Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
CISSP in 21 Days

You're reading from   CISSP in 21 Days Boost your confidence and get the competitive edge you need to crack the exam in just 21 days!

Arrow left icon
Product type Paperback
Published in Jun 2016
Publisher
ISBN-13 9781785884498
Length 402 pages
Edition 2nd Edition
Arrow right icon
Author (1):
Arrow left icon
M. L. Srinivasan M. L. Srinivasan
Author Profile Icon M. L. Srinivasan
M. L. Srinivasan
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Day 1 – Security and Risk Management - Security, Compliance, and Policies FREE CHAPTER 2. Day 2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education 3. Day 3 – Asset Security - Information and Asset Classification 4. Day 4 – Asset Security - Data Security Controls and Handling 5. Day 5 – Exam Cram and Practice Questions 6. Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation 7. Day 7 – Security Engineering - Cryptography 8. Day 8 – Communication and Network Security - Network Security 9. Day 9 – Communication and Network Security - Communication Security 10. Day 10 – Exam Cram and Practice Questions 11. Day 11 – Identity and Access Management - Identity Management 12. Day 12 – Identity and Access Management - Access Management, Provisioning, and Attacks 13. Day 13 – Security Assessment and Testing - Designing, Performing Security Assessment, and Tests 14. Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting 15. Day 15 – Exam Cram and Practice Questions 16. Day 16 – Security Operations - Foundational Concepts 17. Day 17 – Security Operations - Incident Management and Disaster Recovery 18. Day 18 – Software Development Security - Security in Software Development Life Cycle 19. Day 19 – Software Development Security - Assessing effectiveness of Software Security 20. Day 20 – Exam Cram and Practice Questions 21. Day 21 – Exam Cram and Mock Test

What this book covers

Chapter 1, Day 1 – Security and Risk Management - Security, Compliance, and Policies, covers the foundational concepts in information security, such as Confidentiality, Integrity, and Availability (CIA) from the first domain of CISSP Common Body of Knowledge (CBK)®.

Chapter 2, Day2 – Security and Risk Management - Risk Management, Business Continuity, and Security Education, covers risk management practices that include the identification of risks through risk analysis and assessment, and mitigation techniques such as reduction, moving, transferring, and avoiding risks. An overview of business continuity requirements, developing and documenting project scopes and plans, and conducting business impact analyses is provided. Further more policies and practices pertaining to personnel security are covered.

Chapter 3, Day 3 – Asset Security - Information and Asset Classification, covers the classification of information and supporting assets; the collection of information, its handling and protection throughout its lifecycle, and ownership of information and its privacy; and data retention requirements and methods.

Chapter 4, Day 4 – Asset Security - Data Security Controls and Handling, covers data security controls that include Data Loss Prevention strategies, such as data at rest, data in transit, data in use, and data handling requirements for sensitive information.

Chapter 5, Day 5 – Exam Cram and Practice Questions, covers important concepts and information from the first two domains of the CISSP CBK, namely Security and Risk Management and Asset Security. They are provided in an exam-cram format for fast review and serve to reinforce of the two domains covered in the previous four chapters.

Chapter 6, Day 6 – Security Engineering - Security Design, Practices, Models, and Vulnerability Mitigation, covers concepts for using secure design principles while implementing and managing engineering processes. Information security models and system security evaluation models with controls and countermeasures, and security capabilities in information systems, are also covered. Also, vulnerability assessment and mitigation strategies in information systems, web-based systems, mobile systems, and embedded and cyber-physical systems are covered in detail.

Chapter 7, Day 7 – Security Engineering - Cryptography, covers the application of cryptography in information security requirements. Various concepts such as the cryptographic life cycle, types of cryptography, public key infrastructure, and so on are covered with illustrations. The methods of cryptanalytic attack are covered in detail with suitable examples.

Chapter 8, Day 8 – Communication and Network Security - Network Security, covers foundational concepts in network architecture and network security. IP and non-IP protocols, and their applications and vulnerabilities, are covered in detail, along with wireless networks and their security requirements. Application of cryptography in communication security, with illustrations and concepts related to securing network components.

Chapter 9, Day 9 – Communication and Network Security - Communication Security, covers communication channels such as voice, multimedia, remote access, data communications, virtualized networks, and so on, and their security requirements. Preventing or mitigating network attacks is also covered, with illustrations.

Chapter 10, Day 10 – Exam Cram and Practice Questions, covers important concepts and information from the third and fourth domains of the CISSP CBK, namely security engineering and communication and network security. They are provided in an exam cram format for fast review and serve to reinforce the two domains covered in the previous four chapters.

Chapter 11, Day 11 – Identity and Access Management - Identity Management, covers provisioning and managing the identities and the access used in the interaction between humans and information systems. Core concepts of identification, authentication, authorization, and accountability, are covered in detail. Concepts related to identity as a service or cloud-based third-party identity services are covered, as well as security requirements in such services, with illustrations.

Chapter 12, Day 12 – Identity and Access Management  -  Access Management, Provisioning, and Attacks, focuses on access control concepts, methods, attacks, and countermeasures in detail.

Chapter 13, Day 13 – Security Assessment and Testing - Designing and Performing Security Assessment and Tests, covers tools, methods, and techniques for identifying and mitigating risks due to architectural issues using systematic security assessment and testing of information assets and associated infrastructure. Security control requirements and their effectiveness assessment are also covered.

Chapter 14, Day 14 – Security Assessment and Testing - Controlling, Analyzing, Auditing, and Reporting, covers management and operational controls pertaining to security process data. Analyzing and reporting test outputs, either automated or through manual methods, and conducting or facilitating internal and third-party audits, are covered in detail.

Chapter 15, Day 15 – Exam Cram and Practice Questions, covers important concepts and information from the fifth and sixth domains of the CISSP CBK, namely Identity and Access Management and security assessment and testing. They are provided in an exam cram format for fast review and serve to reinforce the two domains covered in the previous four chapters.

Chapter 16, Day 16 – Security Operations - Foundational Concepts, covers physical security strategies that include secure facility and website design, data center security, hazards, and media storage. Concepts on logging and monitoring activities, investigations, security in the provision of resources, operations security, and resource protection techniques are covered in detail.

Chapter 17, Day 17 – Security Operations - Incident Management and Disaster Recovery, covers incident management, disaster recovery, and business continuity-related concepts that pertains to security operations.

Chapter 18, Day 18 – Software Development Security - Security in Software Development Life Cycle, covers the application of security concepts and the best practices for the production and development of software environments. Security in the software development life cycle is also covered in detail.

Chapter 19, Day 19 – Software Development Security - Assessing Effectiveness of Software Security, covers assurance requirements in software and ways to assess the effectiveness of software security. It also covers the different methods and techniques to assess the security impact of acquired software.

Chapter 20, Day 20 – Exam Cram and Practice Questions, covers important concepts and information from the seventh and eighth domains of the CISSP CBK®, namely security operations and software development security. They are provided in an exam cram format for fast review and serve to reinforce the two domains covered in the previous four chapters.

Chapter 21, Day 21 – Exam Cram and Mock Test, consists of an exam cram from all the eight domains in CISSP CBK®.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image