600 pages | 108 B/W Illus.
Candidates for the CISSP-ISSAP professional certification need to not only demonstrate a thorough understanding of the six domains of the ISSAP CBK, but also need to have the ability to apply this in-depth knowledge to develop a detailed security architecture.
Supplying an authoritative review of the key concepts and requirements of the ISSAP CBK, the Official (ISC)2® Guide to the ISSAP® CBK®, Second Edition provides the practical understanding required to implement the latest security protocols to improve productivity, profitability, security, and efficiency. Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptology, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.
Newly Enhanced Design – This Guide Has It All!
Read It. Study It. Refer to It Often.Build your knowledge and improve your chance of achieving certification the first time around. Endorsed by (ISC)2 and compiled and reviewed by CISSP-ISSAPs and (ISC)2 members, this book provides unrivaled preparation for the certification exam and is a reference that will serve you well into your career. Earning your ISSAP is a deserving achievement that gives you a competitive advantage and makes you a member of an elite network of professionals worldwide.
(ISC)2 is pleased to offer the Official (ISC)2® Guide to the ISSAP® CBK®, Second Edition. This book will review and deepen your knowledge of security architecture, covering each of the six domains contained in the CISSP-ISSAP® CBK®.
—W. Hord Tipton, CISSP-ISSAP, CAP, CISA, Executive Director (ISC)2®
Access Control Systems & Methodology
Access Control Concepts
Authentication, Authorization, and Accounting (AAA)
Access Control Administration and Management Concepts
Communications & Network Security
Voice and Facsimile Communications
Network Security Design Considerations
Interoperability and Associated Risks
Audits and Assessments
Secure Sourcing Strategy
Applications of Cryptography
Vet Proprietary Cryptography & Design Testable Cryptographic Systems
Computational Overhead & Useful Life
Key Life Cycle
Public Key Infrastructure
Security Architecture Analysis
Product Assurance Evaluation Criteria
Assurance through Evaluation
Technology Related Business Continuity Planning (BCP) & Disaster Recovery Planning (DRP)
Planning Phases and Deliverables
Business Impact Analysis
Selecting a Recovery Strategy for Technology
Bringing It All Together – A Sample "Walk Through" of a DR Plan
Step by Step Guide for Disaster Recovery Planning for Security Architects
Physical Security Considerations
Physical Security Policies and Standards
Physical Security Risks
Answers to Review Questions