{"product_id":"isc2-sscp-systems-security-certified-practitioner-official-study-guide-9781119854982","title":"ISC2 SSCP Systems Security Certified Practitioner","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIntroduction xxv\u003c\/p\u003e \u003cp\u003eAssessment Test xlviii\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I Getting Started as an SSCP 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 The Business Case for Decision Assurance and Information Security 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInformation: The Lifeblood of Business 4\u003c\/p\u003e \u003cp\u003ePolicy, Procedure, and Process: How Business Gets Business Done 10\u003c\/p\u003e \u003cp\u003eWho Runs the Business? 20\u003c\/p\u003e \u003cp\u003eSummary 24\u003c\/p\u003e \u003cp\u003eExam Essentials 24\u003c\/p\u003e \u003cp\u003eReview Questions 26\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Information Security Fundamentals 33\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Common Needs for Privacy, Confidentiality, Integrity, and Availability 34\u003c\/p\u003e \u003cp\u003eTraining and Educating Everybody 47\u003c\/p\u003e \u003cp\u003eSSCPs and Professional Ethics 47\u003c\/p\u003e \u003cp\u003eSummary 49\u003c\/p\u003e \u003cp\u003eExam Essentials 50\u003c\/p\u003e \u003cp\u003eReview Questions 54\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II Integrated Risk Management and Mitigation 61\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Integrated Information Risk Management 63\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIt’s a Dangerous World 64\u003c\/p\u003e \u003cp\u003eThe Four Faces of Risk 75\u003c\/p\u003e \u003cp\u003eGetting Integrated and Proactive with Information Defense 83\u003c\/p\u003e \u003cp\u003eRisk Management: Concepts and Frameworks 89\u003c\/p\u003e \u003cp\u003eRisk Assessment 95\u003c\/p\u003e \u003cp\u003eFour Choices for Limiting or Containing Damage 107\u003c\/p\u003e \u003cp\u003eSummary 114\u003c\/p\u003e \u003cp\u003eExam Essentials 114\u003c\/p\u003e \u003cp\u003eReview Questions 120\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Operationalizing Risk Mitigation 127\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFrom Tactical Planning to Information Security Operations 128\u003c\/p\u003e \u003cp\u003eOperationalizing Risk Mitigation: Step by Step 134\u003c\/p\u003e \u003cp\u003eThe Ongoing Job of Keeping Your Baseline Secure 164\u003c\/p\u003e \u003cp\u003eOngoing, Continuous Monitoring 174\u003c\/p\u003e \u003cp\u003eReporting to and Engaging with Management 182\u003c\/p\u003e \u003cp\u003eSummary 183\u003c\/p\u003e \u003cp\u003eExam Essentials 183\u003c\/p\u003e \u003cp\u003eReview Questions 189\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart III The Technologies of Information Security 197\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Communications and Network Security 199\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTrusting Our Communications in a Converged World 200\u003c\/p\u003e \u003cp\u003eInternet Systems Concepts 206\u003c\/p\u003e \u003cp\u003eTwo Protocol Stacks, One Internet 218\u003c\/p\u003e \u003cp\u003eWireless Network Technologies 240\u003c\/p\u003e \u003cp\u003eIP Addresses, DHCP, and Subnets 243\u003c\/p\u003e \u003cp\u003eIPv4 vs. IPv6: Important Differences and Options 248\u003c\/p\u003e \u003cp\u003eCIANA Layer by Layer 251\u003c\/p\u003e \u003cp\u003eSecuring Networks as Systems 262\u003c\/p\u003e \u003cp\u003eSummary 273\u003c\/p\u003e \u003cp\u003eExam Essentials 273\u003c\/p\u003e \u003cp\u003eReview Questions 280\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Identity and Access Control 285\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIdentity and Access: Two Sides of the Same CIANA+PS Coin 286\u003c\/p\u003e \u003cp\u003eIdentity Management Concepts 288\u003c\/p\u003e \u003cp\u003eAccess Control Concepts 295\u003c\/p\u003e \u003cp\u003eNetwork Access Control 305\u003c\/p\u003e \u003cp\u003eImplementing and Scaling IAM 310\u003c\/p\u003e \u003cp\u003eUser and Entity Behavior Analytics (UEBA) 329\u003c\/p\u003e \u003cp\u003eZero Trust Architectures 332\u003c\/p\u003e \u003cp\u003eSummary 333\u003c\/p\u003e \u003cp\u003eExam Essentials 334\u003c\/p\u003e \u003cp\u003eReview Questions 343\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Cryptography 349\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCryptography: What and Why 350\u003c\/p\u003e \u003cp\u003eBuilding Blocks of Digital Cryptographic Systems 358\u003c\/p\u003e \u003cp\u003eKeys and Key Management 367\u003c\/p\u003e \u003cp\u003e“Why Isn’t All of This Stuff Secret?” 373\u003c\/p\u003e \u003cp\u003eCryptography and CIANA+PS 375\u003c\/p\u003e \u003cp\u003ePublic Key Infrastructures 381\u003c\/p\u003e \u003cp\u003eApplying Cryptography to Meet Different Needs 399\u003c\/p\u003e \u003cp\u003eManaging Cryptographic Assets and Systems 405\u003c\/p\u003e \u003cp\u003eMeasures of Merit for Cryptographic Solutions 407\u003c\/p\u003e \u003cp\u003eAttacks and Countermeasures 408\u003c\/p\u003e \u003cp\u003ePKI and Trust: A Recap 418\u003c\/p\u003e \u003cp\u003eOn the Near Horizon 420\u003c\/p\u003e \u003cp\u003eSummary 423\u003c\/p\u003e \u003cp\u003eExam Essentials 424\u003c\/p\u003e \u003cp\u003eReview Questions 429\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Hardware and Systems Security 435\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInfrastructure Security Is Baseline Management 437\u003c\/p\u003e \u003cp\u003eSecuring the Physical Context 442\u003c\/p\u003e \u003cp\u003eInfrastructures 101 and Threat Modeling 444\u003c\/p\u003e \u003cp\u003eEndpoint Security 457\u003c\/p\u003e \u003cp\u003eMalware: Exploiting the Infrastructure’s Vulnerabilities 462\u003c\/p\u003e \u003cp\u003ePrivacy and Secure Browsing 466\u003c\/p\u003e \u003cp\u003e“The Sin of Aggregation” 469\u003c\/p\u003e \u003cp\u003eUpdating the Threat Model 469\u003c\/p\u003e \u003cp\u003eManaging Your Systems’ Security 470\u003c\/p\u003e \u003cp\u003eSummary 471\u003c\/p\u003e \u003cp\u003eExam Essentials 472\u003c\/p\u003e \u003cp\u003eReview Questions 478\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 Applications, Data, and Cloud Security 483\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIt’s a Data-Driven World…At the Endpoint 484\u003c\/p\u003e \u003cp\u003eSoftware as Appliances 487\u003c\/p\u003e \u003cp\u003eApplications Lifecycles and Security 490\u003c\/p\u003e \u003cp\u003eCIANA+PS and Applications Software Requirements 498\u003c\/p\u003e \u003cp\u003eApplication Vulnerabilities 504\u003c\/p\u003e \u003cp\u003e“Shadow IT:” The Dilemma of the User as Builder 507\u003c\/p\u003e \u003cp\u003eInformation Quality and Information Assurance 511\u003c\/p\u003e \u003cp\u003eProtecting Data in Motion, in Use, and at Rest 514\u003c\/p\u003e \u003cp\u003eInto the Clouds: Endpoint App and Data Security Considerations 522\u003c\/p\u003e \u003cp\u003eLegal and Regulatory Issues 533\u003c\/p\u003e \u003cp\u003eCountermeasures: Keeping Your Apps and Data Safe and Secure 535\u003c\/p\u003e \u003cp\u003eSummary 536\u003c\/p\u003e \u003cp\u003eExam Essentials 537\u003c\/p\u003e \u003cp\u003eReview Questions 548\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart IV People Power: What Makes or Breaks Information Security 555\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Incident Response and Recovery 557\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDefeating the Kill Chain One Skirmish at a Time 558\u003c\/p\u003e \u003cp\u003eHarsh Realities of Real Incidents 564\u003c\/p\u003e \u003cp\u003eIncident Response Framework 566\u003c\/p\u003e \u003cp\u003ePreparation 571\u003c\/p\u003e \u003cp\u003eDetection and Analysis 578\u003c\/p\u003e \u003cp\u003eContainment and Eradication 584\u003c\/p\u003e \u003cp\u003eRecovery: Getting Back to Business 587\u003c\/p\u003e \u003cp\u003ePost-Incident Activities 590\u003c\/p\u003e \u003cp\u003e \u003c\/p\u003e \u003cp\u003eSummary 594\u003c\/p\u003e \u003cp\u003eExam Essentials 595\u003c\/p\u003e \u003cp\u003eReview Questions 601\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Business Continuity via Information Security and People Power 607\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Is a Disaster? 608\u003c\/p\u003e \u003cp\u003eSurviving to Operate: Plan for It! 609\u003c\/p\u003e \u003cp\u003eTimelines for BC\/DR Planning and Action 615\u003c\/p\u003e \u003cp\u003eOptions for Recovery 617\u003c\/p\u003e \u003cp\u003eCloud- Based “Do- Over” Buttons for Continuity, Security, and Resilience 623\u003c\/p\u003e \u003cp\u003ePeople Power for BC\/DR 626\u003c\/p\u003e \u003cp\u003eSecurity Assessment: For BC\/DR and Compliance 633\u003c\/p\u003e \u003cp\u003eConverged Communications: Keeping Them Secure During BC\/DR Actions 634\u003c\/p\u003e \u003cp\u003eSummary 637\u003c\/p\u003e \u003cp\u003eExam Essentials 637\u003c\/p\u003e \u003cp\u003eReview Questions 641\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12 Cross-Domain Challenges 647\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eOperationalizing Security Across the Immediate and Longer Term 648\u003c\/p\u003e \u003cp\u003eSupply Chains, Security, and the SSCP 657\u003c\/p\u003e \u003cp\u003eOther Dangers on the Web and Net 662\u003c\/p\u003e \u003cp\u003eOn Our Way to the Future 666\u003c\/p\u003e \u003cp\u003eEnduring Lessons 672\u003c\/p\u003e \u003cp\u003eYour Next Steps 677\u003c\/p\u003e \u003cp\u003eAt the Close 678\u003c\/p\u003e \u003cp\u003eExam Essentials 678\u003c\/p\u003e \u003cp\u003eReview Questions 683\u003c\/p\u003e \u003cp\u003eAppendix Answers to Review Questions 689\u003c\/p\u003e \u003cp\u003eChapter 1: The Business Case for Decision Assurance and Information Security 690\u003c\/p\u003e \u003cp\u003eChapter 2: Information Security Fundamentals 693\u003c\/p\u003e \u003cp\u003eChapter 3: Integrated Information Risk Management 695\u003c\/p\u003e \u003cp\u003eChapter 4: Operationalizing Risk Mitigation 698\u003c\/p\u003e \u003cp\u003eChapter 5: Communications and Network Security 701\u003c\/p\u003e \u003cp\u003eChapter 6: Identity and Access Control 704\u003c\/p\u003e \u003cp\u003eChapter 7: Cryptography 707\u003c\/p\u003e \u003cp\u003eChapter 8: Hardware and Systems Security 709\u003c\/p\u003e \u003cp\u003eChapter 9: Applications, Data, and Cloud Security 712\u003c\/p\u003e \u003cp\u003eChapter 10: Incident Response and Recovery 715\u003c\/p\u003e \u003cp\u003eChapter 11: Business Continuity via Information Security and People Power 718\u003c\/p\u003e \u003cp\u003eChapter 12: Cross- Domain Challenges 722\u003cbr\u003e Index 727\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407174803799,"sku":"9781119854982","price":38.0,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119854982.jpg?v=1730498433","url":"https:\/\/bookcurl.com\/products\/isc2-sscp-systems-security-certified-practitioner-official-study-guide-9781119854982","provider":"Book Curl","version":"1.0","type":"link"}