Table of Contents

Cover image

Title page

Copyright

Author biography

Chapter 1: Domain 1: Security risk management

Abstract

Introduction

Cornerstone Information Security Concepts

Legal and Regulatory Issues

Security and Third Parties

Ethics

Information Security Governance

Access Control Defensive Categories and Types

Risk Analysis

Types of Attackers

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 2: Domain 2: Asset security

Abstract

Introduction

Classifying Data

Ownership

Memory and Remanence

Data Destruction

Determining Data Security Controls

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 3: Domain 3: Security engineering

Abstract

Introduction

Security Models

Secure System Design Concepts

Secure Hardware Architecture

Secure Operating System and Software Architecture

Virtualization and Distributed Computing

System Vulnerabilities, Threats, and Countermeasures

Cornerstone Cryptographic Concepts

Types of Cryptography

Cryptographic Attacks

Implementing Cryptography

Perimeter Defenses

Site Selection, Design, and Configuration

System Defenses

Environmental Controls

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 4: Domain 4: Communication and network security

Abstract

Introduction

Network Architecture and Design

Secure Network Devices and Protocols

Secure Communications

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 5: Domain 5: Identity and access management (controlling access and managing identity)

Abstract

Introduction

Authentication Methods

Access Control Technologies

Access Control Models

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 6: Domain 6: Security assessment and testing

Abstract

Introduction

Assessing Access Control

Software Testing Methods

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 7: Domain 7: Security operations

Abstract

Introduction

Administrative Security

Forensics

Incident Response Management

Operational Preventive and Detective Controls

Asset Management

Continuity of Operations

BCP and DRP overview and process

Developing a BCP/DRP

Backups and Availability

DRP Testing, Training, and Awareness

Continued BCP/DRP Maintenance

Specific BCP/DRP Frameworks

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Chapter 8: Domain 8: Software development security

Abstract

Introduction

Programming Concepts

Application Development Methods

Databases

Object-Oriented Programming

Assessing the Effectiveness of Software Security

Summary of Exam Objectives

Top Five Toughest Questions

Answers

Index

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.255.162