CISSP Study Guide - fully updated for the 2024 CISSP Body of KnowledgeISC2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 10th Edition has been completely updated based on the latest 2024 CISSP Detailed Content Outline. This bestselling Sybex Study Guide covers 100% of the CISSP objectives. You'll prepare smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic Study Essentials and chapter review questions.The book's co-authors bring decades of experience as cybersecurity practitioners and educators, integrating real-world expertise with the practical knowledge you'll need to successfully prove your CISSP mastery. Combined, they've taught cybersecurity concepts to millions of students through their books, video courses, and live training programs.Along with the book, you also get access to Sybex's superior online interactive learning environment that includes: Over 900 practice test questions with complete answer explanations. This includes all of the questions from the book plus four additional online-only practice exams, each with 125 unique questions. You can use the online-only practice exams as full exam simulations. Our questions will help you identify where you need to study more. More than 1000 Electronic Flashcards to reinforce your learning and give you last-minute test prep A searchable glossary in PDF to give you instant access to the key terms you need to know Audio Review. Author Mike Chapple reads the Study Essentials for each chapter providing you with more than 2 hours of up-to-date audio review for yet another way to reinforce your knowledge as you prepare. Coverage of all of the CISSP topics in the book means you'll be ready for: Security and Risk Management Asset Security Security Architecture and Engineering Communication and Network Security Identity and Access Management (IAM) Security Assessment and Testing Security Operations Software Development Security ...

Autorentext

Mike Chapple, PhD, CISSP, CCSP, is a teaching professor of IT, analytics, and operations at the University of Notre Dame. He is a cybersecurity professional and educator with over 25 years experience including as chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S. Air Force. Mike is the author of more than 200 books and video courses and provides cybersecurity certification resources at CertMike.com. James Michael Stewart, CISSP, has been writing and training for more than 25 years, with a focus on security. He has been teaching CISSP training courses since 2002, not to mention other courses on Internet security and ethical hacking/penetration testing. He is the author of and contributor to more than 80 books on security certification. Darril Gibson, CISSP, (1958-2022) was the CEO of YCDA, LLC and regularly wrote and consulted on a wide variety of technical and security topics and held numerous other security certifications. He authored or coauthored more than 30 books including multiple prior editions of the CISSP Study Guide.

Klappentext

Your Complete Guide to Preparing for the CISSP Certification, Updated for the CISSP 2024 Objectives The ISC2® CISSP® Certified Information Systems Security Professional Official Study Guide, 10th Edition is your one-stop resource for complete coverage of the 2024 CISSP objectives. You'll prepare for the exam smarter and faster with Sybex thanks to superior content including: an introductory assessment test that checks your readiness, objective map, written labs, key topic study essentials, and challenging chapter review questions. Reinforce what you have learned with the exclusive Sybex online learning environment and test bank. Get prepared to prove your CISSP knowledge with Sybex. Coverage of all CISSP Detailed Content Outline objectives in this Study Guide means you'll be ready for:

Security and Risk Management
Asset Security
Security Architecture and Engineering
Communication and Network Security
Identity and Access Management (IAM)
Security Assessment and Testing
Security Operations
Software Development Security Interactive learning environment:** Take your certification prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit www.wiley.com/go/sybextestprep, register to receive your unique PIN, and instantly gain one year of FREE access to:
Interactive test bank with four additional practice exams, each with 125 unique questions. Practice exams help you identify areas where further review is needed.
More than 2 hours of audio review read by author Mike Chapple.
More than 1,000 electronic flashcards to reinforce learning and last minute prep.
Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared ABOUT THE CISSP CERTIFICATION The CISSP is the most globally recognized certification in the information security market. This vendor neutral certification validates an information security professional's deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization. ISC2 is a global nonprofit organization that maintains the Common Body of Knowledge for information security professionals. Candidates must have experience, subscribe to the ISC2 Code of Ethics, and maintain continuing education requirements or recertify every three years. Visit www.isc2.org to learn more.

Inhalt
Introduction xxxv
Assessment Test lx
Chapter 1 Security Governance Through Principles and Policies 1
Security 101 3
Understand and Apply Security Concepts 4
Security Boundaries 13
Evaluate and Apply Security Governance Principles 14
Manage the Security Function 16
Security Policy, Standards, Procedures, and Guidelines 27
Threat Modeling 29
Supply Chain Risk Management 35
Summary 38
Study Essentials 39
Written Lab 41
Review Questions 42
Chapter 2 Personnel Security and Risk Management Concepts 49
Personnel Security Policies and Procedures 51
Understand and Apply Risk Management Concepts 60
Social Engineering 90
Establish and Maintain a Security Awareness, Education, and Training Program 106
Summary 110
Study Essentials 111
Written Lab 114
Review Questions 115
Chapter 3 Business Continuity Planning 121
Planning for Business Continuity 122
Project Scope and Planning 123
Business Impact Analysis 131
Continuity Planning 137
Plan Approval and Implementation 140
Summary 145
Study Essentials 145
Written Lab 146
Review Questions 147
Chapter 4 Laws, Regulations, and Compliance 151
Categories of Laws 152
Laws 155
State Privacy Laws 179
Compliance 179
Contracting and Procurement 181
Summary 182
Study Essentials 182
Written Lab 184
Review Questions 185
Chapter 5 Protecting Security of Assets 189
Identifying and Classifying Information and Assets 190
Establishing Information and Asset Handling Requirements 198
Data Protection Methods 208
Understanding Data Roles 214
Using Security Baselines 216
Summary 219
Study Essentials 220
Written Lab 221
Review Questions 222
Chapter 6 Cryptography and Symmetric Key Algorithms 227
Cryptographic Foundations 228
Modern Cryptography 246
Symmetric Cryptography 253
Cryptographic Life Cycle 263
Summary 264
Study Essentials 264
Written Lab 266
Review Questions 267
Chapter 7 PKI and Cryptographic Applications 271
Asymmetric Cryptography 272
Hash Functions 279
Digital Signatures 283
Public Key Infrastructure 286
Asymmetric Key Management 292
Hybrid Cryptography 293
Appli…