CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition

Название:CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition
Автор James M. Stewart, Mike Chapple, Darril Gibson
Издательство: Sybex
Год: 2015
Страниц: 1080
Язык: English
Формат: pdf(conv)
Размер: 6 Mb
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition has been completely updated for the latest 2015 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.
Along with the book, you also get access to Sybex's superior online interactive learning environment that includes:
Four unique 250 question practice exams to help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam.
More than 1,000 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam
A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
Coverage of all of the exam topics in the book means you'll be ready for:
Security and Risk Management
Asset Security
Security Engineering
Communication and Network Security
Identity and Access Management
Security Assessment and Testing
Security Operations
Software Development Security
 
Table of ContentsIntroduction xxxiii
Assessment Test xlii
Chapter 1 Security Governance Through Principles and Policies 1
Understand and Apply Concepts of Confidentiality, Integrity, and Availability 3
Confidentiality 4
Integrity 5
Availability 6
Other Security Concepts 8
Protection Mechanisms 12
Layering 12
Abstraction 12
Data Hiding 13
Encryption 13
Apply Security Governance Principles 13
Alignment of Security Function to Strategy, Goals, Mission, and Objectives 14
Organizational Processes 16
Security Roles and Responsibilities 22
Control Frameworks 23
Due Care and Due Diligence 24
Develop and Implement Documented Security Policy, Standards, Procedures, and Guidelines 25
Security Policies 25
Security Standards, Baselines, and Guidelines 26
Security Procedures 27
Understand and Apply Threat Modeling 28
Identifying Threats 30
Determining and Diagramming Potential Attacks 32
Performing Reduction Analysis 33
Prioritization and Response 34
Integrate Security Risk Considerations into Acquisition Strategy and Practice 35
Summary 36
Exam Essentials 38
Written Lab 41
Review Questions 42
Chapter 2 Personnel Security and Risk Management Concepts 47
Contribute to Personnel Security Policies 49
Employment Candidate Screening 52
Employment Agreements and Policies 53
Employment Termination Processes 54
Vendor, Consultant, and Contractor Controls 56
Compliance 57
Privacy 57
Security Governance 59
Understand and Apply Risk Management Concepts 60
Risk Terminology 61
Identify Threats and Vulnerabilities 63
Risk Assessment/Analysis 64
Risk Assignment/Acceptance 72
Countermeasure Selection and Assessment 73
Implementation 74
Types of Controls 75
Monitoring and Measurement 76
Asset Valuation 77
Continuous Improvement 78
Risk Frameworks 78
Establish and Manage Information Security Education, Training, and Awareness 81
Manage the Security Function 82
Summary 83
Exam Essentials 84
Written Lab 88
Review Questions 89
Chapter 3 Business Continuity Planning 93
Planning for Business Continuity 94
Project Scope and Planning 95
Business Organization Analysis 96
BCP Team Selection 96
Resource Requirements 98
Legal and Regulatory Requirements 100
Business Impact Assessment 101
Identify Priorities 101
Risk Identification 102
Likelihood Assessment 104
Impact Assessment 104
Resource Prioritization 106
Continuity Planning 107
Strategy Development 107
Provisions and Processes 108
Plan Approval 109
Plan Implementation 110
Training and Education 110
BCP Documentation 110
Continuity Planning Goals 111
Statement of Importance 111
Statement of Priorities 111
Statement of Organizational Responsibility 111
Statement of Urgency and Timing 112
Risk Assessment 112
Risk Acceptance/Mitigation 112
Vital Records Program 113
Emergency-Response Guidelines 113
Maintenance 114
Testing and Exercises 114
Summary 114
Exam Essentials 115
Written Lab 117
Review Questions 118
Chapter 4 Laws, Regulations, and Compliance 123
Categories of Laws 124
Criminal Law 124
Civil Law 126
Administrative Law 126
Laws 127
Computer Crime 127
Intellectual Property 132
Licensing 138
Import/Export 139
Privacy 139
Compliance 146
Contracting and Procurement 147
Summary 148
Exam Essentials 149
Written Lab 151
Review Questions 152
Chapter 5 Protecting Security of Assets 157
Classifying and Labeling Assets 158
Defining Sensitive Data 158
Defining Classifications 160
Defining Data Security Requirements 163
Understanding Data States 164
Managing Sensitive Data 165
Protecting Confidentiality with Cryptography 172
Identifying Data Roles 174
Data Owners 174
System Owners 175
Business/Mission Owners 176
Data Processors 176
Administrators 177
Custodians 178
Users 178
Protecting Privacy 178
Using Security Baselines 179
Scoping and Tailoring 180
Selecting Standards 180
Summary 181
Exam Essentials 182
Written Lab 183
Review Questions 184
Chapter 6 Cryptography and Symmetric Key Algorithms 189
Historical Milestones in Cryptography 190
Caesar Cipher 190
American Civil War 191
Ultra vs. Enigma 192
Cryptographic Basics 192
Goals of Cryptography 192
Cryptography Concepts 194
Cryptographic Mathematics 196
Ciphers 201
Modern Cryptography 208
Cryptographic Keys 208
Symmetric Key Algorithms 209
Asymmetric Key Algorithms 210
Hashing Algorithms 213
Symmetric Cryptography 214
Data Encryption Standard 214
Triple DES 216
International Data Encryption Algorithm 217
Blowfish 217
Skipjack 217
Advanced Encryption Standard 218
Symmetric Key Management 219
Cryptographic Life Cycle 222
Summary 222
Exam Essentials 223
Written Lab 225
Review Questions 226
Chapter 7 PKI and Cryptographic Applications 231
Asymmetric Cryptography 232
Public and Private Keys 232
RSA 233
El Gamal 235
Elliptic Curve 235
Hash Functions 236
SHA 237
MD2 238
MD4 238
MD5 239
Digital Signatures 240
HMAC 241
Digital Signature Standard 242
Public Key Infrastructure 242
Certificates 243
Certificate Authorities 243
Certificate Generation and Destruction 245
Asymmetric Key Management 246
Applied Cryptography 247
Portable Devices 247
Email 248
Web Applications 249
Digital Rights Management 252
Networking 255
Cryptographic Attacks 258
Summary 261
Exam Essentials 261
Written Lab 264
Review Questions 265
Chapter 8 Principles of Security Models, Design, and Capabilities 269
Implement and Manage Engineering Processes Using Secure Design Principles 270
Objects and Subjects 271
Closed and Open Systems 271
Techniques for Ensuring Confidentiality, Integrity, and Availability 272
Controls 274
Trust and Assurance 274
Understand the Fundamental Concepts of Security Models 275
Trusted Computing Base 276
State Machine Model 278
Information Flow Model 279
Noninterference Model 279
Take-Grant Model 280
Access Control Matrix 280
Bell-LaPadula Model 282
Biba Model 284
Clark-Wilson Model 286
Brewer and Nash Model (aka Chinese Wall) 287
Goguen-Meseguer Model 288
Sutherland Model 288
Graham-Denning Model 288
Select Controls and Countermeasures Based on Systems Security Evaluation Models 289
Rainbow Series 290
ITSEC Classes and Required Assurance and Functionality 295
Common Criteria 296
Industry and International Security Implementation Guidelines 299
Certification and Accreditation 300
Understand Security Capabilities of Information Systems 303
Memory Protection 303
Virtualization 303
Trusted Platform Module 303
Interfaces 304
Fault Tolerance 304
Summary 305
Exam Essentials 305
Written Lab 307
Review Questions 308
Chapter 9 Security Vulnerabilities, Threats, and Countermeasures 313
Assess and Mitigate Security Vulnerabilities 314
Hardware 315
Input/Output Structures 335
Firmware 336
Client-Based 337
Applets 337
Local Caches 339
Server Based 341
Database Security 341
Aggregation 341
Inference 342
Data Mining and Data Warehousing 342
Data Analytics 343
Large-Scale Parallel Data Systems 344
Distributed Systems 344
Cloud Computing 346
Grid Computing 347
Peer to Peer 348
Industrial Control Systems 348
Assess and Mitigate Vulnerabilities in Web-Based Systems 349
Assess and Mitigate Vulnerabilities in Mobile Systems 350
Device Security 352
Application Security 355
BYOD Concerns 357
Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems 360
Examples of Embedded and Static Systems 360
Methods of Securing 362
Essential Security Protection Mechanisms 364
Technical Mechanisms 364
Security Policy and Computer Architecture 367
Policy Mechanisms 367
Common Architecture Flaws and Security Issues 369
Covert Channels 369
Attacks Based on Design or Coding Flaws and Security Issues 370
Programming 373
Timing, State Changes, and Communication Disconnects 373
Technology and Process Integration 374
Electromagnetic Radiation 374
Summary 375
Exam Essentials 376
Written Lab 379
Review Questions 380
Chapter 10 Physical Security Requirements 385
Apply Secure Principles to Site and Facility Design 386
Secure Facility Plan 387
Site Selection 387
Visibility 388
Natural Disasters 388
Facility Design 388
Design and Implement Physical Security 389
Equipment Failure 390
Wiring Closets 391
Server Rooms 393
Media Storage Facilities 394
Evidence Storage 395
Restricted and Work Area Security (e.g., Operations Centers) 395
Datacenter Security 396
Utilities and HVAC Considerations 399
Water Issues (e.g., Leakage, Flooding) 402
Fire Prevention, Detection, and Suppression 402
Implement and Manage Physical Security 407
Perimeter (e.g., Access Control and Monitoring) 407
Internal Security (e.g., Escort Requirements/Visitor Control, Keys, and Locks) 409
Summary 415
Exam Essentials 416
Written Lab 420
Review Questions 421
Chapter 11 Secure Network Architecture and Securing Network Components 425
OSI Model 426
History of the OSI Model 427
OSI Functionality 427
Encapsulation/Deencapsulation 428
OSI Layers 429
TCP/IP Model 437
TCP/IP Protocol Suite Overview 438
Converged Protocols 452
Content Distribution Networks 453
Wireless Networks 454
Securing Wireless Access Points 454
Securing the SSID 456
Conducting a Site Survey 457
Using Secure Encryption Protocols 458
Determining Antenna Placement 461
Antenna Types 461
Adjusting Power Level Controls 461
Using Captive Portals 462
General Wi-Fi Security Procedure 462
Secure Network Components 463
Network Access Control 464
Firewalls 465
Endpoint Security 469
Other Network Devices 469
Cabling, Wireless, Topology, and Communications Technology 473
Network Cabling 473
Network Topologies 477
Wireless Communications and Security 480
LAN Technologies 485
Summary 490
Exam Essentials 490
Written Lab 494
Review Questions 495
Chapter 12 Secure Communications and Network Attacks 499
Network and Protocol Security Mechanisms 500
Secure Communications Protocols 501
Authentication Protocols 502
Secure Voice Communications 503
Voice over Internet Protocol (VoIP) 503
Social Engineering 504
Fraud and Abuse 505
Multimedia Collaboration 507
Remote Meeting 508
Instant Messaging 508
Manage Email Security 508
Email Security Goals 509
Understand Email Security Issues 510
Email Security Solutions 511
Remote Access Security Management 513
Plan Remote Access Security 515
Dial-Up Protocols 516
Centralized Remote Authentication Services 517
Virtual Private Network 517
Tunneling 518
How VPNs Work 519
Common VPN Protocols 520
Virtual LAN 522
Virtualization 523
Virtual Software 523
Virtual Networking 524
Network Address Translation 525
Private IP Addresses 526
Stateful NAT 527
Static and Dynamic NAT 528
Automatic Private IP Addressing 528
Switching Technologies 530
Circuit Switching 530
Packet Switching 531
Virtual Circuits 532
WAN Technologies 532
WAN Connection Technologies 534
Dial-Up Encapsulation Protocols 536
Miscellaneous Security Control Characteristics 537
Transparency 537
Verify Integrity 537
Transmission Mechanisms 538
Security Boundaries 539
Prevent or Mitigate Network Attacks 539
DoS and DDoS 540
Eavesdropping 541
Impersonation/Masquerading 542
Replay Attacks 542
Modification Attacks 542
Address Resolution Protocol Spoofing 542
DNS Poisoning, Spoofing, and Hijacking 543
Hyperlink Spoofing 544
Summary 545
Exam Essentials 546
Written Lab 549
Review Questions 550
Chapter 13 Managing Identity and Authentication 555
Controlling Access to Assets 556
Comparing Subjects and Objects 557
Types of Access Control 557
The CIA Triad 560
Comparing Identification and Authentication 560
Registration and Proofing of Identity 561
Authorization and Accountability 561
Authentication Factors 563
Passwords 564
Smartcards and Tokens 566
Biometrics 568
Multifactor Authentication 572
Device Authentication 572
Implementing Identity Management 573
Single Sign-On 573
Credential Management Systems 578
Integrating Identity Services 579
Managing Sessions 579
AAA Protocols 580
Managing the Identity and Access Provisioning Life Cycle 582
Provisioning 582
Account Review 583
Account Revocation 584
Summary 585
Exam Essentials 586
Written Lab 588
Review Questions 589
Chapter 14 Controlling and Monitoring Access 593
Comparing Access Control Models 594
Comparing Permissions, Rights, and Privileges 594
Understanding Authorization Mechanisms 595
Defining Requirements with a Security Policy 596
Implementing Defense in Depth 597
Discretionary Access Controls 598
Nondiscretionary Access Controls 598
Understanding Access Control Attacks 604
Risk Elements 605
Identifying Assets 605
Identifying Threats 607
Identifying Vulnerabilities 609
Common Access Control Attacks 610
Summary of Protection Methods 619
Summary 621
Exam Essentials 622
Written Lab 624
Review Questions 625
Chapter 15 Security Assessment and Testing 629
Building a Security Assessment and Testing Program 630
Security Testing 630
Security Assessments 631
Security Audits 632
Performing Vulnerability Assessments 634
Vulnerability Scans 634
Penetration Testing 642
Testing Your Software 643
Code Review and Testing 644
Interface Testing 646
Misuse Case Testing 648
Test Coverage Analysis 648
Implementing Security Management Processes 649
Log Reviews 649
Account Management 649
Backup Verification 650
Key Performance and Risk Indicators 650
Summary 650
Exam Essentials 651
Written Lab 653
Review Questions 654
Chapter 16 Managing Security Operations 659
Applying Security Operations Concepts 661
Need to Know and Least Privilege 661
Separation of Duties and Responsibilities 663
Job Rotation 666
Mandatory Vacations 666
Monitor Special Privileges 667
Managing the Information Life Cycle 668
Service Level Agreements 669
Addressing Personnel Safety 670
Provisioning and Managing Resources 670
Managing Hardware and Software Assets 671
Protecting Physical Assets 672
Managing Virtual Assets 672
Managing Cloud-based Assets 673
Media Management 675
Managing Configuration 678
Baselining 678
Using Images for Baselining 678
Managing Change 680
Security Impact Analysis 682
Versioning 683
Configuration Documentation 683
Managing Patches and Reducing Vulnerabilities 684
Patch Management 684
Vulnerability Management 685
Common Vulnerabilities and Exposures 688
Summary 688
Exam Essentials 689
Written Lab 691
Review Questions 692
Chapter 17 Preventing and Responding to Incidents 697
Managing Incident Response 698
Defining an Incident 698
Incident Response Steps 699
Implementing Preventive Measures 704
Basic Preventive Measures 705
Understanding Attacks 705
Intrusion Detection and Prevention Systems 715
Specific Preventive Measures 721
Logging, Monitoring, and Auditing 731
Logging and Monitoring 731
Egress Monitoring 740
Auditing to Assess Effectiveness 742
Security Audits and Reviews 745
Reporting Audit Results 746
Summary 748
Exam Essentials 750
Written Lab 754
Review Questions 755
Chapter 18 Disaster Recovery Planning 759
The Nature of Disaster 760
Natural Disasters 761
Man-made Disasters 765
Understand System Resilience and Fault Tolerance 770
Protecting Hard Drives 771
Protecting Servers 772
Protecting Power Sources 773
Trusted Recovery 773
Quality of Service 775
Recovery Strategy 775
Business Unit and Functional Priorities 776
Crisis Management 777
Emergency Communications 777
Workgroup Recovery 778
Alternate Processing Sites 778
Mutual Assistance Agreements 782
Database Recovery 783
Recovery Plan Development 784
Emergency Response 785
Personnel and Communications 786
Assessment 787
Backups and Offsite Storage 787
Software Escrow Arrangements 790
External Communications 791
Utilities 791
Logistics and Supplies 791
Recovery vs. Restoration 791
Training, Awareness, and Documentation 792
Testing and Maintenance 793
Read-Through Test 793
Structured Walk-Through 794
Simulation Test 794
Parallel Test 794
Full-Interruption Test 794
Maintenance 794
Summary 795
Exam Essentials 795
Written Lab 797
Review Questions 798
Chapter 19 Incidents and Ethics 803
Investigations 804
Investigation Types 804
Evidence 806
Investigation Process 810
Major Categories of Computer Crime 812
Military and Intelligence Attacks 813
Business Attacks 814
Financial Attacks 814
Terrorist Attacks 815
Grudge Attacks 815
Thrill Attacks 817
Incident Handling 817
Common Types of Incidents 818
Response Teams 820
Incident Response Process 821
Interviewing Individuals 824
Incident Data Integrity and Retention 825
Reporting and Documenting Incidents 825
Ethics 826
(ISC)2 Code of Ethics 827
Ethics and the Internet 828
Summary 829
Exam Essentials 830
Written Lab 832
Review Questions 833
Chapter 20 Software Development Security 837
Introducing Systems Development Controls 838
Software Development 838
Systems Development Life Cycle 844
Life Cycle Models 847
Gantt Charts and PERT 853
Change and Configuration Management 853
The DevOps Approach 855
Application Programming Interfaces 856
Software Testing 857
Code Repositories 858
Service-Level Agreements 859
Software Acquisition 860
Establishing Databases and Data Warehousing 860
Database Management System Architecture 861
Database Transactions 864
Security for Multilevel Databases 866
ODBC 868
Storing Data and Information 869
Types of Storage 869
Storage Threats 870
Understanding Knowledge-based Systems 870
Expert Systems 870
Neural Networks 872
Decision Support Systems 872
Security Applications 873
Summary 873
Exam Essentials 874
Written Lab 875
Review Questions 876
Chapter 21 Malicious Code and Application Attacks 881
Malicious Code 882
Sources of Malicious Code 882
Viruses 883
Logic Bombs 889
Trojan Horses 889
Worms 890
Spyware and Adware 893
Countermeasures 893
Password Attacks 895
Password Guessing 895
Dictionary Attacks 896
Social Engineering 897
Countermeasures 898
Application Attacks 899
Buffer Overflows 899
Time of Check to Time of Use 900
Back Doors 900
Escalation of Privilege and Rootkits 900
Web Application Security 901
Cross-Site Scripting (XSS) 901
SQL Injection 902
Reconnaissance Attacks 905
IP Probes 905
Port Scans 906
Vulnerability Scans 906
Dumpster Diving 906
Masquerading Attacks 907
IP Spoofing 907
Session Hijacking 908
Summary 908
Exam Essentials 909
Written Lab 910
Review Questions 911
Appendix A Answers to Review Questions 915
Chapter 1: Security Governance Through Principles and Policies 916
Chapter 2: Personnel Security and Risk Management Concepts 917
Chapter 3: Business Continuity Planning 918
Chapter 4: Laws, Regulations, and Compliance 920
Chapter 5: Protecting Security of Assets 922
Chapter 6: Cryptography and Symmetric Key Algorithms 924
Chapter 7: PKI and Cryptographic Applications 926
Chapter 8: Principles of Security Models, Design, and Capabilities 927
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures 929
Chapter 10: Physical Security Requirements 931
Chapter 11: Secure Network Architecture and Securing Network Components 932
Chapter 12: Secure Communications and Network Attacks 933
Chapter 13: Managing Identity and Authentication 935
Chapter 14: Controlling and Monitoring Access 937
Chapter 15: Security Assessment and Testing 939
Chapter 16: Managing Security Operations 940
Chapter 17: Preventing and Responding to Incidents 943
Chapter 18: Disaster Recovery Planning 946
Chapter 19: Incidents and Ethics 948
Chapter 20: Software Development Security 949
Chapter 21: Malicious Code and Application Attacks 950
Appendix B Answers to Written Labs 953
Chapter 1: Security Governance Through Principles and Policies 954
Chapter 2: Personnel Security and Risk Management Concepts 954
Chapter 3: Business Continuity Planning 955
Chapter 4: Laws, Regulations, and Compliance 956
Chapter 5: Protecting Security of Assets 956
Chapter 6: Cryptography and Symmetric Key Algorithms 957
Chapter 7: PKI and Cryptographic Applications 958
Chapter 8: Principles of Security Models, Design, and Capabilities 958
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures 959
Chapter 10: Physical Security Requirements 959
Chapter 11: Secure Network Architecture and Securing Network Components 960
Chapter 12: Secure Communications and Network Attacks 960
Chapter 13: Managing Identity and Authentication 961
Chapter 14: Controlling and Monitoring Access 962
Chapter 15: Security Assessment and Testing 962
Chapter 16: Managing Security Operations 963
Chapter 17: Preventing and Responding to Incidents 963
Chapter 18: Disaster Recovery Planning 964
Chapter 19: Incidents and Ethics 965
Chapter 20: Software Development Security 965
Chapter 21: Malicious Code and Application Attacks 966
Appendix C About the Additional Study Tools 967
Additional Study Tools 968
Sybex Test Engine 968
Electronic Flashcards 968
PDF of Glossary of Terms 968
Adobe Reader 968
System Requirements 969
Using the Study Tools 969
Troubleshooting 969
Customer Care 970
Index 971
depositfiles.com
turbobit.net