IT Guy

IT、Project Management、IoT、プログラミング、ITIL等々

洋書 - CISSP Study Guide

CISSP Study Guide

CISSP Study Guide

Table of contents

Chapter 1: Introduction
Chapter 2: Domain 1: Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Cornerstone Information Security Concepts
  • Legal and Regulatory Issues
  • Security and 3rd Parties
  • Ethics
  • Information Security Governance
  • Access Control Defensive Categories and Types
  • Risk Analysis
  • Types of Attackers
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 3: Domain 2: Asset Security (Protecting Security of Assets)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Classifying Data
  • Ownership
  • Memory and Remanence
  • Data Destruction
  • Determining Data Security Controls
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 4: Domain 3: Security Engineering (Engineering and Management of Security)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Security Models
  • Evaluation Methods, Certification and Accreditation
  • Secure System Design Concepts
  • Secure Hardware Architecture
  • Secure Operating System and Software Architecture
  • Virtualization and Distributed Computing
  • System Vulnerabilities, Threats and Countermeasures
  • Cornerstone Cryptographic Concepts
  • History of Cryptography
  • Types of Cryptography
  • Cryptographic Attacks
  • Implementing Cryptography
  • Perimeter Defenses
  • Site Selection, Design, and Configuration
  • System Defenses
  • Environmental Controls
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 5: Domain 4: Communication and Network Security (Designing and Protecting Network Security)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Network Architecture and Design
  • Secure Network Devices and Protocols
  • Secure Communications
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 6: Domain 5: Identity and Access Management (Controlling Access and Managing Identity)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Authentication Methods
  • Access Control Technologies
  • Access Control Models
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 7: Domain 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Assessing Access Control
  • Software Testing Methods
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 8: Domain 7: Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Administrative Security
  • Forensics
  • Incident Response Management
  • Operational Preventive and Detective Controls
  • Asset Management
  • Continuity of Operations
  • BCP and DRP Overview and Process
  • Developing a BCP/DRP
  • Backups and Availability
  • DRP Testing, Training and Awareness
  • Continued BCP/DRP Maintenance
  • Specific BCP/DRP Frameworks
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key
Chapter 9: Domain 8: Software Development Security (Understanding, Applying, and Enforcing Software Security)
  • Abstract
  • Unique Terms and Definitions
  • Introduction
  • Programming Concepts
  • Application Development Methods
  • Databases
  • Object-Oriented Design and Programming
  • Assessing the Effectiveness of Software Security
  • Artificial Intelligence
  • Summary of Exam Objectives
  • Self Test
  • Self Test Quick Answer Key