CISSP Guide to Security Essentials by Peter Gregory

By Peter Gregory

CISSP advisor TO protection necessities, moment variation, presents entire, concentrated assurance to arrange scholars and pros alike for fulfillment at the qualified info platforms protection expert (CISSP) certification examination. The textual content opens with an outline of the present country of data safeguard, together with appropriate laws and criteria, sooner than continuing to discover all ten CISSP domain names in nice element, from safety structure and layout to entry keep an eye on and cryptography. every one bankruptcy opens with a quick evaluate of proper idea and ideas, through a powerful specialise in real-world functions and studying instruments designed for powerful examination coaching, together with keyword phrases, bankruptcy summaries, learn questions, hands-on routines, and case initiatives. built by way of the writer of greater than 30 books on info securitythe moment variation of this relied on textual content has been up-to-date to mirror very important new advancements in know-how and practices, supplying a correct advisor to the whole CISSP universal physique of data.

Show description

Read Online or Download CISSP Guide to Security Essentials PDF

Similar network security books

The international handbook of computer security

This publication is a one-stop source to assist executives and desktop pros safeguard their structures and knowledge from a myriad of inner and exterior threats. Addressing quite a lot of protection concerns, it presents useful information on issues akin to: actual safeguard methods * facts upkeep and security * and software program safety * team of workers administration and safety * community protection * contingency making plans * criminal and auditing making plans and keep an eye on, and extra.

Security Log Management : Identifying Patterns in the Chaos

This e-book teaches IT pros how you can learn, deal with, and automate their defense log records to generate important, repeatable details that may be use to make their networks extra effective and safe utilizing basically open resource instruments. The e-book starts off via discussing the "Top 10" protection logs that each IT expert could be usually reading.

LTE Security

A concise, up to date consultant to the 3GPP LTE safety Standardization requirements A welcome Revised variation of the profitable LTE protection addressing the safety structure for SAE/LTE, that is in keeping with parts of the protection architectures for GSM and 3G, yet which wanted an immense redecorate end result of the considerably elevated complexity, and various architectural and enterprise standards of fourth iteration structures.

Fast Software Encryption: 22nd International Workshop, FSE 2015, Istanbul, Turkey, March 8-11, 2015, Revised Selected Papers

This e-book constitutes the completely refereed post-conference court cases of the twenty second overseas Workshop on quick software program Encryption, held in Istanbul, Turkey, March 8-11, 2015. The 28 revised complete papers provided have been rigorously reviewed and chosen from seventy one preliminary submissions. The papers are geared up in topical sections on block cipher cryptanalysis; figuring out assaults; implementation concerns; extra block cipher cryptanalysis; cryptanalysis of authenticated encryption schemes; proofs; layout; light-weight; cryptanalysis of hash services and flow ciphers; and mass surveillance.

Extra info for CISSP Guide to Security Essentials

Sample text

Full name, aliases, date of birth, country of citizenship, social/insurance number), together with a written consent for the employer to obtain background information. The consent form may also contain a clause that states that the employer may refuse employment, terminate employment, and even turn the candidate over to law enforcement authorities if the candidate provides false or misleading information or is found to have an undesirable background. The employer may also use information obtained from the employment application form to confirm certain aspects of a candidate’s background.

This is the yearly estimate of loss of an asset, calculated as follows: ALE = ARO × SLE Let’s look at an example: an organization asset, an executive’s laptop computer, that is worth $4,000. The asset value is $4,000. Now we will calculate the exposure factor (EF), which is the proportion of the laptop’s value that is lost through a particular threat. The threat of theft will, of course, result in the entire laptop’s value to be lost. For theft, EF = 100%. For sake of example, let’s add another threat, that of damage, if the executive drops the laptop and breaks the screen.

1. This is an oversimplified example, but sometimes qualitative risk analysis won’t be much more complicated than this—although a real risk analysis should list many more threats and countermeasures. Threat Impact Probability Countermeasure Probability Flooding H L Water alarms L Theft H L Key card, video surveillance, guards L Earthquake damage M M Lateral rack bracing; attach all assets to racks L Logical intrusion H M Network-based intrusion detection system; host-based intrusion detection system L Table 1-1 Risk assessment chart Quantitative Risk Assessment A quantitative risk assessment can be thought of as an extension of a qualitative risk assessment.

Download PDF sample

Rated 4.89 of 5 – based on 14 votes