|
" The official (ISC)² CISSP CBK reference / "
John Warsinkse ; with Mark Graff, Kevin Henry, Christopher Hoover, Ben Malisow, Sean Murphy, C. Paul Oakes, George Pajari, Jeff T. Parker, David Seidl, Mike Vasquez.
| Document Type
|
:
|
BL
|
| Record Number
|
:
|
840339
|
| Main Entry
|
:
|
Warsinske, John
|
| Title & Author
|
:
|
The official (ISC)² CISSP CBK reference /\ John Warsinkse ; with Mark Graff, Kevin Henry, Christopher Hoover, Ben Malisow, Sean Murphy, C. Paul Oakes, George Pajari, Jeff T. Parker, David Seidl, Mike Vasquez.
|
| Edition Statement
|
:
|
Fifth edition.
|
| Publication Statement
|
:
|
Hoboken, NJ :: Sybex,, 2019.
|
| Page. NO
|
:
|
1 online resource
|
| ISBN
|
:
|
1119423309
|
|
|
:
|
: 1119423317
|
|
|
:
|
: 1119423325
|
|
|
:
|
: 9781119423300
|
|
|
:
|
: 9781119423317
|
|
|
:
|
: 9781119423324
|
|
|
:
|
9781119423348
|
| Contents
|
:
|
Intro; CISSP The Official (ISC)2® CISSP® CBK® Reference; Lead Author and Lead Technical Reviewer; Contributing Authors; Technical Reviewers; Contents at a Glance; Contents; Foreword; Introduction; Security and Risk Management; Asset Security; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management (IAM); Security Assessment and Testing; Security Operations; Software Development Security; Domain 1: Security and Risk Management; Understand and Apply Concepts of Confidentiality, Integrity, and Availability; Information Security
|
|
|
:
|
Data DocumentationData Organization; Identify and Classify Information and Assets; Asset Classification; Determine and Maintain Information and Asset Ownership; Asset Management Lifecycle; Software Asset Management; Protect Privacy; Cross-Border Privacy and Data Flow Protection; Data Owners; Data Controllers; Data Processors; Data Stewards; Data Custodians; Data Remanence; Data Sovereignty; Data Localization or Residency; Government and Law Enforcement Access to Data; Collection Limitation; Understanding Data States; Data Issues with Emerging Technologies; Ensure Appropriate Asset Retention
|
|
|
:
|
Develop, Document, and Implement Security Policy, Standards, Procedures, and GuidelinesOrganizational Documents; Policy Development; Policy Review Process; Identify, Analyze, and Prioritize Business Continuity Requirements; Develop and Document Scope and Plan; Risk Assessment; Business Impact Analysis; Develop the Business Continuity Plan; Contribute to and Enforce Personnel Security Policies and Procedures; Key Control Principles; Candidate Screening and Hiring; Onboarding and Termination Processes; Vendor, Consultant, and Contractor Agreements and Controls; Privacy in the Workplace
|
|
|
:
|
Evaluate and Apply Security Governance PrinciplesAlignment of Security Functions to Business Strategy, Goals, Mission, and Objectives; Vision, Mission, and Strategy; Governance; Due Care; Determine Compliance Requirements; Legal Compliance; Jurisdiction; Legal Tradition; Legal Compliance Expectations; Understand Legal and Regulatory Issues That Pertain to Information Security in a Global Context; Cyber Crimes and Data Breaches; Privacy; Understand, Adhere to, and Promote Professional Ethics; Ethical Decision-Making; Established Standards of Ethical Conduct; (ISC)² Ethical Practices
|
|
|
:
|
Understand and Apply Risk Management ConceptsRisk; Risk Management Frameworks; Risk Assessment Methodologies; Understand and Apply Threat Modeling Concepts and Methodologies; Threat Modeling Concepts; Threat Modeling Methodologies; Apply Risk-Based Management Concepts to the Supply Chain; Supply Chain Risks; Supply Chain Risk Management; Establish and Maintain a Security Awareness, Education, and Training Program; Security Awareness Overview; Developing an Awareness Program; Training; Summary; Domain 2: Asset Security; Asset Security Concepts; Data Policy; Data Governance; Data Quality
|
| Subject
|
:
|
Administrative agencies-- Information resources management-- Security measures-- United States-- Examinations, Study guides.
|
| Subject
|
:
|
Computer networks-- Security measures-- Examinations, Study guides.
|
| Subject
|
:
|
Computers-- Access control-- Examinations, Study guides.
|
| Subject
|
:
|
Telecommunications engineers-- Certification-- United States.
|
| Subject
|
:
|
BUSINESS ECONOMICS-- Industrial Management.
|
| Subject
|
:
|
BUSINESS ECONOMICS-- Management Science.
|
| Subject
|
:
|
BUSINESS ECONOMICS-- Management.
|
| Subject
|
:
|
BUSINESS ECONOMICS-- Organizational Behavior.
|
| Subject
|
:
|
Computer networks-- Security measures-- Examinations.
|
| Subject
|
:
|
Telecommunications engineers-- Certification.
|
| Subject
|
:
|
United States.
|
| Dewey Classification
|
:
|
658.4/78076
|
| LC Classification
|
:
|
TK5105.59
|
| Added Entry
|
:
|
Graff, Mark
|
|
|
:
|
Henry, Kevin
|
|
|
:
|
Hoover, Christopher
|
|
|
:
|
Malisow, Ben
|
|
|
:
|
Murphy, Sean
|
|
|
:
|
Oakes, Charles
|
|
|
:
|
Pajari, George
|
|
|
:
|
Parker, Jeff T.
|
|
|
:
|
Seidl, David
|
|
|
:
|
Vasquez, Mike
|
| Parallel Title
|
:
|
Official ISC2 CISSP CBK reference
|
| |