CISSP All-in-One Exam Guide, 8th Edition.pdf

All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/ Harris/184927-0/ Front Matter Blind folio iii We dedicate this book to all those who have served selflessly 00-FM indd 3 14/04/1610:24AM All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/Harris/184927-0/ Front Matter Blind folio i ABOUT THE AUTHORS Shon Harris, CISSP, was the founder and CEO of Shon Harris Security LLC and Logi- cal Security llc, a security consultant, a former engineer in the air Forces Informa tion Warfare unit, an instructor, and an author. Shon owned and ran her own training and consulting companies for 13 years prior to her death in 2014. She consulted with Fortune 100 corporations and government agencies on extensive security issues. She authored three best-selling CIsSP books, was a contributing author to gray Hat hackin The Ethical hackers Handbook and Security information and Event Management (SIEM) Implementation, and a technical editor for Information Security magazine Fernando maymi, Ph D,, CISSP is a security practitioner with over 25 years experience in the field. He currently leads a multidisciplinary team charged with developing disruptive innovations for cyberspace operations as well as impactful pub- lic-private partnerships aimed at better securing cyberspace Fernando has served as a consultant for both government and private-sector organizations in the United States and abroad He has authored and taught dozens of courses and workshops in cyber security for academic, government, and professiona audiences in the United States and Latin America. Fernando is the author of over a dozen publications and holds three patents. His awards include the U.S. Department of the army Research and Development Achievement Award and he was recognized as a hEnaaC Luminary. he worked closely with Shon Harris, advising her on a multitude of projects, including the sixth edition of the CISSP all-in-One Exam Guide. Fernando is also a volunteer puppy raiser for Guiding Cyes for the Blind and has raised two guide dogs, Trinket and virgo About the Contributor Bobby e. Rogers is an information security engineer working as a contractor for Depart- ment of Defense agencies, helping to secure, certify, and accredit their information sys tems. His duties include information system security engineering, risk management, and certification and accreditation efforts. He retired after 21 years in the U.S. air Force serving as a network security engineer and instructor, and has secured networks all over the world. Bobby has a master's degree in information assurance(IA)and is pursuing a doctoral degree in cybersecurity from Capitol Technology University in Maryland. His many certifications include CISSP-ISSEP, CEH, and MCse: Security, as well as the CompTIA A , Network , Security , and mobility certifications 00-FM indd 4 14/04/1610:24AM All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/ Harris/184927-0/ Front Matter Blind folio y About the technical editor Jonathan Ham, CISSP, GSEC, GCIA, GCIH, is an independent consultant who specializes in large-scale enterprise security issues, from policy and procedure, through staffing and training, to scalable prevention, detection, and response technology and techniques. With a keen understanding of roi and tCo, he has helped his clients achieve greater success for more than 12 years, advising in both the public and private sectors,from small upstarts to the Fortune 500. Jonathan has been commissioned to teach NCiS investigators how to use Snort, has performed packet analysis from a facil ity more than 2,000 feet underground, and has chartered and trained the Cirt for one of the largest U.S. civilian federal agencies. He is a member of the GIAC Advisory Board and is a SANS instructor teaching their MGt414: SANS Training Program for CISSP Certification course. He is also co-author of Network Forensics: Tracking Hackers Through Cyberspace, a textbook published by Prentice-Hall 00-FM indd 5 14/04/1610:24AM All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/Harris/184927-0/ Front Matter CONTENTS AT A GLANCE Chapter 1 Security and Risk management Chapter 2 Asset Security 189 Chapter 3 Security Engineering 247 Chapter4 Communication and Network Security..………,477 Chapter 5 Identity and Access Management ∴721 Chapter 6 Security Assessment and Testing........ ∴859 Chapter 7 Security Operations 923 Chapter 8 Software Development Security...................1077 Appendix A Comprehensive Questions 1213 Appendix b About the CD-ROM 1269 Glossary… 1273 Index… …1291 00-FM indd 6 14/04/1610:24AM All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/ Harris/184927-0/ Front Matter CONTENTS In memory of Shon harris F orewor d Acknowledgments F1 rom the author Why become a cissp? Chapter 1 Security and Risk Management Fundamental Principles of Security Availability Confidentiality Balanced Security Security Definitions Control Ty Security frameworks ISO/IEC 27000 Series Enterprise Architecture Development 19 Security Controls Development t Devel ent Functionality vs Security The Crux of Computer Crime Laws 45 Complexities in Cybercrime 48 Electronic assets 49 The evolu f Attacks 50 nternatio 54 yP ystems 58 Intellectual Property laws 62 rade secret 63 C Trademark 65 atent 65 Internal Protection of Intellectual Property 67 Software piracy P rivacy he Increasing Need for Privacy Laws Laws, Directives, and regulations Employee Privacy Is 00-FM indd 7 14/04/1610:24AM All-In-One/CISSP All-in-One Exam guide seventh Edition/ Harris /184927-0/Front matter CISSP All-in-One Exam guide Data breaches 84 U.S. Laws Pertaining to Data Breaches 84 Other Nations Laws Pertaining to Data Breaches 85 Policies. Standards, Baselines, Guidelines, and Procedures ...86 Security policy 87 Standards 90 Baselines 91 Guidelines 92 Proceed 93 Implementation 93 Risk management 94 Holistic Risk management 95 Information Systems Risk Management Policy 95 The risk Management Team .......... 96 The Risk Management Process Threat Modeling 98 Vulnerabilities 98 Threat 100 Attac 100 Reduction analy ·········.·· 101 Risk assessment and analysis ..102 Risk analysis Team 103 The value of Information and assets ·104 Costs That Make Up the value .105 Identifying vulnerabilities and Threats 106 Methodologies for Risk Assessment 107 Risk analysis Approache 112 Qualitative Risk analysis 116 Protection mechanisms .119 P 123 123 Risk management Framewor.….∴ Total Risk ys. Residual risk Handling risk 124 126 126 Categorize Information System ....128 Select s 128 Implement security controls 129 Assess Security controls 129 Authorize Information System ...130 Monitor Security Controls 130 Business Continuity and disaster recovery .130 Standards and best practices .133 Making bcm part of the enterprise security program 136 BCP Project Components .139 00-FM indd 8 14/04/1610:24AM All-In-One/CISSP All-in-One Exam Guide, Seventh Edition/ Harris/184927-0/ Front Matter Contents Personnel securit 154 Hiring PI 155 Termination 157 Security-Awareness Training 157 D egree or certification 159 Security governance .159 Metric 160 Ethics 165 The Computer Ethics Institute 166 The Internet architecture board 166 e Ethics pl 168 umma 168 Quick Ti 170 Questions 175 A 184 Chapter 2 Asset Security 189 Information Life Cycle 190 A cquisition 190 191 archival Dis Information Classification 193 Classification eIs ..194 Classification Controls 197 L: avers o of responsibility .199 Executive Management Data owner 203 Data custodian .204 System Owner ..204 Security administrator 205 Supervisor 205 Change Control analyst 205 Data analyst 205 206 editor 206 Why so many rol 206 Retention policies 206 Developing a Retention Policy 207 Protecting privacy D ata owners 210 Data processers 211 Data remanence 211 Lin n collection 214 00-FM indd 9 14/04/1610:24AM All-In-One/CISSP All-in-One Exam guide seventh Edition/ Harris /184927-0/Front matter CISSP All-in-One Exam guide 215 Data Security controls ...216 Data leak 225 Data leak prevention ...226 P Other as 234 Protecting Mobile Devices 234 Paper records ·········.·· .235 ...236 Summar 236 Quick ti 237 Questions .239 Answers 243 Chapter 3 Security Engineering 247 System Architecture ....248 omputer Architecture ...252 The Central Processing Unit 252 Multiprocessing 257 T ....258 Operating systems 271 Process management 271 Memory management 280 Input/Output Device Management 285 CPU Architecture Integration 287 Operating system architectures 291 298 System Security architecture ...301 Security policy ...301 Security architecture requirements 302 ecurity N odeS 307 Bell-LaPadula model 307 Biba model 308 Clark-Wilson model Noninterference model ...310 Brewer and Nash model Graham-Denning model ng 311 Harrison-Ruzzo-Ullman model 312 Evalu 313 Common criteria 313 Why Put a Product Through evaluation? .317 Certification vs. Accreditation 318 Certification 318 A ccreditation ......319 00-FM indd 10 14/04/1610:24AM 

【实例截图】

【核心代码】

CONTENTS AT A GLANCE
Chapter 1 Security and Risk Management
Chapter 2 Asset Security
Chapter 3 Security Architecture and Engineering
Chapter 4 Communication and Network Security
Chapter 5 Identity and Access Management
Chapter 6 Security Assessment and Testing
Chapter 7 Security Operations
Chapter 8 Software Development Security
Appendix A Comprehensive Questions
Appendix B About the Online Content
Glossary
Index