Official (ISC)2® Guide to the CISSP®-ISSEP® CBK®Susan Hansche CRC Press, 2005. gada 29. sept. - 1024 lappuses The Official (ISC)2® Guide to the CISSP®-ISSEP® CBK® provides an inclusive analysis of all of the topics covered on the newly created CISSP-ISSEP Common Body of Knowledge. The first fully comprehensive guide to the CISSP-ISSEP CBK, this book promotes understanding of the four ISSEP domains: Information Systems Security Engineering (ISSE); Certification and Accreditation; Technical Management; and an Introduction to United States Government Information Assurance Regulations. This volume explains ISSE by comparing it to a traditional Systems Engineering model, enabling you to see the correlation of how security fits into the design and development process for information systems. It also details key points of more than 50 U.S. government policies and procedures that need to be understood in order to understand the CBK and protect U.S. government information. About the Author Susan Hansche, CISSP-ISSEP is the training director for information assurance at Nortel PEC Solutions in Fairfax, Virginia. She has more than 15 years of experience in the field and since 1998 has served as the contractor program manager of the information assurance training program for the U.S. Department of State. |
Saturs
ISSE Domain 1 Information systems security engineering ISSE | 1 |
ISSE Domain 2 Certification and assredutation | 281 |
ISSE Domain 3 Technical management | 357 |
ISSEP Domain 4 Introduction to United States government information assurance regulations | 427 |
Appendix A Linking ISSE phases to SE phases | 610 |
Appendex B Enterprise architecture | 620 |
Appendix C Combining NIST SP 80055 and SP 80026 | 624 |
Appendix D Common criteria security assurance requirements | 628 |
Appendix E ISSEP sample questions | 637 |
| 727 | |
Citi izdevumi - Skatīt visu
Bieži izmantoti vārdi un frāzes
acceptable accreditation activities agencies analysis Answer applications approach appropriate approved architecture assessment authority Available certification changes Chapter communications complete components Computer conducted configuration considered controls cost Criteria cryptographic defined definition describes detailed determine Directive document effectiveness effort elements ensure environment established evaluation example Federal Figure FIPS functions goals guidance hardware identified impact implementation important information systems Information Systems Security initial integrity interfaces involves ISSE ISSEP measures mechanisms meet methods mission National Security necessary needs NIST SP objectives Office operational organization performance phase principles procedures protection Question Rationale reference responsibilities risk security controls security functions security requirements security services solution Source specific standard Systems Engineering Table tasks technical Technology testing threat users validation verify vulnerabilities