CISSP in 21 Days - Second Edition

Boost your confidence and get the competitive edge you need to crack the exam in just 21 days!
Preview in Mapt
Code Files

CISSP in 21 Days - Second Edition

M. L. Srinivasan

1 customer reviews
Boost your confidence and get the competitive edge you need to crack the exam in just 21 days!
Mapt Subscription
FREE
$29.99/m after trial
eBook
$25.20
RRP $35.99
Save 29%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$25.20
$44.99
$29.99 p/m after trial
RRP $35.99
RRP $44.99
Subscription
eBook
Print + eBook
Start 14 Day Trial

Frequently bought together


CISSP in 21 Days - Second Edition Book Cover
CISSP in 21 Days - Second Edition
$ 35.99
$ 25.20
Applied Network Security Book Cover
Applied Network Security
$ 35.99
$ 25.20
Buy 2 for $35.00
Save $36.98
Add to Cart

Book Details

ISBN 139781785884498
Paperback402 pages

Book Description

Certified Information Systems Security Professional (CISSP) is an internationally recognized and coveted qualification. Success in this respected exam opens the door to your dream job as a security expert with an eye-catching salary. But passing the final exam is challenging. Every year a lot of candidates do not prepare sufficiently for the examination, and fail at the final stage. This happens when they cover everything but do not revise properly and hence lack confidence.

This simple yet informative book will take you through the final weeks before the exam with a day-by-day plan covering all of the exam topics. It will build your confidence and enable you to crack the Gold Standard exam, knowing that you have done all you can to prepare for the big day.

This book provides concise explanations of important concepts in all 10 domains of the CISSP Common Body of Knowledge (CBK). Starting with Confidentiality, Integrity, and Availability, you will focus on classifying information and supporting assets. You will understand data handling requirements for sensitive information before gradually moving on to using secure design principles while implementing and managing engineering processes. You will understand the application of cryptography in communication security and prevent or mitigate strategies for network attacks. You will also learn security control requirements and how to assess their effectiveness. Finally, you will explore advanced topics such as automated and manual test result analysis and reporting methods.

A complete mock test is included at the end to evaluate whether you're ready for the exam. This book is not a replacement for full study guides; instead, it builds on and reemphasizes concepts learned from them.

Table of Contents

Chapter 1: Day 1 – Security and Risk Management - Security, Compliance, and Policies
Overview of security, compliance, and policies
Confidentiality, Integrity, and Availability (CIA)
Security governance
Compliance
Legal and regulatory issues
Professional ethics
Security policies, standards, procedures, and guidelines
Personnel security policies
Summary
Sample questions
Chapter 2: Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education
Overview of risk management, business continuity, and security education
Risk management
Security risk considerations in acquisitions, strategy, and practice
Information security education, training, and awareness
Summary
Sample questions
Chapter 3: Day 3 – Asset Security - Information and Asset Classification
Overview of asset security - information and asset classification
Asset classification and control
Data privacy
Data retention
Summary
Sample questions
Chapter 4: Day 4 – Asset Security - Data Security Controls and Handling
Overview of asset security - data security controls and handling
Data security controls
Data Loss Prevention (DLP)
Data Loss Prevention strategies
DLP controls
Cryptographic methods to secure data
Data handling requirements
Summary
Sample questions
Chapter 5: Day 5 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
Sample questions
References and further reading
Summary
Chapter 6: Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation
An overview of security design, practices, models, and vulnerability mitigation
Secure design principles
Assurance
Certification and accreditation
Information security models
Vulnerability assessment and mitigation
Summary
Sample questions
Chapter 7: Day 7 – Security Engineering - Cryptography
An overview of cryptography
The fundamentals of cryptography
Applications and the use of cryptography
Public Key Infrastructure (PKI)
Key management techniques
Cryptanalytic attacks
Cryptographic standards
Summary
Sample questions
Chapter 8: Day 8 – Communication and Network Security - Network Security
An overview of communication and network security
Network architecture, protocols, and technologies
Open System Interconnect (OSI) model
OSI layers and security
Summary
Sample questions
Chapter 9: Day 9 – Communication and Network Security - Communication Security
An overview of communication security
Security in communication channels
Attacks on communication networks
Preventing or mitigating communication network attacks
Summary
Sample questions
Chapter 10: Day 10 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
The exam cram
Sample questions
References and further reading
Summary
Chapter 11: Day 11 – Identity and Access Management - Identity Management
An overview of identity and access management
Physical and logical access to assets
Identity management principles and implementation
Identity as a service
Third-party identity services
Summary
Sample questions
Chapter 12: Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks
An overview of access management
Access management concepts, methodologies, and techniques
Identity and provisioning life cycle
Access control attacks and countermeasures
Accountability
Summary
Sample questions
Chapter 13: Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests
An overview of security assessment and testing
Security assessment and test strategies
Security controls
Summary
Sample questions
Chapter 14: Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting
An overview of controlling, analyzing, auditing, and reporting security test data
A collection of security process data
Analyzing security process data
Internal and third-party security audits
Reporting test and audit outputs
Summary
Sample questions
Chapter 15: Day 15 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
Exam cram
Mock test
References and further reading
Summary
Chapter 16: Day 16 – Security Operations - Foundational Concepts
An overview of operations security
The physical security design
Physical and operations security controls
Operations/facility security
Protecting and securing equipment
Computer investigations
Summary
Sample questions
Chapter 17: Day 17 – Security Operations - Incident Management and Disaster Recovery
Incident management and reporting
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Summary
Sample questions
Chapter 18: Day 18 – Software Development Security - Security in Software Development Life Cycle
An overview of software development security
Systems engineering
Software development life cycle
Security in software development
Summary
Sample questions
Chapter 19: Day 19 – Software Development Security - Assessing effectiveness of Software Security
Overview
Security in information technology systems
Threats and vulnerabilities to application systems
Security impact analysis
Monitoring and testing activities
Summary
Sample questions
Chapter 20: Day 20 – Exam Cram and Practice Questions
Overview of exam cram and practice questions
Exam cram
References and further reading
Summary
Sample questions
Chapter 21: Day 21 – Exam Cram and Mock Test
An overview of the exam cram and mock test
Exam cram
Summary
Mock test
References and further reading

What You Will Learn

  • Review Exam Cram and Practice review questions to reinforce the required concepts
  • Follow the day–by-day plan to revise important concepts a month before the CISSP® exam
  • Boost your time management for the exam by attempting the mock question paper
  • Develop a structured study plan for all 10 CISSP® domains
  • Build your understanding of myriad concepts in the Information Security domain
  • Practice the full-blown mock test to evaluate your knowledge and exam preparation

Authors

Table of Contents

Chapter 1: Day 1 – Security and Risk Management - Security, Compliance, and Policies
Overview of security, compliance, and policies
Confidentiality, Integrity, and Availability (CIA)
Security governance
Compliance
Legal and regulatory issues
Professional ethics
Security policies, standards, procedures, and guidelines
Personnel security policies
Summary
Sample questions
Chapter 2: Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education
Overview of risk management, business continuity, and security education
Risk management
Security risk considerations in acquisitions, strategy, and practice
Information security education, training, and awareness
Summary
Sample questions
Chapter 3: Day 3 – Asset Security - Information and Asset Classification
Overview of asset security - information and asset classification
Asset classification and control
Data privacy
Data retention
Summary
Sample questions
Chapter 4: Day 4 – Asset Security - Data Security Controls and Handling
Overview of asset security - data security controls and handling
Data security controls
Data Loss Prevention (DLP)
Data Loss Prevention strategies
DLP controls
Cryptographic methods to secure data
Data handling requirements
Summary
Sample questions
Chapter 5: Day 5 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
Sample questions
References and further reading
Summary
Chapter 6: Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation
An overview of security design, practices, models, and vulnerability mitigation
Secure design principles
Assurance
Certification and accreditation
Information security models
Vulnerability assessment and mitigation
Summary
Sample questions
Chapter 7: Day 7 – Security Engineering - Cryptography
An overview of cryptography
The fundamentals of cryptography
Applications and the use of cryptography
Public Key Infrastructure (PKI)
Key management techniques
Cryptanalytic attacks
Cryptographic standards
Summary
Sample questions
Chapter 8: Day 8 – Communication and Network Security - Network Security
An overview of communication and network security
Network architecture, protocols, and technologies
Open System Interconnect (OSI) model
OSI layers and security
Summary
Sample questions
Chapter 9: Day 9 – Communication and Network Security - Communication Security
An overview of communication security
Security in communication channels
Attacks on communication networks
Preventing or mitigating communication network attacks
Summary
Sample questions
Chapter 10: Day 10 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
The exam cram
Sample questions
References and further reading
Summary
Chapter 11: Day 11 – Identity and Access Management - Identity Management
An overview of identity and access management
Physical and logical access to assets
Identity management principles and implementation
Identity as a service
Third-party identity services
Summary
Sample questions
Chapter 12: Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks
An overview of access management
Access management concepts, methodologies, and techniques
Identity and provisioning life cycle
Access control attacks and countermeasures
Accountability
Summary
Sample questions
Chapter 13: Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests
An overview of security assessment and testing
Security assessment and test strategies
Security controls
Summary
Sample questions
Chapter 14: Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting
An overview of controlling, analyzing, auditing, and reporting security test data
A collection of security process data
Analyzing security process data
Internal and third-party security audits
Reporting test and audit outputs
Summary
Sample questions
Chapter 15: Day 15 – Exam Cram and Practice Questions
An overview of exam cram and practice questions
Exam cram
Mock test
References and further reading
Summary
Chapter 16: Day 16 – Security Operations - Foundational Concepts
An overview of operations security
The physical security design
Physical and operations security controls
Operations/facility security
Protecting and securing equipment
Computer investigations
Summary
Sample questions
Chapter 17: Day 17 – Security Operations - Incident Management and Disaster Recovery
Incident management and reporting
Business Continuity Planning (BCP)
Disaster Recovery Planning (DRP)
Summary
Sample questions
Chapter 18: Day 18 – Software Development Security - Security in Software Development Life Cycle
An overview of software development security
Systems engineering
Software development life cycle
Security in software development
Summary
Sample questions
Chapter 19: Day 19 – Software Development Security - Assessing effectiveness of Software Security
Overview
Security in information technology systems
Threats and vulnerabilities to application systems
Security impact analysis
Monitoring and testing activities
Summary
Sample questions
Chapter 20: Day 20 – Exam Cram and Practice Questions
Overview of exam cram and practice questions
Exam cram
References and further reading
Summary
Sample questions
Chapter 21: Day 21 – Exam Cram and Mock Test
An overview of the exam cram and mock test
Exam cram
Summary
Mock test
References and further reading

Book Details

ISBN 139781785884498
Paperback402 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Applied Network Security Book Cover
Applied Network Security
$ 35.99
$ 25.20
Applied Network Security Book Cover
Applied Network Security
$ 35.99
$ 25.20
Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 25.20
Kali Linux - An Ethical Hacker's Cookbook Book Cover
Kali Linux - An Ethical Hacker's Cookbook
$ 35.99
$ 25.20
Mastering Windows Server 2016 Book Cover
Mastering Windows Server 2016
$ 47.99
$ 33.60
Linux: Powerful Server Administration Book Cover
Linux: Powerful Server Administration
$ 79.99
$ 56.00