• Complain

Phil Martin - Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge

Here you can read online Phil Martin - Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2018, publisher: Independently published, genre: Politics. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover
  • Book:
    Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge
  • Author:
  • Publisher:
    Independently published
  • Genre:
  • Year:
    2018
  • Rating:
    5 / 5
  • Favourites:
    Add to favourites
  • Your mark:
    • 100
    • 1
    • 2
    • 3
    • 4
    • 5

Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

The CISSP certification is the gold standard for security professionals, but ISC s official study guide is anything but easy to read. Many books have tried to simplify this but fail to leave behind the $100 words and run-on sentences. This book takes the entire CISSP official study guide and breaks it down into easy-to-absorb chapters with simple language. Tons of examples are included to drive the points home in a way that makes it effortless to remember. This Second Edition has been updated for the 2018 CISSP Body of Knowledge, and covers all 10 domains: Security and Risk Management Asset Security Security Architecture and Engineering Communication and Network Security Identity and Access Management (IAM) Security Assessment and Testing Security Operations Software Development Security Each chapter includes test questions in the same multiple-choice format you will encounter on the actual exam, meaning you will be able to test your comprehension with over 350 questions. Want more questions? Pick up the companion book ESSENTIAL CISSP Test Questions which provides over 1,600 additional questions!. Dont have time to read? Try the audio book on audible.com!

Phil Martin: author's other books


Who wrote Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge? Find out the surname, the name of the author of the book and a list of all author's works by series.

Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make

ESSENTIAL CISSP Exam Guide Updated for the 2018 CISSP Body of Knowledge - photo 1

ESSENTIAL

CISSP

Exam Guide

Updated for the 2018

CISSP Body of Knowledge

ESSENTIAL CISSP Exam Guide Updated for the 2018 CISSP Body of Knowledge - photo 2 ESSENTIAL

CISSP

Exam Guide

Updated for the 2018

CISSP Body of Knowledge

Phil Martin

Nearsighted

Ninja

Nonce Corp is an independent entity from ISC and is not affiliated with ISC - photo 3

Nonce Corp is an independent entity from (ISC) and is not affiliated with (ISC) in any manner. This study/training guide and/or material is not sponsored by, endorsed by, or affiliated with (ISC) in any manner. This publication may be used in assisting students to prepare for the Certified Information Systems Security Professional (CISSP) exam. Neither (ISC) nor Nonce Corp warrant that use of this publication will ensure passing any exam. CISSP is a trademark or registered trademark of (ISC) . All other trademarks are trademarks of their respective owners.

An audio version of this print book is available on audible.com!


Essential CISSP Exam Guide

Copyright 2018 by Nonce Corp. Printed in the United States of America. All rights reserved. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher.

All trademarks or copyrights mentioned herein are the possession of their respective owners and Nonce Corp makes no claim of ownership by the mention of products that contain these marks.

ISBN: 9781723901515

Information has been obtained by Nonce Corp from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, Nonce Corp does not guarantee the accuracy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information.


Contents

Figures


About
About the Exam

The exam consists of 250 multiple-choice, drag and drop, and Hotspot questions that must be answered in 6 hours.

  • Multiple Choice select a single option from many
  • Drag and drop select one or more answers and drag them to a drop area; occasionally the order matters
  • Hotspot click a visual item that does or does not answer the question

There is no penalty for guessing, so be sure not to skip a question. However, you must manage your time well if you run across a question that you are not sure of, go ahead and guess but then flag it for review. When you have completed all other questions, go back to each flagged question and spend more time on it.

Of the 250 questions, only 225 will be graded 25 are used for research purposes. Therefore, you may run across questions that are completely unfamiliar or appear to be too vague to answer properly go ahead and answer them to the best of your ability, but dont worry too much about these critters they may very well be one of the 25 research questions. Each test taker is given a random sampling of questions pulled from a much larger pool of questions, so you will not be taking the exact same test as the person sitting next to you. You will need to correctly answer 70% of the questions (175 questions).

An important fact to note is that there will be no questions that are specific to a platform (Windows, Linux, etc.). While this book does contain information that is specific to a platform, that content will not be highlighted (see About This Book) in other words you will not need to remember specifics, just the concept. While most questions are direct, there will be some scenario-based questions that present a situation and then ask one or more questions about that scenario.

Once you have passed the exam, you will still need to provide proof that you possess the experience required to obtain the certification. This will include having a CISSP-certified individual sponsor you.

About This Book

This book has been kept simple on-purpose no fluff, just the facts - with a few mnemonic devices thrown in to help you remember.

Some simple rules on text formatting:

This is a term you should memorize:

Italicized and underlined text

This is a concept you should remember:

Bold text

This is to help you understand the other two above:

Normal text

Read normal text at least once, and revisit as often as you need.

After each chapter you will find approximately 5 test questions to gauge how well you have retained the information. While this helps a great deal while reading this book, you will probably want to purchase additional test questions. The companion to this book, Essential CISSP Test Questions , is a great resource for this with over 2,000 sample questions that cover all 8 domains.

Answers for all test questions can be found in the back of the book.



Section 1: Security and Risk Management Domain

The goals of security are contained within 3 security principles, commonly referred to in the industry as CIA confidentiality, integrity and availability.




Chapter 1: CIA and AAA

Confidentiality is achieved when we have a high level of assurance that information is kept from unauthorized parties . Attackers can circumvent confidentiality by social engineering attacks such as shoulder surfing, brute-force password attacks and decrypting packets. Dont worry if these concepts are unfamiliar right now, well discuss them later. Confidentiality is usually enforced by encrypting data, or by classifying and restricting that data. Examples of confidentiality are encryption at-rest, encryption in-transit and access controls. Other important confidentiality-related concepts are:

  • Sensitivity , which is a measure of harm or damage if the information were to be disclosed
  • Discretion , which is shown by a person when choosing to control disclosure of information to limit damage
  • Criticality , or how critical to a mission information is
  • Concealment , or the act of hiding or preventing disclosure
  • Secrecy , which is the act of keeping something a secret
  • Privacy , or the act of keeping information confidential that is personally identifiable or that can cause damage if disclosed
  • Seclusion , which is storing something in an out-of-the-way manner
  • Isolation , or keeping something separate from others

Integrity is achieved when information remains unaltered (and can be proven to be so) except by authorized parties . We can approach integrity from 3 views:

  • Preventing intentional unauthorized modifications
  • Preventing accidental modifications
  • Ensuring that the internal and external consistency of information remains valid

As an example, if an attacker plants a virus or logic bomb in a system, the integrity of that system has been compromised because it has been altered in an unauthorized manner. Or, an attacker may covertly tamper with data either at-rest or in-transit, meaning that the integrity of the data has not been upheld in this case hashing can often detect this type of attack. Sometimes loss of integrity can be by mistake, such as an employee accidentally entering the wrong amount to charge a customer, with the result of corrupt data. In this case, implementing the correct input validation can prevent corrupt data from happening. Other examples of Integrity might be managing change control, digital signing, and cyclic redundancy checks (or CRC).

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge»

Look at similar books to Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge»

Discussion, reviews of the book Essential CISSP Exam Guide: Updated for the 2018 CISSP Body of Knowledge and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.