CISSP通行证 英文版PDF电子书下载
- 电子书积分:14 积分如何计算积分?
- 作 者:(美)Shon Harris著
- 出 版 社:北京:人民邮电出版社
- 出版年份:2002
- ISBN:7115108935
- 页数:422 页
1 Security Management Practices 1
Objective1.01 Management Responsibilities 2
Objective1.02 Risk Management 3
Risk Analysis 4
Objective1.03 Possible Threats 5
Objective1.04 Security Control Types 7
Objective1.05 Calculating Risk 10
Quantitative Versus Qualitative Approaches 10
Dealing with Risk 13
Countermeasure Selection 13
Objective1.06 Security Policies and their Supporting Counterparts 14
Security Policy 15
Standards 15
Baselines 15
Guidelines 16
Procedures 16
Objective1.07 Roles and Responsibilities 17
Data Owner 17
Data Custodian 17
User 17
Security Auditor 18
Objective1.08 Information Classification 18
Military Versus Commercial Classifications 19
Objective1.09 Employee Management 21
Operational Administrative Controls 22
CHECKPOINT 23
Review Questions 24
Review Answers 26
2 Access Control 29
Definitions 30
Objective2.01 Identification and Authentication 30
Three Steps to Access Control 31
Authentication 31
Biometrics 32
Passwords 35
Cognitive Password 36
One-Time Password 37
Cryptographic Keys 39
Passphrase 39
Memory Cards 39
Smart Cards 40
Authorization 40
Objective2.02 Single Sign-On Technologies 41
Kerberos 42
Directory Services 42
SESAME 45
Thin Clients 45
Objective2.03 Access Control Models and Techniques 46
DAC 46
MAC 47
RBAC 48
Access Control Techniques 49
Restricted Interfaces 50
Capability Table and ACLs 50
Content-Dependent Access Control 51
Other Access Techniques 52
Objective2.04 Access Control Administration 52
Centralized Access Control Administration 52
RADIUS 53
Diameter 54
TACACS 54
Decentralized Access Control Administration 55
Objective2.05 Intrusion Detection System 55
Network-Based and Host-Based 55
Signature-Based and Behavior-Based 57
Downfalls of IDS 58
Objective2.06 Unauthorized Access Control and Attacks 58
Unauthorized Disclosure of Information 59
Emanation Security 60
Attack Types 60
Penetration Testing 62
CHECKPOINT 63
Review Questions 65
Review Answers 67
3 Security Models and Architecture 69
Central Processing Unit 70
Objective3.01 System Components 70
Storage and Memory Types 73
Virtual Memory 75
Data Access Storage 77
Processing Instructions 77
Operating States 78
Objective3.02 Operation System Security Mechanisms 78
Process Isolation 79
Protection Rings 79
Virtual Machine 81
Trusted Computing Base 81
Reference Monitor and Security Kernel 82
Objective3.03 Security Models 83
The Different Models 83
Bell-LaPadula Model 84
State Machine Models 84
Biba 86
Clark-Wilson Model 88
Non-Interference Model 88
Access Control Matrix Model 89
Information Flow Model 89
Brewer and Nash Model 90
Graham-Denning and Harrison-Ruzzo-Ullman Models 90
Objective3.04 Security Evaluation Criteria 92
Security Evaluations 93
Trusted Computer System Evaluation Criteria 93
Rainbow Series 94
Information Technology Security Evaluation Criteria 95
Common Criteria 95
Certification Versus Accreditation 97
CHECKPOINT 99
Review Questions 100
Review Answers 102
4 Physical Security 105
Objective4.01 Controls Pertaining to Physical Security 106
Facility Location 107
Facility Construction 109
Computing Area 112
Hardware Backups 113
Objective4.02 Electrical Power and Environmental Issues 114
UPS 114
Power Interference 115
Environmental Considerations 118
Ventilation 118
Objective4.03 Fire Detection and Suppression 119
Water, Steam, and Gas 119
Fire Prevention 120
Fire Detection 120
Fire Types 122
Fire Suppression 122
Halon 123
Fire Extinguishing Issues 123
Water Sprinklers 124
Emergency Response 125
Objective4.04 Perimeter Security 125
Lock Types 126
Facility Access 127
Entrance Protection 128
Fencing 129
Surveillance Devices 130
Lighting 130
Intrusion Detection Systems 131
CHECKPOINT 133
Review Questions 134
Review Answers 136
5 Telecommunications and Networking Security 139
Objective5.01 TCP/IP Suite 140
Internet Protocol (IP) 143
Networks 143
Intranets and Extra.nets 144
Objective5.02 Cabling and Data Transmission Types 145
Coaxial Cable 145
Twisted-Pair Cable 146
Fiber 147
Cable Issues 148
Broadband and Baseband 149
Fire Ratings 149
Signals 150
Asynchronous and Synchronous 151
Transmission Methods 151
Objective5.03 LAN Technologies 152
Network Topologies 152
Media Access Technologies 154
Ethernet 154
Token Passing 155
Polling 156
Protocols 156
Address Resolution Protocol (ARP) 156
Reverse Address Resolution Protocol (RARP) 157
Boot Protocol 158
Other TCP/IP Protocols 159
Internet Control Message Protocol (ICMP) 159
Objective5.04 Networking Devices and Services 160
Repeater 160
Bridge 161
Switches 161
VLAN 162
Router 162
Brouters 164
Gateway 164
Summary of Devices 165
Firewalls 166
Packet Filtering 166
Proxy Firewalls 167
Stateful Firewalls 169
Firewall Architecture 170
Firewall Administration 173
Remote Connectivity 174
PPP 174
SLIP 174
PAP 175
CHAP 175
EAP 175
VPN 176
PPTP 177
L2TP 177
IPSec 177
Network Services 178
DNS 178
NAT 179
Objective5.05 Telecommunications Protocols and Devices 180
FDDI 181
SONET 181
Dedicated Link 182
CSU/DSU 184
S/WAN 184
ISDN 184
DSL 185
Cable Modems 186
WAN Switching 186
Frame Relay 187
X.25 188
ATM 188
Quality of Service 189
SMDS 189
Multiservice Access Technologies 190
SDLC 190
HDLC 190
Objective5.06 Remote Access Methods and Technologies 191
Remote Access 191
Wireless Technology 193
Spread Spectrum 193
WAP 194
Access Points 195
SSID 196
OSA and SKA 196
Cell Phone Cloning 198
PBX Threats 198
Objective5.07 Fault Tolerance Mechanisms 199
Backing Up 200
Clustering 200
RAID 200
CHECKPOINT 201
Review Questions 202
Review Answers 205
6 Cryptography 209
Objective6.01 Cryptography Definitions 210
Definitions 210
Keys and Text 211
Keyspace 212
Strength of Cryptosystem 213
Attacks 214
Spy-Like Ciphers 215
Steganography 215
Objective6.02 Cipher Types 216
Kerckhoff's Principle 217
Key Escrow 218
Substitution Cipher 218
Transposition Cipher 219
Block Cipher 220
Stream Cipher 221
Symmetric Cryptography 223
Asymmetric Cryptography 225
Objective6.03 Hybrid Approach 227
Key Management 228
Data Encryption 229
Security Goals 230
Types of Symmetric Algorithms 231
DES 231
Advanced Encryption Standard (AES) 233
Triple-DES (3DES) 233
Other Symmetric Algorithms 234
Asymmetrical Algorithms 234
Diffie-Hellman Key Exchange 235
El Gamal 236
Elliptic Curve Cryptosystems (ECC) 236
Objective6.04 Message Integrity and Digital Signatures 236
Message Integrity 236
One-Way Hash 237
Attacks on Hashing Functions 238
Hashing Algorithms 240
Message Authentication Code 240
Electronic Signing 242
DSS 243
Certificate Authority (CA) 244
Public Key Infrastructure 244
Objective6.05 Cryptography Applications 244
Registration Authority 245
Certificate Revocation List (CRL) 245
Components of PKI 246
PKI Steps 247
0ne-Time Pad 248
Encryption at Different Layers 250
Objective6.06 Cryptographic Protocols 251
Privacy-Enhanced Mail (PEM) 252
Message Security Protocol (MSP) 252
Pretty Good Privacy (PGP) 252
Internet Security 253
Secure Hypertext Transfer Protocol (S-HTTP) 253
Secure Sockets Layer (SSL) 254
HTTPS 254
S/MIME 255
SSH2 255
SET 256
IPSec 257
Other Security Technologies 261
Objective6.07 Attacks 261
Ciphertext-Only Attack 262
Known-Plaintext Attack 262
Chosen-Plaintext Attack 262
Adaptive Chosen-Plaintext Attack 263
Chosen-Ciphertext Attack 263
Adaptive Chosen-Ciphertext Attack 263
Man-in-the-Middle Attack 263
CHECKPOINT 264
Algebraic Attack 264
Analytic Attack 264
Review Questions 266
Review Answers 268
7 Disaster Recovery and Business Continuity 271
Objective7.01 Disaster Recovery versus Business Continuity 272
Objective7.02 Project Initiation Phase 274
Objective7.03 Business Impact Analysis 275
Objective7.04 Possible Threats 279
Objective7.05 Backups and Off-Site Facilities 280
Employees and the Working Environment 280
Choosing a Software Backup Storage Facility 282
Backup Facility Alternatives 283
Objective7.06 DRP and BCP Planning Objectives 285
Emergency Response 288
Documentation 289
Recovery and Restoration 289
Testing and Drills 290
Maintenance 291
Phase Breakdown 292
Prevention 292
CHECKPOINT 293
Review Questions 294
Review Answers 297
8 Law,Investigation, and Ethics 299
Objective8.01 Ethics 300
(ISC)2 300
Computer Ethics Institute 301
Internet Activities Board 301
Characteristics of an Attacker 302
Objective8.02 Hacking Methods 302
Problems with Prosecuting Attackers 303
Types of Attacks 304
Salami 304
Data Diddling 304
Excessive Privileges 304
Password Sniffing 305
IP Spoofing 305
Dumpster Diving 305
Wiretapping 305
Social Engineering 306
More Attack Types 306
Attack Categories 307
Phone Fraud 307
Security Principles 308
Objective8.03 Organization Liabilities and Ramifications 308
Legal Liability 309
PrivacyIssues 309
Privacy Act of 1974 309
Electronic Communications Privacy Act of 1986 310
Health Insurance Portability and Accountability Act (HIPAA) 310
Gramm Leach Bliley Act of 1999 310
Employee Monitoring 311
Transborder Information Flow 312
International Issues 312
Objective8.04 Types of Law 313
Civil Law 313
Criminal Law 313
Computer Fraud and Abuse Act of 1986 314
Economic Espionage Act of 1996 314
Federal Policies 314
Administrative Law 314
Federal Sentencing Guidelines of 1991 315
Intellectual Property Laws 315
Trade Secret 315
Copyright 316
Trademark 317
Patent 317
Software Piracy 317
Objective8.05 Computer Crime Investigation 318
Who Should Investigate? 318
Incident Response Plan 319
Incident Response Team 319
Collecting Evidence 320
Incident Handling 320
Search and Seizure 322
Forensics 323
Admissibility of Evidence 324
Evidence Types 324
Best Evidence 324
Secondary Evidence 325
Hearsay Evidence 325
Enticement and Entrapment 325
Trial 326
CHECKPOINT 327
Review Questions 328
Review Answers 331
9 Applications and Systems Development 333
Objective9.01 Project Development 334
Software Lifecycle 335
Project Initiation 336
Functional Design Analysis and Planning 336
Software Development Models 336
System Design Specifications 337
Software Development 338
Acceptance Testing/Implementation 338
Operations/Maintenance 339
Disposal 339
Software Development Methods 339
Change Control 340
Administrative Controls 341
Program Language Evolution 342
Objective9.02 Object-Oriented Programming 342
Classes and Objects 343
Polyinstantiation 344
Abstraction 344
Polymorphism 344
Application Threats 345
Objective9.03 Distributed Computing 347
ORB and CORBA 347
COM and DCOM 348
Enterprise Java Bean 349
OLE 349
ActiveX 350
Java Applets 350
CGI 351
Cookies 351
Objective9.04 Databases 352
Relational Data Model 353
Data Dictionary 354
Database Jargon 355
Structured Query Language 356
Hierarchical Database Model 356
Network Database Management System 356
Distributed Data Model 356
Object-Oriented Database 357
Database Interface Languages 357
Concurrency Issues 358
Aggregation and Inference 359
Data Warehousing 361
Data Mining 361
Objective9.05 Artificial Intelligence 362
Expert Systems 362
Artificial Neural Network 363
Virus 364
Objective9.06 Malware 364
Worms 365
Logic Bomb 365
Trojan Horse 365
Denial of Service 366
DDoS 366
Smurf Attacks 366
Timing Attacks 367
CHECKPOINT 368
Review Questions 369
Review Answers 371
10 Operations Security 373
Objective10.01 Operations Controls 374
Due Care 375
Administrative Control 375
Job Rotation 376
Separation of Duties 376
Least Privilege and Need-to-Know 377
Mandatory Vacations 377
Clipping Levels 378
Control Categories 378
Objective10.02 Configuration Management and Media Control 380
Media Controls 381
Input/Output Data Controls 383
Objective10.03 Reacting to Failures and Recovering 383
Trusted Recovery 384
Facsimile Security 385
Operational Responsibilities 386
Unusual or Unexplained Occurrences 386
Deviations from Standards 387
Unscheduled Initial Program Loads 387
Personnel Operators 388
Objective10.04 Software Backups 389
Network Availability 389
RAID 389
Backups 391
Contingency Management 393
CHECKPOINT 393
Review Questions 394
Review Answers 396
A About the Free Online Practice Exam 397
Mike Meyers' Certification Passport FREE Online Practice Exam Instructions 397
System Requirements 397
Technical Support 398
B Career Flight Path 399
Career Paths in Security 399
Index 403
- 《卓有成效的管理者 中英文双语版》(美)彼得·德鲁克许是祥译;那国毅审校 2019
- 《AutoCAD 2018自学视频教程 标准版 中文版》CAD/CAM/CAE技术联盟 2019
- 《跟孩子一起看图学英文》张紫颖著 2019
- 《AutoCAD机械设计实例精解 2019中文版》北京兆迪科技有限公司编著 2019
- 《复分析 英文版》(中国)李娜,马立新 2019
- 《张世祥小提琴启蒙教程 中英文双语版》张世祥编著 2017
- 《生物化学 本科临床 英文版》张晓伟 2018
- 《理想国 全英文原版》(古希腊)柏拉图著 2017
- 《Dreamweaver CC 2018标准实例教程 中文版》杨雪静,胡仁喜编著 2019
- 《Flash CC动画制作实用教程 中文版》麓山文化 2019
- 《指向核心素养 北京十一学校名师教学设计 英语 七年级 上 配人教版》周志英总主编 2019
- 《办好人民满意的教育 全国教育满意度调查报告》(中国)中国教育科学研究院 2019
- 《北京生态环境保护》《北京环境保护丛书》编委会编著 2018
- 《人民院士》吴娜著 2019
- 《指向核心素养 北京十一学校名师教学设计 英语 九年级 上 配人教版》周志英总主编 2019
- 《中国人民的心》杨朔著;夕琳编 2019
- 《高等院校旅游专业系列教材 旅游企业岗位培训系列教材 新编北京导游英语》杨昆,鄢莉,谭明华 2019
- 《中华人民共和国成立70周年优秀文学作品精选 短篇小说卷 上 全2册》贺邵俊主编 2019
- 《指向核心素养 北京十一学校名师教学设计 数学 九年级 上 配人教版》周志英总主编 2019
- 《中华人民共和国成立70周年优秀文学作品精选 中篇小说卷 下 全3册》洪治纲主编 2019