LEADER 06124nam 2200637 450 001 9910830400503321 005 20231007112955.0 010 $a1-119-42330-9 010 $a1-119-42332-5 010 $a1-119-42331-7 035 $a(CKB)4100000007926690 035 $a(MiAaPQ)EBC5747370 035 $a(NjHacI)994100000007926690 035 $a(BIP)067101228 035 $a(PPN)257173714 035 $a(OCoLC)1091896051 035 $a(EXLCZ)994100000007926690 100 $a20231007d2019 uy 0 101 0 $aeng 135 $aur||||||||||| 181 $ctxt$2rdacontent 182 $cc$2rdamedia 183 $acr$2rdacarrier 200 10$aCissp certified information systems security professional $ethe official (isc)2 cissp cbk reference /$fJohn Warsinske 205 $aFifth edition. 210 1$aDanvers :$cWiley,$d2019. 215 $a1 online resource (xxx, 898 pages) 311 $a1-119-42334-1 327 $aIntro; CISSP The Official (ISC)2® CISSP® CBK® Reference; Lead Author and Lead Technical Reviewer; Contributing Authors; Technical Reviewers; Contents at a Glance; Contents; Foreword; Introduction; Security and Risk Management; Asset Security; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management (IAM); Security Assessment and Testing; Security Operations; Software Development Security; Domain 1: Security and Risk Management; Understand and Apply Concepts of Confidentiality, Integrity, and Availability; Information Security Evaluate and Apply Security Governance PrinciplesAlignment of Security Functions to Business Strategy, Goals, Mission, and Objectives; Vision, Mission, and Strategy; Governance; Due Care; Determine Compliance Requirements; Legal Compliance; Jurisdiction; Legal Tradition; Legal Compliance Expectations; Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context; Cyber Crimes and Data Breaches; Privacy; Understand, Adhere to, and Promote Professional Ethics; Ethical Decision-Making; Established Standards of Ethical Conduct; (ISC)² Ethical Practices Develop, Document, and Implement Security Policy, Standards, Procedures, and GuidelinesOrganizational Documents; Policy Development; Policy Review Process; Identify, Analyze, and Prioritize Business Continuity Requirements; Develop and Document Scope and Plan; Risk Assessment; Business Impact Analysis; Develop the Business Continuity Plan; Contribute to and Enforce Personnel Security Policies and Procedures; Key Control Principles; Candidate Screening and Hiring; Onboarding and Termination Processes; Vendor, Consultant, and Contractor Agreements and Controls; Privacy in the Workplace Understand and Apply Risk Management ConceptsRisk; Risk Management Frameworks; Risk Assessment Methodologies; Understand and Apply Threat Modeling Concepts and Methodologies; Threat Modeling Concepts; Threat Modeling Methodologies; Apply Risk-Based Management Concepts to the Supply Chain; Supply Chain Risks; Supply Chain Risk Management; Establish and Maintain a Security Awareness, Education, and Training Program; Security Awareness Overview; Developing an Awareness Program; Training; Summary; Domain 2: Asset Security; Asset Security Concepts; Data Policy; Data Governance; Data Quality Data DocumentationData Organization; Identify and Classify Information and Assets; Asset Classification; Determine and Maintain Information and Asset Ownership; Asset Management Lifecycle; Software Asset Management; Protect Privacy; Cross-Border Privacy and Data Flow Protection; Data Owners; Data Controllers; Data Processors; Data Stewards; Data Custodians; Data Remanence; Data Sovereignty; Data Localization or Residency; Government and Law Enforcement Access to Data; Collection Limitation; Understanding Data States; Data Issues with Emerging Technologies; Ensure Appropriate Asset Retention. 330 8 $aThe only official, comprehensive reference guide to the CISSP All new for 2019 and beyond, this is the authoritative common body of knowledge (CBK) from (ISC)2 for information security professionals charged with designing, engineering, implementing, and managing the overall information security program to protect organizations from increasingly sophisticated attacks. Vendor neutral and backed by (ISC)2, the CISSP credentialmeets the stringent requirements of ISO/IEC Standard 17024.This CBK covers the new eight domains of CISSP with the necessary depth to apply them to the daily practice of information security. Written by a team of subject matter experts, this comprehensive reference covers all of the more than 300 CISSP objectives and sub-objectives in a structured format with: Common and good practices for each objective Common vocabulary and definitions References to widely accepted computing standards Highlights of successful approaches through case studies Whether you've earned your CISSP credential or are looking for a valuable resource to help advance your security career, this comprehensive guide offers everything you need to apply the knowledge of the most recognized body of influence in information security. 606 $aComputer networks$xSecurity measures$xExaminations$vStudy guides 606 $aTelecommunications engineers$xCertification 610 $aComputer Networks 610 $aComputers 610 $aAdministrative Agencies 610 $aPolitical Science 615 0$aComputer networks$xSecurity measures$xExaminations 615 0$aTelecommunications engineers$xCertification. 676 $a005.8 700 $aWarsinske$b John$01641826 702 $aHenry$b Kevin 702 $aGraff$b Mark 702 $aHoover$b Christopher 702 $aMalisow$b Ben 702 $aMurphy$b Sean 702 $aOakes$b C. Paul 702 $aPajari$b George 702 $aParker$b Jeff T. 702 $aSeidl$b David 702 $aVasquez$b Mike 801 0$bNjHacI 801 1$bNjHacl 906 $aBOOK 912 $a9910830400503321 996 $aCissp certified information systems security professional$93986171 997 $aUNINA