The Official (ISC)2 SSCP CBK Reference

The Official (ISC)2 SSCP CBK Reference
Автор книги: id книги: 2281975     Оценка: 0.0     Голосов: 0     Отзывы, комментарии: 0 6438,72 руб.     (64,64$) Читать книгу Купить и скачать книгу Электронная книга Жанр: Зарубежная компьютерная литература Правообладатель и/или издательство: John Wiley & Sons Limited Дата добавления в каталог КнигаЛит: ISBN: 9781119874874 Скачать фрагмент в формате   fb2   fb2.zip Возрастное ограничение: 0+ Оглавление Отрывок из книги

Реклама. ООО «ЛитРес», ИНН: 7719571260.

Описание книги

The only official body of knowledge for SSCP—(ISC)2’s popular credential for hands-on security professionals—fully revised and updated 2021 SSCP Exam Outline. Systems Security Certified Practitioner (SSCP) is an elite, hands-on cybersecurity certification that validates the technical skills to implement, monitor, and administer IT infrastructure using information security policies and procedures. SSCP certification—fully compliant with U.S. Department of Defense Directive 8140 and 8570 requirements—is valued throughout the IT security industry. The Official (ISC)2 SSCP CBK Reference is the only official Common Body of Knowledge (CBK) available for SSCP-level practitioners, exclusively from (ISC)2, the global leader in cybersecurity certification and training. This authoritative volume contains essential knowledge practitioners require on a regular basis. Accurate, up-to-date chapters provide in-depth coverage of the seven SSCP domains: Security Operations and Administration; Access Controls; Risk Identification, Monitoring and Analysis; Incident Response and Recovery; Cryptography; Network and Communications Security; and Systems and Application Security. Designed to serve as a reference for information security professionals throughout their careers, this indispensable (ISC)2 guide: Provides comprehensive coverage of the latest domains and objectives of the SSCP Helps better secure critical assets in their organizations Serves as a complement to the SSCP Study Guide for certification candidates The Official (ISC)2 SSCP CBK Reference is an essential resource for SSCP-level professionals, SSCP candidates and other practitioners involved in cybersecurity.

Оглавление

Mike Wills. The Official (ISC)2 SSCP CBK Reference

Table of Contents

List of Tables

List of Illustrations

Guide

Pages

The Official (ISC)2® SSCP® CBK® Reference

Acknowledgments

About the Author

About the Technical Editor

Foreword

Introduction

ABOUT THIS BOOK

The SSCP Seven Domains

Using This Book to Defeat the Cybersecurity Kill Chain

WHERE DO YOU GO FROM HERE?

The SSCP CBK and Your Professional Growth Path

Maintaining the SSCP Certification

Join a Local Chapter

LET'S GET STARTED!

HOW TO CONTACT THE PUBLISHER

NOTES

CHAPTER 1 SSCP® Security Operations and Administration

COMPLY WITH CODES OF ETHICS

Understand, Adhere to, and Promote Professional Ethics

(ISC)2 Code of Ethics

Organizational Code of Ethics

UNDERSTAND SECURITY CONCEPTS

Conceptual Models for Information Security

Confidentiality

Intellectual Property

Protect IP by Labeling It

Software, Digital Expression, and Copyright

Copyleft?

Industrial or Corporate Espionage

Integrity

REAL WORLD EXAMPLE: Trustworthiness Is Perceptual

Availability

Accountability

Privacy

Privacy Is Not Confidentiality

Privacy: In Law, in Practice, in Information Systems

Universal Declaration of Human Rights

OECD and Privacy

OECD Privacy Principles: Basic Principles of National Application

Asia-Pacific Economic Cooperation Privacy Framework

PII and NPI

Private and Public Places

Privacy versus Security, or Privacy and Security

Nonrepudiation

Authentication

Safety

Fundamental Security Control Principles

Need to Know

Least Privilege

Separation of Duties

Separation of Duties and Least Privilege: It's Not Just About Your People!

Access Control and Need-to-Know

Job Rotation and Privilege Creep

DOCUMENT, IMPLEMENT, AND MAINTAIN FUNCTIONAL SECURITY CONTROLS

Deterrent Controls

Preventative Controls

Detective Controls

Corrective Controls

Compensating Controls

Residual Risk Isn't “Compensated For”

The Lifecycle of a Control

PARTICIPATE IN ASSET MANAGEMENT

Parts or Assets?

Asset Inventory

Inventory Tool/System of Record

Process Considerations

Lifecycle (Hardware, Software, and Data)

Hardware Inventory

Software Inventory and Licensing

Data Storage

Information Lifecycle

Apply Resource Protection Techniques to Media

Marking

Colorize to Classify

Protecting

Transport

Sanitization and Disposal

Media Disposal and Information Retention Must Match

IMPLEMENT SECURITY CONTROLS AND ASSESS COMPLIANCE

Technical Controls

Physical Controls

Human Vigilance—Keep It Working for You

Administrative Controls

Policies

Standards

Procedures

Baselines

Guidelines

Periodic Audit and Review

Audits

Exercises and Operational Evaluations

PARTICIPATE IN CHANGE MANAGEMENT. Change Management or Configuration Management?

Execute Change Management Process

Identify Security Impact

Testing/Implementing Patches, Fixes, and Updates

PARTICIPATE IN SECURITY AWARENESS AND TRAINING

Security Awareness Overview

Competency as the Criterion

Build a Security Culture, One Awareness Step at a Time

PARTICIPATE IN PHYSICAL SECURITY OPERATIONS

Physical Access Control

Don't Fail to Imagine

Property Approach

Perimeter

Parking

Facility Entrance

Internal Access Controls

The Data Center

Service Level Agreements

Specific Terms and Metrics

Mechanism for Monitoring Service

SUMMARY

CHAPTER 2 SSCP® Access Controls

ACCESS CONTROL CONCEPTS

Subjects and Objects

Privileges: What Subjects Can Do with Objects

Data Classification, Categorization, and Access Control

Access Control via Formal Security Models

Star or Simple? Which Way?

IMPLEMENT AND MAINTAIN AUTHENTICATION METHODS

Single-Factor/Multifactor Authentication

Type I: Something You Know

Passwords

Classical Password Policies—and Pitfalls

Stay Current on Best Password Practices

Passphrases

Salt What You Know Before You Hash It

Security Questions

Personal Identification Numbers or Memorable Information

Recent Access History

Escrow, Recovery, and Reset

Type II: Something You Have

Smart Cards

Security Tokens

Type III: Something You Are

New Factor Type: Something You Do

Distress Codes

Considerations When Using Biometric Methods

New Factor Type: Somewhere You Are

Accountability

Single Sign-On

Device Authentication

Removable Media: A Mixed Blessing or Only a Curse?

Federated Access

Using SAML for Federated Identity Management

SUPPORT INTERNETWORK TRUST ARCHITECTURES

Trust Relationships (One-Way, Two-Way, Transitive)

Extranet

Third-Party Connections

Zero Trust Architectures

PARTICIPATE IN THE IDENTITY MANAGEMENT LIFECYCLE

Authorization

How Useful Is Your Identity Management and Access Control System?

Proofing

Provisioning/Deprovisioning

Revoking vs. Deleting an Identity

Identity and Access Maintenance

User Access Review

System Account Access Review

Auditing

Enforcement

Entitlement

Are You Positive?

Manage by Groups, Not by Individual Accounts

Manage Devices in Groups, Too

Identity and Access Management Systems

IMPLEMENT ACCESS CONTROLS

Mandatory vs. Discretionary Access Control

“Built-In” Solutions?

Role-Based

Attribute-Based

Subject-Based

Object-Based

SUMMARY

CHAPTER 3 SSCP® Risk Identification, Monitoring, and Analysis

DEFEATING THE KILL CHAIN ONE SKIRMISH AT A TIME

REAL WORLD EXAMPLE: Identity Theft as an APT Tactical Weapon

Kill Chains: Reviewing the Basics

Avoid Stereotyping the APTs

Events vs. Incidents

UNDERSTAND THE RISK MANAGEMENT PROCESS

Who Owns Risk Management?

Risk Visibility and Reporting

Risk Register

Threat Intelligence Sharing

CVSS: Sharing Vulnerability and Risk Insight

Start with the CVE?

Risk Management Concepts

Information Security: Cost Center or Profit Center?

Paybacks via Cost Avoidance

How Do We Look at Risk?

Outcomes-Based Risk

Process-Based Risk

Asset-Based Risk

Threat-Based (or Vulnerability-Based) Risk

Impact Assessments

Quantitative Risk Assessment: Risk by the Numbers

Qualitative Risk Assessment

Threat Modeling

Secure Development Lifecycle and STRIDE

NIST 800-154 Data-Centric Threat Modeling

PASTA

OCTAVE

Other Models

Business Impact Analysis

Compliance as a Risk to Manage?

Risk Management Frameworks

Standards: Not Just for the Compliant

Comprehensive Frameworks

NIST Cybersecurity Framework

U.S. Federal Information Processing Standards

Committee of Sponsoring Organizations

ITIL

COBIT and RiskIT

Industry-Specific Risk Frameworks

Health Information Trust Alliance Common Security Framework

North American Electric Reliability Corporation Critical Infrastructure Protection

ISA-99 and ISA/IEC 62443

Payment Card Industry Data Security Standard

Risk Treatment

Accept

Share or Transfer

Remediate or Mitigate (also Known as Reduce or Treat)

When in Doubt, What's the Requirement Say?

Avoid or Eliminate

Recast

Residual Risk

Risk Treatment Controls

Physical Controls

Logical (or Technical) Controls

Administrative Controls

Choosing a Control

Build and Maintain User Engagement with Risk Controls

PERFORM SECURITY ASSESSMENT ACTIVITIES

Attackers Are Outspending You on Their Assessments!

Security Assessment Workflow Management

Participate in Security Testing

Black-Box, White-Box, or Gray-Box Testing

Look or Touch?

Vulnerability Scanning

Scanners Can't Protect You Against Zero-Day Exploits

Adding a Security Emphasis to OT&E

Ethical Penetration Testing

Pen Testing and Moral Hazards

Assessment-Driven Training

Design and Validate Assessment, Test, and Audit Strategies

Interpretation and Reporting of Scanning and Testing Results

Remediation Validation

Audit Finding Remediation

Manage the Architectures: Asset Management and Configuration Control

What's at Risk with Uncontrolled and Unmanaged Baselines?

Auditing Controlled Baselines

OPERATE AND MAINTAIN MONITORING SYSTEMS

ISCM Is a Strategy; SIEM Is Just One Tool

Events of Interest

Anomalies

Intrusions

Unauthorized Changes

Compliance Monitoring Events

Synthetic Transactions

Real User Monitoring

Logging

CIANA+PS Applies to Log Files Too!

Source Systems

Data Collection and Processing: Probably Cheaper Than Disaster Recovery

On-Premises Servers and Services

Applications and Platforms

External Servers and Services

Workstations and Endpoints

Network Infrastructure Devices

IoT Devices

Legal and Regulatory Concerns

Your Logbooks as Your Lifeline

ANALYZE MONITORING RESULTS

Anomaly Detection: UEBA Takes Center Stage

Security Baselines and Anomalies

Define the Behavioral Baselines

Finding the Anomalies

Do You Allow or Block Behaviors?

Visualizations, Metrics, and Trends

Event Data Analysis

Document and Communicate Findings

SUMMARY

NOTES

CHAPTER 4 SSCP® Incident Response and Recovery

SUPPORT THE INCIDENT LIFECYCLE

Think like a Responder

Physical, Logical, and Administrative Surfaces

Incident Response: Measures of Merit

The Lifecycle of a Security Incident

Which Frameworks?

Preparation

Tests and Exercises

Incident Response Team: Roles and Structures

Incident Response Priorities

Detection, Analysis, and Escalation

Watching for Kill Chains in Action

Filtering to Detect: How Many Signals?

Human Observation and Reporting

Correlation

Security Event Triage

Declaring an Incident: Alarm!

Log It!

Visually Mapping an Incident

Containment

Eradication

Don't Let Eradication Become a Self-Inflicted Attack

Recovery

Data Recovery

Backups: They Exist Only When You Plan for Business Continuity

Post-Recovery: Notification and Monitoring

Lessons Learned; Implementation of New Countermeasures

Third-Party Considerations

Real-Time Notification and Coordination: Set These Up Before the First Incident

UNDERSTAND AND SUPPORT FORENSIC INVESTIGATIONS

Call in the Lawyers and the Experts

Legal and Ethical Principles

Logistics Support to Investigations

Evidence Handling

Data Cleaning at a Crime Scene?

Controlling and Preserving the Scene

The Chain of Custody

Evidence Collection

Tools

Triage and Evidence?

Techniques and Procedures

Forensics in the Cloud

UNDERSTAND AND SUPPORT BUSINESS CONTINUITY PLAN AND DISASTER RECOVERY PLAN ACTIVITIES

Emergency Response Plans and Procedures

Security and the Continuity Planning Process

Interim or Alternate Processing Strategies

Restoration Planning

Backup and Redundancy Implementation

Managing the Data Backup Process

Platform and Database Backup

Storage Redundancy

Backup Protection at Rest and in Motion

Data Recovery and Restoration

Training and Awareness

Testing and Drills

Test Environments

Read-Through or Tabletop Assessment

Walk-Through

Simulation or Drill

Parallel

Full Interruption

CIANA+PS AT LAYER 8 AND ABOVE

Remember CIANA?

It Is a Dangerous World Out There

People Power and Business Continuity

SUMMARY

CHAPTER 5 SSCP® Cryptography

UNDERSTAND FUNDAMENTAL CONCEPTS OF CRYPTOGRAPHY

Privacy and Confidentiality

Plaintext or Cleartext?

Building Blocks of Digital Cryptographic Systems

Cryptographic Algorithms: The Basics

Symmetric vs. Asymmetric Encryption

Cryptovariables Are Not Keys

Cryptographic Keys

“The Enemy Knows Your System!”

Protocols and Modules

Sets and Functions

Cryptography, Cryptology, or ?

Hashing

Pseudorandom and Determinism

Salting

Symmetric Block and Stream Ciphers

Stream vs. Streaming

Block Cipher Basics

Padding and Block Ciphers

Cipher Block and Feedback Chaining

Electronic Code Book

Block Ciphers: Symmetric and Asymmetric?

Data Encryption Standard and Triple

Advanced Encryption Standard

Blowfish and Twofish

International Data Encryption Algorithm

CAST

PGP, OpenPGP, and GnuPG

Stream Ciphers

A5/1, A5/2

RC4

Salsa20/ChaCha20

EU ECRYPT

Asymmetric Encryption

Forward Secrecy

Discrete Logarithm Problems

Factoring Problems

Diffie-Hellman-Merkle

RSA

ElGamal

Quantum Cryptography

Hybrid Cryptosystems

Elliptical Curve Cryptography

The Modulus (Mod)

Nonrepudiation

Registered Email

Digital Signatures and Nonrepudiation

Hashed Message Authentication Codes

Digital Signature Algorithm

Digital Certificates

Encryption Algorithms

Key Strength

Sometimes 256 May Not Be Greater Than 128

Cryptographic Safety Factor

CRYPTOGRAPHIC ATTACKS, CRYPTANALYSIS, AND COUNTERMEASURES

Cryptologic Hygiene as Countermeasures

A Starter Set of Crypto-Hygiene Practices

Cryptography Is Not a Standalone Answer

Common Attack Patterns and Methods

Attacks Against the Human Element

Algorithm Attacks

Heartbleed—An Implementation Flaw Case Study

Brute Force

Man-in-the-Middle Attack

Side-Channel Attacks

Differential Fault Analysis

Birthday Attack

Related-Key Attack

Meet-in-the-Middle Attack

Replay Attack

Cryptanalytic Attacks

Linear Cryptanalysis

Differential Cryptanalysis

Quantum Cryptanalysis

Secure Cryptoprocessors, Hardware Security Modules, and Trusted Platform Modules

Trusted Platform Module

Cryptographic Module

Hardware Security Module

UNDERSTAND THE REASONS AND REQUIREMENTS FOR CRYPTOGRAPHY

Confidentiality

Integrity and Authenticity

Data Sensitivity

Availability

Nonrepudiation

Authentication

Privacy

Safety

Regulatory and Compliance

Transparency and Auditability

Competitive Edge

UNDERSTAND AND SUPPORT SECURE PROTOCOLS

Services and Protocols

IPsec

TLS

Pretty Good Privacy

OpenPGP

Hypertext Transfer Protocol Secure

Secure Multipurpose Internet Mail Extensions

DomainKeys Identified Mail

Blockchain

Common Use Cases

Federated Systems

Transaction and Workflow Processing

Integrated Logistics Support

Secure Collaboration

IoT, UAS, and ICS: The Untended Endpoints

Deploying Cryptography: Some Challenging Scenarios

Trusting SOHO

On-Premises Data Center

High-Compliance Architectures

Limitations and Vulnerabilities

UNDERSTAND PUBLIC KEY INFRASTRUCTURE SYSTEMS

Fundamental Key Management Concepts

Key Strength and Key Generation

Secure Key Storage and Use

Key Distribution, Exchange, and Trust

Distribution, Exchange, or Infrastructure?

Key Rotation, Expiration, and Revocation

“Rotate” Does Not Mean “Reuse”

Key Destruction

Key Management Vulnerabilities

Escrow and Key Recovery

Separation of Duties, Dual Control, and Split Knowledge

Hierarchies of Trust

Web of Trust

SUMMARY

NOTES

CHAPTER 6 SSCP® Network and Communications Security

UNDERSTAND AND APPLY FUNDAMENTAL CONCEPTS OF NETWORKING

Complementary, Not Competing, Frameworks

Why Master Both Frameworks?

OSI and TCP/IP Models

Datagrams and Protocol Data Units

Handshakes

Packets and Encapsulation

Addressing, Routing, and Switching Concepts

Name Resolution in TCP/IP

DNS Security Extensions

Address Resolution

Routing

Switching

Network Segmentation

URLs and the Web

OSI Reference Model

Please Do Not Throw Sausage Pizza Away

Layer 1: The Physical Layer

Security Risks Create Opportunities

Layer 2: The Data Link Layer

Layer 3: The Network Layer

Layer 4: The Transport Layer

Layer 5: Session Layer

RPC or API?

Layer 6: Presentation Layer

Layer 7: Application Layer

TCP/IP Reference Model

TCP/IP Is Not TCP!

The Link Layer

The Internet Layer

The Transport Layer

The Application Layer

Converged Protocols

Software-Defined Networks

IPV4 ADDRESSES, DHCP, AND SUBNETS

IPv4 Address Classes

Subnetting in IPv4

Running Out of Addresses?

IPV4 VS. IPV6: KEY DIFFERENCES AND OPTIONS

Network Topographies

Network Relationships

Client-Server

Peer to Peer

P2P Implementations

Trusting the Endpoints

Transmission Media Types

Ethernet Basics

Network Cabling

Fire Safety and Cable Types

Commonly Used Ports and Protocols

Cross-Layer Protocols and Services

IPsec

UNDERSTAND NETWORK ATTACKS AND COUNTERMEASURES

REAL WORLD EXAMPLE: The Largest Financial Industry Data Breach: An Inside Job?

CIANA+PS Layer by Layer

Layer 1: Physical

Accidents as “Attackers”

Layer 2: Link

Layer 3: Internetworking (IP)

Layer 4: Transport

Layer 5: Session

Layer 6: Presentation

Layer 7: Applications

Vulnerabilities and Assessment

Beyond Layer 7

Common Network Attack Types

Distributed Denial-of-Service Attacks

Man-in-the-Middle Attacks

DNS Cache Poisoning

DHCP Attacks

SYN Flooding

Smurfing

Internet Control Message Protocol

Attacks on Large (Enterprise) Networks

Border Gateway Protocol Attacks

Open Shortest Path First Versions 1 and 2

SCADA, IoT, and the Implications of Multilayer Protocols

SCADA and Industrial Control Systems Attacks

DDoS and IoT Device Attacks

MANAGE NETWORK ACCESS CONTROLS

Endpoint Security Is Not Enough

Network Access Control and Monitoring

Admission

Remediation

Monitoring

Network Access Control Standards and Protocols

Single Sign Off?

Remote Access Operation and Configuration

Thin Clients

Remote Access Security Management

Centralized Remote Authentication Services

Virtual Private Networks

Tunneling

The Proliferation of Tunneling

Common VPN Protocols

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol

IPsec VPN

MANAGE NETWORK SECURITY

Logical and Physical Placement of Network Devices

Segmentation

Virtual LANs

Demilitarized Zones

Segmentation: Not Secure Enough?

Zero-Trust Network Architectures

Secure Device Management

Thorough Monitoring, or Self-Inflicted Cyberattacks?

OPERATE AND CONFIGURE NETWORK-BASED SECURITY DEVICES

Network Address Translation

Additional Security Device Considerations

Securing Cloud-Hosted “Devices”

Endpoints as Security Devices

Jump Boxes and Servers

Firewalls and Proxies

Firewalls

Types of Firewalls

Multihomed Firewalls

Gateways

Proxies

Firewall Deployment Architectures

Disruptions to Firewalled Thinking

Network Intrusion Detection/Prevention Systems

Silent Alarms Can Be False Alarms

Security Information and Event Management Systems

Routers and Switches

Network Security from Other Hardware Devices

Traffic-Shaping Devices

OPERATE AND CONFIGURE WIRELESS TECHNOLOGIES

Wireless: Common Characteristics

LIGHT and LiFi

Wireless Radio as a Medium

Unlicensed Radios

Wireless Endpoints: Are All of These Part of the Network?

Mobile Device Management and Endpoint Security

Wi-Fi

Wireless Standards and Protocols

Wired Equivalent Privacy and Wi-Fi Protected Access

IEE 802.11i and WPA2, and then WPA3

WPA Authentication and Encryption

Wireless Access Points

Which WAP?

Five Myths About Wi-Fi Security

Captive Wireless Portals

Wireless Attacks

Bluetooth

Near-Field Communications

Cellular/Mobile Phone Networks

Ad Hoc Wireless Networks

Transmission Security

Anonymity Networks and Privacy-Enhancing Systems

Malicious Use of Anonymous Services

Frequency-Hopping Spread Spectrum

Direct Sequence Spread Spectrum

Orthogonal Frequency-Division Multiplexing

Wireless Security Devices

SUMMARY

NOTES

CHAPTER 7 SSCP® Systems and Application Security

SYSTEMS AND SOFTWARE INSECURITY

Software Vulnerabilities Across the Lifecycle

Software Development as a Networked Sport

Vulnerability Management: Another Network Team Sport

Cybersecurity Bill of Materials and Open Source Risk

Data-Driven Risk: The SDLC Perspective

Coping with SDLC Risks

Access Control

Lateral Data and Code Movement Control

Hardware and Software Supply Chain Security

Applications Designed with Security in Mind

Listen to the Voice of the User

Risks of Poorly Merged Systems

Hard to Design It Right, Easy to Fix It?

Security Requirements: Functional or Nonfunctional?

Hardware and Software Supply Chain Security

Positive and Negative Models for Software Security

Is Blocked Listing Dead? Or Dying?

INFORMATION SECURITY = INFORMATION QUALITY + INFORMATION INTEGRITY

Be Prepared for Ransom Attacks!

Data Modeling

Zero Trust and Data Protection: Encrypt, Tokenize, or Isolate?

Preserving Data Across the Lifecycle

Preventing a Blast from the Past

IDENTIFY AND ANALYZE MALICIOUS CODE AND ACTIVITY

Malware

Malicious Code Countermeasures

Anti-Malware Under Another Name?

Malicious Activity

What Kinds of Activities?

Beware Attackers Living Off the Land

Who's Doing It?

The Insider Threat

Malicious Activity Countermeasures

IMPLEMENT AND OPERATE ENDPOINT DEVICE SECURITY

When Is “The Cloud” an Endpoint?

HIDS

Host-Based Firewalls

Allowed Lists: Positive Control for App Execution

Endpoint Encryption

Trusted Platform Module

Mobile Device Management

Avoiding Covert Channels of the Mind

Secure Browsing

The Downside of a VPN

IoT Endpoint Security

Endpoint Security: EDR, MDR, XDR, UEM, and Others

OPERATE AND CONFIGURE CLOUD SECURITY

Deployment Models

Service Models

Virtualization

Virtual Machines

Security for Virtual Machines

Serverless Services

Legal and Regulatory Concerns

Jurisdiction and Electronic Discovery in the Cloud

Beware the Constraints on Discussing E-Discovery Processes

Cooperative E-Discovery for Regulatory, Audit, and Insurance Purposes

Ownership, Control, and Custody of Data

Privacy Considerations

Blockchain, Immutable Ledgers, and the Right to Be Forgotten

Surveillance Data and the Cloud

Data Storage and Transmission

Third-Party/Outsourcing Requirements

Lifecycles in the Cloud

Shared Responsibility Model

Layered Redundancy as a Survival Strategy

OPERATE AND SECURE VIRTUAL ENVIRONMENTS

Software-Defined Networking

Hypervisor

Virtual Appliances

Continuity and Resilience

Attacks and Countermeasures

Shared Storage

SUMMARY

NOTES

Appendix: Cross-Domain Challenges

PARADIGM SHIFTS IN INFORMATION SECURITY?

PIVOT 1: TURN THE ATTACKERS' PLAYBOOKS AGAINST THEM

ATT&CK: Pivoting Threat Intelligence

Analysis: Real-Time and Retrospective

The SOC as a Fusion Center

All-Source, Proactive Intelligence: Part of the Fusion Center

PIVOT 2: CYBERSECURITY HYGIENE: THINK SMALL, ACT SMALL

CIS IG 1 for the SMB and SME

Hardening Individual Cybersecurity

WARNING Updated “Top Ten” Threat Lists: Be Wary, but Don't Be Hasty

Assume the Breach

PIVOT 3: FLIP THE “DATA-DRIVEN VALUE FUNCTION”

Data-Centric Defense and Resiliency

Ransomware as a Service

Supply Chains, Security, and the SSCP

The Uncontrollable Marketplaces for Zero-Day Exploits

ICS, IoT, and SCADA: More Than SUNBURST

Extending Physical Security: More Than Just Badges and Locks

The IoRT: Robots Learning via the Net

PIVOT 4: OPERATIONALIZE SECURITY ACROSS THE IMMEDIATE AND LONGER TERM

Continuous Assessment and Continuous Compliance

SDNs and SDS

Software-Defined Networks

Software-Defined Security

SOAR: Strategies for Focused Security Effort

A “DevSecOps” Culture: SOAR for Software Development

PIVOT 5: ZERO-TRUST ARCHITECTURES AND OPERATIONS

NOTE ISO and ZTA?

FIDO and Passwordless Authentication

Threat Hunting, Indicators, and Signature Dependence

OTHER DANGERS ON THE WEB AND NET

Surface, Deep, and Dark Webs

The Dark Web: Many Dynamic Marketplaces

Deep and Dark: Risks and Countermeasures

DNS and Namespace Exploit Risks

Cloud Security: Edgier and Foggier

CURIOSITY AS COUNTERMEASURE

NOTES

Index

WILEY END USER LICENSE AGREEMENT

Отрывок из книги

Sixth Edition

MICHAEL S. WILLS, SSCP, CISSP, CAMS

.....

Those three questions all focus on our information systems architecture, the elements we've brought together to create those systems with, and the business logic by which we use those systems. As we'll see in Chapter 3, having a solid baseline that captures and describes our organization's information systems and IT architecture is the foundation of how we manage those information systems. It's also worthwhile to consider that well-managed systems are often more reliable, resilient, safe and secure; unmanaged systems may be just as trustworthy, but if they are, it's more by luck than by design.

Information systems asset management comprises all of the activities to identify each asset, know and control its location and use, and track modifications, changes, or repairs done to it. Asset management also includes keeping track of any damages or losses that an asset incurs through accident, failures of other systems or business functions, misuse, abuse, or attacks of any kind. Due care and due diligence require asset management to be effective, thorough, and accountable, which in turn require that proper inventory and tracking records be kept and that standards be set for proper usage, routine maintenance and repair, safety, and security. Asset management and configuration management and control go hand in hand as the main processes you should use to keep these important, value-producing assets working well and working for you; they're also crucial to keeping those assets being used by someone else!

.....

Добавление нового отзыва

Комментарий Поле, отмеченное звёздочкой  — обязательно к заполнению

Отзывы и комментарии читателей

Нет рецензий. Будьте первым, кто напишет рецензию на книгу The Official (ISC)2 SSCP CBK Reference
Подняться наверх