CISSP in 21 days /

About This BookDay-by-day plan to study and assimilate core concepts from CISSP CBKRevise and take a mock test at the end of every four chaptersA systematic study and revision of myriad concepts to help you crack the CISSP examinationWho This Book Is For If you are a networking professional aspiring...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Srinivasan, M. L. (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing, 2016.
Edición:Second edition.
Temas:
Electronic data processing personnel > Certification.
Computer networks > Examinations > Study guides.
Réseaux d'ordinateurs > Examens > Guides de l'étudiant.
Computer networks > Examinations
Electronic data processing personnel > Certification
examination study guides.
Study guides
Study guides.
Guides de l'étudiant.
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Copyright; Credits; About the Author; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Day 1
  • Security and Risk Management
  • Security, Compliance, and Policies; Overview of security, compliance, and policies; Asset; Asset protection; Confidentiality, Integrity, and Availability (CIA); Confidentiality; Integrity; Availability; Security governance; Strategy, goals, mission, and objectives; Organizational processes; Security roles and responsibilities; Control frameworks; Management controls; Administrative controls; Technical controls.
  • Due diligence and due careCompliance; Legislative and regulatory compliance; Privacy requirements in compliance; Licensing and intellectual property; Legal and regulatory issues; Computer crimes; Fraud; Theft; Malware/malicious code; Cyber crime; Importing and exporting controls; Transborder data flow; Data breaches; Professional ethics; Codes of ethics; (ISC)sup /2/sup code of professional ethics; Security policies, standards, procedures, and guidelines; Personnel security policies; Employment candidate screening; Employment agreement and policies; Employment termination processes.
  • Vendor, consultant, and contractor controlsCompliance and privacy; Summary; Sample questions; Chapter 2: Day 2
  • Security and Risk Management
  • Risk Management, Business Continuity, and Security Education; Overview of risk management, business continuity, and security education; Risk management; Threats, vulnerabilities, and attacks; Threat risk modeling; Threat and vulnerability analysis; Attack analysis; Risk analysis; Quantitative risk analysis; Qualitative risk analysis; Risk treatment; Business continuity management; The Business Continuity Planning (BCP) process; BCP best practices.
  • Security risk considerations in acquisitions, strategy, and practiceInformation security education, training, and awareness; Summary; Sample questions; Chapter 3: Day 3
  • Asset Security
  • Information and Asset Classification; Overview of asset security
  • information and asset classification; Asset classification and control; Classification types in government; The United States information classification; Classification types in corporations; Data privacy; Data owners; Data processors; Data remanence; Data collection limitations; Data retention; Data in media; Data in hardware.
  • Data with personnelSummary; Sample questions; Chapter 4: Day 4
  • Asset Security
  • Data Security Controls and Handling; Overview of asset security
  • data security controls and handling; Data security controls; Data security requirements; Payment Card Industry Data Security Standard (PCI DSS); Sarbanes-Oxley Act (SOX); Gramm-Leach-Bliley Act (GLBA); EU Data Protection Act (DPA); Data Loss Prevention (DLP); [Data in motion]; Data in motion; Data at rest; Data in use; Data Loss Prevention strategies; DLP controls; Cryptographic methods to secure data; Encryption; Hashing; Digital signatures.

Ejemplares similares