Official (ISC)2 Guide to the SSCP CBK, Second Edition: Edition 2

CRC Press
4
Free sample

The (ISC)2® Systems Security Certified Practitioner (SSCP®) certification is one of the most important credentials an information security practitioner can have. Having helped thousands of people around the world obtain this distinguished certification, the bestselling Official (ISC)2 Guide to the SSCP CBK® has quickly become the book that many of today’s security practitioners depend on to attain and maintain the required competence in the seven domains of the (ISC)2 CBK.

Picking up where the popular first edition left off, the Official (ISC)2 Guide to the SSCP CBK, Second Edition brings together leading IT security tacticians from around the world to discuss the critical role that policy, procedures, standards, and guidelines play within the overall information security management infrastructure. Offering step-by-step guidance through the seven domains of the SSCP CBK, the text:

  • Presents widely recognized best practices and techniques used by the world's most experienced administrators
  • Uses accessible language, bulleted lists, tables, charts, and diagrams to facilitate a clear understanding
  • Prepares you to join the thousands of practitioners worldwide who have obtained (ISC)2 certification

Through clear descriptions accompanied by easy-to-follow instructions and self-assessment questions, this book will help you establish the product-independent understanding of information security fundamentals required to attain SSCP certification. Following certification it will be a valuable guide to addressing real-world security implementation challenges.

Read more

About the author

Harold F. Tipton, currently an independent consultant, was a past president of the International Information System Security Certification Consortium and a director of computer security for Rockwell International Corporation for about 15 years. He initiated the Rockwell computer and data security program in 1977 and then continued to administer, develop, enhance, and expand the program to accommodate the control needs produced by technological advances until his retirement from Rockwell in 1994.

Tipton has been a member of the Information Systems Security Association (ISSA) since 1982. He was the president of the Los Angeles chapter in 1984, and the president of the national organization of ISSA (1987–1989). He was added to the ISSA Hall of Fame and the ISSA Honor Role in 2000.

Tipton was a member of the National Institute for Standards and Technology (NIST), the Computer and Telecommunications Security Council, and the National Research Council Secure Systems Study Committee (for the National Academy of Science). He received his BS in engineering from the U.S. Naval Academy and his MA in personnel administration from George Washington University; he also received his certificate in computer science from the University of California, Irvine. He is a certified information system security professional (CISSP), ISSAP, & ISSMP.

He has published several papers on information security issues for Auerbach Publications (Handbook of Information Security Management, Data Security Management, and Information Security Journal), National Academy of Sciences (Computers at Risk), Data Pro Reports, Elsevier, and ISSA (Access).

He has been a speaker at all the major information security conferences including the Computer Security Institute, the ISSA Annual Working Conference, the Computer Security Workshop, MIS Conferences, AIS Security for Space Operations, DOE Computer Security Conference, National Computer Security Conference, IIA Security Conference, EDPAA, UCCEL Security & Audit Users Conference, and Industrial Security Awareness Conference.

He has conducted/participated in information security seminars for (ISC)2, Frost & Sullivan, UCI, CSULB, System Exchange Seminars, and the Institute for International Research. He participated in the Ernst & Young video "Protecting Information Assets." He is currently serving as the editor of the Handbook of Information Security Management (Auerbach). He chairs the (ISC)2 CBK Committees and the QA Committee. He received the Computer Security Institute’s Lifetime Achievement Award in 1994, the (ISC)2’s Hal Tipton Award in 2001 and the (ISC)2 Founders Award in 2009.

Read more
4.8
4 total
Loading...

Additional Information

Publisher
CRC Press
Read more
Published on
Apr 19, 2016
Read more
Pages
468
Read more
ISBN
9781439804841
Read more
Language
English
Read more
Genres
Computers / Networking / General
Computers / Security / General
Read more
Content Protection
This content is DRM protected.
Read more
Read Aloud
Available on Android devices
Read more
Eligible for Family Library

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
Every year, in response to new technologies and new laws in different countries and regions, there are changes to the fundamental knowledge, skills, techniques, and tools required by all IT security professionals. In step with the lightning-quick, increasingly fast pace of change in the technology field, the Information Security Management Handbook, updated yearly, has become the standard on which all IT security programs and certifications are based. It reflects new updates to the Common Body of Knowledge (CBK) that IT security professionals all over the globe need to know.

Captures the crucial elements of the CBK

Exploring the ten domains of the CBK, the book explores access control, telecommunications and network security, information security and risk management, application security, and cryptography. In addition, the expert contributors address security architecture and design, operations security, business continuity planning and disaster recovery planning. The book also covers legal regulations, compliance, investigation, and physical security. In this anthology of treatises dealing with the management and technical facets of information security, the contributors examine varied topics such as anywhere computing, virtualization, podslurping, quantum computing, mashups, blue snarfing, mobile device theft, social computing, voting machine insecurity, and format string vulnerabilities.

Also available on CD-ROM

Safeguarding information continues to be a crucial concern of all IT professionals. As new risks threaten the security of our systems, it is imperative that those charged with protecting that information continually update their armor of knowledge to guard against tomorrow’s hackers and software vulnerabilities. This comprehensive Handbook, also available in fully searchable CD-ROM format keeps IT professionals abreast of new developments on the security horizon and reinforces timeless concepts, providing them with the best information, guidance, and counsel they can obtain.

The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
©2018 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.