CISSP: Certified Information Systems Security Professional Study Guide

Develop the Skills to Achieve CISSP Certification If your goal is to become a certified security professional, then the CISSP certification and this study guide are for you. This practical guide walks you through each of the updated CISSP Common Body of Knowledge domains to provide you with a clear understanding of the material. You'll learn helpful tips along the way to help you prepare for each section of the exam and develop practical skills that you can effectively apply on the job. Inside, find: Full coverage of all exam objectives in a systematic approach, so you can be confident you're getting the instruction you need for the exam Practical written labs to reinforce critical skills Real-world scenarios that put what you've learned in the context of actual job roles Challenging review questions in each chapter to prepare you for exam day Exam Essentials, a key feature in each chapter that identifies critical areas you must become proficient in before taking the exam A detailed objective map that shows the reader where each of the BoK domains is covered in the book, so you can track your exam prep objective by objective Sybex Exam Prep Tools Go to www.sybex.com/go/cissp6e to register and download a full set of electronic test prep tools to help you thoroughly prepare for the exam. These include: Chapter review questions Three full-length practice exams Electronic flashcards Glossary of terms in PDF Download practice exams and chapter review questions Reinforce your understanding with electronic flashcards Includes Real-World Scenarios, Written Exercises, and Access to Exam Prep Software Featuring: + Three Full-Length Practice Exams + Over 1,000 Practice Questions + Electronic Flashcards

Introduction xxxv Assessment Test xliv Chapter 1 Access Control 1 Chapter 2 Access Control Attacks and Monitoring 47 Chapter 3 Secure Network Architecture and Securing Network Components 87 Chapter 4 Secure Communications and Network Attacks 151 Chapter 5 Security Governance Concepts, Principles, and Policies 205 Chapter 6 Risk and Personnel Management 239 Chapter 7 Software Development Security 275 Chapter 8 Malicious Code and Application Attacks 327 Chapter 9 Cryptography and Symmetric Key Algorithms 361 Chapter 10 PKI and Cryptographic Applications 403 Chapter 11 Principles of Security Models, Design, and Capabilities 437 Chapter 12 Security Architecture Vulnerabilities, Threats, and Countermeasures 477 Chapter 13 Security Operations 531 Chapter 14 Incident Management 571 Chapter 15 Business Continuity Planning 617 Chapter 16 Disaster Recovery Planning 643 Chapter 17 Laws, Regulations, and Compliance 681 Chapter 18 Incidents and Ethics 713 Chapter 19 Physical Security Requirements 745 Appendix A Answers to Review Questions 781 Appendix B Answers to Written Labs 815 Appendix C About the Additional Study Tools 829 Index 833

James Michael Stewart (Austin, TX), CISSP, is a security expert who has authored numerous publications, books, and courseware. Michael is also an instructor of CISSP and a variety of ethical hacking classes. Mike Chapple (Miami, FL), Ph.D., CISSP, is an information security professional with the University of Notre Dame. In the past, he was chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S. Air Force. His primary areas of expertise include network intrusion detection and access controls. Mike is a frequent contributor to TechTarget′s SearchSecurity site, author of several information security titles including. Both Stewart and Chapple co–authored previous editions of the CISSP: Certified Information Systems Security Professional Study Guide . Darril Gibson (Virginia Beach, VA), Security+, CISSP, ITIL v3, is the CEO of Security Consulting and Training, LLC. He regularly teaches, writes, and consults on a wide variety of security and technical topics. He′s been a Microsoft Certified Trainer since August 1999 and holds several certifications. He has authored, coauthored, or contributed to 14 books on a wide range of topics including Security+ and other security topics.