06124nam 2200637 450 991083040050332120231007112955.01-119-42330-91-119-42332-51-119-42331-7(CKB)4100000007926690(MiAaPQ)EBC5747370(NjHacI)994100000007926690(BIP)067101228(PPN)257173714(OCoLC)1091896051(EXLCZ)99410000000792669020231007d2019 uy 0engur|||||||||||txtrdacontentcrdamediacrrdacarrierCissp certified information systems security professional the official (isc)2 cissp cbk reference /John WarsinskeFifth edition.Danvers :Wiley,2019.1 online resource (xxx, 898 pages)1-119-42334-1 Intro; CISSP The Official (ISC)2® CISSP® CBK® Reference; Lead Author and Lead Technical Reviewer; Contributing Authors; Technical Reviewers; Contents at a Glance; Contents; Foreword; Introduction; Security and Risk Management; Asset Security; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management (IAM); Security Assessment and Testing; Security Operations; Software Development Security; Domain 1: Security and Risk Management; Understand and Apply Concepts of Confidentiality, Integrity, and Availability; Information Security Evaluate and Apply Security Governance PrinciplesAlignment of Security Functions to Business Strategy, Goals, Mission, and Objectives; Vision, Mission, and Strategy; Governance; Due Care; Determine Compliance Requirements; Legal Compliance; Jurisdiction; Legal Tradition; Legal Compliance Expectations; Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context; Cyber Crimes and Data Breaches; Privacy; Understand, Adhere to, and Promote Professional Ethics; Ethical Decision-Making; Established Standards of Ethical Conduct; (ISC)² Ethical Practices Develop, Document, and Implement Security Policy, Standards, Procedures, and GuidelinesOrganizational Documents; Policy Development; Policy Review Process; Identify, Analyze, and Prioritize Business Continuity Requirements; Develop and Document Scope and Plan; Risk Assessment; Business Impact Analysis; Develop the Business Continuity Plan; Contribute to and Enforce Personnel Security Policies and Procedures; Key Control Principles; Candidate Screening and Hiring; Onboarding and Termination Processes; Vendor, Consultant, and Contractor Agreements and Controls; Privacy in the Workplace Understand and Apply Risk Management ConceptsRisk; Risk Management Frameworks; Risk Assessment Methodologies; Understand and Apply Threat Modeling Concepts and Methodologies; Threat Modeling Concepts; Threat Modeling Methodologies; Apply Risk-Based Management Concepts to the Supply Chain; Supply Chain Risks; Supply Chain Risk Management; Establish and Maintain a Security Awareness, Education, and Training Program; Security Awareness Overview; Developing an Awareness Program; Training; Summary; Domain 2: Asset Security; Asset Security Concepts; Data Policy; Data Governance; Data Quality Data DocumentationData Organization; Identify and Classify Information and Assets; Asset Classification; Determine and Maintain Information and Asset Ownership; Asset Management Lifecycle; Software Asset Management; Protect Privacy; Cross-Border Privacy and Data Flow Protection; Data Owners; Data Controllers; Data Processors; Data Stewards; Data Custodians; Data Remanence; Data Sovereignty; Data Localization or Residency; Government and Law Enforcement Access to Data; Collection Limitation; Understanding Data States; Data Issues with Emerging Technologies; Ensure Appropriate Asset Retention.The only official, comprehensive reference guide to the CISSP All new for 2019 and beyond, this is the authoritative common body of knowledge (CBK) from (ISC)2 for information security professionals charged with designing, engineering, implementing, and managing the overall information security program to protect organizations from increasingly sophisticated attacks. Vendor neutral and backed by (ISC)2, the CISSP credentialmeets the stringent requirements of ISO/IEC Standard 17024.This CBK covers the new eight domains of CISSP with the necessary depth to apply them to the daily practice of information security. Written by a team of subject matter experts, this comprehensive reference covers all of the more than 300 CISSP objectives and sub-objectives in a structured format with: Common and good practices for each objective Common vocabulary and definitions References to widely accepted computing standards Highlights of successful approaches through case studies Whether you've earned your CISSP credential or are looking for a valuable resource to help advance your security career, this comprehensive guide offers everything you need to apply the knowledge of the most recognized body of influence in information security.Computer networksSecurity measuresExaminationsStudy guidesTelecommunications engineersCertificationComputer NetworksComputersAdministrative AgenciesPolitical ScienceComputer networksSecurity measuresExaminationsTelecommunications engineersCertification.005.8Warsinske John1641826Henry KevinGraff MarkHoover ChristopherMalisow BenMurphy SeanOakes C. PaulPajari GeorgeParker Jeff T.Seidl DavidVasquez MikeNjHacINjHaclBOOK9910830400503321Cissp certified information systems security professional3986171UNINA