Free Shipping to Singapore

Shop over 1 Million Toys in our Huge New Range

Official (Isc)2 Guide to the CISSP Cbk, Fourth Edition

As a result of a rigorous, methodical process that (ISC)^2 follows to routinely update its credential exams, it has announced that enhancements will be made to both the Certified Information Systems Security Professional (CISSP) credential, beginning April 15, 2015. (ISC)^2 conducts this process on a regular basis to ensure that the examinations and subsequent training and continuing professional education requirements encompass the topic areas relevant to the roles and responsibilities of today's practicing information security professionals. Refreshed technical content has been added to the official (ISC)^2 CISSP CBK to reflect the most current topics in the information security industry today. Some topics have been expanded (e.g., asset security, security assessment and testing), while other topics have been realigned under different domains. The result is an exam that most accurately reflects the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization's information security program within an ever-changing security landscape. The domain names have been updated as follows: CISSP Domains, Effective April 15, 2015 * Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity) * Asset Security (Protecting Security of Assets) * Security Engineering (Engineering and Management of Security) * Communications and Network Security (Designing and Protecting Network Security) * Identity and Access Management (Controlling Access and Managing Identity) * Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) * Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery) * Software Development Security (Understanding, Applying, and Enforcing Software Security) Some candidates may be wondering how these updates affect training materials for the CISSP credential. As part of the organization's comprehensive education strategy and certifying body best practices, (ISC)^2 training materials do not teach directly to its credential examinations. Rather, (ISC)^2 Education is focused on teaching the core competencies relevant to the roles and responsibilities of today's practicing information security professional. It is designed to refresh and enhance the knowledge of experienced industry professionals.
Product Details

Table of Contents

Domain 1 - Security & Risk ManagementSecurity & Risk Management Confidentiality, Integrity, and AvailabilitySecurity Governance The Complete and Effective Security Program Compliance Global Legal and Regulatory Issues Understand Professional Ethics Develop and Implement Security Policy Business Continuity (BC) & Disaster Recovery (DR) Requirements Manage Personnel Security Risk Management Concepts Threat Modeling Acquisitions Strategy and Practice Security Education, Training, and Awareness Domain 2 - Asset SecurityAsset Security Data Management: Determine and Maintain Ownership Data Standards Longevity and Use Classify Information and Supporting Assets Asset Management Protect Privacy Ensure Appropriate RetentionDetermine Data Security Controls Standards Selection Domain 3 - Security EngineeringSecurity Engineering The Engineering Lifecycle Using Security Design PrinciplesFundamental Concepts of Security Models Information Systems Security Evaluation ModelsSecurity Capabilities of Information SystemsVulnerabilities of Security ArchitecturesDatabase Security Software and System Vulnerabilities and Threats Vulnerabilities in Mobile Systems Vulnerabilities in Embedded Devices and Cyber-Physical Systems The Application and Use of Cryptography Site and Facility Design Considerations Site Planning Implementation and Operation of Facilities Security Domain 4 - Communications & Network SecurityCommunications & Network Security Secure Network Architecture and Design Implications of Multi-Layer Protocols Converged Protocols Securing Network Components Secure Communication ChannelsNetwork Attacks Domain 5 - Identity & Access ManagementIdentity & Access Management Physical and Logical Access to Assets Identification and Authentication of People and Devices Identity Management ImplementationIdentity as a Service (IDaaS) Integrate Third-Party Identity Services Implement and Manage Authorization MechanismsPrevent or Mitigate Access Control Attacks Identity and Access Provisioning Lifecycle Domain 6 - Security Assessment & TestingSecurity Assessment & Testing Assessment and Test StrategiesCollect Security Process DataInternal and Third-Party Audits Domain 7 - Security OperationsSecurity Operations Investigations Provisioning of Resources through Configuration ManagementResource Protection Incident Response Preventative Measures against Attacks Patch and Vulnerability Management Change and Configuration Management The Disaster Recovery Process Test Plan ReviewBusiness Continuity and Other Risk Areas Access Control Personnel Safety Domain 8 - Security in the Software Development Life CycleSecurity in the Software Development Life Cycle Software Development Security Outline Environment and Security Controls Security of the Software Environment Software Protection Mechanisms Assess the Effectiveness of Software Security Assess Software Acquisition Security

Look for similar items by category
People also searched for
Item ships from and is sold by Fishpond World Ltd.
Back to top