By Misenar, Seth; Feldman, Joshua; Conrad, Eric; Riggins, Kevin

The CISSP certification is the main prestigious, globally-recognized, seller impartial examination for info protection professionals. The most modern variation of this acclaimed research advisor is aligned to hide the entire fabric integrated within the most up-to-date model of the exam’s universal physique of data. the 10 domain names are coated thoroughly and as concisely as attainable with a watch to acing the examination.

Each of the 10 domain names has its personal bankruptcy that comes with in particular designed pedagogy to help the test-taker in passing the examination, including: Clearly said examination targets; special terms/Definitions; examination Warnings; studying through instance; Hands-On routines; bankruptcy finishing questions. in addition, targeted good points include: Two perform assessments; Tiered bankruptcy finishing questions that let for a steady studying curve; and a self-test appendix

• presents the main entire and potent examine advisor to organize you for passing the CISSP exam―contains in basic terms what you want to move the attempt, with out fluff!

• Eric Conrad has ready hundreds and hundreds of pros for passing the CISSP examination via SANS, a well-liked and famous association for info safety execs.

• Covers all the new info within the universal physique of information up to date in January 2012, and in addition offers perform tests, tiered end-of-chapter questions for a steady studying curve, and an entire self-test appendix.

Show description

Read Online or Download CISSP study guide, second edition PDF

Similar management information systems books

Information Sharing on the Semantic Web (Advanced Information and Knowledge Processing)

Information contemporary study in components equivalent to ontology layout for info integration, metadata iteration and administration, and illustration and administration of dispensed ontologies. presents selection help at the use of novel applied sciences, information regarding capability difficulties, and directions for the winning software of present applied sciences.

Beautiful Teams: Inspiring and Cautionary Tales from Veteran Team Leaders

What is it wish to paintings on an exceptional software program improvement workforce dealing with an most unlikely challenge? How do you construct a good staff? Can a bunch of people that do not get alongside nonetheless construct reliable software program? How does a workforce chief maintain each person heading in the right direction whilst the stakes are excessive and the time table is tight? appealing groups takes you backstage with one of the most attention-grabbing groups in software program engineering heritage.

Network Security, Administration and Management: Advancing Technologies and Practice

Community safeguard, management and administration: Advancing applied sciences and Practices identifies the most recent technological ideas, practices and ideas on community safety whereas exposing attainable safety threats and vulnerabilities of latest software program, undefined, and networked structures. This booklet is a set of present learn and practices in community protection and management for use as a reference via practitioners in addition to a textual content by means of academicians and running shoes.

Extra info for CISSP study guide, second edition

Sample text

Dynamic passwords change at regular intervals. RSA makes a synchronous token device called SecurIDÒ that generates a new token code every 60 seconds. Users combine their static PINs with RSA dynamic token codes to create dynamic passwords that change every time they are used. One drawback when using dynamic passwords is the expense of the tokens themselves. Authentication Methods Strong authentication (also called multifactor authentication) requires that the user present more than one authentication factor.

Each domain has a separate authentication process and space. Each domain may contain different users and different network assets and data objects. Because Microsoft Windows also uses the concept of groups to control access by users to data objects, each group may be granted access to various domains within the system. If a two-way trust between domains is created, then the users and data 23 24 CHAPTER 2 Domain 1: Access Control objects from each domain can be accessed by groups belonging to either domain.

If two data objects are hashed and the hashes are the same, then the originating data is also the same. 6 “password“ Hash Output. 7 “Password“ Hash Output. Dictionary attacks A dictionary attack uses a word list—a predefined list of words—and then runs each word through a hash algorithm. If the cracking software matches the output from the dictionary attack output to the password hash, the attacker will be able to identify the original password. 8 Windows LM and NT Hashes. NOTE Attackers will often tune their dictionary to their target, adding a Spanish dictionary to their word list for a target organization with Spanish speakers, or even a Klingon dictionary for an organization with Star Trek fans.

Download PDF sample

CISSP study guide, second edition by Misenar, Seth; Feldman, Joshua; Conrad, Eric; Riggins, Kevin
Rated 4.04 of 5 – based on 26 votes