CISSP® Study Guide, 4th Edition

CISSP® Study Guide, 4th Edition

by Joshua Feldman, Seth Misenar, Eric Conrad
Released January 2023
Publisher(s): Syngress
ISBN: 9780443187353

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

CISSP® Study Guide, Fourth Edition provides the latest updates on CISSP® certification, the most prestigious, globally-recognized, vendor neutral exam for information security professionals. In this new edition, readers will learn about what's included in the newest version of the exam’s Common Body of Knowledge. The eight domains are covered completely and as concisely as possible. Each domain has its own chapter, including specially designed pedagogy to help readers pass the exam. Clearly stated exam objectives, unique terms/definitions, exam warnings, learning by example, hands-on exercises, and chapter ending questions help readers fully comprehend the material.

  • Provides the most complete and effective study guide to prepare you for passing the CISSP® exam--contains only what you need to pass the test, with no fluff!
  • Eric Conrad has prepared hundreds of professionals for passing the CISSP® exam through SANS, a popular and well-known organization for information security professionals
  • Covers all of the new information in the Common Body of Knowledge updated in May 2021, and also provides tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. About the authors
  6. Chapter 1: Introduction
    1. Abstract
    2. How to Prepare for the Exam
    3. How to Take the Exam
    4. Good Luck!
    5. References
  7. Chapter 2: Domain 1: Security and Risk Management
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Cornerstone Information Security Concepts
    5. Legal and Regulatory Issues
    6. Ethics
    7. Information Security Governance
    8. Access Control Defensive Categories and Types
    9. Risk Analysis
    10. Security and Third Parties
    11. Types of Attackers
    12. Summary of Exam Objectives
    13. Self-Test
    14. Self-Test Quick Answer Key
    15. References
  8. Chapter 3: Domain 2: Asset Security
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Classifying Data
    5. Ownership and Inventory
    6. Memory and Remanence
    7. Data Destruction
    8. Determining Data Security Controls
    9. Summary of Exam Objectives
    10. Self-Test
    11. Self-Test Quick Answer Key
    12. References
  9. Chapter 4: Domain 3: Security Architecture and Engineering
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Secure Design Principles
    5. Security Models
    6. Evaluation Methods, Certification, and Accreditation
    7. Secure System Design Concepts
    8. Secure Hardware Architecture
    9. Secure Operating System and Software Architecture
    10. Virtualization, Cloud, and Distributed Computing
    11. System Vulnerabilities, Threats, and Countermeasures
    12. Cornerstone Cryptographic Concepts
    13. Types of Cryptography
    14. Cryptographic Attacks
    15. Implementing Cryptography
    16. Perimeter Defenses
    17. Site Selection, Design, and Configuration
    18. System Defenses
    19. Environmental Controls
    20. Summary of Exam Objectives
    21. Self-Test
    22. Self-Test Quick Answer Key
    23. References
  10. Chapter 5: Domain 4: Communication and Network Security
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Network Architecture and Design
    5. Secure Network Devices and Protocols
    6. Secure Communications
    7. Summary of Exam Objectives
    8. Self-Test
    9. Self-Test Quick Answer Key
    10. References
  11. Chapter 6: Domain 5: Identity and Access Management (IAM)
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Authentication Methods
    5. Access Control Technologies
    6. Access Control Models
    7. Identity and Access Provisioning Lifecycle
    8. Summary of Exam Objectives
    9. Self-Test
    10. Self-Test Quick Answer Key
    11. References
  12. Chapter 7: Domain 6: Security Assessment and Testing
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Security Control Testing
    5. Collecting Security Process Data
    6. Summary of Exam Objectives
    7. Self-Test
    8. Self-Test Quick Answer Key
    9. References
  13. Chapter 8: Domain 7: Security Operations
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Administrative Security
    5. Forensics
    6. Incident Management
    7. Operational Preventive and Detective Controls
    8. Asset Management
    9. Continuity of Operations
    10. BCP and DRP Overview and Process
    11. Developing a BCP/DRP
    12. Backups and Availability
    13. DRP Testing, Training, and Awareness
    14. Continued BCP/DRP Maintenance
    15. Specific BCP/DRP Frameworks
    16. Summary of Exam Objectives
    17. Self-Test
    18. Self-Test Quick Answer Key
    19. References
  14. Chapter 9: Domain 8: Software Development Security
    1. Abstract
    2. Unique Terms and Definitions
    3. Introduction
    4. Programming Concepts
    5. Application Development Methods
    6. Databases
    7. Object-Oriented Design and Programming
    8. Assessing the Effectiveness of Software Security
    9. Artificial Intelligence
    10. Summary of Exam Objectives
    11. Self-Test
    12. Self-Test Quick Answer Key
    13. References
  15. Appendix: Self-Test
    1. Chapter 2: Domain 1: Security and Risk Management
    2. Chapter 3: Domain 2: Asset Security
    3. Chapter 4: Domain 3: Security Architecture and Engineering
    4. Chapter 5: Domain 4: Communication and Network Security
    5. Chapter 6: Domain 5: Identity and Access Management
    6. Chapter 7: Domain 6: Security Assessment and Testing
    7. Chapter 8: Domain 7: Security Operations
    8. Chapter 9: Domain 8: Software Development Security
  16. Glossary
  17. Index

Product information

  • Title: CISSP® Study Guide, 4th Edition
  • Author(s): Joshua Feldman, Seth Misenar, Eric Conrad
  • Release date: January 2023
  • Publisher(s): Syngress
  • ISBN: 9780443187353