CISSP: 3 in 1- Beginner’s Guide to Learn the Realms of Security and Risk Management from A-Z using CISSP Principles+ Simple and Effective Strategies+ Advanced Methods to Learn the CISSP CBK Reference
- Length: 483 pages
- Edition: 1
- Language: English
- Publication Date: 2021-07-25
- ISBN-10: B09B92M8GT
- Sales Rank: #0 (See Top 100 Books)
This book covers the first domain of the CISSP realm and is written with carefully structured content providing a step-by-step learning process so that the readers go through a well-structured learning path with scenarios and real-world examples. It includes the latest information and statistics and follows the most recent syllabus released by (ISC)2. Let’s look at the content at a glance.
- Information about CISSP and the examination, everything you want to know.
- Information security risks, threats, and vulnerabilities.
- Information security concepts, confidentially, integrity, security.
- Cryptography basics.
- Security and governance principles in an organization.
- Security policies, standards, procedures, guidelines, baselines, and more.
- Organizations and information security laws, regulations, compliance, and standards.
- Information security, compliance, and risk management.
- Risk Management methodologies, frameworks, Business continuity.
- Professional ethics.
- Personal security policies and procedures.
- Privacy and its role in customers, employees, and organizations.
- Risk management in the supply chain.
- Security awareness training and education.
- And more!
The book includes additional information on difficult topics as the beginners should have a proper foundation. CISSP is a challenging topic, and therefore, the foundation topics must be well-understood; hence the reader can learn the rest of the domains with confidence. It includes extensive information on risk management, security, and global frameworks. The objective is to provide practical guidance with more hands-on. With all the content, this will provide a good starting point at your CISSP journey.
The purpose of this book is to provide you a solid understanding of fundamentals. Without knowing the basics, it is difficult to perceive the vast level of information that you are going to concentrate on through the CISSP journey. In fact, the book starts with the basics but it does not stop there. It takes you to more advanced topics once you are ready. In other words, it provides A-Z knowledge in all the 8 realms, nothing less.
The following areas are covered in this book.
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Each chapter covers a complete CISSP domain in an easy to understand and a concise manner. The book also includes all the information required to register and prepare for the CISSP examination. Furthermore, the book includes tips and references to the required websites and courseware. If you’re looking for an all in one guide then they’ll want to click the BUY NOW button to get started!
CISSPA Comprehensive Beginner's Guide to Learn the Realms of Security and Risk Management from A-Z using CISSP Principles CISSPA Comprehensive Beginner's Guide to Learn the Realms of Security and Risk Management from A-Z using CISSP Principles Introduction How to Use This Book A Brief History, Requirements, and Future Prospects CISSP Concentration, Education and Examination Options Chapter One: Security and Risk Management – An Introduction Chapter One: Security and Risk Management – An Introduction Measuring Vulnerabilities Threat Actors, Threats, and Threat Rates The Cost Chapter Two: Understand and Apply Concepts of Confidentiality, Integrity, and Availability Chapter Two: Understand and Apply Concepts of Confidentiality, Integrity, and Availability Confidentiality Integrity Confidentiality Chapter Three: Evaluate and Apply Security Governance Principles Chapter Three: Evaluate and Apply Security Governance Principles In this chapter, you will learn: Mission, Goals, and Objectives Organizational Processes (acquisitions, divestitures, governance committees) Acquisition and Divestitures Organizational Roles and Responsibilities COBIT ISO/IEC 27000 OCTAVE NIST Framework Corrective Controls Due Care/Due Diligence Chapter Four: Determining Compliance Requirements Chapter Four: Determining Compliance Requirements Contractual, Legal, Industry Standards, and Regulatory Requirements Country-Wide Classification Federal Information Security Management Act (FISMA) Health Insurance Portability and Accountability Act (HIPAA) Payment Card Industry Data Security Standard (PCI DSS) Sarbanes–Oxley Act (SOX) Privacy Requirements General Data Protection Regulation (GDPR) GDPR – Array of Legal Terms The Key Regulatory Point Chapter Five: Understanding Legal and Regulatory Issues Chapter Five: Understanding Legal and Regulatory Issues Cybercrime Licensing and Intellectual Property Requirements Import/Export Controls Trans-Border Data Flow Chapter Six: Understand, Adhere To, and Promote Professional Ethics Chapter Six: Understand, Adhere To, and Promote Professional Ethics (ISC)² Code of Professional Ethics Cannons Organizational Code of Ethics Key Components of a Successful Code of Ethics Lineup Chapter Seven: Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines Chapter Seven: Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines Standards Procedures Guidelines Baselines Chapter Eight: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements Chapter Eight: Identify, Analyze, and Prioritize Business Continuity (BC) Requirements Develop and Document Scope and Plan Planning for the Business Continuity Process Business Impact Analysis BIA Process Recovery Strategy Plan Development Testing and Exercises Chapter Nine: Contribute To and Enforce Personnel Security Policies and Procedures Chapter Nine: Contribute To and Enforce Personnel Security Policies and Procedures Candidate Screening and Hiring Employment Agreements and Policies Onboarding and Termination Processes Vendor, Consultant, and Contractor Agreements and Controls Compliance Policy Requirements Privacy Policy Requirements Chapter Ten: Understand and Apply Risk Management Concepts Chapter Ten: Understand and Apply Risk Management Concepts Identify Threats and Vulnerabilities Risk Analysis and Assessment Risk Response Countermeasure Selection and Implementation Applicable Types of Controls Security Control Assessment (SCA) Asset Valuation Reporting Continuous Improvements Risk Frameworks Chapter Eleven: Understand and Apply Threat Modeling Concepts and Methodologies Chapter Eleven: Understand and Apply Threat Modeling Concepts and Methodologies Why Threat Modeling and When? Threat Modeling Methodologies, Tools and Techniques Other Threat Modeling Tools Chapter Twelve: Apply Risk-Based Management Concepts to the Supply Chain Chapter Twelve: Apply Risk-Based Management Concepts to the Supply Chain Risks Associated with Hardware, Software, and Services Third-Party Assessment and Monitoring Minimum Security Requirements Service-Level Requirements Service Level Agreements Operational Level Agreements Underpinning Contracts Chapter Thirteen: Establish and Maintain a Security Awareness, Education, and Training Program Chapter Thirteen: Establish and Maintain a Security Awareness, Education, and Training Program Methods and Techniques to Present Awareness and Training Periodic Content Reviews Program Effectiveness Evaluation Conclusion References CISSPSimple and Effective Strategies to Learn the Fundamentals of Information Security Systems for CISSP Exam CISSPSimple and Effective Strategies to Learn the Fundamentals of Information Security Systems for CISSP Exam Introduction Chapter 1: Security and Risk Management Chapter 1: Security and Risk Management Maintaining Confidentiality and Various Requirements System Integrity and Availability Enhancing Security and Designating the Roles Identifying and Assessing Threats and Risks Risk Terminology Risk Management Cost/Benefit Analysis Controls Risk Management Framework Business Continuity Management (BCM) Chapter 2: Telecommunication and Network Security Chapter 2: Telecommunication and Network Security Local Area Network (LAN) Wide Area Network (WAN) OSI Reference Model The First Layer: Physical Layer Network Topologies Cable and Connector Types Interface Types Networking Equipment The Second Layer: Data Link Layer Logical Link Control (LLC) Media Access Control (MAC) Protocols in Local Area Networks and the Transmission Methods Protocols in WLAN and WLAN Tech Different Protocols and Technologies of WAN Point to Point Links Circuit Switched Networks Packet-Switched Networks The Networking Equipment Found in the Data Link Layer The Fourth Layer: Transport Layer The Fifth Layer: Session Layer The Sixth Layer: Presentation Layer The Seventh Layer: Application Layer Chapter 3: Security of Software Development Chapter 3: Security of Software Development Security Workings in Distributed Software Working with Agents in Distributed Systems Object-Oriented Environments Databases Types of Databases Operating Systems Systems Development Life Cycle Controlling the Security of Applications AV Popping up Everywhere Chapter 4: Cryptography Chapter 4: Cryptography The Basics of Cryptography The Cryptosystem Classes of Ciphers The Different Types of Ciphers Symmetric and Asymmetric Key Systems Chapter 5: Operating in a Secure Environment Chapter 5: Operating in a Secure Environment Computer Architecture Virtualization Operating in a Secured Environment Recovery Procedures Vulnerabilities in Security Architecture Security Countermeasures Confidentiality Integrity Availability Access Control Models Trusted Network Interpretation (TNI) European Information Technology Security Evaluation Criteria (ITSEC) Chapter 6: Business Continuity Planning and Disaster Recovery Planning Chapter 6: Business Continuity Planning and Disaster Recovery Planning Setting Up a Business Continuity Plan Identifying the Elements of a BCP Developing the Business Continuity Plan Conclusion CISSPA Comprehensive Guide of Advanced Methods to Learn the CISSP CBK Reference CISSPA Comprehensive Guide of Advanced Methods to Learn the CISSP CBK Reference Introduction How to Use this Book CISSP Domains, Learning Options, and Examination CISSP Domains Chapter 1: Domain 1 - Security and Risk Management Chapter 1: Domain 1 - Security and Risk Management The Role of Information and Risk Risk, Threat, and Vulnerability 1.1 Understand and Apply Concepts of Confidentiality, Integrity, and Availability 1.2 Evaluate and Apply Security Governance Principles 1.3 Determine Compliance Requirements 1.4 Understand Legal and Regulatory Issues that pertain to Information Security in a Global Context 1.5 Understand, Adhere To and Promote Professional Ethics 1.6 Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines 1.7 Identify, Analyze, and Prioritize Business Continuity (BC) Requirements 1.8 Contribute To and Enforce Personnel Security Policies and Procedures 1.9 Understand and Apply Risk Management Concepts 1.10 Understand and Apply Threat Modeling Concepts and Methodologies 1.11 Apply Risk-Based Management Concepts to the Supply Chain 1.12 Establish and Maintain a Security Awareness, Education, and Training Program Chapter 2: Domain 2 - Asset Security Chapter 2: Domain 2 - Asset Security 2.1 Identify and Classify Information and Sssets 2.2 Determine and Maintain Information and Asset Ownership 2.3 Protect Privacy 2.4 Ensure Appropriate Asset Retention 2.5 Determine Data Security Controls 2.6 Establish Information and Asset Handling Requirements Chapter 3: Domain 3 - Security Architecture and Engineering Chapter 3: Domain 3 - Security Architecture and Engineering 3.1 Implement and Manage Engineering Processes using Secure Design Principles 3.2 Understand the Fundamental Concepts of Security Models 3.3 Select Controls Based Upon Systems Security Requirements 3.4 Understand Security Capabilities of Information Systems (e.g., Memory Protection, Trusted Platform Module (TPM), Encryption/Decryption 3.5 Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements 3.6 Assess and Mitigate Vulnerabilities in Web-Based Systems 3.7 Assess and Mitigate Vulnerabilities in Mobile Systems 3.8 Assess and Mitigate Vulnerabilities in Embedded Devices 3.9 Apply Cryptography 3.10 Apply Security Principles to Site and Facility Design 3.11 Implement Site and Facility Security Controls Chapter 4: Domain 4 - Communication and Network Security Chapter 4: Domain 4 - Communication and Network Security 4.1 Implement Secure Design Principles in Network Architecture 4.2 Secure Network Components 4.3 Implement Secure Communication Channels According to Design Chapter 5: Domain 5 - Identity and Access Management (IAM) Chapter 5: Domain 5 - Identity and Access Management (IAM) 5.1 Control Physical and Logical Access to Assets 5.2 Manage Identification and Authentication of People, Devices, and Services 5.3 Integrated Identity as a Third-Party Service 5.4 Implement and Manage Authorization Mechanisms 5.5 Manage the Identity and Access Provisioning Lifecycle Chapter 6: Domain 6 - Security Assessment and Testing Chapter 6: Domain 6 - Security Assessment and Testing 6.1 Design and Validate Assessment, Test, and Audit Strategies 6.2 Conducting Security Control Tests 6.3 Collect Security Process Data 6.4 Analyze Test Output and Generate Reports 6.5 Conduct or Facilitate Security Audits Chapter 7: Domain 7 - Security Operations Chapter 7: Domain 7 - Security Operations 7.1 Understanding and Support Investigations 7.2 Understanding Requirements for Investigation Types 7.3 Conduct Logging and Monitoring Activities 7.4 Secure Provision Resources 7.5 Understand and Apply Foundational Security Operation Concepts 7.6 Apply Resource Protection Techniques 7.7 Conduct Incident Management 7.8 Operate and Maintain Detective and Preventive Measures 7.9 Implement and Support Patch and Vulnerability Management 7.10 Understanding and Participating in Change Management 7.11 Implement Recovery Strategies 7.12 Implement Disaster Recovery Process 7.13 Disaster Recovery Plans (DRP) 7.14 Participate in Business Continuity Planning and Exercises 7.15 Implement and Manage Physical Security 7.16 Address Personal Safety and Security Concerns Chapter 8: Domain 8 - Software Development Security Chapter 8: Domain 8 - Software Development Security 8.1 Understand and Integrate Security Throughout the Software Development Lifecycle (SDLC) 8.2 Identify and Apply Security Controls in Development Environments 8.3 Assess the Effectiveness of Software Security 8.4 Assess Security Impact of Acquired Software 8.5 Define and Apply Secure Coding Guidelines and Standards Conclusion
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.