Читать книгу The Official (ISC)2 SSCP CBK Reference - Mike Wills - Страница 2

1  Cover

2  Title Page

3  Copyright

4  Acknowledgments

5  About the Author

6  About the Technical Editor

7  Foreword

8  Introduction ABOUT THIS BOOK WHERE DO YOU GO FROM HERE? LET'S GET STARTED! HOW TO CONTACT THE PUBLISHER NOTES

9  CHAPTER 1: Security Operations and Administration COMPLY WITH CODES OF ETHICS UNDERSTAND SECURITY CONCEPTS DOCUMENT, IMPLEMENT, AND MAINTAIN FUNCTIONAL SECURITY CONTROLS PARTICIPATE IN ASSET MANAGEMENT IMPLEMENT SECURITY CONTROLS AND ASSESS COMPLIANCE PARTICIPATE IN CHANGE MANAGEMENT PARTICIPATE IN SECURITY AWARENESS AND TRAINING PARTICIPATE IN PHYSICAL SECURITY OPERATIONS SUMMARY

10  CHAPTER 2: Access Controls ACCESS CONTROL CONCEPTS IMPLEMENT AND MAINTAIN AUTHENTICATION METHODS SUPPORT INTERNETWORK TRUST ARCHITECTURES PARTICIPATE IN THE IDENTITY MANAGEMENT LIFECYCLE IMPLEMENT ACCESS CONTROLS SUMMARY

11  CHAPTER 3: Risk Identification, Monitoring, and Analysis DEFEATING THE KILL CHAIN ONE SKIRMISH AT A TIME UNDERSTAND THE RISK MANAGEMENT PROCESS PERFORM SECURITY ASSESSMENT ACTIVITIES OPERATE AND MAINTAIN MONITORING SYSTEMS ANALYZE MONITORING RESULTS SUMMARY NOTES

12  CHAPTER 4: Incident Response and Recovery SUPPORT THE INCIDENT LIFECYCLE UNDERSTAND AND SUPPORT FORENSIC INVESTIGATIONS UNDERSTAND AND SUPPORT BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN ACTIVITIES CIANA+PS AT LAYER 8 AND ABOVE SUMMARY

13  CHAPTER 5: Cryptography UNDERSTAND FUNDAMENTAL CONCEPTS OF CRYPTOGRAPHY CRYPTOGRAPHIC ATTACKS, CRYPTANALYSIS, AND COUNTERMEASURES UNDERSTAND THE REASONS AND REQUIREMENTS FOR CRYPTOGRAPHY UNDERSTAND AND SUPPORT SECURE PROTOCOLS UNDERSTAND PUBLIC KEY INFRASTRUCTURE SYSTEMS SUMMARY NOTES

14  CHAPTER 6: Network and Communications Security UNDERSTAND AND APPLY FUNDAMENTAL CONCEPTS OF NETWORKING IPV4 ADDRESSES, DHCP, AND SUBNETS IPV4 VS. IPV6: KEY DIFFERENCES AND OPTIONS UNDERSTAND NETWORK ATTACKS AND COUNTERMEASURES MANAGE NETWORK ACCESS CONTROLS MANAGE NETWORK SECURITY OPERATE AND CONFIGURE NETWORK-BASED SECURITY DEVICES OPERATE AND CONFIGURE WIRELESS TECHNOLOGIES SUMMARY NOTES

15  CHAPTER 7: Systems and Application Security SYSTEMS AND SOFTWARE INSECURITY INFORMATION SECURITY = INFORMATION QUALITY + INFORMATION INTEGRITY IDENTIFY AND ANALYZE MALICIOUS CODE AND ACTIVITY IMPLEMENT AND OPERATE ENDPOINT DEVICE SECURITY OPERATE AND CONFIGURE CLOUD SECURITY OPERATE AND SECURE VIRTUAL ENVIRONMENTS SUMMARY NOTES

16  Appendix: Cross-Domain Challenges PARADIGM SHIFTS IN INFORMATION SECURITY? PIVOT 1: TURN THE ATTACKERS' PLAYBOOKS AGAINST THEM PIVOT 2: CYBERSECURITY HYGIENE: THINK SMALL, ACT SMALL PIVOT 3: FLIP THE “DATA-DRIVEN VALUE FUNCTION” PIVOT 4: OPERATIONALIZE SECURITY ACROSS THE IMMEDIATE AND LONGER TERM PIVOT 5: ZERO-TRUST ARCHITECTURES AND OPERATIONS OTHER DANGERS ON THE WEB AND NET CURIOSITY AS COUNTERMEASURE NOTES

17  Index

18  End User License Agreement