CISSP Cert Guide (2022)

Preview (31 of 1033 Pages)

100%

CISSP Cert Guide (2022) - Page 1 preview image

Loading page ...

Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 2 preview image

Loading page ...

CISSP Cert Guide (2022) - Page 3 preview image

Loading page ...

CISSP Cert GuideFourth EditionRobin AbernathyDarren HayesHumble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 4 preview image

Loading page ...

CISSP Cert GuideCopyright © 2023 by Pearson Education, Inc.All rights reserved. No part of this book shall be reproduced, stored ina retrieval system, or transmitted by any means, electronic, mechanical,photocopying, recording, or otherwise, without written permission fromthe publisher. No patent liability is assumed with respect to the use of theinformation contained herein. Although every precaution has been taken inthe preparation of this book, the publisher and authors assume noresponsibility for errors or omissions. Nor is any liability assumed fordamages resulting from the use of the information contained herein.ISBN-13: 978-0-13-750747-4ISBN-10: 0-13-750747-XLibrary of Congress Control Number: 2022943249ScoutAutomatedPrintCodeTrademarksAll terms mentioned in this book that are known to be trademarks orservice marks have been appropriately capitalized. Pearson IT Certificationcannot attest to the accuracy of this information. Use of a term in this bookshould not be regarded as affecting the validity of any trademark or servicemark.Warning and DisclaimerEvery effort has been made to make this book as complete and as accurateas possible, but no warranty or fitness is implied. The information providedis on an “as is” basis. The authors and the publisher shall have neitherliability nor responsibility to any person or entity with respect to any lossor damages arising from the information contained in this book.Special SalesFor information about buying this title in bulk quantities, or for specialsales opportunities (which may include electronic versions; custom coverdesigns; and content particular to your business, training goals, marketingfocus, or branding interests), please contact our corporate sales departmentat corpsales@pearsoned.com or (800) 382-3419.For government sales inquiries, please contactgovernmentsales@pearsoned.com.For questions about sales outside the U.S., please contactintlcs@pearson.com.Editor-in-ChiefMark TaubProduct Line ManagerBrett BartowExecutive EditorJames ManlyDevelopment EditorEllie C. BruManaging EditorSandra SchroederSenior Project EditorTonya SimpsonCopy EditorChuck HutchinsonIndexerErika MillenProofreaderJen HinchliffeTechnical EditorsR. Sarma DanturthiBen MayoPublishing CoordinatorCindy TeetersCover DesignerChuti PrasertsithCompositorcodeMantraHumble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 5 preview image

Loading page ...

Pearson’s Commitment to Diversity, Equity, andInclusionPearson is dedicated to creating bias-free content that reflects the diversity of alllearners. We embrace the many dimensions of diversity, including but not limitedto race, ethnicity, gender, socioeconomic status, ability, age, sexual orientation, andreligious or political beliefs.Education is a powerful force for equity and change in our world. It has the poten-tial to deliver opportunities that improve lives and enable economic mobility. As wework with authors to create content for every product and service, we acknowledgeour responsibility to demonstrate inclusivity and incorporate diverse scholarship sothat everyone can achieve their potential through learning. As the world’s leadinglearning company, we have a duty to help drive change and live up to our purpose tohelp more people create a better life for themselves and to create a better world.Our ambition is to purposefully contribute to a world where■Everyone has an equitable and lifelong opportunity to succeed throughlearning■Our educational products and services are inclusive and represent the richdiversity of learners■Our educational content accurately reflects the histories and experiences of thelearners we serve■Our educational content prompts deeper discussions with learners andmotivates them to expand their own learning (and worldview)While we work hard to present unbiased content, we want to hear from you aboutany concerns or needs with this Pearson product so that we can investigate andaddress them.Please contact us with concerns about any potential bias athttps://www.pearson.com/report-bias.html.Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 6 preview image

Loading page ...

ivContents at a GlanceIntroductionxlviiCHAPTER 1Security and Risk Management5CHAPTER 2Asset Security165CHAPTER 3Security Architecture and Engineering213CHAPTER 4Communication and Network Security377CHAPTER 5Identity and Access Management (IAM)535CHAPTER 6Security Assessment and Testing601CHAPTER 7Security Operations637CHAPTER 8Software Development Security733CHAPTER 9Final Preparation791Index797Online ElementsAPPENDIX AMemory TablesAPPENDIX BMemory Tables Answer KeyGlossaryHumble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 7 preview image

Loading page ...

Table of ContentsIntroductionxlviiChapter 1Security and Risk Management5Security Terms6CIA6Confidentiality6Integrity7Availability7Auditing and Accounting7Non-repudiation8Default Security Posture8Defense in Depth9Abstraction10Data Hiding10Encryption10Security Governance Principles10Security Function Alignment12Organizational Strategies and Goals12Organizational Mission and Objectives12Business Case13Security Budget, Metrics, and Efficacy13Resources14Organizational Processes14Acquisitions and Divestitures15Governance Committees16Organizational Roles and Responsibilities16Board of Directors16Management17Audit Committee18Data Owner18Data Custodian19System Owner19System Administrator19Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 8 preview image

Loading page ...

viCISSP Cert GuideSecurity Analyst19Application Owner19Supervisor20User20Auditor20Security Control Frameworks20ISO/IEC 27000 Series21Zachman Framework25The Open Group Architecture Framework (TOGAF)25Department of Defense Architecture Framework (DoDAF)25British Ministry of Defence Architecture Framework (MODAF)25Sherwood Applied Business Security Architecture (SABSA)25Control Objectives for Information and Related Technology (COBIT)27National Institute of Standards and Technology (NIST) Special Publication(SP) 800 Series27HITRUST CSF30CIS Critical Security Controls31Committee of Sponsoring Organizations (COSO) of the Treadway CommissionFramework32Operationally Critical Threat, Asset, and Vulnerability Evaluation(OCTAVE)32Information Technology Infrastructure Library (ITIL)33Six Sigma34Capability Maturity Model Integration (CMMI)35CCTA Risk Analysis and Management Method (CRAMM)36Top-Down Versus Bottom-Up Approach36Security Program Life Cycle37Due Care and Due Diligence38Compliance38Contractual, Legal, Industry Standards, andRegulatory Compliance40Privacy Requirements Compliance40Legal and Regulatory Issues41Computer Crime Concepts41Computer-Assisted Crime41Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 9 preview image

Loading page ...

ContentsviiComputer-Targeted Crime41Incidental Computer Crime42Computer Prevalence Crime42Hackers Versus Crackers42Computer Crime Examples42Major Legal Systems43Civil Law44Common Law44Criminal Law44Civil/Tort Law45Administrative/Regulatory Law45Customary Law45Religious Law45Mixed Law45Licensing and Intellectual Property46Patent46Trade Secret47Trademark47Copyright48Software Piracy and Licensing Issues49Internal Protection49Digital Rights Managements (DRM)50Cyber Crimes and Data Breaches50Import/Export Controls51Trans-Border Data Flow51Privacy52Personally Identifiable Information (PII)52Laws and Regulations53Investigation Types62Operations/Administrative63Criminal63Civil64Regulatory64Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 10 preview image

Loading page ...

viiiCISSP Cert GuideIndustry Standards64eDiscovery67Professional Ethics67(ISC)2Code of Ethics67Computer Ethics Institute68Internet Architecture Board68Organizational Code of Ethics69Security Documentation69Policies70Organizational Security Policy71System-Specific Security Policy72Issue-Specific Security Policy72Policy Categories72Processes72Procedures72Standards73Guidelines73Baselines73Business Continuity73Business Continuity and Disaster Recovery Concepts73Disruptions74Disasters74Disaster Recovery and the Disaster Recovery Plan (DRP)75Continuity Planning and the Business Continuity Plan (BCP)76Business Impact Analysis (BIA)76Contingency Plan76Availability77Reliability77Scope and Plan77Personnel Components77Scope78Business Contingency Planning78BIA Development81Identify Critical Processes and Resources82Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 11 preview image

Loading page ...

ContentsixIdentify Outage Impact and Estimate Downtime82Identify Resource Requirements84Identify Recovery Priorities84Personnel Security Policies and Procedures85Candidate Screening and Hiring85Employment Agreements and Policies87Employee Onboarding and Offboarding Policies88Vendor, Consultant, and Contractor Agreements and Controls88Compliance Policy Requirements89Privacy Policy Requirements89Job Rotation89Separation of Duties89Risk Management Concepts90Asset and Asset Valuation90Vulnerability91Threat91Threat Agent91Exploit91Risk91Exposure92Countermeasure92Risk Appetite92Attack93Breach93Risk Management Policy94Risk Management Team94Risk Analysis Team94Risk Assessment95Information and Asset (Tangible/Intangible) Value and Costs95Identity Threats and Vulnerabilities96Risk Assessment/Analysis96Countermeasure (Safeguard) Selection98Inherent Risk Versus Residual Risk99Handling Risk and Risk Response99Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 12 preview image

Loading page ...

xCISSP Cert GuideImplementation100Control Categories100Compensative101Corrective101Detective101Deterrent102Directive102Preventive102Recovery102Control Types102Administrative (Management)103Logical (Technical)105Physical105Controls Assessment, Monitoring, and Measurement108Reporting and Continuous Improvement108Risk Frameworks109NIST109ISO/IEC 27005:2018126Open Source Security Testing Methodology Manual (OSSTMM)127COSO’s Enterprise Risk Management (ERM) Integrated Framework127A Risk Management Standardby the Federation of European RiskManagement Associations (FERMA)128Geographical Threats129Internal Versus External Threats129Natural Threats130Hurricanes/Tropical Storms130Tornadoes130Earthquakes130Floods131Volcanoes131System Threats131Electrical131Communications132Utilities133Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 13 preview image

Loading page ...

ContentsxiHuman-Caused Threats133Explosions133Fire133Vandalism134Fraud135Theft135Collusion135Politically Motivated Threats135Strikes136Riots136Civil Disobedience136Terrorist Acts136Bombing137Threat Modeling137Threat Modeling Concepts138Threat Modeling Methodologies138STRIDE Model139Process for Attack Simulation and Threat Analysis (PASTA) Methodology139Trike Methodology139Visual, Agile, and Simple Threat (VAST) Model140NIST SP 800-154140Identifying Threats141Potential Attacks142Remediation Technologies and Processes143Security Risks in the Supply Chain143Risks Associated with Hardware, Software, and Services144Third-Party Assessment and Monitoring144Onsite Assessment144Document Exchange/Review145Process/Policy Review145Other Third-Party Governance Issues145Minimum Service-Level and Security Requirements145Service-Level Requirements146Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 14 preview image

Loading page ...

xiiCISSP Cert GuideSecurity Education, Training, and Awareness147Levels Required147Methods and Techniques148Periodic Content Reviews148Review All Key Topics148Complete the Tables and Lists from Memory150Define Key Terms150Answers and Explanations157Chapter 2Asset Security165Asset Security Concepts166Asset and Data Policies166Data Quality167Data Documentation and Organization168Identify and Classify Information and Assets169Data and Asset Classification170Sensitivity and Criticality170PII171PHI173Proprietary Data175Private Sector Data Classifications175Military and Government Data Classifications176Information and Asset Handling Requirements177Marking, Labeling, and Storing178Destruction178Provision Resources Securely179Asset Inventory and Asset Management179Data Life Cycle180Databases182DBMS Architecture and Models182Database Interface Languages185Data Warehouses and Data Mining185Database Maintenance186Database Threats186Database Views187Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 15 preview image

Loading page ...

ContentsxiiiDatabase Locks187Polyinstantiation187Database ACID Test187Roles and Responsibilities188Data Owner188Data Controller189Data Custodian189System Owners189System Custodians190Business/Mission Owners190Data Processors190Data Users and Subjects191Data Collection and Limitation191Data Location192Data Maintenance192Data Retention193Data Remanence and Destruction193Data Audit194Asset Retention195Data Security Controls197Data Security197Data States197Data at Rest198Data in Transit198Data in Use198Data Access and Sharing198Data Storage and Archiving199Baselines200Scoping and Tailoring201Standards Selection201Data Protection Methods202Cryptography202Digital Rights Management (DRM)203Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 16 preview image

Loading page ...

xivCISSP Cert GuideData Loss Prevention (DLP)204Cloud Access Security Broker (CASB)204Review All Key Topics205Define Key Terms205Answers and Explanations207Chapter 3Security Architecture and Engineering213Engineering Processes Using Secure Design Principles214Objects and Subjects215Closed Versus Open Systems215Threat Modeling215Least Privilege216Defense in Depth216Secure Defaults216Fail Securely217Separation of Duties (SoD)217Keep It Simple218Zero Trust218Privacy by Design218Trust but Verify219Shared Responsibility219Security Model Concepts220Confidentiality, Integrity, and Availability220Confinement220Bounds221Isolation221Security Modes221Dedicated Security Mode221System High Security Mode221Compartmented Security Mode222Multilevel Security Mode222Assurance and Trust222Security Model Types222State Machine Models223Multilevel Lattice Models223Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 17 preview image

Loading page ...

ContentsxvMatrix-Based Models223Noninterference Models224Information Flow Models224Take-Grant Model225Security Models226Bell-LaPadula Model226Biba Model228Clark-Wilson Integrity Model228Lipner Model229Brewer-Nash (Chinese Wall) Model229Graham-Denning Model230Harrison-Ruzzo-Ullman Model230Goguen-Meseguer Model230Sutherland Model230System Architecture Steps230ISO/IEC 42010:2011231Computing Platforms231Mainframe/Thin Clients232Distributed Systems232Middleware232Embedded Systems232Mobile Computing233Virtual Computing233Security Services234Boundary Control Services234Access Control Services234Integrity Services234Cryptography Services234Auditing and Monitoring Services234System Components235CPU235Memory and Storage238Input/Output Devices241Input/Output Structures241Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 18 preview image

Loading page ...

xviCISSP Cert GuideFirmware242Operating Systems243Memory Management244System Security Evaluation Models244TCSEC245Rainbow Series245ITSEC248Common Criteria250Security Implementation Standards252ISO/IEC 27001253ISO/IEC 27002254Payment Card Industry Data Security Standard (PCI DSS)255Controls and Countermeasures255Certification and Accreditation256Control Selection Based on Systems Security Requirements256Security Capabilities of Information Systems257Memory Protection257Trusted Platform Module258Interfaces259Fault Tolerance259Policy Mechanisms260Separation of Privilege260Accountability260Encryption/Decryption260Security Architecture Maintenance261Vulnerabilities of Security Architectures, Designs, and SolutionElements261Client-Based Systems262Server-Based Systems263Data Flow Control263Database Systems264Inference264Aggregation264Contamination264Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 19 preview image

Loading page ...

ContentsxviiData Mining Warehouse264Cryptographic Systems265Industrial Control Systems265Cloud-Based Systems268Large-Scale Parallel Data Systems274Distributed Systems275Grid Computing275Peer-to-Peer Computing275Internet of Things276IoT Examples277Methods of Securing IoT Devices277NIST Framework for Cyber-Physical Systems278Microservices280Containerization281Serverless Systems281High-Performance Computing Systems282Edge Computing Systems282Virtualized Systems283Vulnerabilities in Web-Based Systems283Maintenance Hooks284Time-of-Check/Time-of-Use Attacks284Web-Based Attacks285XML285SAML285OWASP286Vulnerabilities in Mobile Systems286Device Security287Application Security287Mobile Device Concerns287NIST SP 800-164290Vulnerabilities in Embedded Systems291Cryptographic Solutions292Cryptography Concepts292Cryptography History294Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 20 preview image

Loading page ...

xviiiCISSP Cert GuideJulius Caesar and the Caesar Cipher295Vigenere Cipher295Kerckhoffs’s Principle297World War II Enigma297Lucifer by IBM298Cryptosystem Features298Authentication298Confidentiality298Integrity298Authorization299Non-repudiation299NIST SP 800-175A and B299Cryptographic Mathematics300Boolean300Logical Operations (And, Or, Not, Exclusive Or)300Modulo Function302One-Way Function302Nonce302Split Knowledge302Cryptographic Life Cycle302Key Management303Algorithm Selection304Cryptographic Types304Running Key and Concealment Ciphers305Substitution Ciphers305One-Time Pads306Steganography307Transposition Ciphers307Symmetric Algorithms308Stream-Based Ciphers309Block Ciphers310Initialization Vectors (IVs)310Asymmetric Algorithms310Hybrid Ciphers311Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 21 preview image

Loading page ...

ContentsxixElliptic Curves312Quantum Cryptography312Symmetric Algorithms312DES and 3DES313DES Modes3133DES and Modes316AES316IDEA317Skipjack317Blowfish317Twofish318RC4/RC5/RC6/RC7318CAST318Asymmetric Algorithms319Diffie-Hellman320RSA320El Gamal321ECC321Knapsack322Zero-Knowledge Proof322Public Key Infrastructure and Digital Certificates322Certificate Authority and Registration Authority323Certificates323Certificate Life Cycle324Enrollment325Verification326Revocation326Renewal and Modification327Certificate Revocation List327OCSP327PKI Steps327Cross-Certification328Key Management Practices328Message Integrity332Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 22 preview image

Loading page ...

xxCISSP Cert GuideHashing333One-Way Hash333MD2/MD4/MD5/MD6335SHA/SHA-2/SHA-3336HAVAL337RIPEMD-160337Tiger337Message Authentication Code337HMAC337CBC-MAC338CMAC338Salting339Digital Signatures and Non-repudiation339DSS340Non-repudiation340Applied Cryptography340Link Encryption Versus End-to-End Encryption340Email Security340Internet Security341Cryptanalytic Attacks341Ciphertext-Only Attack342Known Plaintext Attack342Chosen Plaintext Attack342Chosen Ciphertext Attack342Social Engineering342Brute Force343Differential Cryptanalysis343Linear Cryptanalysis343Algebraic Attack343Frequency Analysis343Birthday Attack344Dictionary Attack344Replay Attack344Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 23 preview image

Loading page ...

ContentsxxiAnalytic Attack344Statistical Attack344Factoring Attack344Reverse Engineering344Meet-in-the-Middle Attack345Ransomware Attack345Side-Channel Attack345Implementation Attack345Fault Injection345Timing Attack346Pass-the-Hash Attack346Digital Rights Management346Document DRM347Music DRM347Movie DRM347Video Game DRM348E-book DRM348Site and Facility Design348Layered Defense Model348CPTED348Natural Access Control349Natural Surveillance349Natural Territorials Reinforcement349Physical Security Plan350Deter Criminal Activity350Delay Intruders350Detect Intruders350Assess Situation350Respond to Intrusions and Disruptions350Facility Selection Issues351Visibility351Surrounding Area and External Entities351Accessibility351Construction352Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 24 preview image

Loading page ...

xxiiCISSP Cert GuideInternal Compartments352Computer and Equipment Rooms353Site and Facility Security Controls353Doors353Door Lock Types354Turnstiles and Mantraps354Locks355Biometrics356Type of Glass Used for Entrances356Visitor Control357Wiring Closets/Intermediate Distribution Facilities357Restricted and Work Areas357Secure Data Center357Restricted Work Area358Server Room358Media Storage Facilities358Evidence Storage358Environmental Security and Issues358Fire Protection359Power Supply360HVAC361Water Leakage and Flooding362Environmental Alarms362Equipment Physical Security362Corporate Procedures362Safes, Vaults, and Locking364Review All Key Topics364Complete the Tables and Lists from Memory366Define Key Terms366Answers and Explanations372Chapter 4Communication and Network Security377Secure Network Design Principles378OSI Model378Application Layer379Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 25 preview image

Loading page ...

ContentsxxiiiPresentation Layer379Session Layer380Transport Layer380Network Layer380Data Link Layer381Physical Layer381TCP/IP Model383Application Layer383Transport Layer384Internet Layer386Link Layer388Encapsulation and De-encapsulation388IP Networking389Common TCP/UDP Ports389Logical and Physical Addressing391IPv4392IP Classes393Public Versus Private IP Addresses394NAT394MAC Addressing399Network Transmission399Analog Versus Digital399Asynchronous Versus Synchronous400Broadband Versus Baseband401Unicast, Multicast, and Broadcast402Wired Versus Wireless403IPv6403NIST SP 800-119404IPv6 Major Features406IPv4 Versus IPv6 Threat Comparison409IPv6 Addressing410Shorthand for Writing IPv6 Addresses412IPv6 Address Types414IPv6 Address Scope415Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 26 preview image

Loading page ...

xxivCISSP Cert GuideNetwork Types416Local-Area Network (LAN)417Intranet417Extranet418MAN418WAN419WLAN420SAN420CAN421PAN421Protocols and Services421ARP/RARP422DHCP/BOOTP423DNS424FTP, FTPS, SFTP, and TFTP424HTTP, HTTPS, and S-HTTP425ICMP425IGMP426IMAP426LDAP426LDP426NAT426NetBIOS426NFS427PAT427POP427CIFS/SMB427SMTP427SNMP427SSL/TLS428Multilayer Protocols428Converged Protocols429FCoE429MPLS430Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 27 preview image

Loading page ...

ContentsxxvVoIP431iSCSI431Wireless Networks431FHSS, DSSS, OFDM, VOFDM, FDMA, TDMA, CDMA, OFDMA, andGSM432802.11 Techniques432Cellular or Mobile Wireless Techniques4335G434Satellites435WLAN Structure435Access Point435Service Set Identifier (SSID)436Infrastructure Mode Versus Ad Hoc Mode436WLAN Standards436802.11436802.11a436802.11b437802.11g437802.11n (Wi-Fi 4)437802.11ac (Wi-Fi 5)437802.11ax (Wi-Fi 6)438802.11be (Wi-Fi 7)438Bluetooth438Infrared439Near Field Communication (NFC)439Zigbee439WLAN Security439Open System Authentication440Shared Key Authentication440WEP440WPA440WPA2441Personal Versus Enterprise441WPA3441802.1X442Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 28 preview image

Loading page ...

xxviCISSP Cert GuideSSID Broadcast443MAC Filter444Wireless Site Surveys444Antenna Placement and Power Levels444Antenna Types445Communications Cryptography445Link Encryption445End-to-End Encryption446Email Security446PGP446MIME and S/MIME447Quantum Cryptography448Internet Security448Remote Access448HTTP, HTTPS, and S-HTTP449Secure Electronic Transaction (SET)449Cookies449SSH450IPsec450Secure Network Components450Hardware450Network Devices450Network Routing468Transmission Media471Cabling471Network Topologies475Network Technologies479WAN Technologies486Network Access Control Devices491Quarantine/Remediation492Firewalls/Proxies493Endpoint Security493Content-Distribution Networks494Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 29 preview image

Loading page ...

ContentsxxviiSecure Communication Channels495Voice495Multimedia Collaboration495Remote Meeting Technology496Instant Messaging496Remote Access497Remote Connection Technologies497VPN Screen Scraper506Virtual Application/Desktop506Telecommuting/Teleworking506Data Communications507Virtualized Networks507SDN507Virtual SAN508Guest Operating Systems508Federated Identity with a Third-Party508Network Attacks509Cabling509Noise509Attenuation509Crosstalk510Eavesdropping510Network Component Attacks510Non-Blind Spoofing510Blind Spoofing511Man-in-the-Middle Attack511MAC Flooding Attack511802.1Q and Inter-Switch Link Protocol (ISL) Tagging Attack511Double-Encapsulated 802.1Q/Nested VLAN Attack512ARP Attack512ICMP Attacks512Ping of Death512Smurf512Fraggle513ICMP Redirect513Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 30 preview image

Loading page ...

xxviiiCISSP Cert GuidePing Scanning513Traceroute Exploitation513DNS Attacks514DNS Cache Poisoning514DoS514DDoS515DNSSEC515URL Hiding515Domain Grabbing516Cybersquatting516Email Attacks516Email Spoofing516Spear Phishing517Whaling518Spam518Wireless Attacks518Wardriving518Warchalking519Remote Attacks519Other Attacks519SYN ACK Attacks519Session Hijacking519Port Scanning520Teardrop520IP Address Spoofing520Zero-Day521Ransomware521Review All Key Topics521Define Key Terms522Answers and Explanations529Chapter 5Identity and Access Management (IAM)535Access Control Process536Identify Resources536Identify Users536Identify the Relationships Between Resources and Users537Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

CISSP Cert Guide (2022) - Page 31 preview image

Loading page ...

ContentsxxixPhysical and Logical Access to Assets537Access Control Administration538Centralized538Decentralized539Information539Systems539Devices540Facilities540Applications541Identification and Authentication Concepts541NIST SP 800-63542Five Factors for Authentication546Knowledge Factors546Ownership Factors550Characteristic Factors551Location Factors556Time Factors557Single-Factor Versus Multifactor Authentication557Device Authentication557Identification and Authentication Implementation558Separation of Duties558Least Privilege/Need-to-Know559Default to No Access560Directory Services560Single Sign-on561Kerberos562SESAME564OpenID Connect (OIDC)/Open Authorization (Oauth)564Security Assertion Markup Language (SAML)564Federated Identity Management (IdM)564Security Domains565Session Management566Registration, Proof, and Establishment of Identity566Credential Management Systems567Humble Bundle Pearson Networking and Security Certification Bundle – © Pearson. Do Not Distribute.

Preview Mode

This document has 1033 pages. Sign in to access the full document!

Report

Study Now!

Document Details

Related Documents

ISC2� CISSP� Certified Information Systems Security Professional Official Study Guide, 10th Edition (2024)

ISC2 CISSP Certified Information Systems Security Professional Official Practice Tests, 4th Edition (2024)

ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and Practice Tests (2024)

The Official ISC2 CISSP CBK Reference (2021)

ISC2 Cissp Certified Information Systems Security Professional Official Practice Tests (2021)

CISSP All-in-One Exam Guide (2021)

All in One CISSP Exam Guide (2022)

CISSP Official Practice Tests (2021)

CISSP Official Study Guide (2021)

Official ISC2 Guide to the CISSP CBK (2019)

Company

Explore

Study Tools