Official (ISC)2 Guide to the SSCP CBK,
Gebonden Engels 2010 2e druk 9781439804834Samenvatting
The (ISC)² Systems Security Certified Practitioner (SSCP) certification is one of the most important credentials an information security practitioner can have. Having helped thousands of people around the world obtain this distinguished certification, the bestselling Official (ISC)2 Guide to the SSCP CBK has quickly become the book that many of today’s security practitioners depend on to attain and maintain the required competence in the seven domains of the (ISC)² CBK.
Picking up where the popular first edition left off, the 'Official (ISC)2 Guide to the SSCP CBK, Second Edition' brings together leading IT security tacticians from around the world to discuss the critical role that policy, procedures, standards, and guidelines play within the overall information security management infrastructure.
Offering step-by-step guidance through the seven domains of the SSCP CBK, the text:
- Presents widely recognized best practices and techniques used by the world's most experienced administrators
- Uses accessible language, bulleted lists, tables, charts, and diagrams to facilitate a clear understanding
- Prepares you to join the thousands of practitioners worldwide who have obtained (ISC)² certification
Through clear descriptions accompanied by easy-to-follow instructions and self-assessment questions, this book will help you establish the product-independent understanding of information security fundamentals required to attain SSCP certification. Following certification it will be a valuable guide to addressing real-world security implementation challenges.
Specificaties
Lezersrecensies
Inhoudsopgave
-Access Control Concepts
-Architecture Models
-Identification, Authentication, Authorization, and Accountability
-Remote Access Methods
-Other Access Control Areas
-Sample Questions
Cryptography; Christopher M. Nowell
-The Basics
-Symmetric Cryptography
-General Cryptography
-Specific Hashes
-Specific Protocols
-X.509
-Sample Questions
Malicious Code; Ken Dunham
-Introduction to Windows Malcode Security Management
-Malcode Naming Conventions and Types
-Brief History of Malcode
-Vectors of Infection
-Payloads
-Identifying Infections
-Behavioral Analysis of Malcode
-Malcode Mitigation
-Sample Questions
Monitoring and Analysis; Mike Mackrill
-Policy, Controls, and Enforcement
-Audit
-Monitoring
-Sample Questions
Networks and Telecommunications; Eric Waxvik and Samuel Chun
-Introduction to Networks and Telecommunications
-Network Protocols and Security Characteristics
-Data Communications and Network Infrastructure Components and Security Characteristics
-Wireless Local Area Networking
-Sample Questions
Security Operations and Administration; C. Karen Stopford
-Security Program Objectives: The C-I-A Triad
-Code of Ethics
-Security Best Practices
-Designing a Security Architecture
-Security Program Frameworks
-Aligning Business, IT, and Security
-Security Architecture and Models
-Access Control Models
-Identity and Access Management
-Managing Privileged User Accounts
-Outsourcing Security and Managed Security Service Providers
-Business Partner Security Controls
-Security Policies, Standards, Guidelines, and Procedures
-Considerations for Safeguarding Confidentiality
-Privacy and Monitoring
-Information Life Cycle
-Protecting Confidentiality and Information Classification
-Information Handling Policy
-Information Collection
-Secure Information Storage
-Secure Output
-Record Retention and Disposal
-Disclosure Controls: Data Leakage Prevention
-Secure Application Development
-Web Application Vulnerabilities and Secure Development Practices
-Implementation and Release Management
-Systems Assurance and Controls Validation
-Certification and Accreditation
-Security Assurance Rating: Common Criteria
-Change Control
-Configuration Management
-Patch Management
-Monitoring System Integrity
-Endpoint Protection
-Thin Client Implementations
-Metrics
-Security Awareness and Training
-Review Questions
-References
Risk, Response, and Recovery; Chris Trautwein
-Introduction to Risk Management
-Incident Response
-Forensics
-Recovery
Appendix: Questions and Answers
-Access Controls
-Cryptography
-Malicious Code
-Monitoring and Analysis
-Networks and Telecommunications
-Risk, Response, and Recovery
-Security Operations and Administration
Index
Anderen die dit boek kochten, kochten ook
-
Razi Rais€ 50,14 -
Simon Asplen–taylor€ 52,92
-
Raph Kostet€ 50,84
-
Vincent Sesto€ 54,99
-
Daniel Walsh€ 68,14
-
Bitmap Books€ 64,35
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan