Scroll to top button

ISC2 CISSP Study Guide 8th edition

ISBN : 9781616910808

Prepare for the ISC2 CISSP certification exam with the ISC2 CISSP Study Guide 8th edition course and lab. The lab can be mapped to any course, textbook, or training, therefore, adding value and a hands-on component to training. The course and lab completely cover the CISSP exam objectives and help you master the skills required to work with business continuity planning, asset security, cryptography, PKI, and so on. The course provides the required skills and knowledge for understanding and using all the basic and advanced security principles and methods.

The vendor-neutral ISC2 CISSP certification is the ideal credential for those with deep technical and managerial competence to design, engineer, implement, and manage overall information security programs to protect organizations. This exam validates candidate's working knowledge of information technology security of an IT professional. The exam covers ten domains of knowledge, including access control, business continuity, and security architecture.

Glossary of terms
Pre Assessment Questions
Full Length Tests
Post Assessment Questions
Performance lab
Learn the real world skills using LiveLab.
  • Overview of the CISSP Exam
  • Notes on This Course's Organization
  • Understand and Apply Concepts of Confidentiality, Integrity, and Availability
  • Evaluate and Apply Security Governance Principles
  • Develop, Document, and Implement Security Policy, Standards, Procedures, and Guidelines
  • Understand and Apply Threat Modeling Concepts and Methodologies
  • Apply Risk-Based Management Concepts to the Supply Chain
  • Summary
  • Exam Essentials
  • Written Lab
  • Personnel Security Policies and Procedures
  • Security Governance
  • Understand and Apply Risk Management Concepts
  • Establish and Maintain a Security Awareness, Education, and Training Program
  • Manage the Security Function
  • Summary
  • Exam Essentials
  • Written Lab
  • Planning for Business Continuity
  • Project Scope and Planning
  • Business Impact Assessment
  • Continuity Planning
  • Plan Approval and Implementation
  • Summary
  • Exam Essentials
  • Written Lab
  • Categories of Laws
  • Laws
  • Compliance
  • Contracting and Procurement
  • Summary
  • Exam Essentials
  • Written Lab
  • Identify and Classify Assets
  • Determining Ownership
  • Using Security Baselines
  • Summary
  • Exam Essentials
  • Written Lab
  • Historical Milestones in Cryptography
  • Cryptographic Basics
  • Modern Cryptography
  • Symmetric Cryptography
  • Cryptographic Lifecycle
  • Summary
  • Exam Essentials
  • Written Lab
  • Asymmetric Cryptography
  • Hash Functions
  • Digital Signatures
  • Public Key Infrastructure
  • Asymmetric Key Management
  • Applied Cryptography
  • Cryptographic Attacks
  • Summary
  • Exam Essentials
  • Written Lab
  • Implement and Manage Engineering Processes Using Secure Design Principles
  • Understand the Fundamental Concepts of Security Models
  • Select Controls Based On Systems Security Requirements
  • Understand Security Capabilities of Information Systems
  • Summary
  • Exam Essentials
  • Written Lab
  • Assess and Mitigate Security Vulnerabilities
  • Client-Based Systems
  • Server-Based Systems
  • Database Systems Security
  • Distributed Systems and Endpoint Security
  • Internet of Things
  • Industrial Control Systems
  • Assess and Mitigate Vulnerabilities in Web-Based Systems
  • Assess and Mitigate Vulnerabilities in Mobile Systems
  • Assess and Mitigate Vulnerabilities in Embedded Devices and Cyber-Physical Systems
  • Essential Security Protection Mechanisms
  • Common Architecture Flaws and Security Issues
  • Summary
  • Exam Essentials
  • Written Lab
  • Apply Security Principles to Site and Facility Design
  • Implement Site and Facility Security Controls
  • Implement and Manage Physical Security
  • Summary
  • Exam Essentials
  • Written Lab
  • OSI Model
  • TCP/IP Model
  • Converged Protocols
  • Wireless Networks
  • Secure Network Components
  • Cabling, Wireless, Topology, Communications, and Transmission Media Technology
  • Summary
  • Exam Essentials
  • Written Lab
  • Network and Protocol Security Mechanisms
  • Secure Voice Communications
  • Multimedia Collaboration
  • Manage Email Security
  • Remote Access Security Management
  • Virtual Private Network
  • Virtualization
  • Network Address Translation
  • Switching Technologies
  • WAN Technologies
  • Miscellaneous Security Control Characteristics
  • Security Boundaries
  • Prevent or Mitigate Network Attacks
  • Summary
  • Exam Essentials
  • Written Lab
  • Controlling Access to Assets
  • Comparing Identification and Authentication
  • Implementing Identity Management
  • Managing the Identity and Access Provisioning Lifecycle
  • Summary
  • Exam Essentials
  • Written Lab
  • Comparing Access Control Models
  • Understanding Access Control Attacks
  • Summary
  • Exam Essentials
  • Written Lab
  • Building a Security Assessment and Testing Program
  • Performing Vulnerability Assessments
  • Testing Your Software
  • Implementing Security Management Processes
  • Summary
  • Exam Essentials
  • Written Lab
  • Applying Security Operations Concepts
  • Securely Provisioning Resources
  • Managing Configuration
  • Managing Change
  • Managing Patches and Reducing Vulnerabilities
  • Summary
  • Exam Essentials
  • Written Lab
  • Managing Incident Response
  • Implementing Detective and Preventive Measures
  • Logging, Monitoring, and Auditing
  • Summary
  • Exam Essentials
  • Written Lab
  • The Nature of Disaster
  • Understand System Resilience and Fault Tolerance
  • Recovery Strategy
  • Recovery Plan Development
  • Training, Awareness, and Documentation
  • Testing and Maintenance
  • Summary
  • Exam Essentials
  • Written Lab
  • Investigations
  • Major Categories of Computer Crime
  • Ethics
  • Summary
  • Exam Essentials
  • Written Lab
  • Introducing Systems Development Controls
  • Establishing Databases and Data Warehousing
  • Storing Data and Information
  • Understanding Knowledge-Based Systems
  • Summary
  • Exam Essentials
  • Written Lab
  • Malicious Code
  • Password Attacks
  • Application Attacks
  • Web Application Security
  • Reconnaissance Attacks
  • Masquerading Attacks
  • Summary
  • Exam Essentials
  • Written Lab

Hands on Activities (Labs)

  • Disk-Level Encryption
  • EFS (Encryption File System)
  • Configuring Audit Group Policy
  • Complete Chain of Custody
  • Assigning Permissions to Folders
  • Identifying risk actions
  • Understanding elements of risk
  • Identifying steps in quantitative risk analysis
  • Standard access control list
  • Extended access control list
  • Identifying phases in BCP process
  • Identifying CFAA provisions
  • Checking the integrity of messages through MAC values
  • Identifying asymmetric algorithms
  • Identifying cryptographic attacks
  • Using OpenSSL to create a public/private key pair
  • Observe an SHA-Generated Hash Value
  • Observe an MD5-Generated Hash Value
  • Identifying sequence of sender's process in digital signature system
  • Understanding PKCS standards
  • Identifying OSI layer functions
  • Identifying OSI layers
  • Identifying steps in the encapsulation/decapsulation process
  • Identifying connectionless communication
  • Identifying abbreviations for various Internet layer protocols
  • Identifying TCP/IP protocol layers
  • Identifying TCP/IP layers
  • Identifying flag bit designator
  • Using Windows Firewall
  • Configuring Linux Firewall using iptable
  • Identifying gateway firewalls
  • Identifying hardware devices
  • Connecting systems to the Internet through a router
  • Identifying firewall techniques
  • Identifying types of cable
  • Identifying components of a coaxial cable
  • Identifying network topologies
  • Identifying UTP categories
  • Identifying steps in CSMA technology
  • Identifying LAN sub technologies
  • Configuring IPSec
  • Configure VLAN
  • Identifying secure communication protocols
  • Identifying authentication protocols
  • Identifying phreaker tools
  • Identifying security solutions
  • Configuring VPN
  • Identifying VPN protocols
  • Static NAT (Network Address Translation)
  • Dynamic NAT (Network Address Translation)
  • Understanding NAT
  • Identifying switching technology properties
  • Identifying specialized protocols
  • Understanding transparency
  • Understanding security boundaries
  • Using ettercap for ARP Spoofing
  • Identifying types of Denial of Service attacks
  • Identifying access control types
  • Identifying authorization mechanisms
  • Restricting local accounts
  • Identifying drawbacks of Kerberos authentication
  • Identifying components of the Kerberos authentication protocol
  • Identifying authentication services
  • Identifying responsibilities
  • Reviewing an authorization letter for penetration testing
  • Identifying attacks
  • Identifying social engineering attacks
  • Configuring User Access Control Setting
  • Scanning Ports using Metasploit
  • Exploiting Windows 7 using Metasploit
  • Enabling a Keylogger in a Target Machine
  • Conducting vulnerability scanning using Nessus
  • Scan using nmap
  • Identifying terms associated with data destruction
  • Identifying steps within an effective patch management program
  • Identifying steps in incident response management
  • Enabling intrusion prevention and detection
  • Configuring Snort
  • Identifying malicious attacks
  • Working with a host-based IDS
  • Identifying sequence in which the IDS instructs the TCP to reset connections
  • DoS Attacks with SYN Flood
  • Identifying RAID level characteristics
  • Identifying processing sites in disaster recovery plan
  • Identifying disaster recovery plan tests
  • Full Backup
  • Incremental Backup
  • Configure RAID 5
  • Identifying computer crime types
  • Identifying stages in a waterfall lifecycle model
  • Understanding object-oriented programming terms
  • Identifying levels in Software Capability Maturity Model
  • Identifying testing methods
  • Identifying primary phases of SDLC
  • Identifying keys in a database
  • Identifying storage types
  • Causing a Darkcomet Trojan Infection
  • Identifying types of viruses
  • Identifying types of viruses
  • Using John the Ripper
  • Using Social Engineering Techniques to Plan an Attack
  • Attacking a Website using XSS Injection
  • Cross-Site Request Forgery with low complexity
  • Exploiting a Website using SQL Injection
  • Understanding application attacks
  • Defending against IP Spoofing
  • Using Burpsuite

Customer Testimonials

Ankit Gurjargour
The uCertify CISSP course is strictly based on the ISC2 CISSP exam objectives. The course provided amble information and knowledge about the exam and to the point and well organized. I strongly recommend this course to the students willing to be security professional. The course will help you pass the exam with its learning resources.
Rohan Gaykar
I found uCertify ISC2 CISSP course very detailed and easy to understand. It’s well organized and the quizzes at the end of each topic made it easy to test what you’ve just learnt. The course focused on objectives covered in the exam and provides the required skills and knowledge for understanding and using all the basic and advanced security principles and methods.
Bobby Webb
uCertify is an excellent platform. I have seen their course contents ,their practical Tests, Chapters and their Pre Assessment tests and everything is designed as per industry norms which is easy to learn for a beginner and can help you a lot to start your career in an I.T industry. So uCertify is highly recommendable.