[...]... The CISSP: Certified Information Systems Security Professional Study Guide, 3rd Edition offers you a solid foundation for the Certified Information Systems Security Professional (CISSP) exam By purchasing this book, you’ve shown a willingness to learn and a desire to develop the skills you need to achieve this certification This introduction provides you with a basic overview of this book and the CISSP. .. follows: ISSAP (Information Systems Security Architecture Professional) ISSMP (Information Systems Security Management Professional) ISSEP (Information Systems Security Engineering Professional) For more details about these concentration exams and certifications, please see the (ISC)2 website at www.isc2.org Notes on This Book’s Organization This book is designed to cover each of the 10 CISSP Common Body... domains covered by the CISSP exam If you are qualified to take the CISSP exam according to (ISC)2, then you are sufficiently prepared to use this book to study for the CISSP exam For more information on (ISC)2, see the next section (ISC)2 The CISSP exam is governed by the International Information Systems Security Certification Consortium, Inc (ISC)2 organization (ISC)2 is a global not-for-profit organization... Mechanisms Managing E-Mail Security E-Mail Security Goals Understanding E-Mail Security Issues E-Mail Security Solutions Securing Voice Communications Social Engineering Fraud and Abuse Phreaking Security Boundaries Network Attacks and Countermeasures Eavesdropping Second-Tier Attacks Address Resolution Protocol (ARP) Summary Exam Essentials Review Questions Answers to Review Questions Chapter 5 Security Management... certification for security professionals who have the responsibility of implementing a security infrastructure in an organization The CISSP certification covers material from the 10 CBK domains: 1 Access Control Systems and Methodology 2 Telecommunications and Network Security xxiv Introduction 3 Security Management Practices 4 Applications and Systems Development Security 5 Cryptography 6 Security Architecture... website at www.isc2.org CISSP and SSCP (ISC)2 supports and provides two primary certifications: CISSP and SSCP These certifications are designed to emphasize the knowledge and skills of an IT security professional across all industries CISSP is a certification for security professionals who have the task of designing a security infrastructure for an organization System Security Certified Practitioner... who want to study for the CISSP certification exam If your goal is to become a certified security professional, then the CISSP certification and this study guide are for you The purpose of this book is to adequately prepare you to take the CISSP exam Before you dive into this book, you need to have accomplished a few tasks on your own You need to have a general understanding of IT and of security You... ODBC Aggregation Data Mining Data /Information Storage Types of Storage Storage Threats Knowledge-Based Systems Expert Systems Neural Networks Decision Support Systems Security Applications Systems Development Controls Software Development Systems Development Life Cycle Life Cycle Models Gantt Charts and PERT Change Control and Configuration Management Software Testing Security Control Architecture Service... field of information systems security Provide certification for information systems security professionals and practitioners Conduct certification training and administer the certification exams Oversee the ongoing accreditation of qualified certification candidates through continued education The (ISC)2 is operated by a board of directors elected from the ranks of its certified practitioners More information. .. was chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S Air Force His primary areas of expertise include network intrusion detection and access controls Mike is a frequent contributor to TechTarget’s SearchSecurity site, a technical editor for Information Security Magazine, and the author of several information security titles