Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Table of Contents
Back Cover
CISSP for Dummies, 2nd Edition
Cheat Sheet: CISSP For Dummies, 2nd Edition
Weeks before the test
Night before the test
Day of the exam
After you leave the exam room
Introduction
How This Book Is Organized
How the Chapters Are Organized
Icons Used in This Book
Let’s Get Started!
Part I: Certification Basics
Chapter 1: (ISC)2 and the CISSP Certification
About (ISC) 2 and the CISSP Certification
You Must Be This Tall to Ride (And Other Minimum Requirements)
Registering for the Exam
Developing a Study Plan
About the CISSP Examination
Waiting for Your Results
Chapter 2: The Common Body of Knowledge (CBK)
Access Control
Telecommunications and Network Security
Information Security and Risk Management
Application Security
Cryptography
Security Architecture and Design
Operations Security
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Compliance, and Investigations
Physical (Environmental) Security
Chapter 3: Putting Your Certification to Good Use
Following the (ISC) 2 Code of Ethics
Keeping Your Certification Current
Remaining an Active (ISC) 2 Member
Considering (ISC) 2 Volunteer Opportunities
Becoming an Active Member of Your Local Security Chapter
Spreading the Good Word about CISSP Certification
Using Your CISSP Certification to Be an Agent of Change
Earning Other Certifications
Part II: Domains
Chapter 4: Access Control
Uncovering Concepts of Access Control
Categories of Access Control
Evaluating and Testing Access Controls
Additional References
Methodology and Systems Prep Test
Chapter 5: Telecommunications and Network Security
Data Network Types
The OSI Reference Model
The TCP/IP Model
Network Security
E-mail, Web, Facsimile, and Telephone Security
Network Attacks and Countermeasures
Additional References
Telecommunications and Network Security Prep Test
Chapter 6: Information Security and Risk Management
Information Security Management Concepts and Principles
Data Classification
Mission Statements, Goals, and Objectives
Policies, Standards, Guidelines, and Procedures
Information Security Management Practices
Personnel Security Policies and Practices
Risk Management Concepts
Security Education, Training, and Awareness Programs
Additional References
Security Management Practices Prep Test
Chapter 7: Application Security
Distributed Applications
Object-Oriented Environments
Databases
Knowledge-Based Systems
Systems Development Life Cycle
Application Security Controls
System Attack Methods
Antivirus Software
Perpetrators
Additional References
Applications and Systems Development Prep Test
Chapter 8: Cryptography
The Role of Cryptography in Information Security
Cryptography Basics
Cryptography Alternatives
Not Quite the Metric System: Symmetric and Asymmetric Key Systems
Message Authentication
Public Key Infrastructure (PKI)
Key Management Functions
Key Escrow and Key Recovery
E-Mail Security Applications
Internet Security Applications
Methods of Attack
Additional References
Cryptography Prep Test
Chapter 9: Security Architecture and Design
Computer Architecture
Security Architecture
Access Control Models
Evaluation Criteria
System Certification and Accreditation
Additional References
Security Architecture and Design Prep Test
Chapter 10: Operations Security
Security Operations Concepts
Threats and Countermeasures
Security Operations Management
Security Controls
Security Auditing and Due Care
Audit Trails
Monitoring
Additional References
Operations Security Prep Test
Chapter 11: Business Continuity and Disaster Recovery Planning
Defining Disastrous Events
The Differences between BCP and DRP
Understanding BCP Project Elements
Determining BCP Scope
Defining the Business Impact Assessment
BCP Recovery Plan Development
Developing the BCP Plan
Implementing the Business Continuity Plan
Disaster Recovery Planning
Developing a Disaster Recovery Plan
Testing the Disaster Recovery Plan
Additional References
BCP and DRP Prep Test
Chapter 12: Legal, Regulations, Compliance, and Investigations
Major Categories and Types of Laws
Major Categories of Computer Crime
Types of Laws Relevant to Computer Crimes
Investigations
Ethics
Additional References
Legal, Regulations, Compliance...Prep Test
Chapter 13: Physical (Environmental) Security
Physical Security Threats
Site and Facility Design Considerations
Physical (Environmental) Security Controls
Bringing It All Together
Additional References
Prep Test
Part III: The Part of Tens
Chapter 14: Ten Test Preparation Tips
Get a Networking Certification First
Register NOW!
Make a 60-Day Study Plan
Get Organized and READ!
Join a Study Group
Take Practice Exams
Take a CISSP Review Seminar
Develop a Test-Taking Strategy
Practice Drawing Circles!
Plan Your Travel
Chapter 15: Ten Test Day Tips
Get a Good Night’s Rest
Dress Comfortably (And Appropriately)
Eat a Good Breakfast
Arrive Early
Bring Your Registration Letter and ID
Bring Snacks and Drinks
Bring Prescription or Over-the-Counter Medications
Bring Extra Pencils and a BIG Eraser
Leave Your Cell Phone, Pager, PDA, and Digital Watch Behind
Take Frequent Breaks
Chapter 16: Ten More Sources for Security Certifications
ASIS International
Check Point
Cisco
CompTIA
DRI International
EC-Council
ISACA
(ISC) 2
Microsoft
SANS/GIAC
Part IV: Bonus Chapters
Glossary
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
R
S
T
U
V
W
X
Bonus Chapter 2: Ten Security Web Sites
CISSP Open Study Guide
Carnegie Mellon SEI CERT Coordination Center
Common Vulnerabilities and Exposures
HierosGamos Guide to Computers and the Law
INFOSYSSEC
Internet Security Systems
Simovits Consulting
Slashdot
The SANS Institute
WindowSecurity Network Security Library
Bonus Chapter 3: Ten Essential Reference Books
Index
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
List of Figures
List of Tables
List of Labs
List of Sidebars
← Prev
Back
Next →
← Prev
Back
Next →