You're reading from Certified Information Systems Security Professional (CISSP) Exam Guide Become a certified CISSP professional with practical exam-oriented knowledge of all eight domains

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781800567610

Length 526 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Cryptography

Authors (3):

Ted Jordan

Ric Daza

Hinne Hettema

View More author details

Table of Contents (28) Chapters

Preface

1. Intro I: Becoming a CISSP FREE CHAPTER

2. Intro II: Pre-Assessment Test

3. Chapter 1: Ethics, Security Concepts, and Governance Principles

4. Chapter 2: Compliance, Regulation, and Investigations

5. Chapter 3: Security Policies and Business Continuity

6. Chapter 4: Risk Management, Threat Modeling, SCRM, and SETA

7. Chapter 5: Asset and Privacy Protection

8. Chapter 6: Information and Asset Handling

9. Chapter 7: Secure Design Principles and Controls

10. Chapter 8: Architecture Vulnerabilities and Cryptography

11. Chapter 9: Facilities and Physical Security

12. Chapter 10: Network Architecture Security

13. Chapter 11: Securing Communication Channels

14. Chapter 12: Identity, Access Management, and Federation

15. Chapter 13: Identity Management Implementation

16. Chapter 14: Designing and Conducting Security Assessments

17. Chapter 15: Designing and Conducting Security Testing

18. Chapter 16: Planning for Security Operations

19. Chapter 17: Security Operations

20. Chapter 18: Disaster Recovery

21. Chapter 19: Business Continuity, Personnel, and Physical Security

22. Chapter 20: Software Development Life Cycle Security

23. Chapter 21: Software Development Security Controls

24. Chapter 22: Securing Software Development

25. Chapter 23: Secure Coding Guidelines, Third-Party Software, and Databases

26. Chapter 24: Accessing the Online Practice Resources

27. Other Books You May Enjoy

The Need for CISSPs

One of the challenges facing the cybersecurity profession is satisfying the necessity for qualified cybersecurity practitioners to meet the demand. According to the Bureau of Labor Statistics, the rate of growth for jobs in information security is projected at 37% from 2012-2022 (https://packt.link/FNAup). That’s much faster than the average for all other occupations. The Human Resources (HR) professionals who are on the front lines dealing with this challenge rarely possess the ability to quantify the expertise of a cybersecurity job candidate. Therefore, a respected, unbiased standard is necessary to help potential employers more easily determine qualified candidates from unqualified candidates. Enter ISC2 and their CISSP certification.

The International Information System Security Certification Consortium (ISC2) was established as a non-profit organization in 1989. Five years later, ISC2 launched its first certification, the CISSP, in 1994. At the time, the cybersecurity market was in desperate need of a baseline of cybersecurity knowledge to aid both the industry in standardizing the profession and those seeking to hire cybersecurity professionals. Since its founding, ISC2, through the CISSP and its other eight certifications, has established and maintained that standard.

In 2005, the United States Department of Defense (DoD) created the 8570 directive to assess and manage its cybersecurity workforce. The CISSP provides independent verification of a reliable baseline of knowledge and experience in cybersecurity of a practitioner. The CISSP tells the world that you know something about cybersecurity—not just something, but the right something about cybersecurity, as determined by industry experts who hold a CISSP certification. As per the 8570 directive and its current successor, the 8140 directive, many job roles in cybersecurity within the DoD require a CISSP certification to qualify.

In addition to helping HR professionals validate a baseline level of knowledge, the CISSP certification also validates experience. The CISSP certification requires not just a passing score but a minimum of five years of experience. ISC2 verifies this requisite experience before conferring the certification on any candidate who has achieved a passing score on the exam. You will learn more about this experience requirement in the Information about Becoming a CISSP section. This additional benefit of experience verification is of great value to employers.

The CISSP certification also comes with a 40-hour annual Continuing Professional Education (CPE) requirement to maintain the currency of your CISSP certification. See https://packt.link/6EFMh for more information. While ISC2 is a non-profit organization, they don’t just track your CPE and maintain your currency for free; there is an annual maintenance fee of 125 USD per year. The bright side is that if you choose to pursue any of the other eight ISC2 certifications, you will pay only 85 USD per year, unlike other cybersecurity certification organizations.

You're reading from Certified Information Systems Security Professional (CISSP) Exam Guide Become a certified CISSP professional with practical exam-oriented knowledge of all eight domains

Table of Contents (28) Chapters Close

The Need for CISSPs

Authors (3)

Personalised recommendations for you

Table of Contents (28) Chapters