CISSP

Fully updated Sybex Study Guide for the industry-leadingsecurity certification: CISSPSecurity professionals consider the Certified InformationSystems Security Professional (CISSP) to be the most desiredcertification to achieve. More than 200,000 have taken the exam,and there are more than 70,000 CISSPs worldwide. This highlyrespected guide is updated to cover changes made to the CISSP Bodyof Knowledge in 2012. It also provides additional advice on how topass each section of the exam. With expanded coverage of key areas,it also includes a full-length, 250-question practice exam.* Fully updated for the 2012 CISSP Body of Knowledge, theindustry-leading standard for IT professionals* Thoroughly covers exam topics, including access control,application development security, business continuity and disasterrecovery planning, cryptography, operations security, and physical(environmental) security* Examines information security governance and risk management,legal regulations, investigations and compliance, andtelecommunications and network security* Features expanded coverage of biometrics, auditing andaccountability, software security testing, and many more keytopicsCISSP: Certified Information Systems Security ProfessionalStudy Guide, 6th Edition prepares you with both the knowledgeand the confidence to pass the CISSP exam.

Introduction xxxvAssessment Test xlivChapter 1 Access Control 1Chapter 2 Access Control Attacks and Monitoring 47Chapter 3 Secure Network Architecture and Securing Network Components 87Chapter 4 Secure Communications and Network Attacks 151Chapter 5 Security Governance Concepts, Principles, and Policies 205Chapter 6 Risk and Personnel Management 239Chapter 7 Software Development Security 275Chapter 8 Malicious Code and Application Attacks 327Chapter 9 Cryptography and Symmetric Key Algorithms 361Chapter 10 PKI and Cryptographic Applications 403Chapter 11 Principles of Security Models, Design, and Capabilities 437Chapter 12 Security Architecture Vulnerabilities, Threats, and Countermeasures 477Chapter 13 Security Operations 531Chapter 14 Incident Management 571Chapter 15 Business Continuity Planning 617Chapter 16 Disaster Recovery Planning 643Chapter 17 Laws, Regulations, and Compliance 681Chapter 18 Incidents and Ethics 713Chapter 19 Physical Security Requirements 745Appendix A Answers to Review Questions 781Appendix B Answers to Written Labs 815Appendix C About the Additional Study Tools 829Index 833