Introduction
(ISC)2 Certified Information Systems Security Professional (CISSP) Certification is widely respected in the IT world as a premier security certification.
(ISC)2 CISSP Certification is designed to be a vendor-neutral exam that measures your knowledge of industry-standard security practices.
Goals and Methods
The number one goal of this book is a simple one: to help you pass the current version of the (ISC)2 CISSP Certification exam. The CISSP Certification stresses a Common Body of Knowledge (CBK) that defines the architecture, design, management, risk, and controls necessary to secure a business environment. The Candidate Information Bulletin (CIB) from (ISC)2 provides an exam blueprint, reference list, format description, and registration policies.
To aid you in mastering and understanding the CISSP objectives, this book uses the following methods:
• The beginning of each chapter defines the topics to be covered in the chapter.
• The body of the chapter explains the topics from a hands-on and a theory-based standpoint. This includes in-depth descriptions, tables, and figures geared to build your knowledge so that you can pass the exam. The chapters are broken down into several topics each.
• The key topics indicate important figures, tables, and lists of information that you should know for the exam. They are interspersed throughout the chapter and are listed in table format at the end of the chapter.
• You can find memory tables and lists on the disc as Appendix A, “Memory Tables,” and Appendix B, “Memory Tables Answer Key.” Use them to help memorize important information.
• Key terms without definitions are listed at the end of each chapter. Write down the definition of each term, and check your work against the complete key terms in the glossary.
• Each chapter includes review questions meant to gauge your knowledge of the subjects. If an answer to a question doesn’t come readily to you, be sure to review that portion of the chapter. The answers with detailed explanations are at the end of each chapter.
• The disc accompanying this book includes two practice exams that test you on all the CISSP exam topics.
Who Should Read This Book?
The (ISC)2 CISSP exam measures the necessary competencies for a full-time security professional with a minimum of five years in two or more of the 10 domains in the CISSP CBK or a minimum of four years in two or more domain with a four-year college degree. This book is written for people who have that amount of experience working with information systems security.
Readers will range from people who are attempting to attain a position in the IT security field to people who want to keep their skills sharp or perhaps retain their job due to a company policy that mandates that they take the new exams. However, readers with no knowledge of IT security should be cautioned against attempting the CISSP certification as their first IT certification. Beginners would be best served to pursue a more basic IT certification, such as CompTIA’s A+, Network+, or Security+ certification.
This book is also aimed at the reader who wants to acquire additional certifications beyond the CISSP certification. The book is designed in such a way to offer easy transition to future certification studies.
Strategies for Exam Preparation
Strategies for exam preparation will vary depending on your existing knowledge. We recommend that you have access to as many devices and hardware as possible so as to be able to examine the different security methods mentioned in this book. A hands-on approach will really help to reinforce the ideas and concepts expressed in the book. However, not everyone has access to this equipment, so the next best step you can take is to read through the chapters in this book, jotting down notes with key concepts or configurations on a separate notepad. Each chapter contains a quiz that you can use to test your knowledge of the chapter’s topics. It’s located near the end of the chapter.
After you have read through the book, look at the current exam blueprint for the (ISC)2 CISSP Certification Exam from https://www.isc2.org/exam-outline/Default.aspx. If there are any areas shown in the blueprint that you would still like to study, find those sections in the book and review them.
When you feel confident in your skills, attempt the practice exams included on the disc with this book. As you work through the practice exams, note the areas where you lack confidence and review those concepts in the book. After you review the areas, work through the practice exam a second time and rate your skills. Keep in mind that the more you work through the practice exam, the more familiar the questions will become.
(ISC)2 CISSP Exam Objectives
Table I-1 lists the objectives for the CISSP exam. Each Domain has been given its own chapter in this book. The chapter names are the same as the domain names.
Table I-1. (ISC)2 CISSP Exam Objectives
Pearson IT Certification Practice Test Engine and Questions on the Disc
The disc in the back of the book includes the Pearson IT Certification Practice Test engine—software that displays and grades a set of exam-realistic multiple-choice questions. Using the Pearson IT Certification Practice Test engine, you can either study by going through the questions in Study Mode or take a simulated exam that mimics real exam conditions.
The installation process requires two major steps: installing the software and then activating the exam. The disc in the back of this book has a recent copy of the Pearson IT Certification Practice Test engine. The practice exam—the database of exam questions—is not on the disc.
Note
The cardboard disc case in the back of this book includes the disc and a piece of paper. The paper lists the activation code for the practice exam associated with this book. Do not lose the activation code. On the opposite side of the paper from the activation code is a unique, one-time use coupon code for the purchase of the Premium Edition eBook and Practice Test.
Install the Software from the Disc
The Pearson IT Certification Practice Test is a Windows-only desktop application. You can run it on a Mac using a Windows Virtual Machine, but it was built specifically for the PC platform.
The software installation process is pretty routine compared with other software installation processes. If you have already installed the Pearson IT Certification Practice Test software from another Pearson product, there is no need for you to reinstall the software. Simply launch the software on your desktop and proceed to activate the practice exam from this book by using the activation code included in the disc sleeve.
The following steps outline the installation process:
Step 1. Insert the disc into your PC.
Step 2. The software that automatically runs is the Pearson software to access and use all disc-based features, including the exam engine and the disc-only appendixes. From the main menu, click the option to Install the Exam Engine.
Step 3. Respond to windows prompts as with any typical software installation process.
The installation process gives you the option to activate your exam with the activation code supplied on the paper in the disc sleeve. This process requires that you establish a Pearson website login. You need this login to activate the exam, so please do register when prompted. If you already have a Pearson website login, there is no need to register again. Just use your existing login.
Activate and Download the Practice Exam
After the exam engine is installed, you should then activate the exam associated with this book (if you did not do so during the installation process) as follows:
Step 1. Start the Pearson IT Certification Practice Test software from the Windows Start menu or from your desktop shortcut icon.
Step 2. To activate and download the exam associated with this book, from the My Products or Tools tab, select the Activate button.
Step 3. At the next screen, enter the Activation Key from the paper inside the cardboard disc holder in the back of the book. When entered, click the Activate button.
Step 4. The activation process downloads the practice exam. Click Next and then click Finish.
After the activation process finishes, the My Products tab should list your new exam. If you do not see the exam, make sure you have selected the My Products tab on the menu. At this point, the software and practice exam are ready to use. Simply select the exam, and click the Open Exam button.
To update a particular exam you have already activated and downloaded, simply select the Tools tab, and select the Update Products button. Updating your exams will ensure you have the latest changes and updates to the exam data.
If you want to check for updates to the Pearson Cert Practice Test exam engine software, simply select the Tools tab, and select the Update Application button. This will ensure you are running the latest version of the software engine.
Activating Other Exams
The exam software installation process, and the registration process, must happen only once. Then, for each new exam, only a few steps are required. For instance, if you buy another new Pearson IT Certification Cert Guide or Cisco Press Official Cert Guide, extract the activation code from the disc sleeve in the back of that book—you don’t even need the disc at this point. From there, all you need to do is start the exam engine (if not still up and running), and perform Steps 2–4 from the previous list.
Premium Edition
In addition to the two free practice exams provided on the disc, you can purchase two additional exams with expanded functionality directly from Pearson IT Certification. The Premium Edition eBook and Practice Test for this title contains two additional full practice exams as well as an eBook (in both PDF and ePub format). In addition, the Premium Edition title also has remediation for each question to the specific part of the eBook that relates to that question.
If you have purchased the print version of this title, you can purchase the Premium Edition at a deep discount. There is a coupon code in the disc sleeve that contains a one-time use code as well as instructions for where you can purchase the Premium Edition.