CISSP Exam Cram 5th Edition

Cover
Title Page
Copyright
Credits
Contents at a Glance
Table of Contents
Introduction
CHAPTER 1: The CISSP Certification Exam
	Introduction
	Assessing Exam Readiness
	Exam Topics
	Taking the Exam
	Examples of CISSP Test Questions
	Answer to Multiple-Choice Question
	Answer to Drag and Drop Question
	Answer to Hotspot Question
	Question-Handling Strategies
	Mastering the Inner Game
	Need to Know More?
CHAPTER 2: Understanding Asset Security
	Introduction
	Basic Security Principles
	Data Management: Determining and Maintaining Ownership
		Data Governance Policies
		Roles and Responsibilities
		Data Ownership
		Data Custodians
		Data Documentation and Organization
		Data Warehousing
		Data Mining
		Knowledge Management
	Data Standards
		Data Lifecycle Control
		Data Audits
		Data Storage and Archiving
	Data Security, Protection, Sharing, and Dissemination
		Privacy Impact Assessment
		Information Handling Requirements
		Record Retention and Destruction
		Data Remanence and Decommissioning
	Classifying Information and Supporting Asset Classification
		Data Classification
	Asset Management and Governance
		Software Licensing
		The Equipment Lifecycle
	Determining Data Security Controls
		Data at Rest
		Data in Transit
		Endpoint Security
		Baselines
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 3: Security and Risk Management
	Introduction
	Security Governance
	U.S. Legal System and Laws
		Relevant U.S. Laws and Regulations
	International Legal Systems and Laws
		International Laws to Protect Intellectual Property
	Global Legal and Regulatory Issues
		Computer Crime and Hackers
		Sexual Harassment
		U.S. Governance
		International Governance
	Risk Management Concepts
		Risk Management Frameworks
		Risk Assessment
		Risk Management Team
	Selecting Countermeasures
	Threat Modeling Concepts and Methodologies
		Threat Modeling Steps
		Threat Modeling Tools and Methodologies
	Managing Risk with the Supply Chain and Third Parties
		Reducing Risk in Organization Processes
	Identifying and Prioritizing Business Continuity Requirements Based on Risk
		Project Management and Initiation
		Business Impact Analysis
	Developing and Implementing Security Policy
		Security Policy
		Standards
		Baselines
		Guidelines
		Procedures
	Types of Controls
		Administrative Controls
		Technical Controls
		Physical Controls
		Access Control Categories
	Implementing Personnel Security
		New-Hire Agreements and Policies
		Separation of Duties
		Job Rotation
		Least Privilege
		Mandatory Vacations
		Termination
	Security Education, Training, and Awareness
		Security Awareness
		Social Engineering
	Professional Ethics Training and Awareness
		(ISC)[sup(2)] Code of Ethics
		Computer Ethics Institute
		Internet Architecture Board
		NIST SP 800-14
		Common Computer Ethics Fallacies
		Regulatory Requirements for Ethics Programs
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 4: Security Architecture and Engineering
	Introduction
	Secure Design Guidelines and Governance Principles
		Enterprise Architecture
		Regulatory Compliance and Process Control
	Fundamental Concepts of Security Models
		Central Processing Unit
		Storage Media
		I/O Bus Standards
		Virtual Memory and Virtual Machines
		Computer Configurations
	Security Architecture
		Protection Rings
		Trusted Computing Base
		Open and Closed Systems
		Security Modes of Operation
		Operating States
		Recovery Procedures
		Process Isolation
	Common Formal Security Models
		State Machine Model
		Information Flow Model
		Noninterference Model
		Confidentiality
		Integrity
		Other Models
	Product Security Evaluation Models
		The Rainbow Series
		Information Technology Security Evaluation Criteria (ITSEC)
		Common Criteria
	System Validation
		Certification and Accreditation
	Vulnerabilities of Security Architectures
		Buffer Overflows
		Backdoors
		State Attacks
		Covert Channels
		Incremental Attacks
		Emanations
		Web-Based Vulnerabilities
		Mobile System Vulnerabilities
	Cryptography
	Algorithms
	Cipher Types and Methods
	Symmetric Encryption
		Data Encryption Standard (DES)
		Triple DES (3DES)
		Advanced Encryption Standard (AES)
		International Data Encryption Algorithm (IDEA)
		Rivest Cipher Algorithms
	Asymmetric Encryption
		Diffie-Hellman
		RSA
		El Gamal
		Elliptical Curve Cryptosystem (ECC)
		Merkle-Hellman Knapsack
		Review of Symmetric and Asymmetric Cryptographic Systems
	Hybrid Encryption
	Public Key Infrastructure and Key Management
		Certificate Authorities
		Registration Authorities
		Certificate Revocation Lists
		Digital Certificates
		The Client’s Role in PKI
	Integrity and Authentication
		Hashing and Message Digests
		Digital Signatures
		Cryptographic System Review
	Cryptographic Attacks
	Site and Facility Security Controls
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 5: Communications and Network Security
	Introduction
	Secure Network Design
	Network Models and Standards
		OSI Model
		Encapsulation/De-encapsulation
	TCP/IP
		Network Access Layer
		Internet Layer
		Host-to-Host (Transport) Layer
		Application Layer
	LANs and Their Components
		LAN Communication Protocols
		Network Topologies
		LAN Cabling
		Network Types
		Network Storage
	Communication Standards
	Network Equipment
		Repeaters
		Hubs
		Bridges
		Switches
		Mirrored Ports and Network Taps
		VLANs
		Routers
		Gateways
	Routing
	WANs and Their Components
		Packet Switching
		Circuit Switching
	Cloud Computing
	Software-Defined WAN (SD-WAN)
	Securing Email Communications
		Pretty Good Privacy (PGP)
		Other Email Security Applications
	Securing Voice and Wireless Communications
		Secure Communications History
		Voice over IP (VoIP)
		Cell Phones
		802.11 Wireless Networks and Standards
	Securing TCP/IP with Cryptographic Solutions
		Application/Process Layer Controls
		Host-to-Host Layer Controls
		Internet Layer Controls
		Network Access Layer Controls
		Link and End-to-End Encryption
	Network Access Control Devices
		Firewalls
		Demilitarized Zone (DMZ)
	Remote Access
		Point-to-Point Protocol (PPP)
		Remote Authentication Dial-in User Service (RADIUS)
		Terminal Access Controller Access Control System (TACACS)
		Internet Protocol Security (IPsec)
	Message Privacy and Multimedia Collaboration
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 6: Identity and Access Management
	Introduction
	Perimeter Physical Control Systems
		Fences
		Gates
		Bollards
		Additional Physical Security Controls
		CCTV Cameras
		Lighting
		Guards and Dogs
		Locks
	Employee Access Control
		Badges, Tokens, and Cards
		Biometric Access Controls
	Identification, Authentication, and Authorization
		Authentication Techniques
		Identity Management Implementation
	Single Sign-On (SSO)
		Kerberos
		SESAME
	Authorization and Access Control Techniques
		Discretionary Access Control (DAC)
		Mandatory Access Control (MAC)
		Role-Based Access Control (RBAC)
		Attribute-Based Access Control
		Rule-Based Access Control
		Other Types of Access Control
	Centralized and Decentralized Access Control Models
		Centralized Access Control
		Decentralized Access Control
	Audits and Monitoring
		Monitoring Access and Usage
		Intrusion Detection Systems (IDSs)
		Intrusion Prevention Systems (IPSs)
		Network Access Control (NAC)
		Keystroke Monitoring
	Exam Prep Questions
	Answers to Exam Prep Questions
	Suggesting Reading and Resources
CHAPTER 7: Security Assessment and Testing
	Introduction
	Security Assessments and Penetration Test Strategies
		Audits
		Root Cause Analyses
		Log Reviews
		Network Scanning
		Vulnerability Scans and Assessments
		Penetration Testing
	Test Techniques and Methods
	Security Threats and Vulnerabilities
		Threat Actors
		Attack Methodologies
	Network Security Threats and Attack Techniques
		Session Hijacking
		Sniffing
		Wiretapping
		DoS and DDoS Attacks
		Botnets
		Other Network Attack Techniques
	Access Control Threats and Attack Techniques
		Unauthorized Access
		Access Aggregation
		Password Attacks
		Spoofing
		Eavesdropping and Shoulder Surfing
		Identity Theft
	Social-Based Threats and Attack Techniques
	Malicious Software Threats and Attack Techniques
		Viruses
		Worms
		Logic Bombs
		Backdoors and Trojans
		Rootkits
		Exploit Kits
		Advanced Persistent Threats (APTs)
		Ransomware
	Investigating Computer Crime
		Computer Crime Jurisdiction
		Incident Response
	Disaster Recovery and Business Continuity
	Investigations
		Search, Seizure, and Surveillance
		Interviews and Interrogations
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 8: Security Operations
	Introduction
	Foundational Security Operations Concepts
		Managing Users and Accounts
		Privileged Entities
		Controlling Access
		Clipping Levels
	Resource Protection
		Due Care and Due Diligence
		Asset Management
		System Hardening
		Change and Configuration Management
		Trusted Recovery
		Remote Access
		Media Management, Retention, and Destruction
	Telecommunication Controls
		Cloud Computing
		Email
		Whitelisting, Blacklisting, and Graylisting
		Firewalls
		Phone, Fax, and PBX
		Anti-malware
		Honeypots and Honeynets
		Patch Management
	System Resilience, Fault Tolerance, and Recovery Controls
		Recovery Controls
	Monitoring and Auditing Controls
		Auditing User Activity
		Monitoring Application Transactions
		Security Information and Event Management (SIEM)
		Network Access Control
		Keystroke Monitoring
		Emanation Security
	Perimeter Security Controls and Risks
		Natural Disasters
		Human-Caused Threats
		Technical Problems
	Facility Concerns and Requirements
		CPTED
		Area Concerns
		Location
		Construction
		Doors, Walls, Windows, and Ceilings
		Asset Placement
	Environmental Controls
		Heating, Ventilating, and Air Conditioning
	Electrical Power
		Uninterruptible Power Supplies (UPSs)
	Equipment Lifecycle
	Fire Prevention, Detection, and Suppression
		Fire-Detection Equipment
		Fire Suppression
	Alarm Systems
		Intrusion Detection Systems (IDSs)
		Monitoring and Detection
	Intrusion Detection and Prevention Systems
	Investigations and Incidents
		Incident Response
	Digital Forensics, Tools, Tactics, and Procedures
		Standardization of Forensic Procedures
		Digital Forensics
	The Disaster Recovery Lifecycle
		Teams and Responsibilities
		Recovery Strategy
		Fault Tolerance
		Backups
		Plan Design and Development
		Implementation
		Testing
		Monitoring and Maintenance
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
CHAPTER 9: Software Development Security
	Introduction
	Integrating Security into the Development Lifecycle
		Avoiding System Failure
		The Software Development Lifecycle
	Development Methodologies
		The Waterfall Model
		The Spiral Model
		Joint Application Development (JAD)
		Rapid Application Development (RAD)
		Incremental Development
		Prototyping
		Modified Prototype Model (MPM)
		Computer-Aided Software Engineering (CASE)
		Agile Development Methods
		Maturity Models
		Scheduling
	Change Management
	Database Management
		Database Terms
		Integrity
		Transaction Processing
		Database Vulnerabilities and Threats
		Artificial Intelligence and Expert Systems
	Programming Languages, Secure Coding Guidelines, and Standards
		Object-Oriented Programming
		CORBA
		Security of the Software Environment
		Mobile Code
		Buffer Overflow
		Financial Attacks
		Change Detection
		Viruses and Worms
	Exam Prep Questions
	Answers to Exam Prep Questions
	Need to Know More?
Practice Exam I
Practice Exam II
Answers to Practice Exam I
Answers to Practice Exam II
Glossary
	A
	B
	C
	D
	E
	F
	G
	H
	I
	J-K
	L
	M
	N
	O
	P
	Q
	R
	S
	T
	U
	V
	W-X-Y-Z
Index
	A
	B
	C
	D
	E
	F
	G
	H
	I
	J
	K
	L
	M
	N
	O
	P
	Q
	R
	S
	T
	U
	V
	W
	X
	Y-Z