CISSP in 21 Days - Second Edition

Boost your confidence and get the competitive edge you need to crack the exam in just 21 days!

CISSP in 21 Days - Second Edition

M. L. Srinivasan
June 2016

1 customer reviews

Boost your confidence and get the competitive edge you need to crack the exam in just 21 days!

Mapt Subscription

FREE

€29.98/m after trial

eBook

€26.88

RRP €38.38

Save 29%

Print + eBook

€38.99

RRP €38.99

What do I get with a Mapt Pro subscription?

Unlimited access to all Packt’s 5,000+ eBooks and Videos
Early Access content, Progress Tracking, and Assessments
1 Free eBook or Video to download and keep every month after trial

What do I get with an eBook?

Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with Print & eBook?

Get a paperback copy of the book delivered to you
Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with a Video?

Download this Video course in MP4 format
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

€0.00

€26.88

€38.99

€29.98p/m after trial

RRP €38.38

RRP €38.99

Subscription

eBook

Print + eBook

Start 30 Day Trial

Code Files

Preview in Mapt

Book Details

ISBN 139781785884498

Paperback402 pages

Book Description

Certified Information Systems Security Professional (CISSP) is an internationally recognized and coveted qualification. Success in this respected exam opens the door to your dream job as a security expert with an eye-catching salary. But passing the final exam is challenging. Every year a lot of candidates do not prepare sufficiently for the examination, and fail at the final stage. This happens when they cover everything but do not revise properly and hence lack confidence.

This simple yet informative book will take you through the final weeks before the exam with a day-by-day plan covering all of the exam topics. It will build your confidence and enable you to crack the Gold Standard exam, knowing that you have done all you can to prepare for the big day.

This book provides concise explanations of important concepts in all 10 domains of the CISSP Common Body of Knowledge (CBK). Starting with Confidentiality, Integrity, and Availability, you will focus on classifying information and supporting assets. You will understand data handling requirements for sensitive information before gradually moving on to using secure design principles while implementing and managing engineering processes. You will understand the application of cryptography in communication security and prevent or mitigate strategies for network attacks. You will also learn security control requirements and how to assess their effectiveness. Finally, you will explore advanced topics such as automated and manual test result analysis and reporting methods.

A complete mock test is included at the end to evaluate whether you're ready for the exam. This book is not a replacement for full study guides; instead, it builds on and reemphasizes concepts learned from them.

Chapter 1: Day 1 – Security and Risk Management - Security, Compliance, and Policies

Overview of security, compliance, and policies

Confidentiality, Integrity, and Availability (CIA)

Security governance

Compliance

Legal and regulatory issues

Professional ethics

Security policies, standards, procedures, and guidelines

Personnel security policies

Summary

Sample questions

Chapter 2: Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education

Overview of risk management, business continuity, and security education

Risk management

Security risk considerations in acquisitions, strategy, and practice

Information security education, training, and awareness

Summary

Sample questions

Chapter 3: Day 3 – Asset Security - Information and Asset Classification

Overview of asset security - information and asset classification

Asset classification and control

Data privacy

Data retention

Summary

Sample questions

Chapter 4: Day 4 – Asset Security - Data Security Controls and Handling

Overview of asset security - data security controls and handling

Data security controls

Data Loss Prevention (DLP)

Data Loss Prevention strategies

DLP controls

Cryptographic methods to secure data

Data handling requirements

Summary

Sample questions

Chapter 5: Day 5 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

Sample questions

References and further reading

Summary

Chapter 6: Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation

An overview of security design, practices, models, and vulnerability mitigation

Secure design principles

Assurance

Certification and accreditation

Information security models

Vulnerability assessment and mitigation

Summary

Sample questions

Chapter 7: Day 7 – Security Engineering - Cryptography

An overview of cryptography

The fundamentals of cryptography

Applications and the use of cryptography

Public Key Infrastructure (PKI)

Key management techniques

Cryptanalytic attacks

Cryptographic standards

Summary

Sample questions

Chapter 8: Day 8 – Communication and Network Security - Network Security

An overview of communication and network security

Network architecture, protocols, and technologies

Open System Interconnect (OSI) model

OSI layers and security

Summary

Sample questions

Chapter 9: Day 9 – Communication and Network Security - Communication Security

An overview of communication security

Security in communication channels

Attacks on communication networks

Preventing or mitigating communication network attacks

Summary

Sample questions

Chapter 10: Day 10 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

The exam cram

Sample questions

References and further reading

Summary

Chapter 11: Day 11 – Identity and Access Management - Identity Management

An overview of identity and access management

Physical and logical access to assets

Identity management principles and implementation

Identity as a service

Third-party identity services

Summary

Sample questions

Chapter 12: Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks

An overview of access management

Access management concepts, methodologies, and techniques

Identity and provisioning life cycle

Access control attacks and countermeasures

Accountability

Summary

Sample questions

Chapter 13: Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests

An overview of security assessment and testing

Security assessment and test strategies

Security controls

Summary

Sample questions

Chapter 14: Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting

An overview of controlling, analyzing, auditing, and reporting security test data

A collection of security process data

Analyzing security process data

Internal and third-party security audits

Reporting test and audit outputs

Summary

Sample questions

Chapter 15: Day 15 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

Exam cram

Mock test

References and further reading

Summary

Chapter 16: Day 16 – Security Operations - Foundational Concepts

An overview of operations security

The physical security design

Physical and operations security controls

Operations/facility security

Protecting and securing equipment

Computer investigations

Summary

Sample questions

Chapter 17: Day 17 – Security Operations - Incident Management and Disaster Recovery

Incident management and reporting

Business Continuity Planning (BCP)

Disaster Recovery Planning (DRP)

Summary

Sample questions

Chapter 18: Day 18 – Software Development Security - Security in Software Development Life Cycle

An overview of software development security

Systems engineering

Software development life cycle

Security in software development

Summary

Sample questions

Chapter 19: Day 19 – Software Development Security - Assessing effectiveness of Software Security

Overview

Security in information technology systems

Threats and vulnerabilities to application systems

Security impact analysis

Monitoring and testing activities

Summary

Sample questions

Chapter 20: Day 20 – Exam Cram and Practice Questions

Overview of exam cram and practice questions

Exam cram

References and further reading

Summary

Sample questions

Chapter 21: Day 21 – Exam Cram and Mock Test

An overview of the exam cram and mock test

Exam cram

Summary

Mock test

References and further reading

What You Will Learn

Review Exam Cram and Practice review questions to reinforce the required concepts
Follow the day–by-day plan to revise important concepts a month before the CISSP® exam
Boost your time management for the exam by attempting the mock question paper
Develop a structured study plan for all 10 CISSP® domains
Build your understanding of myriad concepts in the Information Security domain
Practice the full-blown mock test to evaluate your knowledge and exam preparation

Authors

M. L. Srinivasan

M. L. Srinivasan is the founder and CEO of ChennaiNet, an India-based technology company focused on information technology and information security-related product development, services, and training. He's a Certified Information System Security Professional (CISSP) and Certified Information Security Management System Lead Auditor.

Popularly known as MLS, the author is an information technology and information security professional and has about 25 years' experience in various IT domains, such as software programming, hardware troubleshooting, networking technologies, systems administration, security administration, information security-related consulting, auditing and training.

He has been an avid trainer throughout his career and has developed many short-term and long-term training programs. He has been invited to speak at many international conferences and seminars on information security. Currently he is associated with NIIT Technologies (USA), and CA Technologies (USA) as a senior instructor covering various product-based training on CA identity manager, CA SiteMinder (Single Sign-On), CA ControlMinder (AccessControl), CA Federation Manager, and CA DataMinder products.

He was a specialist IT and IS auditor with Det Norske Veritas (DNV), India region. He has performed many quality and information security audits for hundreds of medium and large organizations in the past.

Chapter 1: Day 1 – Security and Risk Management - Security, Compliance, and Policies

Overview of security, compliance, and policies

Confidentiality, Integrity, and Availability (CIA)

Security governance

Compliance

Legal and regulatory issues

Professional ethics

Security policies, standards, procedures, and guidelines

Personnel security policies

Summary

Sample questions

Chapter 2: Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education

Overview of risk management, business continuity, and security education

Risk management

Security risk considerations in acquisitions, strategy, and practice

Information security education, training, and awareness

Summary

Sample questions

Chapter 3: Day 3 – Asset Security - Information and Asset Classification

Overview of asset security - information and asset classification

Asset classification and control

Data privacy

Data retention

Summary

Sample questions

Chapter 4: Day 4 – Asset Security - Data Security Controls and Handling

Overview of asset security - data security controls and handling

Data security controls

Data Loss Prevention (DLP)

Data Loss Prevention strategies

DLP controls

Cryptographic methods to secure data

Data handling requirements

Summary

Sample questions

Chapter 5: Day 5 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

Sample questions

References and further reading

Summary

Chapter 6: Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation

An overview of security design, practices, models, and vulnerability mitigation

Secure design principles

Assurance

Certification and accreditation

Information security models

Vulnerability assessment and mitigation

Summary

Sample questions

Chapter 7: Day 7 – Security Engineering - Cryptography

An overview of cryptography

The fundamentals of cryptography

Applications and the use of cryptography

Public Key Infrastructure (PKI)

Key management techniques

Cryptanalytic attacks

Cryptographic standards

Summary

Sample questions

Chapter 8: Day 8 – Communication and Network Security - Network Security

An overview of communication and network security

Network architecture, protocols, and technologies

Open System Interconnect (OSI) model

OSI layers and security

Summary

Sample questions

Chapter 9: Day 9 – Communication and Network Security - Communication Security

An overview of communication security

Security in communication channels

Attacks on communication networks

Preventing or mitigating communication network attacks

Summary

Sample questions

Chapter 10: Day 10 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

The exam cram

Sample questions

References and further reading

Summary

Chapter 11: Day 11 – Identity and Access Management - Identity Management

An overview of identity and access management

Physical and logical access to assets

Identity management principles and implementation

Identity as a service

Third-party identity services

Summary

Sample questions

Chapter 12: Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks

An overview of access management

Access management concepts, methodologies, and techniques

Identity and provisioning life cycle

Access control attacks and countermeasures

Accountability

Summary

Sample questions

Chapter 13: Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests

An overview of security assessment and testing

Security assessment and test strategies

Security controls

Summary

Sample questions

Chapter 14: Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting

An overview of controlling, analyzing, auditing, and reporting security test data

A collection of security process data

Analyzing security process data

Internal and third-party security audits

Reporting test and audit outputs

Summary

Sample questions

Chapter 15: Day 15 – Exam Cram and Practice Questions

An overview of exam cram and practice questions

Exam cram

Mock test

References and further reading

Summary

Chapter 16: Day 16 – Security Operations - Foundational Concepts

An overview of operations security

The physical security design

Physical and operations security controls

Operations/facility security

Protecting and securing equipment

Computer investigations

Summary

Sample questions

Chapter 17: Day 17 – Security Operations - Incident Management and Disaster Recovery

Incident management and reporting

Business Continuity Planning (BCP)

Disaster Recovery Planning (DRP)

Summary

Sample questions

Chapter 18: Day 18 – Software Development Security - Security in Software Development Life Cycle

An overview of software development security

Systems engineering

Software development life cycle

Security in software development

Summary

Sample questions

Chapter 19: Day 19 – Software Development Security - Assessing effectiveness of Software Security

Overview

Security in information technology systems

Threats and vulnerabilities to application systems

Security impact analysis

Monitoring and testing activities

Summary

Sample questions

Chapter 20: Day 20 – Exam Cram and Practice Questions

Overview of exam cram and practice questions

Exam cram

References and further reading

Summary

Sample questions

Chapter 21: Day 21 – Exam Cram and Mock Test

An overview of the exam cram and mock test

Exam cram

Summary

Mock test

References and further reading

Book Details

ISBN 139781785884498

Paperback402 pages

From 1 reviews

DEAL OF THE DAY

Sign up here to get exclusive deep discounts on our latest and bestselling eBooks, delivered straight to your inbox every day.

FREE LEARNING FOREVER

Master new IT skills and unlock valuable software & web development knowledge with a FREE eBook every day.

Recommended for You

Kali Linux 2: Windows Penetration Testing

€ 41.98

€ 29.40

Kali Linux 2: Windows Penetration Testing

Jun 2016

422 pages

€ 29.40

Mastering KVM Virtualization

€ 41.98

€ 29.40

Mastering KVM Virtualization

Aug 2016

468 pages

€ 29.40

Learning AWS

€ 43.18

€ 30.24

Python Machine Learning

€ 39.58

€ 27.72

Python Machine Learning

Sep 2015

454 pages

€ 27.72

Mastering Modern Web Penetration Testing

€ 38.38

€ 26.88

Mastering Modern Web Penetration Testing

Oct 2016

298 pages

€ 26.88

Mastering Docker

€ 43.18

€ 30.24

CISSP in 21 Days - Second Edition

CISSP in 21 Days - Second Edition

Book Details

Book Description

Table of Contents

What You Will Learn

Authors

M. L. Srinivasan

Table of Contents

Book Details

DEAL OF THE DAY

FREE LEARNING FOREVER

Recommended for You

Contact Us

Help & Support

Alerts & Offers

Log in to your account

Not yet a member?

CISSP in 21 Days - Second Edition

CISSP in 21 Days - Second Edition

Book Details

Book Description

Table of Contents

What You Will Learn

Authors

M. L. Srinivasan

Table of Contents

Book Details

DEAL OF THE DAY

FREE LEARNING FOREVER

Recommended for You

Contact Us

Help & Support

Alerts & Offers

Series & Level

Learning

Beginner's Guide

Essentials

Cookbook

Blueprints

Mastering

Starting

Progressing