Certified Information Systems Security Professional (CISSP) Exam Guide: Become a certified CISSP professional with practical exam-oriented knowledge of all eight domains
Author: by Ted Jordan (Author), Ric Daza (Author), Hinne Hettema (Author) &
Publisher finelybook 出版社: Packt Publishing
Publication Date 出版日期: 2024-09-20
Language 语言: English
Print Length 页数: 526 pages
ISBN-10: 1800567618
ISBN-13: 9781800567610
Book Description
Master the skills to safeguard information assets in a dynamic digital landscape and achieve your CISSP certification
Purchase of this book unlocks access to online exam resources such as practice questions, flashcards, exam tips, and the eBook PDF
Key Features
- Explore up-to-date content meticulously aligned with the latest CISSP exam objectives
- Understand the value of governance, risk management, and compliance
- Assess your exam readiness with practice questions that match exam-level difficulty
Book Description
By finelybook
The (ISC)2 CISSP exam evaluates the competencies required to secure organizations, corporations, military sites, and government entities. The comprehensive CISSP certification guide offers up-to-date coverage of the latest exam syllabus, ensuring you can approach the exam with confidence, fully equipped to succeed.
Complete with interactive flashcards, invaluable exam tips, and self-assessment questions, this book helps you build and test your knowledge of all eight CISSP domains. Detailed answers and explanations for all questions will enable you to gauge your current skill level and strengthen weak areas.
This guide systematically takes you through all the information you need to not only pass the CISSP exam, but also excel in your role as a security professional. Starting with the big picture of what it takes to secure the organization through asset and risk management, it delves into the specifics of securing networks and identities. Later chapters address critical aspects of vendor security, physical security, and software security.
By the end of this book, you’ll have mastered everything you need to pass the latest CISSP certification exam and have this valuable desktop reference tool for ongoing security needs.
What you will learn
- Get to grips with network communications and routing to secure them best
- Understand the difference between encryption and hashing
- Know how and where certificates and digital signatures are used
- Study detailed incident and change management procedures
- Manage user identities and authentication principles tested in the exam
- Familiarize yourself with the CISSP security models covered in the exam
- Discover key personnel and travel policies to keep your staff secure
- Discover how to develop secure software from the start
Who this book is for
This book is for professionals seeking to obtain the ISC2 CISSP certification. You should have experience in at least two of the following areas: GRC, change management, network administration, systems administration, physical security, database management, or software development. Additionally, a solid understanding of network administration, systems administration, and change management is essential.
Table of Contents
- Ethics, Security Concepts, and Governance Principles
- Compliance, Regulation, and Investigations
- Security Policies and Business Continuity
- Risk Management, Threat Modeling, SCRM, and SETA
- Asset and Privacy Protection
- Information and Asset Handling
- Secure Design Principles and Controls
- Architecture Vulnerabilities and Cryptography
- Facilities and Physical Security
- Network Architecture Security
- Securing Communication Channels
- Identity, Access Management, and Federation
- Identity Management Implementation
- Designing and Conducting Security Assessments
- Designing and Conducting Security Testing
- Planning for Security Operations
- Security Operations
- Disaster Recovery
- Business Continuity, Personnel, and Physical Security
(N.B. Please use the Read Sample option to see further chapters)
About the Author
Ted Jordan, M.S., CISSP, Linux+, is a seasoned cybersecurity professional with over 30 years of experience. His career includes work with NASA, General Motors, Silicon Graphics, Sun Microsystems, Fakespace, and AM General. Ted has trained over 2,500 students to achieve their CISSP, Security+, and Linux+ certifications with The Training Camp and Learning Tree. He is also the author of five books on Linux and CISSP. In his free time, Ted enjoys a good game of tennis or watching the complexities of carom three-cushion billiards.
Ricardo “Ric” Daza, PhD, is a cybersecurity mentor with the Tampa Bay Wave Accelerator, a committee member with West Florida ISACA, and a recipient of two NSA fellowships. He is also an adjunct cybersecurity professor and frequent speaker at regional and international conferences with a doctorate in Information Assurance and holds double CCIE² (R&S, Security), CISSP, CRISC, CISA, ISO 27001 Lead Auditor, PMP, and RHCE certifications. Dr. Daza builds networks and develops cybersecurity solutions for foreign and domestic government agencies, as well as Fortune 500 companies in the financial, technology, defense, healthcare, and manufacturing sectors. He contributes to the cyber defense of organizations across the Americas. He specializes in an evidence-based approach to tackling process and technology challenges, including networking, risk management, security analysis, incident response, risk communication, vulnerability management, metrics and maturity programs, data science, programming, and more. In addition to being a seasoned executive cybersecurity consultant, Dr. Daza was an exam content developer, crafting the tests like CISSP for ISC2, the largest cybersecurity certification body in the world.
Hinne Hettema, a PhD in theoretical chemistry and philosophy of science, focuses especially on the implementation of security practices and mentoring others to become proficient security professionals. Working in IT since the early 1990s and focusing on security since the early 2000s, he has held a variety of roles working as a consultant, as part of a team, or as a leader of a security team. With over two decades of experience in the security field, Hinne has also served as an adjunct senior research fellow in cybersecurity at the University of Queensland, Australia. He has experience in developing, implementing and running security operations, incident response and security service definition and execution. He focuses current engagements primarily on how organizations can optimize current practices, develop improvements, and make sensible decisions about their future direction. To that end, he uses his skills in architecture, security posture management, data science, threat intelligence, risk assessment and situational awareness to ensure an optimal spend of the security dollar. He also has extensive experience in incident handling and response, including OT and ICS environments. He is a confident public speaker and can present to various audiences, from the general public to boards to cybersecurity experts to people needing training in specific aspects of cybersecurity. Hinne has authored several books including Agile Security Operation by Packt.
