Book Image

CISSP in 21 Days

By : M. L. Srinivasan
Book Image

CISSP in 21 Days

By: M. L. Srinivasan

Overview of this book

<p>Certified Information Systems Security Professional (CISSP) is an internationally recognized security qualification. Success in this respected exam opens the door to your dream job as a security expert as well as an eye catching salary. But passing the final exam is challenging. Every year a lot of candidates do not prepare sufficiently for the examination, and fail at the final stage. This happens when they cover everything but do not revise properly and hence lack in confidence.<br /><br />This book will take you through the final weeks before the exam with a day-by-day plan covering all of the exam topics. It will help you to enter the exam room with confidence, knowing that you have done all you can to prepare for the big day.<br /><br />This small and concise CISSP exam quick-revision guide provides a disciplined approach to be adopted for reviewing and revising the core concepts a month before the exam. This book provides concise explanation of important concepts in all the 10 domains of the CISSP Common Body of Knowledge (CBK). Each domain is covered in two chapters that are represented as days. Each chapter contains some practice questions.&nbsp; A full-blown mock test is included for practice. This book is not a replacement to full study guides and tries to build on and reemphasize the concepts learned from such guides.</p>

Related Content you might be interested in

Current Title:

Small book image
CISSP in 21 Days
M. L. Srinivasan
Dec, 2008 | 320 pages
No titles found
Table of Contents (28 chapters)
CISSP in 21 Days
CISSP in 21 Days
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
Preface
Preface
Free Chapter
1
Introduction to CISSP
Introduction to CISSP
Eligibility requirements for the CISSP exam and certification
The (ISC)² CBK security domains
Approach
Summary
2
Day1: Information Security and Risk Management
Day1: Information Security and Risk Management
Knowledge requirements
The approach
Security management practices
Control environment
Standards and guidelines
Security posture
Asset classification and control
Summary
Practice questions
3
Day 2: Information Security and Risk Management
Day 2: Information Security and Risk Management
Security awareness and training
Risk assessment and management
Summary
Practice questions
4
Day 3: Physical (Environmental) Security
Day 3: Physical (Environmental) Security
Knowledge requirements
The approach
Threats, vulnerabilities, and countermeasures for physical security
Physical security design
Perimeter security
Interior security
Summary
Practice questions
5
Day 4: Physical (Environmental) Security
Day 4: Physical (Environmental) Security
Operations/Facility security
Protecting and securing equipments
Summary
Practice questions
6
Day 5: Access Control
Day 5: Access Control
Knowledge requirements
The approach
Access control concepts, methodologies, and techniques
Access control and authentication
Access control attacks and countermeasures
Summary
Practice questions
7
Day 6: Access Control
Day 6: Access Control
Vulnerability assessment
Penetration testing
Common myths about vulnerability assessment and penetration testing
CVE and CVSS
Summary
Practice questions
8
Day 7: Cryptography
Day 7: Cryptography
Key areas of knowledge
The approach
Methods of encryption
Types of encryption
Key length and security
Summary of encryption types
Application and use of cryptography
Summary
Practice questions
9
Day 8: Cryptography
Day 8: Cryptography
Public key infrastructure
Methods of cryptanalytic attacks
Cryptographic standards
Summary
Practice questions
10
Day 9: Operations Security
Day 9: Operations Security
Knowledge requirements
The approach
Operations procedure and responsibilities
Incident management and reporting
Summary
Practice questions
11
Day 10: Operations Security
Day 10: Operations Security
Administrative management and control
Other controls
System evaluation standards
Summary
Practice questions
12
Day 11: Application Security
Day 11: Application Security
Knowledge requirements
The approach
Systems engineering
Software Development Life Cycle
Summary
Practice questions
13
Day 12: Application Security
Day 12: Application Security
Introduction to Information Technology systems
Threats and vulnerabilities to application systems
Web application security
Application controls
Summary
Practice questions
14
Day 13: Telecommunications and Network Security
Day 13: Telecommunications and Network Security
Knowledge requirements
The approach
Network architecture, protocols, and technologies
Summary
Practice questions
15
Day 14: Telecommunications and Network Security
Day 14: Telecommunications and Network Security
Transport layer
Network or Internet layer
Link layer
Summary
Practice questions
16
Day 15: Security Architecture and Design
Day 15: Security Architecture and Design
Knowledge requirements
The approach
Computer architecture
Summary
Practice questions
17
Day 16: Security Architecture and Design
Day 16: Security Architecture and Design
Assurance
Certification and accreditation
Information security models
Summary
Practice questions
18
Day 17: Business Continuity and Disaster Recovery Planning
Day 17: Business Continuity and Disaster Recovery Planning
Knowledge requirements
The approach
Business Continuity Planning (BCP)
Summary
Practice questions
19
Day 18: Business Continuity and Disaster Recovery Planning
Day 18: Business Continuity and Disaster Recovery Planning
Disaster Recovery Planning (DRP)
Summary
Practice questions
20
Day 19: Legal, Regulations, Compliance, and Investigations
Day 19: Legal, Regulations, Compliance, and Investigations
Knowledge requirements
The approach
Computer crimes
Cyber crime
Computer crime related incidents
Summary
Practice questions
21
Day 20: Legal, Regulations, Compliance, and Investigations
Day 20: Legal, Regulations, Compliance, and Investigations
Legal and regulatory frameworks
Computer investigations
Ethical usage of information systems
Summary
Practice questions
22
Day 21: Mock Test Paper
Day 21: Mock Test Paper
Questions
Answers
23
References
References

About the Author

M.L.Srinivasan is presently the founder and CEO of ChennaiNet, an India-based technology company focused on Information Technology and Information Security related product development, services, and training. He's a Certified Information System Security Professional (CISSP) and Certified Information Security Management System Lead Auditor.

Popularly known as MLS, the author is an Information Technology and Information Security professional, with roughly 18 years of experience in various domains of IT such as Software Programming, Hardware Troubleshooting, Networking Technologies, Systems Administration, Security Administration, Information Security-related consulting, auditing, and training. MLS has been an avid trainer throughout his career and has developed many short-term and long-term training programs. One such program is "Certified Vulnerability Assessor" (cVa), which is accredited by a leading ISO certifying agency. He's a prolific speaker and has presented many papers on the Network Security domain at many international conventions and conferences.

He is a specialist IT and IS auditor with Det Norske Veritas (DNV), India region. He has performed many quality and information security audits in hundreds of medium and large organizations over the past 10 years.

He was a Technical Director with Secure Matrix, an India-based company that provides information security consulting and audits. During his tenure in the last four years, he led a team of consultants to implement many ISO 27001-certification projects across India, the Middle East, and Africa.

I would like to thank my family for all the support and, in particular, my wife who patiently proof read all the chapters.

My special thanks and gratitude goes to Mr. Jagan Rao for his critical feedback on the content.

I would like to thank the (ISC)2 and the CISSP community for their relentless effort in spreading the information security knowledge across the world.

Last, but not the least, I would like to thank the entire team at Packt for their enthusiasm and support throughout the project.

Previous Section
Next Chapter