CISSP Certified Information Systems Security Professional (7^th Ed.)
Official Study Guide

CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition has been completely updated for the latest 2015 CISSP Body of Knowledge. This bestselling Sybex study guide covers 100% of all exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, real-world examples, advice on passing each section of the exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

Along with the book, you also get access to Sybex's superior online interactive learning environment that includes:

• Four unique 250 question practice exams to help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam.
• More than 1,000 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam
• A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam

Coverage of all of the exam topics in the book means you'll be ready for:

• Security and Risk Management
• Asset Security
• Security Engineering
• Communication and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security

Introduction

Chapter 1 - Security Governance Through Principles and Policies

Chapter 2 - Personnel Security and Risk Management Concepts

Chapter 3 - Business Continuity Planning

Chapter 4 - Laws, Regulations, and Compliance

Chapter 6 - Cryptography and Symmetric Key Algorithms

Chapter 7 - PKI and Cryptographic Applications

Chapter 8 - Principles of Security Models, Design, and Capabilities

Chapter 9 - Security Vulnerabilities, Threats, and Countermeasures

Chapter 10 - Physical Security Requirements

Chapter 11 - Secure Network Architecture and Securing Network Components

Chapter 12 - Secure Communications and Network Attacks

Chapter 13 - Managing Identity and Authentication

Chapter 14 - Controlling and Monitoring Access

Chapter 15 - Security Assessment and Testing

Chapter 16 - Managing Security Operations

Chapter 17 - Preventing and Responding to Incidents

Chapter 18 - Disaster Recovery Planning

Chapter 19 - Incidents and Ethics

Chapter 20 - Software Development Security

Chapter 21 - Malicious Code and Application Attacks

Appendix A Answers to Review Questions

Appendix B Answers to Written Labs

Appendix C About the Additional Study Tools

Index

James Michael Stewart, CISSP, CEH, CHFI, Security+, has focused on security, certification, and various operating systems for more than 20 years. He teaches numerous job skill and certification courses.

Mike Chapple, PhD, CISSP, is Senior Director for IT Service Delivery at the University of Notre Dame. He oversees information security, data governance, IT architecture, project management, strategic planning, and product management functions.

Darril Gibson, CISSP, is CEO of YCDA, LLC. He regularly writes and consults on a variety of technical and security topics, and has authored or coauthored more than 35 books