CISSP Cert Guide

CISSP Cert Guide

by Darren R. Hayes, Robin Abernathy
Released November 2022
Publisher(s): Pearson IT Certification
ISBN: 9780137507863

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Learn, prepare, and practice for CISSP exam success with this Cert Guide from Pearson IT Certification, a leader in IT certification learning.

  • Master the latest CISSP exam topics

  • Assess your knowledge with chapter-ending quizzes

  • Review key concepts with exam preparation tasks

  • Practice with realistic exam questions

  • Get practical guidance for test taking strategies

CISSP Cert Guide, Fourth Edition is a comprehensive exam study guide. Leading IT certification experts Robin Abernathy and Darren Hayes share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion website contains the powerful Pearson Test Prep practice test software engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this CISSP study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.

This study guide helps you master all the topics on the CISSP exam, including

  • Security and Risk Management

  • Asset Security

  • Security Architecture and Engineering

  • Communication and Network Security

  • Identity and Access Management (IAM)

  • Security Assessment and Testing

  • Security Operations

  • Software Development Security

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. Pearson’s Commitment to Diversity, Equity, and Inclusion
  6. Contents at a Glance
  7. Table of Contents
  8. About the Authors
  9. Dedications
  10. Acknowledgments
  11. About the Technical Reviewers
  12. We Want to Hear from You!
  13. Reader Services
  14. Introduction
    1. The Goals of the CISSP Certification
    2. The Value of the CISSP Certification
    3. The Common Body of Knowledge
    4. Steps to Becoming a CISSP
    5. Facts About the CISSP Exam
    6. About the CISSP Cert Guide, Fourth Edition
    7. Companion Website
    8. Pearson Test Prep Practice Test Software
    9. Figure Credits
  15. Chapter 1. Security and Risk Management
    1. Security Terms
    2. Security Governance Principles
    3. Compliance
    4. Legal and Regulatory Issues
    5. Investigation Types
    6. Professional Ethics
    7. Security Documentation
    8. Business Continuity
    9. Personnel Security Policies and Procedures
    10. Risk Management Concepts
    11. Geographical Threats
    12. Threat Modeling
    13. Security Risks in the Supply Chain
    14. Security Education, Training, and Awareness
    15. Review All Key Topics
    16. Complete the Tables and Lists from Memory
    17. Define Key Terms
    18. Answer Review Questions
    19. Answers and Explanations
  16. Chapter 2. Asset Security
    1. Asset Security Concepts
    2. Identify and Classify Information and Assets
    3. Information and Asset Handling Requirements
    4. Provision Resources Securely
    5. Data Life Cycle
    6. Asset Retention
    7. Data Security Controls
    8. Review All Key Topics
    9. Define Key Terms
    10. Answer Review Questions
    11. Answers and Explanations
  17. Chapter 3. Security Architecture and Engineering
    1. Engineering Processes Using Secure Design Principles
    2. Security Model Concepts
    3. System Security Evaluation Models
    4. Certification and Accreditation
    5. Control Selection Based on Systems Security Requirements
    6. Security Capabilities of Information Systems
    7. Security Architecture Maintenance
    8. Vulnerabilities of Security Architectures, Designs, and Solution Elements
    9. Vulnerabilities in Web-Based Systems
    10. Vulnerabilities in Mobile Systems
    11. Vulnerabilities in Embedded Systems
    12. Cryptographic Solutions
    13. Cryptographic Types
    14. Symmetric Algorithms
    15. Asymmetric Algorithms
    16. Public Key Infrastructure and Digital Certificates
    17. Key Management Practices
    18. Message Integrity
    19. Digital Signatures and Non-repudiation
    20. Applied Cryptography
    21. Cryptanalytic Attacks
    22. Digital Rights Management
    23. Site and Facility Design
    24. Site and Facility Security Controls
    25. Review All Key Topics
    26. Complete the Tables and Lists from Memory
    27. Define Key Terms
    28. Answer Review Questions
    29. Answers and Explanations
  18. Chapter 4. Communication and Network Security
    1. Secure Network Design Principles
    2. IP Networking
    3. Protocols and Services
    4. Converged Protocols
    5. Wireless Networks
    6. Communications Cryptography
    7. Secure Network Components
    8. Secure Communication Channels
    9. Network Attacks
    10. Review All Key Topics
    11. Define Key Terms
    12. Answer Review Questions
    13. Answers and Explanations
  19. Chapter 5. Identity and Access Management (IAM)
    1. Access Control Process
    2. Physical and Logical Access to Assets
    3. Identification and Authentication Concepts
    4. Identification and Authentication Implementation
    5. Identity as a Service (IDaaS) Implementation
    6. Third-Party Identity Services Integration
    7. Authorization Mechanisms
    8. Provisioning Life Cycle
    9. Access Control Threats
    10. Prevent or Mitigate Access Control Threats
    11. Review All Key Topics
    12. Define Key Terms
    13. Answer Review Questions
    14. Answers and Explanations
  20. Chapter 6. Security Assessment and Testing
    1. Design and Validate Assessment and Testing Strategies
    2. Conduct Security Control Testing
    3. Collect Security Process Data
    4. Analyze Test Outputs and Generate a Report
    5. Conduct or Facilitate Security Audits
    6. Review All Key Topics
    7. Define Key Terms
    8. Answer Review Questions
    9. Answers and Explanations
  21. Chapter 7. Security Operations
    1. Investigations
    2. Logging and Monitoring Activities
    3. Configuration and Change Management
    4. Security Operations Concepts
    5. Resource Protection
    6. Incident Management
    7. Detective and Preventive Measures
    8. Patch and Vulnerability Management
    9. Recovery Strategies
    10. Disaster Recovery
    11. Testing Disaster Recovery Plans
    12. Business Continuity Planning and Exercises
    13. Physical Security
    14. Personnel Safety and Security
    15. Review All Key Topics
    16. Define Key Terms
    17. Answer Review Questions
    18. Answers and Explanations
  22. Chapter 8. Software Development Security
    1. Software Development Concepts
    2. Security in the System and Software Development Life Cycle
    3. Security Controls in Development
    4. Assess Software Security Effectiveness
    5. Security Impact of Acquired Software
    6. Secure Coding Guidelines and Standards
    7. Review All Key Topics
    8. Define Key Terms
    9. Answer Review Questions
    10. Answers and Explanations
  23. Chapter 9. Final Preparation
    1. Tools for Final Preparation
    2. Suggested Plan for Final Review/Study
    3. Summary
  24. Index
  25. Appendix A. Memory Tables
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
  26. Appendix B. Memory Tables Answer Key
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
  27. Glossary
  28. Access Card
  29. Where are the companion content files? - Register
  30. Inside Front Cover
  31. Inside Back Cover
  32. Code Snippets

Product information

  • Title: CISSP Cert Guide
  • Author(s): Darren R. Hayes, Robin Abernathy
  • Release date: November 2022
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780137507863