دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب CISSP Exam Cram (Exam Cram (Pearson))
دانلود کتاب CISSP Exam Cram (امتحان Cram (پیرسون))
مشخصات کتاب
CISSP Exam Cram (Exam Cram (Pearson))
ویرایش: 2
نویسندگان: Michael Gregg
سری:
ISBN (شابک) : 0789738066, 9780789738066
ناشر: Pearson IT Certification
سال نشر: 2009
تعداد صفحات: 620
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 6 مگابایت
قیمت کتاب (تومان) : 53,000
در صورت تبدیل فایل کتاب CISSP Exam Cram (Exam Cram (Pearson)) به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب CISSP Exam Cram (امتحان Cram (پیرسون)) نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی در مورد کتاب CISSP Exam Cram (امتحان Cram (پیرسون))
به روز شده برای سال 2009
اطلاعات مهمی را که برای کسب امتیاز بالاتر در امتحان CISSP خود باید بدانید را پوشش می دهد.
- ساخت و یک معماری امنیتی یکپارچه و مؤثر را مدیریت کنید
- به طور سیستماتیک از امکانات فیزیکی و منابع IT خود محافظت کنید
- کنترل دسترسی را پیاده سازی و مدیریت کنید
- از رمزنگاری برای کمک به تضمین داده ها استفاده کنید یکپارچگی، محرمانه بودن و اصالت
- شبکه ها، اتصالات اینترنتی و ارتباطات ایمن
- برنامه های موثر تداوم کسب و کار و بازیابی بلایا ایجاد کنید و آنها را با موفقیت اجرا کنید
- به مشکلات امروزی رسیدگی کنید. مسائل ضروری قانونی، مقرراتی و انطباق
- مسلط به اصول اولیه پزشکی قانونی امنیتی
- توسعه برنامه ها و سیستم های امن تر از ابتدا
- استفاده از بهترین شیوه های امنیتی از مدیریت ریسک گرفته تا عملیات و ممیزی
- درک و انجام وظایف مهم غیرفنی مرتبط با امنیت فناوری اطلاعات
ویژگیهای CD Test Engine Powered توسط MeasureUp!
- توضیحات دقیق پاسخ های صحیح و نادرست
- حالت های تست چندگانه
- سوالات تصادفی و ترتیب پاسخ ها
- پوشش هر دامنه امتحانی CISSP
توضیحاتی درمورد کتاب به خارجی
Updated for 2009
Covers the critical information you’ll need to know to score higher on your CISSP exam!
- Build and manage an effective, integrated security architecture
- Systematically protect your physical facilities and the IT resources they contain
- Implement and administer access control
- Use cryptography to help guarantee data integrity, confidentiality, and authenticity
- Secure networks, Internet connections, and communications
- Make effective business continuity and disaster recovery plans, and execute them successfully
- Address today’s essential legal, regulatory, and compliance issues
- Master the basics of security forensics
- Develop more secure applications and systems from the ground up
- Use security best practices ranging from risk management to operations and auditing
- Understand and perform the crucial non-technical tasks associated with IT security
CD Features Test Engine Powered by MeasureUp!
- Detailed explanations of correct and incorrect answers
- Multiple test modes
- Random questions and order of answers
- Coverage of each CISSP exam domain
فهرست مطالب
Cover Table of Contents Introduction Chapter 1: The CISSP Certification Exam Introduction Assessing Exam Readiness Taking the Exam Multiple-Choice Question Format Exam Strategy Question-Handling Strategies Mastering the Inner Game Need to Know More? Chapter 2: Physical Security Introduction Physical Security Risks Natural Disasters Man-Made Threats Technical Problems Facility Concerns and Requirements CPTED Area Concerns Location Construction Doors, Walls, Windows, and Ceilings Asset Placement Perimeter Controls Fences Gates Bollards CCTV Cameras Lighting Guards and Dogs Locks Employee Access Control Badges, Tokens, and Cards Biometric Access Controls Environmental Controls Heating, Ventilating, and Air Conditioning Electrical Power Uninterruptible Power Supply Equipment Life Cycle Fire Prevention, Detection, and Suppression Fire-Detection Equipment Fire Suppression Alarm Systems Intrusion Detection Systems Monitoring and Detection Exam Prep Questions Answers to Exam Prep Questions Suggested Reading and Resources Chapter 3: Access Control Systems and Methodology Introduction Identification, Authentication, and Authorization Authentication Single Sign-On Kerberos SESAME Authorization and Access Controls Techniques Discretionary Access Control Mandatory Access Control Role-Based Access Control Other Types of Access Controls Access Control Methods Centralized Access Control Decentralized Access Control Access Control Types Administrative Controls Technical Controls Physical Controls Access Control Categories Audit and Monitoring Monitoring Access and Usage Intrusion Detection Systems Intrusion Prevention Systems Network Access Control Keystroke Monitoring Emanation Security Access Control Attacks Password Attacks Spoofing Sniffing Eavesdropping and Shoulder Surfing Wiretapping Identity Theft Denial of Service Attacks Distributed Denial of Service Attacks Botnets Exam Prep Questions Answers to Exam Prep Questions Suggesting Reading and Resources Chapter 4: Cryptography Introduction Cryptographic Basics History of Encryption Steganography Steganography Operation Digital Watermark Algorithms Cipher Types and Methods Symmetric Encryption Data Encryption Standard Triple-DES Advanced Encryption Standard International Data Encryption Algorithm Rivest Cipher Algorithms Asymmetric Encryption Diffie-Hellman RSA El Gamal Elliptical Curve Cryptosystem Merkle-Hellman Knapsack Review of Symmetric and Asymmetric Cryptographic Systems Hybrid Encryption Integrity and Authentication Hashing and Message Digests Digital Signatures Cryptographic System Review Public Key Infrastructure Certificate Authority Registration Authority Certificate Revocation List Digital Certificates The Client’s Role in PKI Email Protection Mechanisms Pretty Good Privacy Other Email Security Applications Securing TCP/IP with Cryptographic Solutions Application/Process Layer Controls Host to Host Layer Controls Internet Layer Controls Network Access Layer Controls Link and End to End Encryption Cryptographic Attacks Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 5: Security Architecture and Models Introduction Computer System Architecture Central Processing Unit Storage Media I/O Bus Standards Virtual Memory and Virtual Machines Computer Configurations Security Architecture Protection Rings Trusted Computer Base Open and Closed Systems Security Modes of Operation Operating States Recovery Procedures Process Isolation Security Models of Control State Machine Model Confidentiality Integrity Other Models Documents and Guidelines The Rainbow Series The Red Book: Trusted Network Interpretation Information Technology Security Evaluation Criteria Common Criteria British Standard 7799 System Validation Certification and Accreditation Governance and Enterprise Architecture Security Architecture Threats Buffer Overflow Back Doors Asynchronous Attacks Covert Channels Incremental Attacks Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 6: Telecommunications and Network Security Introduction Network Models and Standards OSI Model Encapsulation/De-encapsulation TCP/IP Network Access Layer Internet Layer Host-to-Host (Transport) Layer Application Layer LANs and Their Components LAN Communication Protocols Network Topologies LAN Cabling Network Types Communication Standards Network Equipment Repeaters Hubs Bridges Switches Routers Brouters Gateways Routing WANs and Their Components Packet Switching Circuit Switching Voice Communications and Wireless Communications Voice over IP Cell Phones 802.11 Wireless Networks and Standards Network Security Firewalls Demilitarized Zone Firewall Design Remote Access Point-to-Point Protocol Virtual Private Networks Remote Authentication Dial-in User Service Terminal Access Controller Access Control System IPSec Message Privacy Threats to Network Security DoS Attacks Disclosure Attacks Destruction, Alteration, or Theft Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 7: Business Continuity and Disaster Recovery Planning Introduction Threats to Business Operations Disaster Recovery and Business Continuity Management Project Management and Initiation Business Impact Analysis Recovery Strategy Plan Design and Development Implementation Testing Monitoring and Maintenance Disaster Life Cycle Teams and Responsibilities Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 8: Legal, Regulations, Compliance, and Investigations Introduction United States Legal System and Laws International Legal Systems and Laws International Property Laws Piracy and Issues with Copyrights Privacy Laws and Protection of Personal Information Privacy Impact Assessment Computer Crime Laws Ethics ISC[sup(2)] Code of Ethics Computer Ethics Institute Internet Architecture Board NIST 800-14 Computer Crime and Criminals Pornography Well-Known Computer Crimes How Computer Crime Has Changed Attack Vectors Keystroke Logging Wiretapping Spoofing Attacks Manipulation Attacks Social Engineering Dumpster Diving Investigating Computer Crime Computer Crime Jurisdiction Incident Response Forensics Standardization of Forensic Procedures Computer Forensics Investigations Search, Seizure, and Surveillance Interviews and Interrogations Honeypots and Honeynets Evidence Types Trial The Evidence Life Cycle Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 9: Applications and Systems-Development Security Introduction System Development Avoiding System Failure The System Development Life Cycle System Development Methods The Waterfall Model The Spiral Model Joint Application Development Rapid Application Development Incremental Development Prototyping Computer-Aided Software Engineering Agile Development Methods Capability Maturity Model Scheduling Change Management Programming Languages Object-Oriented Programming CORBA Database Management Database Terms Integrity Transaction Processing Data Warehousing Data Mining Knowledge Management Artificial Intelligence and Expert Systems Malicious Code Viruses Worms Spyware Back Doors and Trapdoors Change Detection Malformed Input (SQL Injection) Mobile Code Financial Attacks Buffer Overflow Denial of Service Distributed Denial of Service Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 10: Information Security and Risk Management Practices Introduction Basic Security Principles Security Management and Governance Asset Identification Risk Assessment Risk Management Policies Development Security Policy Standards Baselines Guidelines Procedures Data Classification Implementation Roles and Responsibility Security Controls Training and Education Security Awareness Social Engineering Auditing Your Security Infrastructure The Risk of Poor Security Management Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 11: Operations Security Introduction Operational Security Employee Recruitment New-Hire Orientation Separation of Duties Job Rotation Least Privilege Mandatory Vacations Termination Accountability Controls Security Controls Operational Controls Auditing and Monitoring Auditing Monitoring Controls Clipping Levels Intrusion Detection Keystroke Monitoring Antivirus Facility Access Control Telecommunication Controls Fax PBX Email Backup, Fault Tolerance, and Recovery Controls Backups Fault Tolerance RAID Recovery Controls Security Assessments Policy Reviews Vulnerability Scanning Penetration Testing Operational Security Threats and Vulnerabilities Common Attack Methodologies Attack Terms and Techniques Exam Prep Questions Answers to Exam Prep Questions Need to Know More? Chapter 12: Practice Exam I Chapter 13: Answers to Practice Exam I Chapter 14: Practice Exam II Chapter 15: Answers to Practice Exam II Appendix A: What\'s on the CD Index A B C D E F G H I J K L M N O P R S U V W X-Y-Z
