CISSP: Certified Information Systems Security Professional Study Guide, 3rd Edition -- Assessment Test -- Answers to Assessment Test -- Introduction -- Contents -- Contents At A Glance -- Acknowledgments -- Chapter 1: Accountability and Access Control -- Access Control Overview -- Identification and Authentication Techniques -- Access Control Techniques -- Access Control Methodologies and Implementation -- Access Control Administration -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 2: Attacks and Monitoring -- Monitoring -- Intrusion Detection -- IDS-Related Tools -- Penetration Testing -- Methods of Attacks -- Access Control Compensations -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 3: ISO Model, Network Security, and Protocols -- OSI Model -- Communications and Network Security -- Internet/Intranet/Extranet Components -- Remote Access Security Management -- Network and Protocol Security Mechanisms -- Network and Protocol Services -- Avoiding Single Points of Failure -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 4: Communications Security and Countermeasures -- Virtual Private Network (VPN) -- Network Address Translation -- Switching Technologies -- WAN Technologies -- Miscellaneous Security Control Characteristics -- Managing E-Mail Security -- Securing Voice Communications -- Security Boundaries -- Network Attacks and Countermeasures -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 5: Security Management Concepts and Principles -- Security Management Concepts and Principles -- Protection Mechanisms -- Change Control/Management -- Data Classification -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions.

Chapter 6: Asset Value, Policies, and Roles -- Employment Policies and Practices -- Security Roles -- Security Management Planning -- Policies, Standards, Baselines, Guidelines, and Procedures -- Risk Management -- Security Awareness Training -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 7: Data and Application Security Issues -- Application Issues -- Databases and Data Warehousing -- Data/Information Storage -- Knowledge-Based Systems -- Systems Development Controls -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Answers to Review Questions -- Answers to Written Lab -- Chapter 8: Malicious Code and Application Attacks -- Malicious Code -- Password Attacks -- Denial of Service Attacks -- Application Attacks -- Reconnaissance Attacks -- Masquerading Attacks -- Decoy Techniques -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Answers to Review Questions -- Answers to Written Lab -- Chapter 9: Cryptography and Private Key Algorithms -- History -- Cryptographic Basics -- Modern Cryptography -- Symmetric Cryptography -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Answers to Review Questions -- Answers to Written Lab -- Chapter 10: PKI and Cryptographic Applications -- Asymmetric Cryptography -- Hash Functions -- Digital Signatures -- Public Key Infrastructure -- Applied Cryptography -- Cryptographic Attacks -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 11: Principles of Computer Design -- Computer Architecture -- Security Protection Mechanisms -- Security Models -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 12: Principles of Security Models -- Common Security Models, Architectures, and Evaluation Criteria -- Understanding System Security Evaluation.

Common Flaws and Security Issues -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 13: Administrative Management -- Operations Security Concepts -- Personnel Controls -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 14: Auditing and Monitoring -- Auditing -- Monitoring -- Penetration Testing Techniques -- Inappropriate Activities -- Indistinct Threats and Countermeasures -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 15: Business Continuity Planning -- Business Continuity Planning -- Project Scope and Planning -- Business Impact Assessment -- Continuity Strategy -- BCP Documentation -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 16: Disaster Recovery Planning -- Disaster Recovery Planning -- Recovery Strategy -- Recovery Plan Development -- Training and Documentation -- Testing and Maintenance -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Answers to Review Questions -- Answers to Written Lab -- Chapter 17: Law and Investigations -- Categories of Laws -- Laws -- Investigations -- Summary -- Exam Essentials -- Written Lab -- Review Questions -- Answers to Review Questions -- Answers to Written Lab -- Chapter 18: Incidents and Ethics -- Major Categories of Computer Crime -- Incident Handling -- Ethics -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Chapter 19: Physical Security Requirements -- Facility Requirements -- Forms of Physical Access Controls -- Technical Controls -- Environment and Life Safety -- Equipment Failure -- Summary -- Exam Essentials -- Review Questions -- Answers to Review Questions -- Glossary -- Index.