You're reading from CISSP (ISC)² Certification Practice Exams and Tests Over 1,000 practice questions and explanations covering all 8 CISSP domains for the May 2021 exam version

Product type Paperback

Published in Sep 2021

Publisher Packt

ISBN-13 9781800561373

Length 396 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

IT Certification

Author (1):

Ted Jordan

View More author details

Table of Contents (13) Chapters

Preface

1. Chapter I: Scheduling the CISSP Exam

2. Chapter 1: Security and Risk Management Domain 1 Practice Questions FREE CHAPTER

3. Chapter 2: Asset Security Domain 2 Practice Questions

4. Chapter 3: Security Architecture and Engineering Domain 3 Practice Questions

5. Chapter 4: Communication and Network Security Domain 4 Practice Questions

6. Chapter 5: Identity and Access Management Domain 5 Practice Questions

7. Chapter 6: Security Assessment and Testing Domain 6 Practice Questions

8. Chapter 7: Security Operations Domain 7 Practice Questions

9. Chapter 8: Software Development Security Domain 8 Practice Questions

10. Chapter 9: Full Practice Exam Exam 1

11. Chapter 10: Full Practice Exam Exam 2

12. Other Books You May Enjoy

Chapter 6: Security Assessment and Testing Domain 6 Practice Questions

Questions from the following topics are included in this domain:

Designing and validating assessments and tests
Conducting security control testing
Collecting security process data
Analyzing test output data and generating reports
Conducting and facilitating security audits

To pass the CISSP exam, you must score high in the Security Assessment and Testing domain. Domain 6 has a 12% weighting on the exam and requires you to understand how to design and validate assessments and audits. Audits need to be done within the organization and, externally, acting as if a black hat hacker were performing them.

Security control testing includes vulnerability scanning and assessment, penetration testing, and observing activity through log files. It also covers understanding where management is involved in the security process, including disaster recovery and business continuity.

Code review...