- 作者: Eric Conrad,Seth Misenar,Joshua Feldman
- 出版社/メーカー: Syngress
- 発売日: 2015/12/08
- メディア: Kindle版
- この商品を含むブログを見る
Table of contents
Chapter 1: Introduction
Chapter 2: Domain 1: Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
- Abstract
- Unique Terms and Definitions
- Introduction
- Cornerstone Information Security Concepts
- Legal and Regulatory Issues
- Security and 3rd Parties
- Ethics
- Information Security Governance
- Access Control Defensive Categories and Types
- Risk Analysis
- Types of Attackers
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 3: Domain 2: Asset Security (Protecting Security of Assets)
- Abstract
- Unique Terms and Definitions
- Introduction
- Classifying Data
- Ownership
- Memory and Remanence
- Data Destruction
- Determining Data Security Controls
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 4: Domain 3: Security Engineering (Engineering and Management of Security)
- Abstract
- Unique Terms and Definitions
- Introduction
- Security Models
- Evaluation Methods, Certification and Accreditation
- Secure System Design Concepts
- Secure Hardware Architecture
- Secure Operating System and Software Architecture
- Virtualization and Distributed Computing
- System Vulnerabilities, Threats and Countermeasures
- Cornerstone Cryptographic Concepts
- History of Cryptography
- Types of Cryptography
- Cryptographic Attacks
- Implementing Cryptography
- Perimeter Defenses
- Site Selection, Design, and Configuration
- System Defenses
- Environmental Controls
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 5: Domain 4: Communication and Network Security (Designing and Protecting Network Security)
- Abstract
- Unique Terms and Definitions
- Introduction
- Network Architecture and Design
- Secure Network Devices and Protocols
- Secure Communications
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 6: Domain 5: Identity and Access Management (Controlling Access and Managing Identity)
- Abstract
- Unique Terms and Definitions
- Introduction
- Authentication Methods
- Access Control Technologies
- Access Control Models
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 7: Domain 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
- Abstract
- Unique Terms and Definitions
- Introduction
- Assessing Access Control
- Software Testing Methods
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 8: Domain 7: Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
- Abstract
- Unique Terms and Definitions
- Introduction
- Administrative Security
- Forensics
- Incident Response Management
- Operational Preventive and Detective Controls
- Asset Management
- Continuity of Operations
- BCP and DRP Overview and Process
- Developing a BCP/DRP
- Backups and Availability
- DRP Testing, Training and Awareness
- Continued BCP/DRP Maintenance
- Specific BCP/DRP Frameworks
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
Chapter 9: Domain 8: Software Development Security (Understanding, Applying, and Enforcing Software Security)
- Abstract
- Unique Terms and Definitions
- Introduction
- Programming Concepts
- Application Development Methods
- Databases
- Object-Oriented Design and Programming
- Assessing the Effectiveness of Software Security
- Artificial Intelligence
- Summary of Exam Objectives
- Self Test
- Self Test Quick Answer Key
