(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. Mike Chapple
Чтение книги онлайн.

Читать онлайн книгу (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide - Mike Chapple страница 5

СКАЧАТЬ Security Requirements Chapter 11: Secure Network Architecture and Components Chapter 12: Secure Communications and Network Attacks Chapter 13: Managing Identity and Authentication Chapter 14: Controlling and Monitoring Access Chapter 15: Security Assessment and Testing Chapter 16: Managing Security Operations Chapter 17: Preventing and Responding to Incidents Chapter 18: Disaster Recovery Planning Chapter 19: Investigations and Ethics Chapter 20: Software Development Security Chapter 21: Malicious Code and Application Attacks

      33  Index

      34  End User License Agreement

      List of Tables

      1 Chapter 2TABLE 2.1 Comparison of quantitative and qualitative risk analysisTABLE 2.2 Quantitative risk analysis formulas

      2 Chapter 5TABLE 5.1 Securing email dataTABLE 5.2 Unmodified data within a databaseTABLE 5.3 Masked data

      3 Chapter 6TABLE 6.1 AND operation truth tableTABLE 6.2 OR operation truth tableTABLE 6.3 NOT operation truth tableTABLE 6.4 Exclusive OR operation truth tableTABLE 6.5 Using the Vigenère systemTABLE 6.6 The encryption operationTABLE 6.7 Symmetric and asymmetric key comparisonTABLE 6.8 Comparison of symmetric and asymmetric cryptography systemsTABLE 6.9 Symmetric encryption memorization chart

      4 Chapter 7TABLE 7.1 Hash algorithm memorization chartTABLE 7.2 Digital certificate formats

      5 Chapter 8TABLE 8.1 Subjects and objectsTABLE 8.2 Fail terms definitions related to physical and digital productsTABLE 8.3 An access control matrixTABLE 8.4 Common Criteria evaluation assurance levels

      6 Chapter 10TABLE 10.1 Static voltage and damageTABLE 10.2 Fire extinguisher classes

      7 Chapter 11TABLE 11.1 IP classesTABLE 11.2 IP classes' default subnet masksTABLE 11.3 802.11 wireless networking amendmentsTABLE 11.4 UTP categories

      8 Chapter 12TABLE 12.1 Common load-balancing scheduling techniquesTABLE 12.2 Circuit switching vs. packet switchingTABLE 12.3 Bandwidth levels of SDH and SONET

      List of Illustrations

      1 Chapter 1FIGURE 1.1 The CIA TriadFIGURE 1.2 The five elements of AAA servicesFIGURE 1.3 Strategic, tactical, and operational plan timeline comparisonFIGURE 1.4 An example of diagramming to reveal threat concernsFIGURE 1.5 A risk matrix or risk heat map

      2 Chapter 2FIGURE 2.1 Ex-employees must return all company property.FIGURE 2.2 The cyclical relationships of risk elementsFIGURE 2.3 The six major elements of quantitative risk analysisFIGURE 2.4 The categories of security controls in a defense-in-depth impleme...FIGURE 2.5 The elements of the risk management framework (RMF) (from NIST SP...

      3 Chapter 3FIGURE 3.1 Earthquake hazard map of the United States

      4 Chapter 5FIGURE 5.1 Data classificationsFIGURE 5.2 Clearing a hard drive

      5 Chapter 6FIGURE 6.1 Challenge-response authentication protocolFIGURE 6.2 The magic doorFIGURE 6.3 Symmetric key cryptographyFIGURE 6.4 Asymmetric key cryptography

      6 Chapter 7FIGURE 7.1 Asymmetric key cryptographyFIGURE 7.2 Steganography toolFIGURE 7.3 Image with embedded message

      7 Chapter 8FIGURE 8.1 Transitive trustFIGURE 8.2 The TCB, security perimeter, and reference monitorFIGURE 8.3 The take-grant model's directed graphFIGURE 8.4 The Bell–LaPadula modelFIGURE 8.5 The Biba modelFIGURE 8.6 Memorizing Bell–LaPadula and BibaFIGURE 8.7 The Clark–Wilson model

      8 Chapter 9FIGURE 9.1 The four-layer protection ring modelFIGURE 9.2 The lifecycle of an executed processFIGURE 9.3 Types of hypervisorsFIGURE 9.4 Application containers versus a hypervisor

      9 Chapter 10FIGURE 10.1 A smartcard's ISO 7816 interfaceFIGURE 10.2 Hot and cold aislesFIGURE 10.3 The fire triangleFIGURE 10.4 The four primary stages of fireFIGURE 10.5 A secure physical boundary with an access control vestibule and ...

      10 Chapter 11FIGURE 11.1 The OSI modelFIGURE 11.2 OSI model encapsulationFIGURE 11.3 The OSI model peer layer logical channelsFIGURE 11.4 OSI model layer-based network container namesFIGURE 11.5 Comparing the OSI model with the TCP/IP modelFIGURE 11.6 The TCP three-way handshakeFIGURE 11.7 An RFID antennaFIGURE 11.8 The configuration dialog boxes for a transparent (left) vs. a no...FIGURE 11.9 A ring topologyFIGURE 11.10 A linear bus topology and a tree bus topologyFIGURE 11.11 A star topologyFIGURE 11.12 A mesh topology

      11 Chapter 12FIGURE 12.1 IPsec's encryption of a packet in transport modeFIGURE 12.2 IPsec's encryption of a packet in tunnel modeFIGURE 12.3 Two LANs being connected using a tunnel-mode VPN across the inte...FIGURE 12.4 A client connecting to a network via a remote-access/tunnel VPN ...

      12 Chapter 13FIGURE 13.1 Graph of FRR and FAR errors indicating the CER point

      13 Chapter 14FIGURE 14.1 Role-Based Access ControlFIGURE 14.2 A representation of the boundaries provided by lattice-based acc...FIGURE 14.3 Wireshark capture

      14 Chapter 15FIGURE 15.1 Nmap scan of a web server run from a Linux systemFIGURE 15.2 Default Apache server page running on the server scanned in Figu...FIGURE 15.3 Nmap scan of a large network run from a Mac system using the Ter...FIGURE 15.4 Network vulnerability scan of the same web server that was port ...FIGURE 15.5 Web application vulnerability scan of the same web server that w...FIGURE 15.6 Scanning a database-backed application with sqlmapFIGURE 15.7 Penetration testing processFIGURE 15.8 The Metasploit Framework automated system exploitation tool allo...FIGURE 15.9 Fagan inspections follow a rigid formal СКАЧАТЬ