Page -- Copyright Page -- Acknowledgments -- About the Authors -- About the Technical Editors -- Contents at a Glance -- Contents -- Foreword -- Introduction -- Overview of the CISSP Exam -- The Elements of This Study Guide -- Interactive Online Learning Environment and TestBank -- Study Guide Exam Objectives -- Objective Map -- Reader Support for This Book -- Assessment Test -- Answers to Assessment Test -- Chapter 1 Security Governance Through Principles and Policies -- Security 101 -- Understand and Apply Security Concepts -- Confidentiality -- Integrity -- Availability -- DAD, Overprotection, Authenticity, Non-repudiation, and AAA Services -- Protection Mechanisms -- Security Boundaries -- Evaluate and Apply Security Governance Principles -- Third-Party Governance -- Documentation Review -- Manage the Security Function -- Alignment of Security Function to Business Strategy, Goals, Mission, and Objectives -- Organizational Processes -- Organizational Roles and Responsibilities -- Security Control Frameworks -- Due Diligence and Due Care -- Security Policy, Standards, Procedures, and Guidelines -- Security Policies -- Security Standards, Baselines, and Guidelines -- Security Procedures -- Threat Modeling -- Identifying Threats -- Determining and Diagramming Potential Attacks -- Performing Reduction Analysis -- Prioritization and Response -- Supply Chain Risk Management -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 2 Personnel Security and Risk Management Concepts -- Personnel Security Policies and Procedures -- Job Descriptions and Responsibilities -- Candidate Screening and Hiring -- Onboarding: Employment Agreements and Policies -- Employee Oversight -- Offboarding, Transfers, and Termination Processes -- Vendor, Consultant, and Contractor Agreements and Controls -- Compliance Policy Requirements Privacy Policy Requirements -- Understand and Apply Risk Management Concepts -- Risk Terminology and Concepts -- Asset Valuation -- Identify Threats and Vulnerabilities -- Risk Assessment/Analysis -- Risk Responses -- Cost vs. Benefit of Security Controls -- Countermeasure Selection and Implementation -- Applicable Types of Controls -- Security Control Assessment -- Monitoring and Measurement -- Risk Reporting and Documentation -- Continuous Improvement -- Risk Frameworks -- Social Engineering -- Social Engineering Principles -- Eliciting Information -- Prepending -- Phishing -- Spear Phishing -- Whaling -- Smishing -- Vishing -- Spam -- Shoulder Surfing -- Invoice Scams -- Hoax -- Impersonation and Masquerading -- Tailgating and Piggybacking -- Dumpster Diving -- Identity Fraud -- Typo Squatting -- Influence Campaigns -- Establish and Maintain a Security Awareness, Education, and Training Program -- Awareness -- Training -- Education -- Improvements -- Effectiveness Evaluation -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 3 Business Continuity Planning -- Planning for Business Continuity -- Project Scope and Planning -- Organizational Review -- BCP Team Selection -- Resource Requirements -- Legal and Regulatory Requirements -- Business Impact Analysis -- Identifying Priorities -- Risk Identification -- Likelihood Assessment -- Impact Analysis -- Resource Prioritization -- Continuity Planning -- Strategy Development -- Provisions and Processes -- Plan Approval and Implementation -- Plan Approval -- Plan Implementation -- Training and Education -- BCP Documentation -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 4 Laws, Regulations, and Compliance -- Categories of Laws -- Criminal Law -- Civil Law -- Administrative Law -- Laws -- Computer Crime -- Intellectual Property (IP) -- Licensing Import/Export -- Privacy -- State Privacy Laws -- Compliance -- Contracting and Procurement -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 5 Protecting Security of Assets -- Identifying and Classifying Information and Assets -- Defining Sensitive Data -- Defining Data Classifications -- Defining Asset Classifications -- Understanding Data States -- Determining Compliance Requirements -- Determining Data Security Controls -- Establishing Information and Asset Handling Requirements -- Data Maintenance -- Data Loss Prevention -- Marking Sensitive Data and Assets -- Handling Sensitive Information and Assets -- Data Collection Limitation -- Data Location -- Storing Sensitive Data -- Data Destruction -- Ensuring Appropriate Data and Asset Retention -- Data Protection Methods -- Digital Rights Management -- Cloud Access Security Broker -- Pseudonymization -- Tokenization -- Anonymization -- Understanding Data Roles -- Data Owners -- Asset Owners -- Business/Mission Owners -- Data Processors and Data Controllers -- Data Custodians -- Administrators -- Users and Subjects -- Using Security Baselines -- Comparing Tailoring and Scoping -- Standards Selection -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 6 Cryptography and Symmetric Key Algorithms -- Cryptographic Foundations -- Goals of Cryptography -- Cryptography Concepts -- Cryptographic Mathematics -- Ciphers -- Modern Cryptography -- Cryptographic Keys -- Symmetric Key Algorithms -- Asymmetric Key Algorithms -- Hashing Algorithms -- Symmetric Cryptography -- Cryptographic Modes of Operation -- Data Encryption Standard -- Triple DES -- International Data Encryption Algorithm -- Blowfish -- Skipjack -- Rivest Ciphers -- Advanced Encryption Standard -- CAST -- Comparison of Symmetric Encryption Algorithms -- Symmetric Key Management Cryptographic Lifecycle -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 7 PKI and Cryptographic Applications -- Asymmetric Cryptography -- Public and Private Keys -- RSA -- ElGamal -- Elliptic Curve -- Diffie-Hellman Key Exchange -- Quantum Cryptography -- Hash Functions -- SHA -- MD5 -- RIPEMD -- Comparison of Hash Algorithm Value Lengths -- Digital Signatures -- HMAC -- Digital Signature Standard -- Public Key Infrastructure -- Certificates -- Certificate Authorities -- Certificate Lifecycle -- Certificate Formats -- Asymmetric Key Management -- Hybrid Cryptography -- Applied Cryptography -- Portable Devices -- Email -- Web Applications -- Steganography and Watermarking -- Networking -- Emerging Applications -- Cryptographic Attacks -- Salting Saves Passwords -- Ultra vs. Enigma -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 8 Principles of Security Models, Design, and Capabilities -- Secure Design Principles -- Objects and Subjects -- Closed and Open Systems -- Secure Defaults -- Fail Securely -- Keep It Simple -- Zero Trust -- Privacy by Design -- Trust but Verify -- Techniques for Ensuring CIA -- Confinement -- Bounds -- Isolation -- Access Controls -- Trust and Assurance -- Understand the Fundamental Concepts of Security Models -- Trusted Computing Base -- State Machine Model -- Information Flow Model -- Noninterference Model -- Take-Grant Model -- Access Control Matrix -- Bell-LaPadula Model -- Biba Model -- Clark-Wilson Model -- Brewer and Nash Model -- Goguen-Meseguer Model -- Sutherland Model -- Graham-Denning Model -- Harrison-Ruzzo-Ullman Model -- Select Controls Based on Systems Security Requirements -- Common Criteria -- Authorization to Operate -- Understand Security Capabilities of Information Systems -- Memory Protection -- Virtualization -- Trusted Platform Module Interfaces -- Fault Tolerance -- Encryption/Decryption -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 9 Security Vulnerabilities, Threats, and Countermeasures -- Shared Responsibility -- Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements -- Hardware -- Firmware -- Client-Based Systems -- Mobile Code -- Local Caches -- Server-Based Systems -- Large-Scale Parallel Data Systems -- Grid Computing -- Peer to Peer -- Industrial Control Systems -- Distributed Systems -- High-Performance Computing (HPC) Systems -- Internet of Things -- Edge and Fog Computing -- Embedded Devices and Cyber-Physical Systems -- Static Systems -- Network-Enabled Devices -- Cyber-Physical Systems -- Elements Related to Embedded and Static Systems -- Security Concerns of Embedded and Static Systems -- Specialized Devices -- Microservices -- Infrastructure as Code -- Virtualized Systems -- Virtual Software -- Virtualized Networking -- Software-Defined Everything -- Virtualization Security Management -- Containerization -- Serverless Architecture -- Mobile Devices -- Mobile Device Security Features -- Mobile Device Deployment Policies -- Essential Security Protection Mechanisms -- Process Isolation -- Hardware Segmentation -- System Security Policy -- Common Security Architecture Flaws and Issues -- Covert Channels -- Attacks Based on Design or Coding Flaws -- Rootkits -- Incremental Attacks -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 10 Physical Security Requirements -- Apply Security Principles to Site and Facility Design -- Secure Facility Plan -- Site Selection -- Facility Design -- Implement Site and Facility Security Controls -- Equipment Failure -- Wiring Closets -- Server Rooms/Data Centers -- Intrusion Detection Systems -- Cameras -- Access Abuses Media Storage Facilities
ctrlnum	(ZDB-30-PQE)EBC6647278 (ZDB-30-PAD)EBC6647278 (ZDB-89-EBL)EBL6647278 (OCoLC)1269387256 (DE-599)BVBBV047468953
edition	Ninth edition
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>00000nmm a2200000zc 4500</leader><controlfield tag="001">BV047468953</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20241104</controlfield><controlfield tag="007">cr\|uuu---uuuuu</controlfield><controlfield tag="008">210915s2021 \|\|\|\| o\|\|u\| \|\|\|\|\|\|eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781119786245</subfield><subfield code="c">EBook</subfield><subfield code="9">978-1-119-78624-5</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781119786337</subfield><subfield code="9">978-1-119-78633-7</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ZDB-30-PQE)EBC6647278</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ZDB-30-PAD)EBC6647278</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ZDB-89-EBL)EBL6647278</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1269387256</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV047468953</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-522</subfield><subfield code="a">DE-188</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Chapple, Mike</subfield><subfield code="d">1975-</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)108422027X</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">(ISC)2 CISSP certified information systems security professional official study guide</subfield></datafield><datafield tag="246" ind1="1" ind2="3"><subfield code="a">(ISC) 2 CISSP certified information systems security professional official study guide</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Ninth edition</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Hoboken, New Jersey</subfield><subfield code="b">John Wiley & Sons</subfield><subfield code="c">[2021]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">© 2021</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (lxxiv, 1171 Seiten)</subfield><subfield code="b">Illustrationen</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Im Titel ist "2" hochgestellt</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">CISSP</subfield><subfield code="0">(DE-588)4744965-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Zertifikat</subfield><subfield code="0">(DE-588)4190760-7</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Informationssicherheit</subfield><subfield code="0">(DE-588)1217680330</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">CISSP</subfield><subfield code="0">(DE-588)4744965-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Zertifikat</subfield><subfield code="0">(DE-588)4190760-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="689" ind1="1" ind2="0"><subfield code="a">CISSP</subfield><subfield code="0">(DE-588)4744965-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="1"><subfield code="a">Informationssicherheit</subfield><subfield code="0">(DE-588)1217680330</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2="2"><subfield code="a">Zertifikat</subfield><subfield code="0">(DE-588)4190760-7</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="1" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Stewart, James Michael</subfield><subfield code="d">1970-</subfield><subfield code="e">Sonstige</subfield><subfield code="0">(DE-588)173229565</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Gibson, Darril</subfield><subfield code="d">1958-2022</subfield><subfield code="e">Sonstige</subfield><subfield code="0">(DE-588)1013456904</subfield><subfield code="4">oth</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe, Paperback</subfield><subfield code="z">978-1-119-78623-8</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield><subfield code="a">ZDB-30-PQE</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032870639</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://ebookcentral.proquest.com/lib/th-brandenburg/detail.action?docID=6647278</subfield><subfield code="l">DE-522</subfield><subfield code="p">ZDB-30-PQE</subfield><subfield code="q">BFB_Kauf</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=2953985</subfield><subfield code="l">DE-188</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">ZDB-4-EBA 2024</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection>
id	DE-604.BV047468953
illustrated	Not Illustrated
index_date	2024-07-03T18:08:35Z
indexdate	2024-11-04T11:02:25Z
institution	BVB
isbn	9781119786245 9781119786337
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-032870639
oclc_num	1269387256
open_access_boolean
owner	DE-522 DE-188
owner_facet	DE-522 DE-188
physical	1 Online-Ressource (lxxiv, 1171 Seiten) Illustrationen
psigel	ZDB-4-EBA ZDB-30-PQE ZDB-30-PQE BFB_Kauf ZDB-4-EBA ZDB-4-EBA 2024
publishDate	2021
publishDateSearch	2021
publishDateSort	2021
publisher	John Wiley & Sons
record_format	marc
spelling	Chapple, Mike 1975- Verfasser (DE-588)108422027X aut (ISC)2 CISSP certified information systems security professional official study guide (ISC) 2 CISSP certified information systems security professional official study guide Ninth edition Hoboken, New Jersey John Wiley & Sons [2021] © 2021 1 Online-Ressource (lxxiv, 1171 Seiten) Illustrationen txt rdacontent c rdamedia cr rdacarrier Im Titel ist "2" hochgestellt CISSP (DE-588)4744965-2 gnd rswk-swf Zertifikat (DE-588)4190760-7 gnd rswk-swf Informationssicherheit (DE-588)1217680330 gnd rswk-swf Computersicherheit (DE-588)4274324-2 gnd rswk-swf CISSP (DE-588)4744965-2 s Computersicherheit (DE-588)4274324-2 s Zertifikat (DE-588)4190760-7 s DE-604 Informationssicherheit (DE-588)1217680330 s Stewart, James Michael 1970- Sonstige (DE-588)173229565 oth Gibson, Darril 1958-2022 Sonstige (DE-588)1013456904 oth Erscheint auch als Druck-Ausgabe, Paperback 978-1-119-78623-8
spellingShingle	Chapple, Mike 1975- (ISC)2 CISSP certified information systems security professional official study guide Cover -- Title Page -- Copyright Page -- Acknowledgments -- About the Authors -- About the Technical Editors -- Contents at a Glance -- Contents -- Foreword -- Introduction -- Overview of the CISSP Exam -- The Elements of This Study Guide -- Interactive Online Learning Environment and TestBank -- Study Guide Exam Objectives -- Objective Map -- Reader Support for This Book -- Assessment Test -- Answers to Assessment Test -- Chapter 1 Security Governance Through Principles and Policies -- Security 101 -- Understand and Apply Security Concepts -- Confidentiality -- Integrity -- Availability -- DAD, Overprotection, Authenticity, Non-repudiation, and AAA Services -- Protection Mechanisms -- Security Boundaries -- Evaluate and Apply Security Governance Principles -- Third-Party Governance -- Documentation Review -- Manage the Security Function -- Alignment of Security Function to Business Strategy, Goals, Mission, and Objectives -- Organizational Processes -- Organizational Roles and Responsibilities -- Security Control Frameworks -- Due Diligence and Due Care -- Security Policy, Standards, Procedures, and Guidelines -- Security Policies -- Security Standards, Baselines, and Guidelines -- Security Procedures -- Threat Modeling -- Identifying Threats -- Determining and Diagramming Potential Attacks -- Performing Reduction Analysis -- Prioritization and Response -- Supply Chain Risk Management -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 2 Personnel Security and Risk Management Concepts -- Personnel Security Policies and Procedures -- Job Descriptions and Responsibilities -- Candidate Screening and Hiring -- Onboarding: Employment Agreements and Policies -- Employee Oversight -- Offboarding, Transfers, and Termination Processes -- Vendor, Consultant, and Contractor Agreements and Controls -- Compliance Policy Requirements Privacy Policy Requirements -- Understand and Apply Risk Management Concepts -- Risk Terminology and Concepts -- Asset Valuation -- Identify Threats and Vulnerabilities -- Risk Assessment/Analysis -- Risk Responses -- Cost vs. Benefit of Security Controls -- Countermeasure Selection and Implementation -- Applicable Types of Controls -- Security Control Assessment -- Monitoring and Measurement -- Risk Reporting and Documentation -- Continuous Improvement -- Risk Frameworks -- Social Engineering -- Social Engineering Principles -- Eliciting Information -- Prepending -- Phishing -- Spear Phishing -- Whaling -- Smishing -- Vishing -- Spam -- Shoulder Surfing -- Invoice Scams -- Hoax -- Impersonation and Masquerading -- Tailgating and Piggybacking -- Dumpster Diving -- Identity Fraud -- Typo Squatting -- Influence Campaigns -- Establish and Maintain a Security Awareness, Education, and Training Program -- Awareness -- Training -- Education -- Improvements -- Effectiveness Evaluation -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 3 Business Continuity Planning -- Planning for Business Continuity -- Project Scope and Planning -- Organizational Review -- BCP Team Selection -- Resource Requirements -- Legal and Regulatory Requirements -- Business Impact Analysis -- Identifying Priorities -- Risk Identification -- Likelihood Assessment -- Impact Analysis -- Resource Prioritization -- Continuity Planning -- Strategy Development -- Provisions and Processes -- Plan Approval and Implementation -- Plan Approval -- Plan Implementation -- Training and Education -- BCP Documentation -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 4 Laws, Regulations, and Compliance -- Categories of Laws -- Criminal Law -- Civil Law -- Administrative Law -- Laws -- Computer Crime -- Intellectual Property (IP) -- Licensing Import/Export -- Privacy -- State Privacy Laws -- Compliance -- Contracting and Procurement -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 5 Protecting Security of Assets -- Identifying and Classifying Information and Assets -- Defining Sensitive Data -- Defining Data Classifications -- Defining Asset Classifications -- Understanding Data States -- Determining Compliance Requirements -- Determining Data Security Controls -- Establishing Information and Asset Handling Requirements -- Data Maintenance -- Data Loss Prevention -- Marking Sensitive Data and Assets -- Handling Sensitive Information and Assets -- Data Collection Limitation -- Data Location -- Storing Sensitive Data -- Data Destruction -- Ensuring Appropriate Data and Asset Retention -- Data Protection Methods -- Digital Rights Management -- Cloud Access Security Broker -- Pseudonymization -- Tokenization -- Anonymization -- Understanding Data Roles -- Data Owners -- Asset Owners -- Business/Mission Owners -- Data Processors and Data Controllers -- Data Custodians -- Administrators -- Users and Subjects -- Using Security Baselines -- Comparing Tailoring and Scoping -- Standards Selection -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 6 Cryptography and Symmetric Key Algorithms -- Cryptographic Foundations -- Goals of Cryptography -- Cryptography Concepts -- Cryptographic Mathematics -- Ciphers -- Modern Cryptography -- Cryptographic Keys -- Symmetric Key Algorithms -- Asymmetric Key Algorithms -- Hashing Algorithms -- Symmetric Cryptography -- Cryptographic Modes of Operation -- Data Encryption Standard -- Triple DES -- International Data Encryption Algorithm -- Blowfish -- Skipjack -- Rivest Ciphers -- Advanced Encryption Standard -- CAST -- Comparison of Symmetric Encryption Algorithms -- Symmetric Key Management Cryptographic Lifecycle -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 7 PKI and Cryptographic Applications -- Asymmetric Cryptography -- Public and Private Keys -- RSA -- ElGamal -- Elliptic Curve -- Diffie-Hellman Key Exchange -- Quantum Cryptography -- Hash Functions -- SHA -- MD5 -- RIPEMD -- Comparison of Hash Algorithm Value Lengths -- Digital Signatures -- HMAC -- Digital Signature Standard -- Public Key Infrastructure -- Certificates -- Certificate Authorities -- Certificate Lifecycle -- Certificate Formats -- Asymmetric Key Management -- Hybrid Cryptography -- Applied Cryptography -- Portable Devices -- Email -- Web Applications -- Steganography and Watermarking -- Networking -- Emerging Applications -- Cryptographic Attacks -- Salting Saves Passwords -- Ultra vs. Enigma -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 8 Principles of Security Models, Design, and Capabilities -- Secure Design Principles -- Objects and Subjects -- Closed and Open Systems -- Secure Defaults -- Fail Securely -- Keep It Simple -- Zero Trust -- Privacy by Design -- Trust but Verify -- Techniques for Ensuring CIA -- Confinement -- Bounds -- Isolation -- Access Controls -- Trust and Assurance -- Understand the Fundamental Concepts of Security Models -- Trusted Computing Base -- State Machine Model -- Information Flow Model -- Noninterference Model -- Take-Grant Model -- Access Control Matrix -- Bell-LaPadula Model -- Biba Model -- Clark-Wilson Model -- Brewer and Nash Model -- Goguen-Meseguer Model -- Sutherland Model -- Graham-Denning Model -- Harrison-Ruzzo-Ullman Model -- Select Controls Based on Systems Security Requirements -- Common Criteria -- Authorization to Operate -- Understand Security Capabilities of Information Systems -- Memory Protection -- Virtualization -- Trusted Platform Module Interfaces -- Fault Tolerance -- Encryption/Decryption -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 9 Security Vulnerabilities, Threats, and Countermeasures -- Shared Responsibility -- Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements -- Hardware -- Firmware -- Client-Based Systems -- Mobile Code -- Local Caches -- Server-Based Systems -- Large-Scale Parallel Data Systems -- Grid Computing -- Peer to Peer -- Industrial Control Systems -- Distributed Systems -- High-Performance Computing (HPC) Systems -- Internet of Things -- Edge and Fog Computing -- Embedded Devices and Cyber-Physical Systems -- Static Systems -- Network-Enabled Devices -- Cyber-Physical Systems -- Elements Related to Embedded and Static Systems -- Security Concerns of Embedded and Static Systems -- Specialized Devices -- Microservices -- Infrastructure as Code -- Virtualized Systems -- Virtual Software -- Virtualized Networking -- Software-Defined Everything -- Virtualization Security Management -- Containerization -- Serverless Architecture -- Mobile Devices -- Mobile Device Security Features -- Mobile Device Deployment Policies -- Essential Security Protection Mechanisms -- Process Isolation -- Hardware Segmentation -- System Security Policy -- Common Security Architecture Flaws and Issues -- Covert Channels -- Attacks Based on Design or Coding Flaws -- Rootkits -- Incremental Attacks -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Chapter 10 Physical Security Requirements -- Apply Security Principles to Site and Facility Design -- Secure Facility Plan -- Site Selection -- Facility Design -- Implement Site and Facility Security Controls -- Equipment Failure -- Wiring Closets -- Server Rooms/Data Centers -- Intrusion Detection Systems -- Cameras -- Access Abuses Media Storage Facilities CISSP (DE-588)4744965-2 gnd Zertifikat (DE-588)4190760-7 gnd Informationssicherheit (DE-588)1217680330 gnd Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4744965-2 (DE-588)4190760-7 (DE-588)1217680330 (DE-588)4274324-2
title	(ISC)2 CISSP certified information systems security professional official study guide
title_alt	(ISC) 2 CISSP certified information systems security professional official study guide
title_auth	(ISC)2 CISSP certified information systems security professional official study guide
title_exact_search	(ISC)2 CISSP certified information systems security professional official study guide
title_exact_search_txtP	(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide
title_full	(ISC)2 CISSP certified information systems security professional official study guide
title_fullStr	(ISC)2 CISSP certified information systems security professional official study guide
title_full_unstemmed	(ISC)2 CISSP certified information systems security professional official study guide
title_short	(ISC)2 CISSP certified information systems security professional official study guide
title_sort	isc 2 cissp certified information systems security professional official study guide
topic	CISSP (DE-588)4744965-2 gnd Zertifikat (DE-588)4190760-7 gnd Informationssicherheit (DE-588)1217680330 gnd Computersicherheit (DE-588)4274324-2 gnd
topic_facet	CISSP Zertifikat Informationssicherheit Computersicherheit
work_keys_str_mv	AT chapplemike isc2cisspcertifiedinformationsystemssecurityprofessionalofficialstudyguide AT stewartjamesmichael isc2cisspcertifiedinformationsystemssecurityprofessionalofficialstudyguide AT gibsondarril isc2cisspcertifiedinformationsystemssecurityprofessionalofficialstudyguide

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand!

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge