收藏 分享(赏)

Sybex.CISSP..Study.Guide.2nd.Edition.pdf

上传人:a****2 文档编号:3332714 上传时间:2024-03-02 格式:PDF 页数:717 大小:10.85MB
下载 相关 举报
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第1页
第1页 / 共717页
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第2页
第2页 / 共717页
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第3页
第3页 / 共717页
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第4页
第4页 / 共717页
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第5页
第5页 / 共717页
Sybex.CISSP..Study.Guide.2nd.Edition.pdf_第6页
第6页 / 共717页
亲,该文档总共717页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

1、 CISSP:Certified InformationSystems Security Professional Study Guide 2nd Edition 4335cFM.fm Page i Wednesday,June 16,2004 4:01 PM 4335cFM.fm Page ii Wednesday,June 16,2004 4:01 PM San Francisco London CISSP :Certified InformationSystems Security Professional Study Guide 2nd Edition Ed TittelJames M

2、ichael StewartMike Chapple 4335cFM.fm Page iii Wednesday,June 16,2004 4:01 PM Associate Publisher:Neil EddeAcquisitions and Developmental Editor:Heather OConnorProduction Editor:Lori NewmanTechnical Editor:Patrick BassCopyeditor:Judy FlynnCompositor:Craig Woods,Happenstance Type-O-RamaGraphic Illust

3、rator:Happenstance Type-O-RamaCD Coordinator:Dan MummertCD Technician:Kevin LyProofreaders:Laurie OConnell,Nancy RiddioughIndexer:Ted LauxBook Designer:Bill Gibson,Judy FungCover Designer:Archer DesignCover Photographer:Victor Arre,PhotodiscCopyright 2004 SYBEX Inc.,1151 Marina Village Parkway,Alame

4、da,CA 94501.World rights reserved.No part of this publication may be stored in a retrieval system,transmitted,or reproduced in any way,including but not limited to photocopy,photograph,magnetic,or other record,without the prior agreement and written per-mission of the publisher.First edition copyrig

5、ht 2003 SYBEX Inc.Library of Congress Card Number:2003115091ISBN:0-7821-4335-0SYBEX and the SYBEX logo are either registered trademarks or trademarks of SYBEX Inc.in the United States and/or other countries.Screen reproductions produced with FullShot 99.FullShot 99 19911999 Inbit Incorporated.All ri

6、ghts reserved.FullShot is a trademark of Inbit Incorporated.The CD interface was created using Macromedia Director,COPYRIGHT 1994,19971999 Macromedia Inc.For more information on Macromedia and Macromedia Director,visit http:/.This study guide and/or material is not sponsored by,endorsed by or affili

7、ated with International Information Systems Security Certification Consortium,Inc.(ISC)2 and CISSP are registered service and/or trademarks of the International Information Systems Security Certification Consortium,Inc.All other trademarks are the prop-erty of their respective owners.TRADEMARKS:SYBE

8、X has attempted throughout this book to distinguish proprietary trademarks from descriptive terms by following the capitalization style used by the manufacturer.The author and publisher have made their best efforts to prepare this book,and the content is based upon final release software whenever po

9、ssible.Portions of the manuscript may be based upon pre-release versions supplied by software manufacturer(s).The author and the publisher make no representation or warranties of any kind with regard to the completeness or accuracy of the contents herein and accept no liability of any kind including

10、 but not limited to performance,merchantability,fitness for any particular purpose,or any losses or damages of any kind caused or alleged to be caused directly or indirectly from this book.Manufactured in the United States of America10 9 8 7 6 5 4 3 2 1 4335cFM.fm Page iv Wednesday,June 16,2004 4:01

11、 PM To Our Valued Readers:Thank you for looking to Sybex for your CISSP exam prep needs.We at Sybex are proud of our reputation for providing certification candidates with the practical knowledge and skills needed to succeed in the highly competitive IT marketplace.Certification candidates have come

12、 to rely on Sybex for accurate and accessible instruction on todays crucial technologies.For the second year in a row,readers such as you voted Sybex as winner of the“Best Study Guides”category in the 2003 CertCities Readers Choice Awards.The author and editors have worked hard to ensure that the ne

13、w edition of the CISSP:Cer-tified Information Systems Security Professional Study Guide you hold in your hands is com-prehensive,in-depth,and pedagogically sound.Were confident that this book will exceed the demanding standards of the certification marketplace and help you,the CISSP certification ca

14、ndidate,succeed in your endeavors.As always,your feedback is important to us.If you believe youve identified an error in the book,please send a detailed e-mail to .And if you have general com-ments or suggestions,feel free to drop me a line directly at .At Sybex were continually striving to meet the

15、 needs of individuals preparing for certification exams.Good luck in pursuit of your CISSP certification!Neil EddeAssociate PublisherCertificationSybex,Inc.4335cFM.fm Page v Wednesday,June 16,2004 4:01 PM Software License Agreement:Terms and Conditions The media and/or any online materials accompany

16、ing this book that are available now or in the future contain programs and/or text files(the“Software”)to be used in connection with the book.SYBEX hereby grants to you a license to use the Software,subject to the terms that follow.Your purchase,acceptance,or use of the Soft-ware will constitute you

17、r acceptance of such terms.The Software compilation is the property of SYBEX unless otherwise indicated and is protected by copyright to SYBEX or other copyright owner(s)as indicated in the media files(the“Owner(s)”).You are hereby granted a single-user license to use the Software for your personal,

18、noncommercial use only.You may not repro-duce,sell,distribute,publish,circulate,or commercially exploit the Software,or any portion thereof,without the written consent of SYBEX and the specific copyright owner(s)of any component software included on this media.In the event that the Software or compo

19、nents include specific license requirements or end-user agreements,statements of condition,disclaimers,limitations or war-ranties(“End-User License”),those End-User Licenses supersede the terms and conditions herein as to that par-ticular Software component.Your purchase,accep-tance,or use of the So

20、ftware will constitute your acceptance of such End-User Licenses.By purchase,use or acceptance of the Software you fur-ther agree to comply with all export laws and regula-tions of the United States as such laws and regulations may exist from time to time.Software Support Components of the supplemen

21、tal Software and any offers associated with them may be supported by the specific Owner(s)of that material,but they are not sup-ported by SYBEX.Information regarding any available support may be obtained from the Owner(s)using the information provided in the appropriate read.me files or listed elsew

22、here on the media.Should the manufacturer(s)or other Owner(s)cease to offer support or decline to honor any offer,SYBEX bears no responsibility.This notice concerning support for the Software is provided for your information only.SYBEX is not the agent or principal of the Owner(s),and SYBEX is in no

23、 way responsible for providing any support for the Software,nor is it liable or responsible for any support provided,or not provided,by the Owner(s).Warranty SYBEX warrants the enclosed media to be free of phys-ical defects for a period of ninety(90)days after pur-chase.The Software is not available

24、 from SYBEX in any other form or media than that enclosed herein or posted to .If you discover a defect in the media during this warranty period,you may obtain a replace-ment of identical format at no charge by sending the defective media,postage prepaid,with proof of pur-chase to:SYBEX Inc.Product

25、Support Department1151 Marina Village ParkwayAlameda,CA 94501Web:http:/ After the 90-day period,you can obtain replacement media of identical format by sending us the defective disk,proof of purchase,and a check or money order for$10,payable to SYBEX.Disclaimer SYBEX makes no warranty or representat

26、ion,either expressed or implied,with respect to the Software or its contents,quality,performance,merchantability,or fit-ness for a particular purpose.In no event will SYBEX,its distributors,or dealers be liable to you or any other party for direct,indirect,special,incidental,consequen-tial,or other

27、damages arising out of the use of or inabil-ity to use the Software or its contents even if advised of the possibility of such damage.In the event that the Soft-ware includes an online update feature,SYBEX further disclaims any obligation to provide this feature for any specific duration other than

28、the initial posting.The exclusion of implied warranties is not permitted by some states.Therefore,the above exclusion may not apply to you.This warranty provides you with specific legal rights;there may be other rights that you may have that vary from state to state.The pricing of the book with the

29、Software by SYBEX reflects the allocation of risk and limitations on liability contained in this agree-ment of Terms and Conditions.Shareware Distribution This Software may contain various programs that are distributed as shareware.Copyright laws apply to both shareware and ordinary commercial softw

30、are,and the copyright Owner(s)retains all rights.If you try a share-ware program and continue using it,you are expected to register it.Individual programs differ on details of trial periods,registration,and payment.Please observe the requirements stated in appropriate files.Copy Protection The Softw

31、are in whole or in part may or may not be copy-protected or encrypted.However,in all cases,reselling or redistributing these files without authoriza-tion is expressly forbidden except as specifically pro-vided for by the Owner(s)therein.4335cFM.fm Page vi Wednesday,June 16,2004 4:01 PM Acknowledgmen

32、ts Thanks to Neil Edde and Jordan Gold at Sybex for helping us hook up with this project;thanks also to Rodnay Zaks for numerous fine gastronomic experiences and for an even greater number of good ideas.But Neil wins the“great gastronomy prize”for taking me to Chez Panisse for lunch the last time I

33、visited Sybexs Alameda offices.Thanks to my mom and dad for providing me with the basic tools to become a writer and trainer:an inquiring mind,plus good verbal and debating skills.Thanks to Dina Kutueva,not just for marrying me and com-pleting my life,but also for her magnificent efforts and sacrifi

34、ces in delivering our beautiful son,Gregory E.Tittel,in February 2004.You rule my world!And finally,thanks to the whole his-torical LANWrights gangDawn,Mary,Kim,Bill,Chelsea,Natanya,and Michaelfor 10 great years of camaraderie,collaboration,and the occasional success.You guys are the greatest;I coul

35、dnt have done it without you!Im sorry we havent all been able to stay together,but Ill always value our time together and our continuing friendships.Ed TittelThanks to Ed Tittel and LANWrights,Inc.for allowing me to contribute to the revision of this book.Working with you guys is and always has been

36、 a pleasure.Thanks to my editor Dawn Rader for putting up with my bad grammar.Thanks to my third co-author,Mike Chapple,for helping make this book all it could be.To my parents,Dave and Sue,thanks for your love and consistent support.To my sister Sharon and nephew Wesley,its great having family like

37、 you to spend time with.To Mark,its time we bolth got a life.To HERbert and Quin,its great hav-ing two furry friends around the house.And finally,as always,to Elviswhere did you get that shiny gold suit?I want to wear it around town to blind anyone who gazes in my direction.James Michael StewartId l

38、ike to thank Ed Tittel,Dawn Rader,and the team at LANWrights,Inc.for their assis-tance with this project.I also owe a debt of gratitude to the countless technical experts in gov-ernment and industry whove patiently answered my questions and fueled my passion for security over the years.Above all,Id

39、like to thank my wife Renee for her undying patience as I worked on this book.Without her support,this never would have been possible.Mike Chapple 4335cFM.fm Page vii Wednesday,June 16,2004 4:01 PM Contents at a Glance Introduction xxiiiAssessment Testxxx Chapter1 Accountability and Access Control 1

40、 Chapter2 Attacks and Monitoring 31 Chapter3 ISO Model,Network Security,and Protocols 55 Chapter4 Communications Security and Countermeasures 99 Chapter5 Security Management Concepts and Principles 129 Chapter6 Asset Value,Policies,and Roles 149 Chapter7 Data and Application Security Issues 179 Chap

41、ter8 Malicious Code and Application Attacks 219 Chapter9 Cryptography and Private Key Algorithms 253 Chapter10 PKI and Cryptographic Applications 287 Chapter11 Principles of Computer Design 317 Chapter12 Principles of Security Models 361 Chapter13 Administrative Management 395 Chapter14 Auditing and

42、 Monitoring 421 Chapter15 Business Continuity Planning 449 Chapter16 Disaster Recovery Planning 475 Chapter17 Law and Investigations 507 Chapter18 Incidents and Ethics 541 Chapter19 Physical Security Requirements 563 Glossary 591 Index649 4335cFM.fm Page viii Wednesday,June 16,2004 4:01 PM 4335cFM.f

43、m Page ix Wednesday,June 16,2004 4:01 PM Contents Introduction xxiiiAssessment Testxxx Chapter1Accountability and Access Control1 Access Control Overview 2Types of Access Control 2Access Control in a Layered Environment 4The Process of Accountability 5Identification and Authentication Techniques 7Pa

44、sswords 7Biometrics 10Tokens 13Tickets 14Access Control Techniques 15Access Control Methodologies and Implementation 17Centralized and Decentralized Access Control 17RADIUS and TACACS 18Access Control Administration 19Account Administration 19Account,Log,and Journal Monitoring 20Access Rights and Pe

45、rmissions 20Summary 21Exam Essentials 22Review Questions 24Answers to Review Questions 28 Chapter2Attacks and Monitoring31 Monitoring 32Intrusion Detection 33Host-Based and Network-Based IDSs 33Knowledge-Based and Behavior-Based Detection 35IDS-Related Tools 36Penetration Testing 37Methods of Attack

46、s 37Brute Force and Dictionary Attacks 38Denial of Service 40Spoofing Attacks 43Man-in-the-Middle Attacks 43Sniffer Attacks 44 4335cFM.fm Page x Wednesday,June 16,2004 4:01 PM Contents xi Spamming Attacks 44Crackers 45Access Control Compensations 45Summary 45Exam Essentials 46Review Questions 49Answ

47、ers to Review Questions 53 Chapter3ISO Model,Network Security,and Protocols55 OSI Model 56History of the OSI Model 56OSI Functionality 57Encapsulation/Deencapsulation 58OSI Layers 59TCP/IP Model 63Communications and Network Security 64Network Cabling 65LAN Technologies 68Network Topologies 71TCP/IP

48、Overview 73Internet/Intranet/Extranet Components 78Firewalls 78Other Network Devices 81Remote Access Security Management 82Network and Protocol Security Mechanisms 83VPN Protocols 83Secure Communications Protocols 84E-Mail Security Solutions 84Dial-Up Protocols 85Authentication Protocols 85Centraliz

49、ed Remote Authentication Services 85Network and Protocol Services 86Frame Relay 87Other WAN Technologies 87Avoiding Single Points of Failure 88Redundant Servers 88Failover Solutions 89RAID 89Summary 91Exam Essentials 91Review Questions 93Answers to Review Questions 97 4335cFM.fm Page xi Wednesday,Ju

50、ne 16,2004 4:01 PM xii Contents Chapter4Communications Security and Countermeasures99 Virtual Private Network(VPN)100Tunneling 100How VPNs Work 101Implementing VPNs 102Network Address Translation 103Private IP Addresses 103Stateful NAT 103Switching Technologies 104Circuit Switching 104Packet Switchi

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 教育教学 > 考试真题 > 2.29金太阳联考 > 2.29金太阳联考 > 更多高考新课联系:F8688333

copyright@ 2008-2023 wnwk.com网站版权所有

经营许可证编号:浙ICP备2024059924号-2