I. Exam Preparation.
1. Access Control Systems and Methodology.
Introduction. Accountability. Access Control Techniques. Access Control Administration. Access Control Models. Identification and Authentication Techniques. Access Control Methodologies. Methods of Attacks. Monitoring. Penetration Testing.
2. Telecommunications and Network Security.
Introduction. The Open Systems Interconnection Model. Network Characteristics and Topologies. Network Topologies. LAN Devices. WAN Technologies. Providing Remote Access Capabilities. Networking Protocols. Protecting the Integrity, Availability, and Confidentiality of Network Data. Fault Tolerance and Data Restoration.
3. Security Management and Practices.
Introduction. Defining Security Principles. Security Management Planning. Risk Management and Analysis. Policies, Standards, Guidelines, and Procedures. Examining Roles and Responsibility. Management Responsibility. Understanding Protection Mechanisms. Classifying Data. Employment Policies and Practices. Managing Change Control. Security Awareness Training.
4. Applications and Systems Development Security.
Introduction. Software Applications and Issues. Attacking Software. Understanding Malicious Code. Implementing System Development Controls. Using Coding Practices That Reduce System Vulnerability.
5. Cryptography.
Introduction. Uses of Cryptography. Cryptographic Concepts, Methodologies, and Practices. PKI and Key Management. Methods of Attack.
6. Security Architecture and Models.
Introduction. Requirements for Security Architecture and Models. Security Models. Security System Architecture. Information System Security Standards. Common Criteria. IPSec.
7. Operations Security.
Introduction. Examining the Key Roles of Operations Security. The Roles of Auditing and Monitoring. Developing Countermeasures to Threats. The Role of Administrative Management. Concepts and Best Practices.
8. Business Continuity Planning and Disaster Recovery Planning.
Introduction. What Are the Disasters That Interrupt Business Operation? Quantifying the Difference Between DRP and BCP. Examining the Business Continuity Planning Process. Defining Disaster Recovery Planning. Developing a Backup Strategy.
9. Law, Investigation, and Ethics.
Introduction. Fundamentals of Law. Criminal Law and Computer Crime. Computer Security Incidents. Legal Evidence. Computer Forensics. Computer Ethics.
10. Physical Security.
Introduction. Classifying Assets to Simplify Physical Security Discussions. Vulnerabilities. Selecting, Designing, Constructing, and Maintaining a Secure Site. Tape and Media Library Retention Policies. Document (Hard-Copy) Libraries. Waste Disposal. Physical Intrusion Detection.
II. Final Review.
Fast Facts.
Domain 1, "Access Control". Domain 2, "Network Security and Telecommunications". Domain 3, "Security Management and Practices". Domain 4, "Applications and Systems Development Security". Domain 5, "Cryptography". Domain 6, "Security Architecture and Models". Domain 7, "Operations Security". Domain 8, "Business Continuity Planning and Disaster Recovery Planning". Domain 9, "Law, Investigation, and Ethics". Domain 10, "Physical Security".
Study and Exam Prep Tips.
Learning As a Process. Study Tips. Exam Prep Tips.
Practice Exam.
Exam Questions.
III. Appendixes.
Appendix A. Glossary.
Appendix B. Overview of the Certification Process.
Description of the Path to Certification. About the Certification Program.
Appendix C. What's on the CD-ROM.
PrepLogic Practice Tests, Preview Edition. Exclusive Electronic Version of Text.
Appendix D. Using the PrepLogic Practice Tests, Preview Edition Software.
Exam Simulation. Software Requirements. Contacting PrepLogic. License Agreement. |
