CISSP: Certified Information Systems Security Professional Study Guide by Ed Tittel and James M. Stewart


84580c0bfbeca76-261x361.jpeg Author Ed Tittel and James M. Stewart
Isbn 9780470276884
File size 12.3MB
Year 2008
Pages 888
Language English
File format PDF
Category security


 

76884ffirs.fm Page iii Wednesday, May 21, 2008 10:51 PM CISSP ® Certified Information Systems Security Professional Study Guide Fourth Edition James Michael Stewart Ed Tittel Mike Chapple Wiley Publishing, Inc. 76884ffirs.fm Page ii Wednesday, May 21, 2008 10:51 PM 76884ffirs.fm Page i Wednesday, May 21, 2008 10:51 PM CISSP ® Certified Information Systems Security Professional Study Guide Fourth Edition 76884ffirs.fm Page ii Wednesday, May 21, 2008 10:51 PM 76884ffirs.fm Page iii Wednesday, May 21, 2008 10:51 PM CISSP ® Certified Information Systems Security Professional Study Guide Fourth Edition James Michael Stewart Ed Tittel Mike Chapple Wiley Publishing, Inc. 76884ffirs.fm Page iv Wednesday, May 21, 2008 10:51 PM Acquisitions Editor: Jeff Kellum Development Editor: Allegro Editorial Services Technical Editor: Michael Gregg Production Editor: Rachel McConlogue Copy Editor: Kim Wimpsett Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Joseph B. Wikert Vice President and Publisher: Neil Edde Media Associate Project Manager: Laura Moss-Hollister Media Assistant Producer: Kit Malone Media Quality Assurance: Josh Frank Book Designers: Judy Fung and Bill Gibson Compositor: Craig J. Woods, Happenstance Type-O-Rama Proofreaders: Sondra Schneider and Nancy Bell Indexer: Jack Lewis Cover Designer: Ryan Sneed Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-27688-4 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions . Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recommendations it may make. Further, readers should be aware that Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Cataloging-in-Publication Data is available from the publisher. TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CISSP is a registered trademark of International Information Systems Security Certification Consortium, Inc. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. 10 9 8 7 6 5 4 3 2 1 76884ffirs.fm Page v Wednesday, May 21, 2008 10:51 PM Dear Reader, Thank you for choosing CISSP: Certified Information Systems Security Professional Study Guide. This book is part of a family of premium quality Sybex books, all written by outstanding authors who combine practical experience with a gift for teaching. Sybex was founded in 1976. More than thirty years later, we’re still committed to producing consistently exceptional books. With each of our titles we’re working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available. I hope you see all that reflected in these pages. I’d be very interested to hear your comments and get your feedback on how we’re doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at [email protected], or if you think you’ve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex. Best regards, Neil Edde Vice President & Publisher Sybex, an imprint of Wiley 76884ffirs.fm Page vi Wednesday, May 21, 2008 10:51 PM To Cathy, whenever there is trouble, just remember “Some beach, somewhere….” —James Michael Stewart To my family: Renee, Richard, Matthew, and Christopher, who lovingly put up with me during the hours I spent buried in my laptop writing this book. —Mike Chapple 76884ffirs.fm Page vii Wednesday, May 21, 2008 10:51 PM Acknowledgments I hope our efforts to improve this study guide will lend themselves handily to your understanding and comprehension of the wide berth of CISSP concepts. I’d like to express my thanks to Sybex for continuing to support this project. Thanks to Ed Tittel and Mike Chapple for continuing to contribute to this project. Also thanks to all my CISSP course students who have provided their insight and input to improve my training courseware and ultimately this tome. To my wonderful wife, Cathy, our life together is just getting started. To my son, Xzavier Slayde, may you grow to be more than we could imagine. To my parents, Dave and Sue, thanks for your love and consistent support. To Mark, as best friends go, it could’ve been worse. And finally, as always, to Elvis—all hail the King! —James Michael Stewart Thanks to both Michael Stewart and Mike Chapple for keeping me involved in this interesting project. I’m glad Michael has had the opportunity to keep teaching CISSP courses and provide us all with a lifeline to the hard-working professionals in the trenches for whom this credential can mean so much. Congrats also to Michael on the latest addition to his family; my son, Gregory, just turned four and it seems like only last month we brought him home from the hospital. May the months and years slip by as pleasantly and painlessly for you as they have for us. Next, thanks to the folks at Sybex, especially Jeff Kellum for rounding us all up and keeping us headed in the same direction and for his excellent view of where we need to take this book. Finally, I’d like to thank my loving and lovely wife, Dina, for putting up with me and for making our lives together both comfortable and interesting. —Ed Tittel Special thanks go to the information security team at the University of Notre Dame. Gary Dobbins, Bob Winding, David Seidl, and Robert Riley provided hours of interesting conversation and debate on security issues that inspired and informed much of the material in this book. I would like to thank Jeff Kellum, our editor at Wiley, and the people at Allegro Editorial Services, who provided invaluable assistance throughout the book development process. I also owe a debt of gratitude to my literary agent, Carole Jelen of Waterside Productions. My coauthors, Ed Tittel and James Michael Stewart, have worked with me ever since we published the first edition of this book together five years ago. I’d also like to thank the many people who participated in the production of this book but whom I never had the chance to meet: the graphics team, the production staff, and all of those involved in bringing this book to press. —Mike Chapple 76884ffirs.fm Page viii Wednesday, May 21, 2008 10:51 PM About the Authors James Michael Stewart, CISSP, has been writing and training for more than 14 years, with a current focus on security. He has taught dozens of CISSP training courses, not to mention numerous sessions on Windows security and the Certified Ethical Hacker certification. He is the author of several books and courseware sets on security certification, Microsoft topics, and network administration. More information about Michael can be found at his website: www.impactonline.com. Ed Tittel is a full-time freelance writer, trainer, and consultant specializing in matters related to information security, markup languages, and networking technologies. He is a regular contributor to numerous TechTarget websites; teaches online security and technology courses for companies including HP, Sony, and Motorola; and writes regularly for Tom’s Hardware. Ed’s professional bio and other information are available at www.edtittel.com. Mike Chapple, CISSP, is an IT security professional with the University of Notre Dame. In the past, he was chief information officer of Brand Institute and an information security researcher with the National Security Agency and the U.S. Air Force. His primary areas of expertise include network intrusion detection and access controls. Mike is a frequent contributor to TechTarget’s SearchSecurity site, a technical editor for Information Security magazine, and the author of several information security titles including The GSEC Prep Guide from Wiley and Information Security Illuminated from Jones and Bartlett Publishers. 76884ffirs.fm Page ix Wednesday, May 21, 2008 10:51 PM Contents at a Glance Introduction xxvii Assessment Test xxxv Chapter 1 Accountability and Access Control 1 Chapter 2 Attacks and Monitoring 45 Chapter 3 ISO Model, Protocols, Network Security, and Network Infrastructure 77 Chapter 4 Communications Security and Countermeasures 139 Chapter 5 Security Management Concepts and Principles 179 Chapter 6 Asset Value, Policies, and Roles 205 Chapter 7 Data and Application Security Issues 243 Chapter 8 Malicious Code and Application Attacks 293 Chapter 9 Cryptography and Private Key Algorithms 333 Chapter 10 PKI and Cryptographic Applications 375 Chapter 11 Principles of Computer Design 411 Chapter 12 Principles of Security Models 451 Chapter 13 Administrative Management 495 Chapter 14 Auditing and Monitoring 527 Chapter 15 Business Continuity Planning 563 Chapter 16 Disaster Recovery Planning 591 Chapter 17 Law and Investigations 629 Chapter 18 Incidents and Ethics 665 Chapter 19 Physical Security Requirements 691 Appendix About the Companion CD 725 Glossary 729 Index 795 76884ffirs.fm Page x Wednesday, May 21, 2008 10:51 PM 76884.book Page xi Tuesday, May 20, 2008 10:47 AM Contents Introduction xxvii Assessment Test xxxv Chapter Chapter 1 2 Accountability and Access Control 1 Access Control Overview Types of Access Control Access Control in a Layered Environment The Process of Accountability Identification and Authentication Techniques Passwords Biometrics Tokens Tickets Single Sign-On Access Control Techniques Discretionary Access Controls Nondiscretionary Access Controls Mandatory Access Controls Role-Based Access Control Lattice-Based Access Controls Access Control Methodologies and Implementation Centralized and Decentralized Access Control RADIUS and TACACS Access Control Administration Account Administration Account, Log, and Journal Monitoring Access Rights and Permissions Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions 2 2 4 5 9 10 13 18 20 20 23 23 23 24 25 26 27 27 28 29 29 30 30 34 35 37 38 39 43 Attacks and Monitoring 45 Monitoring Intrusion Detection Host-Based and Network-Based IDSs Knowledge-Based and Behavior-Based Detection 46 47 50 51 76884.book Page xii Tuesday, May 20, 2008 10:47 AM xii Contents Chapter 3 IDS-Related Tools Understanding Honey Pots Understanding Padded Cells Understanding Vulnerability Scanners Penetration Testing Methods of Attack Brute-Force and Dictionary Attacks Denial-of-Service Attacks Spoofing Attacks Man-in-the-Middle Attacks Sniffer Attacks Spamming Attacks Crackers, Hackers, and Attackers Access Control Compensations Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions 52 52 53 53 54 55 56 58 62 63 64 64 64 65 65 66 68 69 70 74 ISO Model, Protocols, Network Security, and Network Infrastructure 77 OSI Model History of the OSI Model OSI Functionality Encapsulation/Deencapsulation OSI Layers TCP/IP Model Communications and Network Security Network Cabling LAN Technologies Network Topologies TCP/IP Overview Internet/Intranet/Extranet Components Firewalls Other Network Devices Remote Access Security Management Network and Protocol Security Mechanisms Secure Communications Protocols Dial-Up Protocols Authentication Protocols Centralized Remote Authentication Services 78 78 79 80 81 87 88 88 99 103 105 116 116 119 123 124 124 125 126 126 76884.book Page xiii Tuesday, May 20, 2008 10:47 AM Contents Avoiding Single Points of Failure Redundant Servers Failover Solutions RAID Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions Chapter 4 Communications Security and Countermeasures Virtual Private Network (VPN) Tunneling How VPNs Work Implementing VPNs Network Address Translation Private IP Addresses Stateful NAT Static and Dynamic NAT Automatic Private IP Addressing (APIPA) Switching Technologies Circuit Switching Packet Switching Virtual Circuits WAN Technologies WAN Connection Technologies Dial-Up Encapsulation Protocols Miscellaneous Security Control Characteristics Transparency Verifying Integrity Transmission Mechanisms Managing Email Security Email Security Goals Understanding Email Security Issues Email Security Solutions Securing Voice Communications Social Engineering Fraud and Abuse Phreaking Security Boundaries Network Attacks and Countermeasures Eavesdropping Second-Tier Attacks xiii 127 127 127 128 129 130 131 132 133 137 139 140 141 142 142 144 145 146 146 147 147 148 148 149 149 151 154 154 154 154 155 156 156 157 158 160 160 161 162 163 164 164 165 76884.book Page xiv Tuesday, May 20, 2008 10:47 AM xiv Contents Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions Chapter 5 Security Management Concepts and Principles Security Management Concepts and Principles Confidentiality Integrity Availability Other Security Concepts Protection Mechanisms Layering Abstraction Data Hiding Encryption Change Control/Management Data Classification Planning to Plan Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions Chapter 6 Asset Value, Policies, and Roles Employment Policies and Practices Security Management for Employees Security Roles Security Management Planning Policies, Standards, Baselines, Guidelines, and Procedures Security Policies Security Standards, Baselines, and Guidelines Security Procedures Risk Management Risk Terminology Risk Assessment Methodologies Quantitative Risk Analysis Qualitative Risk Analysis Handling Risk 168 169 171 172 173 177 179 180 180 181 183 183 187 187 188 188 188 189 190 193 193 195 196 197 198 202 205 206 206 211 212 214 214 215 216 217 218 220 223 227 229 76884.book Page xv Tuesday, May 20, 2008 10:47 AM Contents Security Awareness Training Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions Chapter 7 Data and Application Security Issues Application Issues Local/Nondistributed Environment Distributed Environment Databases and Data Warehousing Database Management System (DBMS) Architecture Database Transactions Security for Multilevel Databases ODBC Aggregation Data Mining Data/Information Storage Types of Storage Storage Threats Knowledge-Based Systems Expert Systems Neural Networks Decision Support Systems Security Applications Systems Development Controls Software Development Systems Development Life Cycle Life Cycle Models Gantt Charts and PERT Change Control and Configuration Management Software Testing Security Control Architecture Service-Level Agreements Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions xv 230 231 233 235 236 237 241 243 244 244 246 250 250 254 255 257 257 259 260 260 261 261 262 263 263 264 264 264 269 272 277 278 279 280 283 283 284 285 286 287 291 76884.book Page xvi Tuesday, May 20, 2008 10:47 AM xvi Contents Chapter 8 Malicious Code and Application Attacks Malicious Code Sources Viruses Logic Bombs Trojan Horses Worms Spyware and Adware Active Content Countermeasures Password Attacks Password Guessing Dictionary Attacks Social Engineering Countermeasures Denial-of-Service Attacks SYN Flood Distributed DoS Toolkits Smurf DNS Amplification Attacks Teardrop Land DNS Poisoning Ping of Death Application Attacks Buffer Overflows Time-of-Check-to-Time-of-Use Trap Doors Rootkits Web Application Security Cross-Site Scripting (XSS) SQL Injection Reconnaissance Attacks IP Probes Port Scans Vulnerability Scans Dumpster Diving Masquerading Attacks IP Spoofing Session Hijacking Decoy Techniques Honey Pots Pseudoflaws 293 294 294 295 300 300 301 303 303 304 305 305 306 307 307 308 308 309 309 311 311 313 313 314 314 314 315 315 315 316 316 317 319 319 320 320 320 321 321 321 322 322 322 76884.book Page xvii Tuesday, May 20, 2008 10:47 AM Contents Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions Chapter Chapter 9 10 Cryptography and Private Key Algorithms xvii 323 323 324 325 326 330 333 Historical Milestones in Cryptography Caesar Cipher American Civil War Ultra vs. Enigma Cryptographic Basics Goals of Cryptography Cryptography Concepts Cryptographic Mathematics Ciphers Modern Cryptography Cryptographic Keys Symmetric Key Algorithms Asymmetric Key Algorithms Hashing Algorithms Symmetric Cryptography Data Encryption Standard Triple DES International Data Encryption Algorithm Blowfish Skipjack Advanced Encryption Standard Key Distribution Key Escrow Summary Exam Essentials Written Lab Answers to Written Lab Review Questions Answers to Review Questions 334 334 335 335 336 336 337 339 345 351 351 352 353 356 357 357 359 360 360 361 361 363 364 365 365 367 368 369 373 PKI and Cryptographic Applications 375 Asymmetric Cryptography Public and Private Keys RSA El Gamal Elliptic Curve 376 377 377 379 379

Author Ed Tittel and James M. Stewart Isbn 9780470276884 File size 12.3MB Year 2008 Pages 888 Language English File format PDF Category Security Book Description: FacebookTwitterGoogle+TumblrDiggMySpaceShare Building on the popular Sybex Study Guide approach, CISSP: Certified Information Systems Security Professional Study Guide, 4th Edition provides 100% coverage of the CISSP Body of Knowledge exam objectives. Find clear and concise information on crucial security topics, practical examples and insights drawn from real-world experience, and cutting-edge exam preparation software, including two full-length bonus exams and electronic flashcards. Prepare yourself by reviewing the key exam topics, including access control, application security, business continuity and disaster recovery planning, cryptography; information security and risk management, and security architecture and design telecommunications and network security.     Download (12.3MB) CISSP: Certified Information Systems Security Professional Study Guide, 5th Edition CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide Disaster Recovery Professional CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition CCSA NG: Check Point Certified Security Administrator Study Guide Load more posts

Leave a Reply

Your email address will not be published. Required fields are marked *