BUY ONLINE FROM: http://www.itgovernance.co.uk/products/497



Similar documents
Diploma in Information Security Control, Audit and Management (CISSP Certification)

Eleventh Hour Security+

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Joseph Migga Kizza. A Guide to Computer Network Security. 4) Springer

Security + Certification (ITSY 1076) Syllabus

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Networking: EC Council Network Security Administrator NSA

form approved June/2006 revised Page 1 of 7

CISA TIMETABLE (4 DAYS)

Weighted Total Mark. Weighted Exam Mark

How To Pass A Credit Course At Florida State College At Jacksonville

Fundamentals of Network Security - Theory and Practice-

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

IT Networking and Security

Network Security Fundamentals

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Introduction to Cyber Security / Information Security

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

CompTIA Security+ (Exam SY0-410)

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

CRYPTOG NETWORK SECURITY

GSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto

CRYPTOGRAPHY AND NETWORK SECURITY

Tim Bovles WILEY. Wiley Publishing, Inc.

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

The Information Security Problem

CCNA Security v1.0 Scope and Sequence

An expert s tips for cracking tough CISSP exam

Build Your Own Security Lab

Network Security: A Practical Approach. Jan L. Harrington

Detailed Description about course module wise:

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Introduction p. 2. Introduction to Information Security p. 1. Introduction

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

LINUX / INFORMATION SECURITY

CEH Version8 Course Outline

[CEH]: Ethical Hacking and Countermeasures

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Network Access Security. Lesson 10

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Course Outline Computing Science Department Faculty of Science. COMP Credits Computer Network Security (3,1,0) Fall 2015

IT Networking and Security

Course Content Summary ITN 262 Network Communication, Security and Authentication (4 Credits)

CISSP ALL IN ONE. Shon Harris EXAM GUIDE. Fifth Edition. Mc Graw Hill. Singapore Sydney Toronto. Chicago San Francisco Lisbon.

Information and Communications Technology Courses at a Glance

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

CRIPT - Cryptography and Network Security

A Systems Engineering Approach to Developing Cyber Security Professionals

Network Security Administrator

Certification Exam Objectives: SY0-201

Network Security Essentials:

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CISCO IOS NETWORK SECURITY (IINS)

Information Security Policy

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

INTRUSION DETECTION SYSTEMS and Network Security

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Bellevue University Cybersecurity Programs & Courses

Cryptography and network security CNET4523

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Firewall Environments. Name

ICANWK406A Install, configure and test network security

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

CNA 432/532 OSI Layers Security

Developing Network Security Strategies

Certified Information Systems Auditor (CISA)

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

CCNA Security v1.0 Scope and Sequence

EC Council Certified Ethical Hacker V8

Govt. of Karnataka, Department of Technical Education Diploma in Computer Science & Engineering. Sixth Semester

Network Security and Firewall 1

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

VALLIAMMAI ENGINEERING COLLEGE

(Instructor-led; 3 Days)

Securing Cisco Network Devices (SND)

How To Understand And Understand The Security Of A Key Infrastructure

IT Networks & Security CERT Luncheon Series: Cryptography

Network System Design Lesson Objectives

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI

Building Reference Security Architecture

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Network & Information Security Policy

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Transcription:

CISSP EXAM CRAM 2 1. The CISSP Certification Exam. Assessing Exam Readiness. Taking the Exam. Multiple-Choice Question Format. Exam Strategy. Question-Handling Strategies. Mastering the Inner Game. 2. Physical Security. Physical Security Risks. Natural Disasters. Man-Made Threats. Emergency Situations. Requirements for New Site Locations. Location. Construction. Doors, Walls, Windows, and Ceilings. Building Defense in Depth. Perimeter Controls. Server Placement. Intrusion Detection. Environmental Controls. Electrical Power. Uninterruptible Power Supply (UPS). Equipment Life Cycle. Fire Prevention, Detection, and Suppression. Fire-Detection Equipment. Fire Suppression. 3. Security-Management Practices. The Risk of Poor Security Management. The Role of CIA. Risk Assessment. Risk Management. Policies, Procedures, Standards, Baselines, and Guidelines. Security Policy. Standards. Baselines. Guidelines. Procedures. Implementation. Data Classification. Roles and Responsibility.

Security Controls. Training and Education. Security Awareness. Auditing Your Security Infrastructure. 4. Access-Control Systems and Methodology. Threats Against Access Control. Password Attacks. Emanation Security. Denial of Service/Distributed Denial of Service (DoS/DDoS). Access-Control Types. Administrative Controls. Technical Controls. Physical Controls. Identification, Authentication, and Authorization. Authentication. Single Sign-On. Kerberos. SESAME. Access-Control Models. Data Access Controls. Discretionary Access Control (DAC). Mandatory Access Control (MAC). Role-Based Access Control (RBAC). Other Types of Access Controls. Intrusion-Detection Systems (IDS). Network-Based Intrusion-Detection Systems (NIDS). Host-Based Intrusion-Detection Systems (HIDS). Signature-Based and Behavior-Based IDS Systems. Penetration Testing. Honeypots. 5. System Architecture and Models. Common Flaws in the Security Architecture. Buffer Overflow. Back Doors. Asynchronous Attacks. Covert Channels. Incremental Attacks. Computer System Architecture. Central Processing Unit (CPU). Storage Media. Security Mechanisms. Process Isolation. Operation States. Protection Rings.

Trusted Computer Base. Security Models of Control. Integrity. Confidentiality. Other Models. Open and Closed Systems. Documents and Guidelines. The Rainbow Series. The Red Book: Trusted Network Interpretation. Information Technology Security Evaluation Criteria (ITSEC). Common Criteria. British Standard 7799. System Validation. Certification and Accreditation. 6. Telecommunications and Network Security. Threats to Network Security. DoS Attacks. Disclosure Attacks. Destruction, Alteration, or Theft. LANs and Their Components. LAN Communication Protocols. Network Topologies. LAN Cabling. 802.11 Wireless Networking. Bluetooth. WANS and Their Components. Packet Switching. Circuit Switching. Network Models and Standards. OSI Model. TCP/IP. Network Equipment. Hubs. Bridges. Switches. Routers. Access Methods and Remote Connectivity. Point-to-Point Protocol (PPP). Password Authentication Protocol (PAP). Virtual Private Networks (VPNs). Remote Authentication Dial-in User Service (RADIUS). Terminal Access Controller Access Control System (TACACS). IPSec. Message Privacy. PGP. S/MIME. Privacy Enhanced Mail (PEM). Network Access Controls. Firewalls. Demilitarized Zone (DMZ).

7. Applications and Systems-Development Security. Malicious Code. Viruses and Worms. Buffer Overflow. Denial of Service (DoS). Distributed Denial of Service (DDoS). Malformed Input (SQL Injection). Spyware. Back Doors and Trapdoors. Change Detection. Failure States. The System Development Life Cycle. Project Initiation. Development and Acquisition. Acceptance Testing/Implementation. Operations/Maintenance. Disposal. Software-Development Methods. The Waterfall Model. The Spiral Model. Joint Application Development (JAD). Rapid Application Development (RAD). Computer-Aided Software Engineering (CASE). Change Management. Programming Languages. Object-Oriented Programming. CORBA. Database Management. Transaction Processing. Database Terms. Data Warehousing. Data Mining. Knowledge Management. 8. Operations Security. Hack Attacks. Common Attack Methodologies. Phreakers and Their Targets. Operational Security. New-Hire Orientation. Separation of Duties. Job Rotation. Least Privilege. Mandatory Vacations. Termination.

Auditing and Monitoring. Auditing. Clipping Levels. Intrusion Detection. Keystroke Monitoring. Facility Access Control. Categories of Control. Fax Control. Ethical Hacking. Penetration Testing. Contingency Planning, Backup, and Recovery. RAID. Backups. 9. Business Continuity Planning. The Risks of Poor Business Planning. Business Continuity Management. Business Continuity Plan (BCP). Project Management and Initiation. Business Impact Analysis (BIA). Recovery Strategy. Plan Design and Development. Testing, Maintenance, Awareness, and Training. Disaster Recovery Planning (DRP). Alternative Sites and Hardware Backup. Software Backups. 10. Law, Investigations, and Ethics. Computer Crimes. Software Piracy. Terrorism. Pornography. Common Attacks. Keystroke Logging. Wiretapping. Spoofing Attacks. Manipulation Attacks. Social Engineering. Dumpster Diving. Ethics. ISC2 Code of Ethics. Computer Ethics Institute. Internet Activities Board. International Property Laws. Privacy Laws. Parameters of Investigation.

Computer Crime Investigation. Incident-Response Procedures. Incident-Response Team. Forensics. Handling Evidence. Drive Wiping. Standardization of Forensic Procedures. Major Legal Systems. Evidence Types. Trial. 11. Cryptography. Cryptographic Basics. History of Encryption. Symmetric Encryption. Data Encryption Standard (DES). Triple-DES (3DES). Advanced Encryption Standard (AES). International Data Encryption Algorithm (IDEA). Other Symmetric Algorithms. Asymmetric Encryption. RSA. Diffie-Hellman. El Gamal. Elliptical Curve Cryptosystem (ECC). Merkle-Hellman Knapsack. Integrity and Authentication. Message Digests. MD Series. Digital Signatures. Steganography. Public Key Infrastructure (PKI). Certificate Authority (CA). Registration Authority (RA). Certificate Revocation List (CRL). Digital Certificates. The Client s Role in PKI. Cryptographic Services. Secure Email. Secure TCP/IP Protocols. Cryptographic Attacks. 12. Practice Exam 1. Practice Exam Questions.

13. Answers to Practice Exam 1. Answer Key. Answers to Practice Exam Questions. 14. Practice Exam 2. Practice Exam Questions. 15. Answers to Practice Exam 2. Answer Key. Answers to Practice Exam Questions. Appendix A: What s on the CD. Multiple Test Modes. Study Mode. Certification Mode. Custom Mode. Adaptive Mode. Missed Question Mode. Non-Duplicate Mode. Question Types. Random Questions and Order of Answers. Detailed Explanations of Correct and Incorrect Answers. Attention to Exam Objectives. Installing the CD. Creating a Shortcut to the MeasureUp Practice Tests. Technical Support. Glossary. Index.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information