ebook img

CISSP All in one Exam Guide PDF

1477 Pages·2018·61.83 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview CISSP All in one Exam Guide

Praise for CISSP® All-in-One Exam Guide A must-have reference for any cyber security practitioner, this book provides invaluable practical knowledge on the increasingly complex universe of security concepts, controls, and best practices necessary to do business in today’s world. Steve Zalewski, Chief Security Architect, Levi Strauss & Co. Shon Harris put the CISSP certification on the map with this golden bible of the CISSP. Fernando Maymí carries that legacy forward beautifully with clarity, accuracy, and balance. I am sure that Shon would be proud. David R. Miller, CISSP; GIAC GISP; PCI QSA; SME; MCT; MCITPro Enterprise Admin; MCSE NT 4.0, 2000, 2003, 2008; CEH; ECSA; LPT; CCNA; CWNA; CNE; GIAC GISF; CompTIA Security+, etc.… An excellent reference. Written clearly and concisely, this book is invaluable to students, educators, and practitioners alike. Dr. Joe Adams, Founder and Executive Director, Michigan Cyber Range A lucid, enlightening, and comprehensive tour de force through the breadth of cyber security. Maymí and Harris are masters of the craft. Dr. Greg Conti, Founder, Kopidion LLC I wish I found this book earlier in my career. It certainly was the single tool I used to pass the CISSP exam, but more importantly it has taught me about security from many aspects I did not even comprehend previously. I think the knowledge that I gained from this book is going to help me in many years to come. Terrific book and resource! Janet Robinson, Chief Security Officer The “All-in-One Exam Guide” is probably responsible for preventing tens of thousands of cyberattacks and for providing the strategic, operational, and tactical knowledge to secure vital government and corporate data centers and networks. I personally used Shon’s work to achieve my CISSP and I have globally recommended it to many audiences. I have led many large organizations and one of my fundamental requirements for any of the budding CISSPs that I have mentored on their path to achieve a CISSP certificate was that they had to do two things before I would send them to a CISSP training boot camp. First, they had to prove to me they read Shon’s Gold Book, as I called it, and second they had to attend a free online CISSP preparation seminar. I had great success with this methodology. I look forward to all future editions. Bill Ross, CISSP, CISM, IAM, SABSA Master Intelligence Officer, ITIL Shon Harris and the “All-in-One CISSP” book have been the secret to my success. While at RSA I engaged Shon in getting 90 percent of the worldwide sales engineers CISSP certified, all with the assistance of this book. I took this same program with me to Symantec, and Shon worked with me to ensure we had the same type of results with both security engineers and security executives at Symantec. Her straightforward approach contained in this book gave each individual the specific information they needed to take the CISSP exam. As a plus, each of them gained a great deal of knowledge and solid base that is required by today’s security professionals. I count myself as fortunate to have been introduced to Shon and the “All-in-One CISSP” early in my security career! Rick Hanson, CISSP Symantec Security Business Practice I have no hesitation in recommending Shon Harris’ “All-in-One Exam Guide”—the consummate guide to (a) passing the prestigious CISSP examination specifically and (b) more generally—a great insight into the wider world of information security. Mike Rabbitt, CISSP, CISA Information Security Officer A must-have for anyone serious about becoming a CISSP. Clément Dupuis, CD, Owner and Founder of The CCCure Family of Portals, www.cccure.org This is the best book to prepare for CISSP exam. Period. Sabyasachi Hazra, CISSP, CISA, CISM, PMP, CCSE, ISO 2700 1LA, CEH, CCSP, CCSA, CCSE, CCSE+, MCSA, CCNP, Deloitte & Touche Shon Harris is amazing at explaining the most complicated technologies in very simplified terms. This is a great book for studying for the CISSP exam, but also the only reference manual needed for any technical library. Casey Batz, Network Security Engineer, VMware Shon’s “CISSP All-in-One Guide” has been the go-to study guide for the more than 200 new CISSP holders developed in our region over the last two years. It continues to be a great asset for both the novice and experienced security practitioner. Alex Humber, Symantec Corporation Not coming from a technical background, your guide was exactly what was needed to prepare for the CISSP exam. The material was presented in a way that allowed for not only grasping the concepts but also understanding them. The CISSP exam is one of the toughest out there, and your guide is a great tool for preparing for that rigorous undertaking. Dr. Kevin Schatzle, CISSP, CFE, CPP I heard from others for years that Harris’ CISSP book was the gold star and now that I am getting around to preparing for the exam—I see exactly what they mean. I thought I had a firm grasp on most items that make up information security, but this book really showed me that there is a lot more involved than I imagined. This book has broadened my horizons and provided me deep insight. And by the way, I passed the CISSP exam easily from just studying this one book. Paul Rose, CEH, CISA, and now CISSP Security Compliance Officer Shon Harris really takes a different approach to writing, which helped me tremendously. The explanations, scenarios, metaphors, and a sprinkle of humor here and there made this book enjoyable—instead of a dreaded task. Some of the technical concepts I learned ten or more years ago, but after reading this book I now see how I did not understand these concepts to the necessary depth and I also understand how these technologies work together in the real world. The book has made me a much better security professional and allowed me to get my CISSP certification. Thanks for such a great piece of work! Mike Peterson, Information Security Officer Copyright © 2019 by McGraw-Hill Education. All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. ISBN: 978-1-26-014264-8 MHID: 1-26-014264-7 The material in this eBook also appears in the print version of this title: ISBN: 978-1-26-014265- 5, MHID: 1-26-014265-5. eBook conversion by codeMantra Version 1.0 All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps. McGraw-Hill Education eBooks are available at special quantity discounts to use as premiums and sales promotions or for use in corporate training programs. To contact a representative, please visit the Contact Us page at www.mhprofessional.com. Information has been obtained by McGraw-Hill Education from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Education does not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information. TERMS OF USE This is a copyrighted work and McGraw-Hill Education and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw- Hill Education’s prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms. THE WORK IS PROVIDED “AS IS.” McGRAW-HILL EDUCATION AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill Education and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill Education nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill Education has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill Education and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise. We dedicate this book to all those who have served selflessly. ABOUT THE AUTHORS Shon Harris, CISSP, was the founder and CEO of Shon Harris Security LLC and Logical Security LLC, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and an author. Shon owned and ran her own training and consulting companies for 13 years prior to her death in 2014. She consulted with Fortune 100 corporations and government agencies on extensive security issues. She authored three best-selling CISSP books, was a contributing author to Gray Hat Hacking: The Ethical Hacker’s Handbook and Security Information and Event Management (SIEM) Implementation, and a technical editor for Information Security Magazine. Fernando Maymí, Ph.D., CISSP, is Lead Scientist in the Cyber and Secure Autonomy division of Soar Technology, Inc., an artificial intelligence research and development company, a retired Army officer, and a former West Point faculty member with over 25 years’ experience in the field. He is currently leading multiple advanced research projects developing autonomous cyberspace agents for the Department of Defense. Fernando has developed and conducted large- scale cyber security exercises for major cities in the United States and abroad, and served as advisor for senior leaders around the world. He worked closely with Shon Harris, advising her on a multitude of projects, including the sixth edition of the CISSP All-in-One Exam Guide. About the Contributor/Technical Editor Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts. He retired after 21 years in the U.S. Air Force, serving as a network security engineer and instructor, and has secured networks all over the world. Bobby has a master’s degree in information assurance (IA) and is pursuing a doctoral degree in cyber security from Capitol Technology University in Maryland. His many certifications include CISSP-ISSEP, CEH, and MCSE: Security, as well as the CompTIA A+, Network+, Security+, and Mobility+ certifications. CONTENTS AT A GLANCE Chapter 1 Security and Risk Management Chapter 2 Asset Security Chapter 3 Security Architecture and Engineering Chapter 4 Communication and Network Security Chapter 5 Identity and Access Management Chapter 6 Security Assessment and Testing Chapter 7 Security Operations Chapter 8 Software Development Security Appendix A Comprehensive Questions Appendix B About the Online Content Glossary Index

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.