Official (ISC)² guide to the CISSP-ISSEP CBK. (2006)
- Record Type:
- Book
- Title:
- Official (ISC)² guide to the CISSP-ISSEP CBK. (2006)
- Main Title:
- Official (ISC)² guide to the CISSP-ISSEP CBK
- Further Information:
- Note: Susan Hansche.
- Other Names:
- Hansche, Susan
- Contents:
- ISSE DOMAIN 1: INFORMATION SYSTEMS; SECURITY ENGINEERING (ISSE); ISSE Introduction; Introduction; SE and ISSE Overview; The ISSE Model; Life Cycle and ISSE; Risk Management; Defense in Depth; Summary; References; ; ISSE Model Phase 1: Discover Information Protection; Needs; Introduction; Systems Engineering Activity: Discover Needs; ISSE Activity: Discover Information Protection Needs; Identifying Security Services and Developing; the Information Protection Policy; Creating the Information Protection Policy (IPP); Creating the IPP Document; The Information Management Plan (IMP); Final Deliverable of Phase 1; Summary; References; ; ISSE Model Phase 2: Define System Security Requirements; Introduction; System Engineering Activity: Defining; System Requirements; ISSE Activity: Defining System Security Requirements; Final Deliverable of Phase 2; Summary; References; ; ISSE Model Phase 3: Define System; Security Architecture; Introduction; Defining System and Security Architecture; System Engineering Activity: Designing System Architecture; ISSE Activity: Define the Security Architecture; Final Deliverable of Phase 3; Summary; References; ; ISSE Model Phase 4: Develop Detailed Security Design; Introduction; Systems Engineering Activity: System Design; ISSE Activity: System Security Design; ISSE Design and Risk Management; Final Deliverables of Phase 4; Summary; References; Web Sites; Software Design and Development Bibliography; ; ISSE Model Phase 5: Implement System Security;ISSE DOMAIN 1: INFORMATION SYSTEMS; SECURITY ENGINEERING (ISSE); ISSE Introduction; Introduction; SE and ISSE Overview; The ISSE Model; Life Cycle and ISSE; Risk Management; Defense in Depth; Summary; References; ; ISSE Model Phase 1: Discover Information Protection; Needs; Introduction; Systems Engineering Activity: Discover Needs; ISSE Activity: Discover Information Protection Needs; Identifying Security Services and Developing; the Information Protection Policy; Creating the Information Protection Policy (IPP); Creating the IPP Document; The Information Management Plan (IMP); Final Deliverable of Phase 1; Summary; References; ; ISSE Model Phase 2: Define System Security Requirements; Introduction; System Engineering Activity: Defining; System Requirements; ISSE Activity: Defining System Security Requirements; Final Deliverable of Phase 2; Summary; References; ; ISSE Model Phase 3: Define System; Security Architecture; Introduction; Defining System and Security Architecture; System Engineering Activity: Designing System Architecture; ISSE Activity: Define the Security Architecture; Final Deliverable of Phase 3; Summary; References; ; ISSE Model Phase 4: Develop Detailed Security Design; Introduction; Systems Engineering Activity: System Design; ISSE Activity: System Security Design; ISSE Design and Risk Management; Final Deliverables of Phase 4; Summary; References; Web Sites; Software Design and Development Bibliography; ; ISSE Model Phase 5: Implement System Security; Introduction; System Engineering Activity: System Implementation; ISSE and System Security Implementation; ISSE and Risk Management; Final Deliverable of Phase 5; Summary; References; Web Sites; ; ISSE Model Phase 6: Assess Security Effectiveness; Introduction; System Engineering Activity: System Assessment; ISSE and System Security Assessment; ISSE and Risk Management; Final Deliverable of Phase 6; Summary; References; Web Sites; ; ISSE DOMAIN 2: CERTIFICATION AND; ACCREDITATION; DITSCAP and NIACAP; Introduction; DITSCAP and NIACAP Overview; DITSCAP/NIACAP Definition; Phase 1: Definition; Phase 2: Verification; Phase 3: Validation; Phase 4: Post Accreditation; Summary; ; C&A NIST SP 800-37; Introduction; The C&A Process; Phase 1: Initiation; Phase 2: Security Certification; Phase 3: Security Accreditation; Phase 4: Continuous Monitoring; Summary; Domain 2 References; Web Sites; Acronyms; ; ISSE DOMAIN 3: TECHNICAL MANAGEMENT; Technical Management; Introduction; Planning the Effort; Managing the Effort; Technical Roles and Responsibilities; Technical Documentation; Technical Management Tools; Summary; References; Web Sites; ; ISSEP DOMAIN 4: INTRODUCTION TO UNITED; STATES GOVERNMENT INFORMATION ASSURANCE REGULATIONS; Information Assurance Organizations, Public Laws, and; Public Policies; Introduction; Section 1: Federal Agencies and Organizations; Section 2: Federal Laws, Executive Directives and Orders, and OMB; Directives; Summary; References; Web Sites; ; Department of Defense (DoD) Information Assurance; Organizations and Policies; Introduction; Overview of DoD Policies; DoD Information Assurance (IA) Organizations and Departments; DoD Issuances; Summary; References; Web Sites; ; Committee on National Security Systems; Introduction; Overview of CNSS and NSTISSC; CNSS and NSTISSC Issuances; CNSS Policies; CNSS Directive; CNSS Instructions; CNSS Advisory Memoranda; Summary; References; Web Sites; ; National Institute of Standards and Technology (NIST); Publications; Introduction; Federal Information Processing Standards (FIPS); NIST Special Publications; Summary; References; Web Sites; ; National Information Assurance Partnership (NIAP) and; Common Criteria (CC); Introduction; ; Historical View of IT Security Evaluations; National Information Assurance Partnership (NIAP); The Common Criteria; CC Scenario; Summary; References; Web Sites; ; APPENDIX A: LINKING ISSE PHASES TO SE; Phases; ; APPENDIX B: ENTERPRISE ARCHITECTURE; ; APPENDIX C: COMBINING NIST SP 800-55 AND; SP 800-26; ; APPENDIX D: COMMON CRITERIA SECURITY; ASSURANCE REQUIREMENTS … (more)
- Publisher Details:
- Boca Raton, Fla : Auerbach
- Publication Date:
- 2006
- Extent:
- 1 online resource (xxix, 993 pages), illustrations
- Subjects:
- 005.8
Computer security -- Examinations -- Study guides
Electronic data processing personnel -- Certification
Computer security -- Examinations -- Study guides
COMPUTERS -- Internet -- Security
COMPUTERS -- Networking -- Security
COMPUTERS -- Security -- General
Computer security -- Examinations
Electronic books
Study guides - Languages:
- English
- ISBNs:
- 0203501233
9780203501238
9781420031355
9780203888933
0203888936
9780849323416 - Related ISBNs:
- 142003135X
084932341X
084932341X - Notes:
- Note: Includes bibliographical references and index.
Note: Print version record. - Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.154430
- Ingest File:
- 01_019.xml