Transcription
CISSP Study GuideCERTIFICATION TRAININGJohn SislerDATASAGE INC 321 COMMONS WALK CIR CARY NC 27519
CISSP Study GuideCISSP Study GuideContentsChapter 1 – Taking the Exam . 10Chapter 2 - Cryptography . 10Cryptography Concepts . 10Cryptography History . 11Cryptosystem Features. 12Encryption Systems . 13Substitution Ciphers . 14Symmetric Algorithms . 155 Modes of DES. 16Triple DES (3DES) . 18Advanced Encryption Standard (AES) . 18International Data Encryption Algorithm (IDEA) . 18Skipjack . 18Blowfish . 18Twofish . 18RC4 or ARC4 . 18RC5. 18RC6. 19CAST . 19Asymmetric Algorithms . 19Diffie-Hellman. 19Key Agreement Process . 19RSA. 19El Gamal . 19Elliptic Curve Cryptosystem (ECC) . 20Knapsack . 20Zero Knowledge Proof . 20Message Integrity . 20Hash Functions . 20Message Digest Algorithms . 20Digital Signatures. 21Public Key Infrastructure (PKI) . 22Key Management . 23Page 1 of 125CISSP Study Guide
CISSP Study GuideCISSP Study GuideTrusted Platform Module . 24Encryption Communication Levels . 25Link Encryption . 25End-to-End Encryption. 25Email Security . 25Internet Security. 26Cryptography Attacks . 27Chapter 3 – Physical Security . 29Threat Mitigation Techniques . 29Geographical Man Made and Political Threats . 29Natural Threats and Mitigation . 29Communications . 29Man-Made Threats . 29Site and Facility Design . 30Layered Defense Model. 30Crime Prevention Through Environmental Design (CPTED) . 30Physical Security Plan Goals . 31Facility Selection Issues . 31Computer and Equipment Rooms . 31Perimeter Security. 32Barriers or Bollards . 33Fences and Gates. 33Perimeter Intrusion Detection Systems . 33Lighting Systems . 34Types of Lighting . 34Additional Perimeter Measures . 34Building and Internal Security . 34Doors . 34Glass Entries . 36Additional Interior Considerations . 36Secure Data Centers and Fire Detection Systems . 36Data Centers . 36Environmental Security and Fire Detection Systems . 36Types of Power Issues . 37Dirty Power Protection . 38HVAC Guidelines. 38Page 2 of 125CISSP Study Guide
CISSP Study GuideCISSP Study GuideEquipment Security and Personal Security . 38Equipment . 38Personal . 38Chapter 4 - Security Architecture and Design . 40Security Model Concepts . 40System Architecture . 40Computing Platforms .
CISSP Study GuideCISSP Study Guide. Page 76 of 125 CISSP Study Guide. Annual Loss Expectancy (ALE) is the expected risk factor of an annual threat event ALE requires SLE and the Annual Rate of Occurance (ARO) – which is how often the threat may occur annually ALE SLE x ARO.
