Indianapolis, IN, : Wiley, 2012

1-280-77577-7

9786613686169

1-118-46389-7

1 online resource (938 p.)

SYBEX serious skills CISSP

ChappleMike, M.S.

GibsonDarril

005.8

Electronic data processing personnel - Certification

Computer networks - Examinations

Computer security - Examinations

Inglese

Includes index.

CISSP® Certified Information Systems Security Professional: Study Guide; Acknowledgments; About the Authors; Contents; Introduction; (ISC)2; CISSP and SSCP; Prequalifications; Overview of the CISSP Exam; CISSP Exam Question Types; Advice on Taking the Exam; Study and Exam Preparation Tips; Completing the Certification Process; Post-CISSP Concentrations; Notes on This Book's Organization; The Elements of This Study Guide; What's Included With the Additional Study Tools; The Sybex Test Preparation Software; Electronic Flashcards; Glossary of Terms in PDF; Bonus Practice Exams

How to Use This Book's Study ToolsAssessment Test; Answers to Assessment Test; Chapter 1: Access Control; Access Control Overview; Users, Owners, and Custodians; The CIA Triad; Policies; Compare Permissions, Rights, and Privileges; Types of Access Control; Defense in Depth; Access Control Elements; Identification and Authentication Techniques; Passwords; Smart Cards and Tokens; Biometrics; Multifactor Authentication; Access Control Techniques; Security Operations Principles; Discretionary Access Controls; Nondiscretionary

Access Controls; Mandatory Access Controls; Role-Based Access Control

Centralized versus Decentralized Access ControlSingle Sign-On; AAA Protocols; Authorization Mechanisms; Identity and Access Provisioning Life Cycle; Provisioning; Account Review; Account Revocation; Summary; Exam Essentials; Written Lab; Review Questions; Chapter 2: Access Control Attacks and Monitoring; Understanding Access Control Attacks; Introduction to Risk Elements; Asset Valuation; Threat Modeling; Vulnerability Analysis; Common Access Control Attacks; Preventing Access Control Attacks; Logging and Monitoring; Assessing Effectiveness of Access Controls; Handling Audit Reports; Summary

Exam EssentialsWritten Lab; Review Questions; Chapter 3: Secure Network Architecture and Securing Network Components; OSI Model; History of the OSI Model; OSI Functionality; Encapsulation/Deencapsulation; OSI Layers; TCP/IP Model; TCP/IP Protocol Suite Overview; Secure Network Components; Network Access Control; Firewalls; Endpoint Security; Other Network Devices; Cabling, Wireless, Topology, and Communications Technology; Network Cabling; Wireless Communications and Security; Network Topologies; LAN Technologies; Summary; Exam Essentials; Written Lab; Review Questions

Chapter 4: Secure Communications and Network AttacksNetwork and Protocol Security Mechanisms; Secure Communications Protocols; Authentication Protocols; Virtual Private Network; Tunneling; How VPNs Work; Common VPN Protocols; Virtual LAN; Remote Access Security Management; Plan Remote Access Security; Dial-Up Protocols; Centralized Remote Authentication Services; Network Address Translation; Private IP Addresses; Stateful NAT; Static and Dynamic NAT; Automatic Private IP Addressing; Switching Technologies; Circuit Switching; Packet Switching; Virtual Circuits; WAN Technologies

WAN Connection Technologies

Fully updated Sybex Study Guide for the industry-leading security certification: CISSP  Security professionals consider the Certified Information Systems Security Professional (CISSP) to be the most desired certification to achieve. More than 200,000 have taken the exam, and there are more than 70,000 CISSPs worldwide. This highly respected guide is updated to cover changes made to the CISSP Body of Knowledge in 2012. It also provides additional advice on how to pass each section of the exam. With expanded coverage of key areas, it also includes a full-length, 250-question prac