CISSP (r): Certified Information Systems Security by Ed Tittle, James Michael Stewart, Mike Chapple, Ed Tittel

By Ed Tittle, James Michael Stewart, Mike Chapple, Ed Tittel

This moment version of Sybex's in-depth learn advisor to the major safeguard certification, CISSP, contains improved insurance of the most recent protection applied sciences plus extra illustrations for fast rationalization. Written via IT defense specialists with years of real-world protection adventure, this booklet covers all respectable examination domain names and provides hundreds and hundreds of not easy assessment questions, digital flashcards, and a searchable digital model of the whole booklet. subject assurance encompasses safety structure, entry keep an eye on structures, cryptography, operations and actual safeguard, legislation, research & ethics. in accordance with 2003 and 2002 Readers' selection Awards, Sybex is winner of ''Best examine Guides'' and CISSP is likely one of the ''10 most popular Certifications for 2004''.

Show description

Read Online or Download CISSP (r): Certified Information Systems Security Professional Study Guide, 2nd Edition PDF

Best comptia books

Privacy Protection and Computer Forensics(Artech House Computer Security Series)

This revised version of an Artech condominium bestseller is going some distance past the common laptop forensics books out there, emphasizing tips on how to guard one's privateness from information robbery and adversarial computing device forensics. the second one version has been up to date to supply extra distinctive how-to tips on keeping the confidentiality of information kept on desktops, and particular info at the vulnerabilities of time-honored ancillary computing units, comparable to PDAs, mobile phones, shrewdpermanent playing cards, GPS units, cell calling playing cards, fax machines, and photocopiers.

Security in RFID and Sensor Networks

Some time past numerous years, there was an expanding pattern within the use of Radio Frequency identity (RFID) and instant Sensor Networks (WSNs) in addition to within the integration of either platforms because of their complementary nature, versatile mix, and the call for for ubiquitous computing. As continuously, sufficient defense is still one of many open parts of shock ahead of vast deployment of RFID and WSNs should be completed.

Foundations of Security Analysis and Design II

Safety is a speedily growing to be quarter of laptop technology, with direct and extending relevance to real-life purposes, corresponding to web transactions, e-commerce, details defense, community and platforms safeguard, and so forth. Foundations for the research and layout of safety features of such functions are badly wanted with a purpose to validate and turn out their correctness.

Network Security Policies and Procedures (Advances in Information Security)

Corporation community directors are pressured this day to aggressively pursue a powerful community defense regime. This ebook goals to provide the reader a robust, multi-disciplinary realizing of ways to pursue this target. This expert quantity introduces the technical concerns surrounding protection in addition to how safety rules are formulated on the government point and communicated during the association.

Extra resources for CISSP (r): Certified Information Systems Security Professional Study Guide, 2nd Edition

Example text

First, the security policy of an organization ultimately provides the first or innermost layer of defense for your assets. Without a security policy, there is no real security that can be trusted. Security policies are one element of administrative access controls. Second, people are your last line of defense. People or personnel are the other focus of administrative access control. Only with proper training and education will your personnel be able to implement, comply with, and support the security elements defined in your security policy.

Most biometric devices have a sensitivity adjustment so they can be tuned to be more or less sensitive. When a biometric device is too sensitive, a Type 1 error occurs. A Type 1 error occurs when a valid subject is not authenticated. The ratio of Type 1 errors to valid authentications is known as the False Rejection Rate (FRR). When a biometric device is not sensitive enough, a Type 2 error occurs. A Type 2 error occurs when an invalid subject is authenticated. The ratio of Type 2 errors to valid authentications is known as the False Acceptance Rate (FAR).

Token devices can be lost or stolen. Tokens should be stored and managed intelligently because once a token system is compromised, it can be difficult and expensive to replace. Tickets Ticket authentication is a mechanism that employs a third-party entity to prove identification and provide authentication. The most common and well-known ticket system is Kerberos. Kerberos was developed under Project Athena at MIT. Its name is borrowed from Greek mythology. A three-headed dog named Kerberos guards the gates to the underworld, but in the myth, the three-headed dog faced inward, thus preventing escape rather than preventing entrance.

Download PDF sample

Rated 4.54 of 5 – based on 28 votes