Peter H. Gregory

CISSP For Dummies


Скачать книгу

for your study effort and sufficient information to help you pass the exam, but by itself, it won’t make you an information security expert. That takes knowledge, skills, and experience!

      Finally, as a security professional, earning your CISSP certification is only the beginning. Business and technology, which have associated risks and vulnerabilities, require us, as security professionals, to press forward constantly, consuming vast volumes of knowledge and information in a constant tug-of-war against the bad guys. Earning your CISSP is an outstanding achievement and an essential hallmark in a lifetime of continuous learning.

      It’s been said that most assumptions have outlived their uselessness, but we assume a few things nonetheless! Mainly, we assume the following:

       You have at least five years of professional experience in two or more of the eight domains covered on the CISSP exam (corresponding to chapters 3 through 10 of this book). Actually, this is more than an assumption; it’s a requirement for CISSP certification. Even if you don’t have the minimum experience, however, some experience waivers are available for certain certifications and college education (we cover the specifics in Chapter 1), and you can still take the CISSP exam and apply for certification after you meet the experience requirement.

       You have general IT experience, perhaps even many years of experience. Passing the CISSP exam requires considerable knowledge of information security and underlying IT technologies and fundamentals such as networks, operating systems, and programming.

       You have access to the Internet. Throughout this book, we provide lots of URLs for websites about technologies, standards, laws, tools, security associations, and other certifications that you’ll find helpful as you prepare for the CISSP exam.

       You are a “white hat” security professional. By this, we mean that you act lawfully and will have no problem abiding by the (ISC)2 Code of Ethics (which is a requirement for CISSP certification).

      Throughout this book, you occasionally see icons in the left margin that call attention to important information that’s particularly worth noting. You won’t see smiley faces winking at you or any other cute little emoticons, but you’ll definitely want to take note! Here’s what to look for and what to expect.

      Crossreference This icon identifies the CISSP Common Body of Knowledge (CBK) objective that is covered in each section.

      Remember This icon identifies general information and core concepts that are well worth committing to your nonvolatile memory, your gray matter, or your noggin — along with anniversaries, birthdays, and other important stuff. You should certainly understand and review this information before taking your CISSP exam.

      Warning This icon marks the stuff your mother warned you about. Well, okay, probably not, but you should take heed nonetheless. These helpful alerts point out confusing or difficult-to-understand terms and concepts.

      Technicalstuff You won’t find a map of the human genome or the secret to cold fusion in this book (or maybe you will), but if you’re an insufferable insomniac, take note. This icon explains the jargon beneath the jargon and is the stuff that legends — or at least nerds — are made of. So if you’re seeking to attain the seventh level of NERD-vana, keep an eye out for these icons!

      In addition to what you’re reading right now, this book comes with a free, access-anywhere Cheat Sheet that includes tips to help you prepare for the CISSP exam and your date with destiny (your exam day). To get this Cheat Sheet, simply go to www.dummies.com and type CISSP For Dummies Cheat Sheet in the Search box.

      You also get access to hundreds of practice CISSP exam questions, as well as dozens of flash cards. Use the exam questions to identify specific topics and domains that you may need to spend a little more time studying and to become familiar with the types of questions you’ll encounter on the CISSP exam (including multiple-choice, drag-and-drop, and hotspot). To gain access to the online practice, all you have to do is register. Just follow these simple steps:

      1 Register your book or e-book at Dummies.com to get your personal identification number (PIN).Go to www.dummies.com/go/getaccess.

      2 Choose your product from the drop-down list on that page.

      3 Follow the prompts to validate your product.

      4 Check your email for a confirmation message that includes your PIN and instructions for logging in.If you don’t receive this email within two hours, please check your spam folder before contacting us through our support website at http://support.wiley.com or by phone at +1 (877) 762-2974.

      Your registration is good for one year from the day you activate your PIN.

      If you don’t know where you’re going, any chapter will get you there, but Chapter 1 may be a good place to start. If you see a particular topic that piques your interest, however, feel free to jump ahead to that chapter. Each chapter is individually wrapped (but not packaged for individual sale) and written to stand on its own, so feel free to start reading anywhere and skip around! Read this book in any order that suits you (though we don’t recommend upside down or backward).

      Getting Started with CISSP Certification

      Get acquainted with (ISC)2 and the CISSP certification.

      Advance your security career as a CISSP.

      (ISC)2 and the CISSP Certification

      IN THIS CHAPTER

      Bullet Learning about (ISC)2 and the CISSP certification

      Bullet Understanding CISSP certification requirements