CISSP Cert Guide, 3rd edition By Robin Abernathy, Troy McMillan (Test Bank )

Document Content and Description Below

Introduction xlv Chapter 1 Security and Risk Management 2 Security Terms 5 CIA 5 Auditing and Accounting 6 Non-Repudiation 7 Default Security Posture 7 Defense... in Depth 7 Abstraction 8 Data Hiding 8 Encryption 8 Security Governance Principles 8 Security Function Alignment 9 Organizational Processes 12 Organizational Roles and Responsibilities 14 Security Control Frameworks 17 Due Care and Due Diligence 32 Compliance 33 Contractual, Legal, Industry Standards, and Regulatory Compliance 34 Privacy Requirements Compliance 35 Legal and Regulatory Issues 35 Computer Crime Concepts 36 Major Legal Systems 38 Licensing and Intellectual Property 40 Cyber Crimes and Data Breaches 44 Import/Export Controls 45 Trans-Border Data Flow 45 Privacy 45 Professional Ethics 52 (ISC)2 Code of Ethics 52 Computer Ethics Institute 53 Internet Architecture Board 54 Organizational Code of Ethics 54 Security Documentation 54 Policies 55 Processes 57 Procedures 57 Standards 57 Guidelines 58 Baselines 58 Business Continuity 58 Business Continuity and Disaster Recovery Concepts 58 Scope and Plan 61 BIA Development 65 Personnel Security Policies and Procedures 68 Candidate Screening and Hiring 69 Employment Agreements and Policies 70 Employee Onboarding and Offboarding Policies 71 Vendor, Consultant, and Contractor Agreements and Controls 72 Compliance Policy Requirements 72 Privacy Policy Requirements 72 Job Rotation 73 Separation of Duties 73 Risk Management Concepts 73 Asset and Asset Valuation 73 Vulnerability 74 Threat 74 Threat Agent 74 Exploit 75 Risk 75 Exposure 75 Countermeasure 75 Risk Appetite 76 Attack 76 Breach 76 Risk Management Policy 77 Risk Management Team 77 Risk Analysis Team 77 Risk Assessment 78 Implementation 82 Control Categories 83 Control Types 84 Controls Assessment, Monitoring, and Measurement 89 Reporting and Continuous Improvement 89 Risk Frameworks 90 Geographical Threats 108 Internal Versus External Threats 108 Natural Threats 109 System Threats 110 Human-Caused Threats 111 Politically Motivated Threats 114 Threat Modeling 115 Threat Modeling Concepts 116 Threat Modeling Methodologies 116 Identifying Threats 119 Potential Attacks 120 Remediation Technologies and Processes 121 Security Risks in the Supply Chain 121 Risks Associated with Hardware, Software, and Services 121 Third-party Assessment and Monitoring 122 Minimum Service-Level and Security Requirements 123 Service-Level Requirements 123 Security Education, Training, and Awareness 124 Levels Required 124 Methods and Techniques 125 Periodic Content Reviews 126 Exam Preparation Tasks 126 Chapter 2 Asset Security 140 Asset Security Concepts 141 Data Policy 141 Roles and Responsibilities 143 Data Quality 144 Data Documentation and Organization 145 Identify and Classify Information and Assets 146 Data and Asset Classification 146 Sensitivity and Criticality 146 Private Sector Classifications 151 Military and Government Classifications 152 Information Life Cycle 153 Databases 155 Data Audit 160 Information and Asset Ownership 160 Protect Privacy 161 Owners 161 Data Processors 162 Data Remanence 162 Collection Limitation 163 Asset Retention 164 Data Security Controls 166 Data Security 166 Data States 166 Data Access and Sharing 167 Data Storage and Archiving 168 Baselines 169 Scoping and Tailoring 170 Standards Selection 170 Data Protection Methods 171 Information and Asset Handling Requirements 172 Marking, Labeling, and Storing 172 Destruction 173 Exam Preparation Tasks 173 Chapter 3 Security Architecture and Engineering 178 Engineering Processes Using Secure Design Principles 180 Objects and Subjects 181 Closed Versus Open Systems 182 Security Model Concepts 182 Confidentiality, Integrity, and Availability 182 Confinement 183 Bounds 183 Isolation 183 Security Modes 183 Defense in Depth 185 Security Model Types 185 Security Models 188 System Architecture Steps 192 ISO/IEC 42010:2011 193 Computing Platforms 193 Security Services 196 System Components 196 System Security Evaluation Models 205 TCSEC 206 ITSEC 209 Common Criteria 211 Security Implementation Standards 213 Controls and Countermeasures 217 Certification and Accreditation 217 Control Selection Based upon Systems Security Requirements 218 Security Capabilities of Information Systems 219 Memory Protection 219 Virtualization 220 Trusted Platform Module 220 Interfaces 221 Fault Tolerance 221 Policy Mechanisms 222 Encryption/Decryption 223 Security Architecture Maintenance 223 Vulnerabilities of Security Architectures, Designs, and Solution Elements 224 Client-Based Systems 224 Server-Based Systems 225 Database Systems 226 Cryptographic Systems 227 Industrial Control Systems 227 Cloud-Based Systems 230 Large-Scale Parallel Data Systems 236 Distributed Systems 237 Grid Computing 237 Peer-to-Peer Computing 237 Internet of Things 238 Vulnerabilities in Web-Based Systems 242 Maintenance Hooks 242 Time-of-Check/Time-of-Use Attacks 243 Web-Based Attacks 243 XML 244 SAML 244 OWASP 244 Vulnerabilities in Mobile Systems 244 Device Security 245 Application Security 246 Mobile Device Concerns 246 NIST SP 800-164 248 Vulnerabilities in Embedded Devices 250 Cryptography 250 Cryptography Concepts 250 Cryptography History 253 Cryptosystem Features 256 NIST SP 800-175A and B 257 Cryptographic Mathematics 258 Cryptographic Life Cycle 261 Cryptographic Types 262 Running Key and Concealment Ciphers 263 Substitution Ciphers 263 Transposition Ciphers 265 Symmetric Algorithms 266 Asymmetric Algorithms 268 Hybrid Ciphers 269 Symmetric Algorithms 269 DES and 3DES 270 AES 274 IDEA 274 Skipjack 274 Blowfish 275 Twofish 275 RC4/RC5/RC6/RC7 275 CAST 275 Asymmetric Algorithms 276 Diffie-Hellman 277 RSA 277 El Gamal 278 ECC 278 Knapsack 279 Zero-knowledge Proof 279 Public Key Infrastructure 279 Certification Authority and Registration Authority 279 Certificates 280 Certificate Life Cycle 281 Certificate Revocation List 283 OCSP 284 PKI Steps 284 Cross-Certification 285 Key Management Practices 285 Message Integrity 293 Hashing 294 Message Authentication Code 297 Salting 299 Digital Signatures 299 DSS 300 Applied Cryptography 300 Link Encryption Versus End-to-End Encryption 300 Email Security 300 Internet Security 300 Cryptanalytic Attacks 301 Ciphertext-Only Attack 302 Known Plaintext Attack 302 Chosen Plaintext Attack 302 Chosen Ciphertext Attack 302 Social Engineering 302 Brute Force 302 Differential Cryptanalysis 303 Linear Cryptanalysis 303 Algebraic Attack 303 Frequency Analysis 303 Birthday Attack 303 Dictionary Attack 303 Replay Attack 304 Analytic Attack 304 Statistical Attack 304 Factoring Attack 304 Reverse Engineering 304 Meet-in-the-Middle Attack 304 Ransomware Attack 304 Side-Channel Attack 305 Digital Rights Management 305 Document DRM 306 Music DRM 306 Movie DRM 306 Video Game DRM 306 E-book DRM 307 Site and Facility Design 307 Layered Defense Model 307 CPTED 307 Physical Security Plan 308 Facility Selection Issues 309 Site and Facility Security Controls 312 Doors 312 Locks 313 Biometrics 315 Glass Entries 315 Visitor Control 315 Wiring Closets/Intermediate Distribution Facilities 316 Work Areas 316 Environmental Security 317 Equipment Security 321 Exam Preparation Tasks 323 Chapter 4 Communication and Network Security 334 Secure Network Design Principles 335 OSI Model 335 TCP/IP Model 340 IP Networking 345 Common TCP/UDP Ports 346 Logical and Physical Addressing 347 IPv4 348 Network Transmission 353 IPv6 357 Network Types 370 Protocols and Services 372 ARP/RARP 372 DHCP/BOOTP 373 DNS 374 FTP, FTPS, SFTP, TFTP 374 HTTP, HTTPS, S-HTTP 375 ICMP 375 IGMP 376 IMAP 376 LDAP 376 LDP 376 NAT 376 NetBIOS 376 NFS 377 PAT 377 POP 377 CIFS/SMB 377 SMTP 377 SNMP 377 SSL/TLS 378 Multilayer Protocols 378 Converged Protocols 379 FCoE 379 MPLS 380 VoIP 381 iSCSI 381 Wireless Networks 381 FHSS, DSSS, OFDM, VOFDM, FDMA, TDMA, CDMA, OFDMA, and GSM 382 WLAN Structure 384 WLAN Standards 384 WLAN Security 387 Communications Cryptography 392 Link Encryption 392 End-to-End Encryption 393 Email Security 393 Internet Security 394 Secure Network Components 396 Hardware 397 Transmission Media 415 Network Access Control Devices 435 Endpoint Security 437 Content-Distribution Networks 438 Secure Communication Channels 438 Voice 439 Multimedia Collaboration 439 Remote Access 440 Data Communications 450 Virtualized Networks 450 Network Attacks 451 Cabling 451 Network Component Attacks 453 ICMP Attacks 454 DNS Attacks 456 Email Attacks 458 Wireless Attacks 459 Remote Attacks 460 Other Attacks 460 Exam Preparation Tasks 462 Chapter 5 Identity and Access Management (IAM) 474 Access Control Process 475 Identify Resources 475 Identify Users 476 Identify the Relationships Between Resources and Users 476 Physical and Logical Access to Assets 477 Access Control Administration 477 Information 478 Systems 478 Devices 479 Facilities 479 Identification and Authentication Concepts 480 NIST SP 800-63 480 Five Factors for Authentication 484 Single-Factor Versus Multi-Factor Authentication 495 Device Authentication 495 Identification and Authentication Implementation 496 Separation of Duties 496 Least Privilege/Need-to-Know 497 Default to No Access 497 Directory Services 498 Single Sign-on 498 Session Management 503 Registration and Proof of Identity 503 Credential Management Systems 504 Accountability 505 Identity as a Service (IDaaS) Implementation 507 Third-Party Identity Services Integration 507 Authorization Mechanisms 508 Permissions, Rights, and Privileges 508 Access Control Models 508 Access Control Policies 514 Provisioning Life Cycle 514 Provisioning 515 User and System Account Access Review 516 Account Revocation 516 Access Control Threats 516 Password Threats 517 Social Engineering Threats 518 DoS/DDoS 520 Buffer Overflow 520 Mobile Code 520 Malicious Software 521 Spoofing 521 Sniffing and Eavesdropping 521 Emanating 522 Backdoor/Trapdoor 522 Access Aggregation 522 Advanced Persistent Threat 523 Prevent or Mitigate Access Control Threats 523 Exam Preparation Tasks 524 Chapter 6 Security Assessment and Testing 532 Design and Validate Assessment and Testing Strategies 533 Security Testing 534 Security Assessments 534 Security Auditing 535 Internal, External, and Third-party Security Assessment, Testing, and Auditing 535 Conduct Security Control Testing 535 Vulnerability Assessment 535 Penetration Testing 539 Log Reviews 541 Synthetic Transactions 546 Code Review and Testing 546 Misuse Case Testing 549 Test Coverage Analysis 549 Interface Testing 549 Collect Security Process Data 550 NIST SP 800-137 550 Account Management 551 Management Review and Approval 551 Key Performance and Risk Indicators 552 Backup Verification Data 553 Training and Awareness 553 Disaster Recovery and Business Continuity 553 Analyze and Report Test Outputs 553 Conduct or Facilitate Security Audits 554 Exam Preparation Tasks 555 Chapter 7 Security Operations 564 Investigations 566 Forensic and Digital Investigations 566 Evidence Collection and Handling 574 Digital Forensic Tools, Tactics, and Procedures 579 Investigation Types 581 Operations/Administrative 581 Criminal 582 Civil 582 Regulatory 582 Industry Standards 582 eDiscovery 585 Logging and Monitoring Activities 585 Audit and Review 585 Intrusion Detection and Prevention 587 Security Information and Event Management (SIEM) 588 Continuous Monitoring 588 Egress Monitoring 588 Resource Provisioning 589 Asset Inventory and Management 590 Configuration Management 592 Security Operations Concepts 593 Need to Know/Least Privilege 593 Managing Accounts, Groups, and Roles 594 Separation of Duties and Responsibilities 594 Privilege Account Management 595 Job Rotation and Mandatory Vacation 595 Two-Person Control 596 Sensitive Information Procedures 596 Record Retention 596 Information Life Cycle 596 Service-Level Agreements 597 Resource Protection 597 Protecting Tangible and Intangible Assets 597 Asset Management 599 Incident Management 608 Event Versus Incident 608 Incident Response Team and Incident Investigations 609 Rules of Engagement, Authorization, and Scope 609 Incident Response Procedures 610 Incident Response Management 610 Detect 610 Respond 611 Mitigate 611 Report 611 Recover 612 Remediate 612 Lessons Learned and Review 612 Detective and Preventive Measures 612 IDS/IPS 612 Firewalls 613 Whitelisting/Blacklisting 613 Third-Party Security Services 613 Sandboxing 614 Honeypots/Honeynets 614 Anti-malware/Antivirus 614 Clipping Levels 614 Deviations from Standards 615 Unusual or Unexplained Events 615 Unscheduled Reboots 615 Unauthorized Disclosure 615 Trusted Recovery 615 Trusted Paths 616 Input/Output Controls 616 System Hardening 616 Vulnerability Management Systems 616 Patch and Vulnerability Management 617 Change Management Processes 618 Recovery Strategies 618 Create Recovery Strategies 619 Backup Storage Strategies 626 Recovery and Multiple Site Strategies 628 Redundant Systems, Facilities, and Power 630 Fault-Tolerance Technologies 631 Insurance 631 Data Backup 632 Fire Detection and Suppression 632 High Availability 632 Quality of Service 633 System Resilience 633 Disaster Recovery 633 Response 634 Personnel 634 Communications 636 Assessment 636 Restoration 637 Training and Awareness 637 Testing Disaster Recovery Plans 637 Read-Through Test 638 Checklist Test 638 Table-Top Exercise 638 Structured Walk-Through Test 638 Simulation Test 639 Parallel Test 639 Full-Interruption Test 639 Functional Drill 639 Evacuation Drill 639 Business Continuity Planning and Exercises 639 Physical Security 640 Perimeter Security Controls 640 Building and Internal Security Controls 645 Personnel Safety and Security 645 Duress 646 Travel 646 Monitoring 646 Emergency Management 646 Security Training and Awareness 647 Exam Preparation Tasks 647 Chapter 8 Software Development Security 658 Software Development Concepts 659 Machine Languages 659 Assembly Languages and Assemblers 660 High-Level Languages, Compilers, and Interpreters 660 Object-Oriented Programming 660 Distributed Object-Oriented Systems 663 Mobile Code 664 Security in the System and Software Development Life Cycles 668 System Development Life Cycle 668 Software Development Life Cycle 670 Software Development Methods and Maturity Models 674 Operation and Maintenance 684 Integrated Product Team 685 Security Controls in Development 686 Software Development Security Best Practices 686 Software Environment Security 687 Source Code Analysis Tools 688 Code Repository Security 688 Software Threats 688 Software Protection Mechanisms 694 Assess Software Security Effectiveness 695 Auditing and Logging 695 Risk Analysis and Mitigation 695 Regression and Acceptance Testing 696 Security Impact of Acquired Software 696 Secure Coding Guidelines and Standards 697 Security Weaknesses and Vulnerabilities at the Source Code Level 697 Security of Application Programming Interfaces 700 Secure Coding Practices 701 Exam Preparation Tasks 702 Chapter 9 Final Preparation 712 Tools for Final Preparation 713 Pearson Test Prep Practice Test Engine and Questions on the Website 713 Customizing Your Exams 715 Updating Your Exams 716 Memory Tables 717 Chapter-Ending Review Tools 717 Suggested Plan for Final Review/Study 717 Summary 718 Glossary 721 Online Elements Appendix A Memory Tables Appendix B Memory Tables Answer Key Glossary 9780789759696 TOC 6/27/2018 Introduction xlv Chapter 1 Security and Risk Management 2 Security Terms 5 CIA 5 Auditing and Accounting 6 Non-Repudiation 7 Default Security Posture 7 Defense in Depth 7 Abstraction 8 Data Hiding 8 Encryption 8 Security Governance Principles 8 Security Function Alignment 9 Organizational Processes 12 Organizational Roles and Responsibilities 14 Security Control Frameworks 17 Due Care and Due Diligence 32 Compliance 33 Contractual, Legal, Industry Standards, and Regulatory Compliance 34 Privacy Requirements Compliance 35 Legal and Regulatory Issues 35 Computer Crime Concepts 36 Major Legal Systems 38 Licensing and Intellectual Property 40 Cyber Crimes and Data Breaches 44 Import/Export Controls 45 Trans-Border Data Flow 45 Privacy 45 Professional Ethics 52 (ISC)2 Code of Ethics 52 Computer Ethics Institute 53 Internet Architecture Board 54 Organizational Code of Ethics 54 Security Documentation 54 Policies 55 Processes 57 Procedures 57 Standards 57 Guidelines 58 Baselines 58 Business Continuity 58 Business Continuity and Disaster Recovery Concepts 58 Scope and Plan 61 BIA Development 65 Personnel Security Policies and Procedures 68 Candidate Screening and Hiring 69 Employment Agreements and Policies 70 Employee Onboarding and Offboarding Policies 71 Vendor, Consultant, and Contractor Agreements and Controls 72 Compliance Policy Requirements 72 Privacy Policy Requirements 72 Job Rotation 73 Separation of Duties 73 Risk Management Concepts 73 Asset and Asset Valuation 73 Vulnerability 74 Threat 74 Threat Agent 74 Exploit 75 Risk 75 Exposure 75 Countermeasure 75 Risk Appetite 76 Attack 76 Breach 76 Risk Management Policy 77 Risk Management Team 77 Risk Analysis Team 77 Risk Assessment 78 Implementation 82 Control Categories 83 Control Types 84 Controls Assessment, Monitoring, and Measurement 89 Reporting and Continuous Improvement 89 Risk Frameworks 90 Geographical Threats 108 Internal Versus External Threats 108 Natural Threats 109 System Threats 110 Human-Caused Threats 111 Politically Motivated Threats 114 Threat Modeling 115 Threat Modeling Concepts 116 Threat Modeling Methodologies 116 Identifying Threats 119 Potential Attacks 120 Remediation Technologies and Processes 121 Security Risks in the Supply Chain 121 Risks Associated with Hardware, Software, and Services 121 Third-party Assessment and Monitoring 122 Minimum Service-Level and Security Requirements 123 Service-Level Requirements 123 Security Education, Training, and Awareness 124 Levels Required 124 Methods and Techniques 125 Periodic Content Reviews 126 Exam Preparation Tasks 126 Chapter 2 Asset Security 140 Asset Security Concepts 141 Data Policy 141 Roles and Responsibilities 143 Data Quality 144 Data Documentation and Organization 145 Identify and Classify Information and Assets 146 Data and Asset Classification 146 Sensitivity and Criticality 146 Private Sector Classifications 151 Military and Government Classifications 152 Information Life Cycle 153 Databases 155 Data Audit 160 Information and Asset Ownership 160 Protect Privacy 161 Owners 161 Data Processors 162 Data Remanence 162 Collection Limitation 163 Asset Retention 164 Data Security Controls 166 Data Security 166 Data States 166 Data Access and Sharing 167 Data Storage and Archiving 168 Baselines 169 Scoping and Tailoring 170 Standards Selection 170 Data Protection Methods 171 Information and Asset Handling Requirements 172 Marking, Labeling, and Storing 172 Destruction 173 Exam Preparation Tasks 173 Chapter 3 Security Architecture and Engineering 178 Engineering Processes Using Secure Design Principles 180 Objects and Subjects 181 Closed Versus Open Systems 182 Security Model Concepts 182 Confidentiality, Integrity, and Availability 182 Confinement 183 Bounds 183 Isolation 183 Security Modes 183 Defense in Depth 185 Security Model Types 185 Security Models 188 System Architecture Steps 192 ISO/IEC 42010:2011 193 Computing Platforms 193 Security Services 196 System Components 196 System Security Evaluation Models 205 TCSEC 206 ITSEC 209 Common Criteria 211 Security Implementation Standards 213 Controls and Countermeasures 217 Certification and Accreditation 217 Control Selection Based upon Systems Security Requirements 218 Security Capabilities of Information Systems 219 Memory Protection 219 Virtualization 220 Trusted Platform Module 220 Interfaces 221 Fault Tolerance 221 Policy Mechanisms 222 Encryption/Decryption 223 Security Architecture Maintenance 223 Vulnerabilities of Security Architectures, Designs, and Solution Elements 224 Client-Based Systems 224 Server-Based Systems 225 Database Systems 226 Cryptographic Systems 227 Industrial Control Systems 227 Cloud-Based Systems 230 Large-Scale Parallel Data Systems 236 Distributed Systems 237 Grid Computing 237 Peer-to-Peer Computing 237 Internet of Things 238 Vulnerabilities in Web-Based Systems 242 Maintenance Hooks 242 Time-of-Check/Time-of-Use Attacks 243 Web-Based Attacks 243 XML 244 SAML 244 OWASP 244 Vulnerabilities in Mobile Systems 244 Device Security 245 Application Security 246 Mobile Device Concerns 246 NIST SP 800-164 248 Vulnerabilities in Embedded Devices 250 Cryptography 250 Cryptography Concepts 250 Cryptography History 253 Cryptosystem Features 256 NIST SP 800-175A and B 257 Cryptographic Mathematics 258 Cryptographic Life Cycle 261 Cryptographic Types 262 Running Key and Concealment Ciphers 263 Substitution Ciphers 263 Transposition Ciphers 265 Symmetric Algorithms 266 Asymmetric Algorithms 268 Hybrid Ciphers 269 Symmetric Algorithms 269 DES and 3DES 270 AES 274 IDEA 274 Skipjack 274 Blowfish 275 Twofish 275 RC4/RC5/RC6/RC7 275 CAST 275 Asymmetric Algorithms 276 Diffie-Hellman 277 RSA 277 El Gamal 278 ECC 278 Knapsack 279 Zero-knowledge Proof 279 Public Key Infrastructure 279 Certification Authority and Registration Authority 279 Certificates 280 Certificate Life Cycle 281 Certificate Revocation List 283 OCSP 284 PKI Steps 284 Cross-Certification 285 Key Management Practices 285 Message Integrity 293 Hashing 294 Message Authentication Code 297 Salting 299 Digital Signatures 299 DSS 300 Applied Cryptography 300 Link Encryption Versus End-to-End Encryption 300 Email Security 300 Internet Security 300 Cryptanalytic Attacks 301 Ciphertext-Only Attack 302 Known Plaintext Attack 302 Chosen Plaintext Attack 302 Chosen Ciphertext Attack 302 Social Engineering 302 Brute Force 302 Differential Cryptanalysis 303 Linear Cryptanalysis 303 Algebraic Attack 303 Frequency Analysis 303 Birthday Attack 303 Dictionary Attack 303 Replay Attack 304 Analytic Attack 304 Statistical Attack 304 Factoring Attack 304 Reverse Engineering 304 Meet-in-the-Middle Attack 304 Ransomware Attack 304 Side-Channel Attack 305 Digital Rights Management 305 Document DRM 306 Music DRM 306 Movie DRM 306 Video Game DRM 306 E-book DRM 307 Site and Facility Design 307 Layered Defense Model 307 CPTED 307 Physical Security Plan 308 Facility Selection Issues 309 Site and Facility Security Controls 312 Doors 312 Locks 313 Biometrics 315 Glass Entries 315 Visitor Control 315 Wiring Closets/Intermediate Distribution Facilities 316 Work Areas 316 Environmental Security 317 Equipment Security 321 Exam Preparation Tasks 323 Chapter 4 Communication and Network Security 334 Secure Network Design Principles 335 OSI Model 335 TCP/IP Model 340 IP Networking 345 Common TCP/UDP Ports 346 Logical and Physical Addressing 347 IPv4 348 Network Transmission 353 IPv6 357 Network Types 370 Protocols and Services 372 ARP/RARP 372 DHCP/BOOTP 373 DNS 374 FTP, FTPS, SFTP, TFTP 374 HTTP, HTTPS, S-HTTP 375 ICMP 375 IGMP 376 IMAP 376 LDAP 376 LDP 376 NAT 376 NetBIOS 376 NFS 377 PAT 377 POP 377 CIFS/SMB 377 SMTP 377 SNMP 377 SSL/TLS 378 Multilayer Protocols 378 Converged Protocols 379 FCoE 379 MPLS 380 VoIP 381 iSCSI 381 Wireless Networks 381 FHSS, DSSS, OFDM, VOFDM, FDMA, TDMA, CDMA, OFDMA, and GSM 382 WLAN Structure 384 WLAN Standards 384 WLAN Security 387 Communications Cryptography 392 Link Encryption 392 End-to-End Encryption 393 Email Security 393 Internet Security 394 Secure Network Components 396 Hardware 397 Transmission Media 415 Network Access Control Devices 435 Endpoint Security 437 Content-Distribution Networks 438 Secure Communication Channels 438 Voice 439 Multimedia Collaboration 439 Remote Access 440 Data Communications 450 Virtualized Networks 450 Network Attacks 451 Cabling 451 Network Component Attacks 453 ICMP Attacks 454 DNS Attacks 456 Email Attacks 458 Wireless Attacks 459 Remote Attacks 460 Other Attacks 460 Exam Preparation Tasks 462 Chapter 5 Identity and Access Management (IAM) 474 Access Control Process 475 Identify Resources 475 Identify Users 476 Identify the Relationships Between Resources and Users 476 Physical and Logical Access to Assets 477 Access Control Administration 477 Information 478 Systems 478 Devices 479 Facilities 479 Identification and Authentication Concepts 480 NIST SP 800-63 480 Five Factors for Authentication 484 Single-Factor Versus Multi-Factor Authentication 495 Device Authentication 495 Identification and Authentication Implementation 496 Separation of Duties 496 Least Privilege/Need-to-Know 497 Default to No Access 497 Directory Services 498 Single Sign-on 498 Session Management 503 Registration and Proof of Identity 503 Credential Management Systems 504 Accountability 505 Identity as a Service (IDaaS) Implementation 507 Third-Party Identity Services Integration 507 Authorization Mechanisms 508 Permissions, Rights, and Privileges 508 Access Control Models 508 Access Control Policies 514 Provisioning Life Cycle 514 Provisioning 515 User and System Account Access Review 516 Account Revocation 516 Access Control Threats 516 Password Threats 517 Social Engineering Threats 518 DoS/DDoS 520 Buffer Overflow 520 Mobile Code 520 Malicious Software 521 Spoofing 521 Sniffing and Eavesdropping 521 Emanating 522 Backdoor/Trapdoor 522 Access Aggregation 522 Advanced Persistent Threat 523 Prevent or Mitigate Access Control Threats 523 Exam Preparation Tasks 524 Chapter 6 Security Assessment and Testing 532 Design and Validate Assessment and Testing Strategies 533 Security Testing 534 Security Assessments 534 Security Auditing 535 Internal, External, and Third-party Security Assessment, Testing, and Auditing 535 Conduct Security Control Testing 535 Vulnerability Assessment 535 Penetration Testing 539 Log Reviews 541 Synthetic Transactions 546 Code Review and Testing 546 Misuse Case Testing 549 Test Coverage Analysis 549 Interface Testing 549 Collect Security Process Data 550 NIST SP 800-137 550 Account Management 551 Management Review and Approval 551 Key Performance and Risk Indicators 552 Backup Verification Data 553 Training and Awareness 553 Disaster Recovery and Business Continuity 553 Analyze and Report Test Outputs 553 Conduct or Facilitate Security Audits 554 Exam Preparation Tasks 555 Chapter 7 Security Operations 564 Investigations 566 Forensic and Digital Investigations 566 Evidence Collection and Handling 574 Digital Forensic Tools, Tactics, and Procedures 579 Investigation Types 581 Operations/Administrative 581 Criminal 582 Civil 582 Regulatory 582 Industry Standards 582 eDiscovery 585 Logging and Monitoring Activities 585 Audit and Review 585 Intrusion Detection and Prevention 587 Security Information and Event Management (SIEM) 588 Continuous Monitoring 588 Egress Monitoring 588 Resource Provisioning 589 Asset Inventory and Management 590 Configuration Management 592 Security Operations Concepts 593 Need to Know/Least Privilege 593 Managing Accounts, Groups, and Roles 594 Separation of Duties and Responsibilities 594 Privilege Account Management 595 Job Rotation and Mandatory Vacation 595 Two-Person Control 596 Sensitive Information Procedures 596 Record Retention 596 Information Life Cycle 596 Service-Level Agreements 597 Resource Protection 597 Protecting Tangible and Intangible Assets 597 Asset Management 599 Incident Management 608 Event Versus Incident 608 Incident Response Team and Incident Investigations 609 Rules of Engagement, Authorization, and Scope 609 Incident Response Procedures 610 Incident Response Management 610 Detect 610 Respond 611 Mitigate 611 Report 611 Recover 612 Remediate 612 Lessons Learned and Review 612 Detective and Preventive Measures 612 IDS/IPS 612 Firewalls 613 Whitelisting/Blacklisting 613 Third-Party Security Services 613 Sandboxing 614 Honeypots/Honeynets 614 Anti-malware/Antivirus 614 Clipping Levels 614 Deviations from Standards 615 Unusual or Unexplained Events 615 Unscheduled Reboots 615 Unauthorized Disclosure 615 Trusted Recovery 615 Trusted Paths 616 Input/Output Controls 616 System Hardening 616 Vulnerability Management Systems 616 Patch and Vulnerability Management 617 Change Management Processes 618 Recovery Strategies 618 Create Recovery Strategies 619 Backup Storage Strategies 626 Recovery and Multiple Site Strategies 628 Redundant Systems, Facilities, and Power 630 Fault-Tolerance Technologies 631 Insurance 631 Data Backup 632 Fire Detection and Suppression 632 High Availability 632 Quality of Service 633 System Resilience 633 Disaster Recovery 633 Response 634 Personnel 634 Communications 636 Assessment 636 Restoration 637 Training and Awareness 637 Testing Disaster Recovery Plans 637 Read-Through Test 638 Checklist Test 638 Table-Top Exercise 638 Structured Walk-Through Test 638 Simulation Test 639 Parallel Test 639 Full-Interruption Test 639 Functional Drill 639 Evacuation Drill 639 Business Continuity Planning and Exercises 639 Physical Security 640 Perimeter Security Controls 640 Building and Internal Security Controls 645 Personnel Safety and Security 645 Duress 646 Travel 646 Monitoring 646 Emergency Management 646 Security Training and Awareness 647 Exam Preparation Tasks 647 Chapter 8 Software Development Security 658 Software Development Concepts 659 Machine Languages 659 Assembly Languages and Assemblers 660 High-Level Languages, Compilers, and Interpreters 660 Object-Oriented Programming 660 Distributed Object-Oriented Systems 663 Mobile Code 664 Security in the System and Software Development Life Cycles 668 System Development Life Cycle 668 Software Development Life Cycle 670 Software Development Methods and Maturity Models 674 Operation and Maintenance 684 Integrated Product Team 685 Security Controls in Development 686 Software Development Security Best Practices 686 Software Environment Security 687 Source Code Analysis Tools 688 Code Repository Security 688 Software Threats 688 Software Protection Mechanisms 694 Assess Software Security Effectiveness 695 Auditing and Logging 695 Risk Analysis and Mitigation 695 Regression and Acceptance Testing 696 Security Impact of Acquired Software 696 Secure Coding Guidelines and Standards 697 Security Weaknesses and Vulnerabilities at the Source Code Level 697 Security of Application Programming Interfaces 700 Secure Coding Practices 701 Exam Preparation Tasks 702 Chapter 9 Final Preparation 712 Tools for Final Preparation 713 Pearson Test Prep Practice Test Engine and Questions on the Website 713 Customizing Your Exams 715 Updating Your Exams 716 Memory Tables 717 Chapter-Ending Review Tools 717 Suggested Plan for Final Review/Study 717 Summary 718 Glossary 721 Online Elements Appendix A Memory Tables Appendix B Memory Tables Answer Key Glossary 9780789759696 TOC 6/27/2018 [Show More]

Last updated: 10 months ago

Preview 1 out of 325 pages