1.

Record Nr.

UNINA9910457935803321

Autore

Stewart James Michael

Titolo

CISSP [[electronic resource] ] : Certified Information Systems Security Professional study guide / / James Michael Stewart, Ed Tittel, Mike Chapple

Pubbl/distr/stampa

San Francisco, : SYBEX, c2005

ISBN

1-280-28704-7

9786610287048

0-471-77981-4

Edizione

[3rd ed.]

Descrizione fisica

1 online resource (803 p.)

Altri autori (Persone)

TittelEd

ChappleMike

Disciplina

005.8

Soggetti

Electronic data processing personnel - Certification

Computer networks - Examinations

Computer security - Examinations

Electronic books.

Lingua di pubblicazione

Inglese

Formato

Materiale a stampa

Livello bibliografico

Monografia

Note generali

Tittle's name appears first on the earlier editions.

Includes index.

Nota di contenuto

CISSP: Certified Information Systems Security Professional Study Guide, 3rd Edition; Acknowledgments; Contents At A Glance; Contents; Introduction; Assessment Test; Answers to Assessment Test; Chapter 1: Accountability and Access Control; Access Control Overview; Identification and Authentication Techniques; Access Control Techniques; Access Control Methodologies and Implementation; Access Control Administration; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 2: Attacks and Monitoring; Monitoring; Intrusion Detection; IDS-Related Tools; Penetration Testing

Methods of AttacksAccess Control Compensations; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 3: ISO Model, Network Security, and Protocols; OSI Model; Communications and Network Security; Internet/Intranet/Extranet Components; Remote Access Security Management; Network and Protocol Security Mechanisms; Network and Protocol Services; Avoiding



Single Points of Failure; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 4: Communications Security and Countermeasures; Virtual Private Network (VPN); Network Address Translation

Switching TechnologiesWAN Technologies; Miscellaneous Security Control Characteristics; Managing E-Mail Security; Securing Voice Communications; Security Boundaries; Network Attacks and Countermeasures; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 5: Security Management Concepts and Principles; Security Management Concepts and Principles; Protection Mechanisms; Change Control/Management; Data Classification; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 6: Asset Value, Policies, and Roles; Employment Policies and Practices

Security RolesSecurity Management Planning; Policies, Standards, Baselines, Guidelines, and Procedures; Risk Management; Security Awareness Training; Summary; Exam Essentials; Review Questions; Answers to Review Questions; Chapter 7: Data and Application Security Issues; Application Issues; Databases and Data Warehousing; Data/Information Storage; Knowledge-Based Systems; Systems Development Controls; Summary; Exam Essentials; Written Lab; Review Questions; Answers to Review Questions; Answers to Written Lab; Chapter 8: Malicious Code and Application Attacks; Malicious Code; Password Attacks

Denial of Service AttacksApplication Attacks; Reconnaissance Attacks; Masquerading Attacks; Decoy Techniques; Summary; Exam Essentials; Written Lab; Review Questions; Answers to Review Questions; Answers to Written Lab; Chapter 9: Cryptography and Private Key Algorithms; History; Cryptographic Basics; Modern Cryptography; Symmetric Cryptography; Summary; Exam Essentials; Written Lab; Review Questions; Answers to Review Questions; Answers to Written Lab; Chapter 10: PKI and Cryptographic Applications; Asymmetric Cryptography; Hash Functions; Digital Signatures; Public Key Infrastructure

Applied Cryptography

Sommario/riassunto

CISSP Certified Information Systems Security Professional Study Guide Here's the book you need to prepare for the challenging CISSP exam from (ISC) ̄2. This third edition was developed to meet the exacting requirements of today's security certification candidates, and has been thoroughly updated to cover recent technological advances in the field of IT security. In addition to the consistent and accessible instructional approach that readers have come to expect from Sybex, this book provides:Clear and concise information on critical security technologies and topicsPr