ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024)

Page 1 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 1 preview image

ISC2(=CertifiedInformationSystemsSecurityProfessionalTenthEditionCOVERSALLOFTHE2024UPDATEDCISSPOBJECTIVESIncludesinteractiveonlinelearningenvironmentandstudytoolswith:+Morethan900practicequestionsandexercises«Morethan1,000electronicflashcards«Searchablekeytermglossary«+Morethan2hoursofStudyEssentialsAudioReviewMikeChapple,CISSPJamesMichaelStewart,CISSPDarrilGibson,CISSP

Page 2 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 2 preview image

DownloadedfromStudyXY.com®+StudyXYSdYe.o>\|iF’prE\3SStudyAnythingThisContentHasbeenPostedOnStudyXY.comassupplementarylearningmaterial.StudyXYdoesnotendroseanyuniversity,collegeorpublisher.Allmaterialspostedareundertheliabilityofthecontributors.wv8)www.studyxy.com

Page 3 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 3 preview image

ISC2|=,CertifiedInformationSystemsSecurityProfessionalTenthEditionCOVERSALLOFTHE2024UPDATEDCISSPOBJECTIVESIncludesinteractiveonlinelearningenvironmentandstudytoolswith:«Morethan900practicequestionsandexercises«Morethan1,000electronicflashcards«Searchablekeytermglossary«Morethan2hoursofStudyEssentialsAudioReviewMikeChapple,CISSPJamesMichaelStewart,CISSP.CeSYBEXDarrilGibson,CISSPAWioyBrandStudy

Page 4 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 4 preview image

TableofContentsCoverTableofContentsTitlePageCopyrightDedicationAcknowledgmentsAbouttheAuthorsAbouttheTechnicalEditorsIntroductionOverviewoftheCISSPExamTheElementsofThisStudyGuideInteractiveOnlineLearningEnvironmentandTestBankStudyGuideExamObjectivesObjectiveMapHowtoContactthePublisherAssessmentTestAnswerstoAssessmentTestChapter1:SecurityGovernanceThroughPrinciplesandPoliciesSecurity101UnderstandandApplySecurityConceptsSecurityBoundariesEvaluateandApply,SecurityGovernancePrinciplesManagetheSecurityFunctionSecurity,Policy,Standards,Procedures,andGuidelinesThreatModelingSupply.ChainRiskManagementSummary

Page 5 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 5 preview image

StudyEssentialsWrittenLabReviewQuestionsChapter2:PersonnelSecurityandRiskManagementConceptsPersonnelSecurityPoliciesandProceduresUnderstandandApplyRiskManagementConceptsSocialEngineeringEstablishandMaintainaSecurityAwareness,Education,andTrainingProgramSummaryStudyEssentialsWrittenLabReviewQuestionsChapter3;BusinessContinuityPlanningPlanningforBusinessContinuity,ProjectScopeandPlanningBusinessImpactAnalysisContinuityPlanningPlanApprovalandImplementationSummary,StudyEssentialsWrittenLabReviewQuestionsChapter4:Laws,Regulations,andComplianceCategoriesofLawsLawsStatePrivacyLawsComplianceContractingandProcurementSummaryStudyEssentials

Page 6 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 6 preview image

WrittenLabReviewQuestionsChapter5;ProtectingSecurityofAssetsIdentifyingandClassifyingInformationandAssetsEstablishingInformationandAssetHandlingRequirementsDataProtectionMethodsUnderstandingDataRolesUsingSecurityBaselinesSummaryStudyEssentialsWrittenLabReviewQuestionsChapter6:CryptographyandSymmetricKeyAlgorithmsCryptographicFoundationsModernCryptography,SymmetricCryptography.CryptographicLifeCycleSummaryStudyEssentialsWrittenLabReviewQuestionsChapter7:PKIandCryptographicApplicationsAsymmetricCryptography.HashFunctionsDigitalSignaturesPublicKeyInfrastructureAsymmetricKeyManagementHybridCryptography,AppliedCryptography.CryptographicAttacks

Page 7 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 7 preview image

SummaryStudyEssentialsWrittenLabReviewQuestionsChapter8:PrinciplesofSecurityModels,Design,andCapabilitiesSecureDesignPrinciplesTechniquesforEnsuringCIAUnderstandtheFundamentalConceptsofSecurityModelsSelectControlsBasedonSystemsSecurityRequirementsUnderstandSecurityCapabilitiesofInformationSystemsSummary,StudyEssentialsWrittenLabReviewQuestionsChapter9:SecurityVulnerabilities,Threats,andCountermeasuresSharedResponsibility,DataLocalizationandDataSovereignty.AssessandMitigatetheVulnerabilitiesofSecurity,Architectures,Designs,andSolutionElementsClient-BasedSystemsServer-BasedSystemsIndustrialControlSystemsDistributedSystemsHigh-PerformanceComputing(HPC)SystemsReal-TimeOperatingSystemsInternetofThingsEdgeandFogComputingEmbeddedDevicesandCyber-PhysicalSystemsMicroservices

Page 8 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 8 preview image

InfrastructureasCodeImmutableArchitectureVirtualizedSystemsContainerizationMobileDevicesEssentialSecurityProtectionMechanismsCommonSecurityArchitectureFlawsandIssuesSummary,StudyEssentialsWrittenLabReviewQuestionsChapter10:PhysicalSecurityRequirementsApplySecurity,PrinciplestoSiteandFacilityDesignImplementSiteandFacilitySecurityControlsImplementandManagePhysicalSecurity,Summary,StudyEssentialsWrittenLabReviewQuestionsChapter11:SecureNetworkArchitectureandComponentsOSIModelTCP/IPModelAnalyzingNetworkTrafficCommonApplicationLayerProtocolsTransportLayerProtocolsDomainNameSystemInternetProtocol(IP)NetworkingARPConcernsSecureCommunicationProtocolsImplicationsofMultilayerProtocols

Page 9 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 9 preview image

SegmentationEdgeNetworksWirelessNetworksSatelliteCommunicationsCellularNetworksContentDistributionNetworks(CDNs)SecureNetworkComponentsSummary,StudyEssentialsWrittenLabReviewQuestionsChapter12:SecureCommunicationsandNetworkAttacksProtocolSecurityMechanismsSecureVoiceCommunicationsRemoteAccessSecurityManagementMultimediaCollaborationMonitoringandManagementLoadBalancingManageEmailSecurityVirtualPrivateNetworkSwitchingandVirtualLANsNetworkAddressTranslationThird-PartyConnectivity,SwitchingTechnologiesWANTechnologiesFiber-OpticLinksPreventorMitigateNetworkAttacksSummary,StudyEssentialsWrittenLab

Page 10 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 10 preview image

ReviewQuestionsChapter13:ManagingIdentityandAuthenticationControllingAccesstoAssetsTheAAAModelImplementingIdentityManagementManagingtheIdentityandAccessProvisioningLifeCycleSummary,StudyEssentialsWrittenLabReviewQuestionsChapter14:ControllingandMonitoringAccessComparingAccessControlModelsImplementingAuthenticationSystemsZero-TrustAccessPolicyEnforcementUnderstandingAccessControlAttacksSummary,StudyEssentialsWrittenLabReviewQuestionsChapter15;SecurityAssessmentandTestingBuildingaSecurityAssessmentandTestingProgramPerformingVulnerabilityAssessmentsTestingYourSoftwareTrainingandExercisesImplementingSecurityManagementProcessesandCollectingSecurityProcessDataSummaryExamEssentialsWrittenLabReviewQuestionsChapter16:ManagingSecurityOperations

Page 11 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 11 preview image

ApplyFoundationalSecurityOperationsConceptsAddressPersonnelSafetyandSecurityProvisionInformationandAssetsSecurely,Apply,ResourceProtectionManagedServicesintheCloudPerformConfigurationManagement(CM)ManageChangeManagePatchesandReduceVulnerabilitiesSummaryStudyEssentialsWrittenLabReviewQuestionsChapter17:PreventingandRespondingtoIncidentsConductingIncidentManagementImplementingDetectionandPreventiveMeasuresLoggingandMonitoringAutomatingIncidentResponseSummaryStudyEssentialsWrittenLabReviewQuestionsChapter18:DisasterRecoveryPlanningTheNatureofDisasterUnderstandSystemResilience,HighAvailability,andFaultToleranceRecoveryStrategyRecoveryPlanDevelopmentTraining,Awareness,andDocumentationTestingandMaintenanceSummaryStudyEssentials

Page 12 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 12 preview image

WrittenLabReviewQuestionsChapter19:InvestigationsandEthicsInvestigationsMajorCategoriesofComputerCrimeEthicsSummary,StudyEssentialsWrittenLabReviewQuestionsChapter20:SoftwareDevelopmentSecurity,IntroducingSystemsDevelopmentControlsEstablishingDatabasesandDataWarehousingStorageThreatsUnderstandingKnowledge-BasedSystemsSummary,StudyEssentialsWrittenLabReviewQuestionsChapter21:MaliciousCodeandApplicationAttacksMalwareMalwarePreventionApplicationAttacksInjectionVulnerabilitiesExploitingAuthorizationVulnerabilitiesExploitingWebApplicationVulnerabilitiesApplicationSecurityControlsSecureCodingPracticesSummaryStudyEssentials

Page 13 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 13 preview image

WrittenLabReviewQuestionsAppendixA:AnswerstoReviewQuestionsChapter1:SecurityGovernanceThroughPrinciplesandPoliciesChapter2:PersonnelSecurityandRiskManagementConceptsChapter3;BusinessContinuityPlanningChapter4:Laws,Regulations,andComplianceChapter5;ProtectingSecurity,ofAssetsChapter6:CryptographyandSymmetricKeyAlgorithmsChapter7:PKIandCryptographicApplicationsChapter8:PrinciplesofSecurityModels,Design,andCapabilitiesChapter9:SecurityVulnerabilities,Threats,andCountermeasuresChapter10:PhysicalSecurityRequirementsChapter11:SecureNetworkArchitectureandComponentsChapter12:SecureCommunicationsandNetworkAttacksChapter13:ManagingIdentityandAuthenticationChapter14:ControllingandMonitoringAccessChapter15;SecurityAssessmentandTestingChapter16:ManagingSecurityOperationsChapter17:PreventingandRespondingtoIncidentsChapter18:DisasterRecoveryPlanningChapter19:InvestigationsandEthicsChapter20:SoftwareDevelopmentSecurity,Chapter21:MaliciousCodeandApplicationAttacksAppendixB:AnswerstoWrittenLabsChapter1:SecurityGovernanceThroughPrinciplesandPolicies

Page 14 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 14 preview image

Chapter2:PersonnelSecurityandRiskManagementConceptsChapter3;BusinessContinuityPlanningChapter4:Laws,Regulations,andComplianceChapter5;ProtectingSecurity,ofAssetsChapter6:CryptographyandSymmetricKeyAlgorithmsChapter7:PKIandCryptographicApplicationsChapter8:PrinciplesofSecurityModels,Design,andCapabilitiesChapter9:SecurityVulnerabilities,Threats,andCountermeasuresChapter10:PhysicalSecurityRequirementsChapter11:SecureNetworkArchitectureandComponentsChapter12:SecureCommunicationsandNetworkAttacksChapter13:ManagingIdentityandAuthenticationChapter14:ControllingandMonitoringAccessChapter15;SecurityAssessmentandTestingChapter16:ManagingSecurityOperationsChapter17:PreventingandRespondingtoIncidentsChapter18:DisasterRecoveryPlanningChapter19:InvestigationsandEthicsChapter20:SoftwareDevelopmentSecurity,Chapter21:MaliciousCodeandApplicationAttacksIndexEndUserLicenseAgreementListofTablesChapter2TABLE2.1Comparisonofquantitativeandqualitativeriskanalysis

Page 15 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 15 preview image

TABLE2.2QuantitativeriskanalysisformulasChapter5TABLE5.1SecuringemaildataTABLE5.2UnmodifieddatawithinadatabaseTABLE5.3MaskeddataChapter6TABLE6.1ANDoperationtruthtableTABLE6.2ORoperationtruthtableTABLE6.3NOToperationtruthtableTABLE6.4ExclusiveORoperationtruthtableTABLE6.5UsingtheVigeneresystemTABLE6.6TheencryptionoperationTABLE6.7SymmetricandasymmetrickeycomparisonTABLE6.8ComparisonofsymmetricandasymmetriccryptographysystemsTABLE6.9SymmetricencryptionmemorizationchartChapter7TABLE7.1HashalgorithmmemorizationchartTABLE7.2DigitalcertificateformatsChapter8TABLE8.1SubjectsandobjectsTABLE8.2Failterms’definitionsrelatedtophysicalanddigitalproductsTABLE8.3AnaccesscontrolmatrixTABLE8.4CommonCriteriaevaluationassurancelevelsChapter10TABLE10.1Staticvoltageanddamage

Page 16 of 16

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 16 preview image

TABLE10.2FireextinguisherclassesChapter11TABLE11.1IPclassesTABLE11.2IPclasses’defaultsubnetmasksTABLE11.3802.11wirelessnetworkingamendmentsTABLE11.4UTPcategoriesChapter12TABLE12.1Commonload-balancingschedulingtechniquesTABLE12.2Circuitswitchingvs.packetswitchingTABLE12.3BandwidthlevelsofSDHandSONETListofIllustrationsChapter1FIGURE1.1TheCIATriadFIGURE1.2ThefiveelementsofAAAservicesFIGURE1.3Strategic,tactical,andoperationalplantimelinecomparisonFIGURE1.4AnexampleofdiagrammingtorevealthreatconcernsFIGURE1.5AriskmatrixorriskheatmapChapter2FIGURE2.1Formeremployeesmustreturnallcompany,property.FIGURE2.2ThecyclicalrelationshipsofriskelementsFIGURE2.3ThesixmajorelementsofquantitativeriskanalysisFIGURE2.4Thecategoriesofsecuritycontrolsinadefense-in-depthimpleme...

Preview Mode

This document has 1899 pages. Sign in to access the full document!

Report

Learning Tools

Writing Tools

Browse Resources

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024) - Page 1

Study Now!

Document Details

Related Documents

ISC2 CISSP Certified Information Systems Security Professional Official Practice Tests, 4th Edition (2024)

ISC2� CISSP� Certified Information Systems Security Professional Official Study Guide, 10th Edition (2024)

CISSP Official Study Guide (2021)

Official ISC2 Guide to the CISSP CBK (2019)

The Official ISC2 CISSP CBK Reference (2021)

ISC2 Cissp Certified Information Systems Security Professional Official Practice Tests (2021)

CISSP Official Practice Tests (2021)

CISSP All-in-One Exam Guide (2021)

All in One CISSP Exam Guide (2022)

CISSP Cert Guide (2022)

Company

Explore

Study Tools