CC Certified in Cybersecurity Study Guide

CC Certified in Cybersecurity Study Guide

Detalles Bibliográficos
Autor principal: Chapple, Mike (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Newark : John Wiley & Sons, Incorporated 2024.
Edición:1st ed
Colección:Sybex Study Guide Series
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009811321306719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • Acknowledgments
  • About the Author
  • About the Technical Editor
  • Contents at a Glance
  • Contents
  • Introduction
  • CC Certification
  • Taking the CC Exam
  • Computer-Based Testing Environment
  • Exam Retake Policy
  • Recertification Requirements
  • Using the Online Practice Test
  • How to Contact the Publisher
  • Part I Domain 1: Security Principles
  • Chapter 1 Confidentiality, Integrity, Availability, and Non-repudiation: Objective 1.1 Understand the Security Concepts of Information Assurance
  • The CIA Triad
  • Confidentiality
  • Integrity
  • Availability
  • Non-repudiation
  • Chapter 2 Authentication and Authorization: Objective 1.1 Understand the Security Concepts of Information Assurance
  • Access Control Process
  • Identification
  • Authentication
  • Authorization
  • Accounting
  • Digital Access Control
  • Password Policies
  • Password Length
  • Password Complexity
  • Password Expiration
  • Password History
  • Password Resets
  • Password Reuse
  • Password Managers
  • Authentication Factors
  • Something You Know
  • Something You Are
  • Something You Have
  • Multi-factor Authentication
  • Chapter 3 Privacy: Objective 1.1 Understand the Security Concepts of Information Assurance
  • Privacy
  • Types of Private Information
  • Expectation of Privacy
  • Privacy Management Framework
  • Management
  • Agreement, Notice, and Communication
  • Collection and Creation
  • Use, Retention, and Disposal
  • Access
  • Disclosure to Third Parties
  • Security for Privacy
  • Data Integrity and Quality
  • Monitoring and Enforcement
  • Chapter 4 Risk Management: Objective 1.2 Understand the Risk Management Process
  • Risk Types
  • Internal and External Risks
  • Multiparty Risks
  • Specific Risks
  • Risk Identification and Assessment
  • The Language of Risk
  • Ranking Risks
  • Risk Treatment Strategies.
  • Risk Avoidance
  • Risk Transference
  • Risk Mitigation
  • Risk Acceptance
  • Risk Profile and Tolerance
  • Chapter 5 Security Controls: Objective 1.3 Understand Security Controls
  • What Are Security Controls?
  • Categorizing Security Controls
  • Purpose Categories
  • Mechanism of Action Categories
  • Chapter 6 Ethics: Objective 1.4 Understand ISC2 Code of Ethics
  • Corporate Ethics Codes
  • ISC2 Code of Ethics
  • Canon 1
  • Canon 2
  • Canon 3
  • Canon 4
  • Ethics Complaint Procedure
  • Chapter 7 Security Governance Processes: Objective 1.5 Understand Governance Processes
  • Security Policies and Procedures
  • Security Policies
  • Security Standards
  • Security Guidelines
  • Security Procedures
  • Laws and Regulations
  • Part II Domain 2: Business Continuity (BC), Disaster Recovery (DR) &amp
  • Incident Response (IR) Concepts
  • Chapter 8 Business Continuity: Objective 2.1 Understand Business Continuity (BC)
  • Business Continuity Planning
  • BCP Scope Definition
  • Business Impact Analysis
  • Business Continuity Controls
  • Single Point of Failure Analysis
  • Other Continuity Risks
  • High Availability and Fault Tolerance
  • High Availability
  • Fault Tolerance
  • Storage
  • Networking Components
  • Redundancy Through Diversity
  • Chapter 9 Disaster Recovery: Objective 2.2 Understand Disaster Recovery (DR)
  • Disaster Recovery Planning
  • Types of Disasters
  • Initial Response
  • Assessment
  • Disaster Recovery Metrics
  • Training and Awareness
  • Backups
  • Backup Media
  • Backup Types
  • Disaster Recovery Sites
  • Hot Sites
  • Cold Sites
  • Warm Sites
  • Offsite Storage
  • Alternate Business Processes
  • Testing Disaster Recovery Plans
  • Read-Throughs
  • Walk-Throughs
  • Simulations
  • Parallel Tests
  • Full Interruption Tests
  • Chapter 10 Incident Response: Objective 2.3 Understand Incident Response
  • Creating an Incident Response Program.
  • Building an Incident Response Team
  • Team Composition
  • Training and Testing
  • Incident Communications Plan
  • Internal Communications
  • External Communications
  • Secure Communications
  • Incident Identification and Response
  • Security Data Sources
  • Correlating Security Information
  • Receiving Incident Reports
  • Responding to Incidents
  • Part III Domain 3: Access Controls Concepts
  • Chapter 11 Physical Access Controls: Objective 3.1 Understand Physical Access Controls
  • Physical Facilities
  • Data Centers
  • Server Rooms
  • Media Storage Facilities
  • Evidence Storage Rooms
  • Wiring Closets
  • Designing for Security
  • Visitor Management
  • Physical Security Personnel
  • Security Personnel
  • Security Protocols
  • Chapter 12 Logical Access Controls: Objective 3.2 Understand Logical Access Controls
  • Authorization
  • Least Privilege
  • Segregation of Duties
  • Authorization Models
  • Account Types
  • User Accounts
  • Administrator Accounts
  • Guest Accounts
  • Shared/Generic Accounts
  • Service Accounts
  • Non-repudiation
  • Part IV Domain 4: Network Security
  • Chapter 13 Computer Networking: Objective 4.1 Understand Computer Networking
  • Network Types
  • TCP/IP Networking
  • Internet Protocol
  • Transmission Control Protocol
  • User Datagram Protocol
  • Internet Control Message Protocol
  • OSI Model
  • IP Addressing
  • Identifying Valid IPv4 Addresses
  • Domain Name System
  • Network Ports and Applications
  • Securing Wi-Fi Networks
  • Disable SSID Broadcasting
  • Change Default Passwords
  • Authenticate Wi-Fi Users
  • Wireless Encryption
  • Chapter 14 Network Threats and Attacks: Objective 4.2 Understand Network Threats and Attacks
  • Malware
  • Viruses
  • Worms
  • Trojan Horses
  • Eavesdropping Attacks
  • On-Path Attacks
  • Denial-of-Service Attacks
  • Side-Channel Attacks.
  • Chapter 15 Threat Identification and Prevention: Objective 4.2 Understand Network Threats and Attacks
  • Antivirus Software
  • Intrusion Detection and Prevention
  • Intrusion Detection
  • Intrusion Prevention
  • Environments Monitored
  • Classification Errors
  • Detection Techniques
  • Firewalls
  • Vulnerability Scanning
  • Network Vulnerability Scanning
  • Application Scanning
  • Web Application Scanning
  • Chapter 16 Network Security Infrastructure: Objective 4.3 Understand Network Security Infrastructure
  • Data Center Protection
  • Air Temperature
  • Humidity
  • Fire
  • Network Security Zones
  • Switches, WAPs, and Routers
  • Switches
  • WAPs
  • Routers
  • Network Segmentation
  • Virtual Private Networks
  • Network Access Control
  • Role-Based Access Control
  • Posture Checking
  • Internet of Things
  • IoT Security
  • Chapter 17 Cloud Computing: Objective 4.3 Understand Network Security Infrastructure
  • Cloud Computing
  • Drivers for Cloud Computing
  • Cloud Deployment Models
  • Private Cloud
  • Public Cloud
  • Hybrid Cloud
  • Community Cloud
  • Cloud Service Categories
  • Software as a Service (SaaS)
  • Infrastructure as a Service (IaaS)
  • Platform as a Service (PaaS)
  • Desktop as a Service (DaaS)
  • Security and the Shared Responsibility Model
  • Automation and Orchestration
  • Vendor Relationships
  • Managed Service Providers
  • Vendor Agreements
  • Part V Domain 5: Security Operations
  • Chapter 18 Encryption: Objective 5.1 Understand Data Security
  • Cryptography
  • Encrypting Data
  • Decrypting Data
  • Encryption Algorithms
  • Symmetric Encryption
  • Asymmetric Encryption
  • Uses of Encryption
  • Data at Rest
  • Data in Transit
  • Hash Functions
  • MD5
  • SHA
  • Chapter 19 Data Handling: Objective 5.1 Understand Data Security
  • Data Life Cycle
  • Create
  • Store
  • Use
  • Share
  • Archive
  • Destroy
  • Data Classification.
  • Classification Schemes
  • Labeling
  • Chapter 20 Logging and Monitoring: Objective 5.1 Understand Data Security
  • Logging
  • Log Monitoring
  • Chapter 21 Configuration Management: Objective 5.2 Understand System Hardening
  • Configuration Management
  • Baselines
  • Version Control
  • Configuration Vulnerabilities
  • Default Configurations
  • Weak Security Settings
  • Cryptographic Weaknesses
  • Patch and Update Management
  • Account Management
  • Chapter 22 Best Practice Security Policies: Objective 5.3 Understand Best Practice Security Policies
  • Acceptable Use Policy
  • Data Handling Policy
  • Password Policy
  • Bring Your Own Device Policy
  • Privacy Policy
  • Change Management Policy
  • Chapter 23 Security Awareness Training: Objective 5.4 Understand Security Awareness Training
  • Social Engineering
  • Authority and Trust
  • Intimidation
  • Consensus and Social Proof
  • Scarcity
  • Urgency
  • Familiarity and Liking
  • Security Education
  • Index
  • EULA.

Ejemplares similares