CC Certified in Cybersecurity Study Guide

Prepare for the ISC2 Certified in Cybersecurity exam, as well as a new career in cybersecurity, with this effective study guide. Complete with full color illustrations!

In Certified in Cybersecurity Study Guide, veteran IT and cybersecurity educator Mike Chapple delivers a one-stop resource for anyone planning to pursue the ISC2 Certified in Cybersecurity credential, as well as those getting ready to take on a challenging and rewarding new career in cybersecurity. The author walks you through the info you'll need to succeed on both the exam and in your first day at a cybersecurity-focused job, using full-color illustrations to highlight and emphasize the concepts discussed inside.

Complete with an online practice test, this book comprehensively covers every competency and domain tested by the new exam, including security principles, business continuity, disaster recovery, incident response, access control concepts, network security, and security operations. You'll also find:

• Efficient and lean content, ensuring you get up-to-speed as quickly as possible
• Bite-sized chapters that break down essential topics into manageable and accessible lessons
• Complimentary online access to Sybex' celebrated online learning environment, which comes with practice questions, a complete glossary of common industry terminology, and more

A clear and effective pathway to the Certified in Cybersecurity credential, as well as a fresh career in cybersecurity, the Certified in Cybersecurity Study Guide offers the foundational knowledge, skills, and abilities you need to get started in an exciting and rewarding career.

Auteur

ABOUT THE AUTHOR Mike Chapple, PhD, CIPM, CIPP/US, CISSP, is a teaching professor in the IT, Analytics, and Operations Department at the University of Notre Dame's Mendoza College of Business. He is the author of several bestselling information technology certification guides and has over two decades' experience in higher education, the private sector, and government IT.

Texte du rabat

Your expert guide to preparing for the Certified in Cybersecurity exam The CC SM Certified in Cybersecurity Study Guide is your one-stop resource for comprehensive coverage of ISC2's entry level Certified in Cybersecurity exam. This Sybex Study Guide covers all the exam's domain competencies. Prepare for the test smarter and faster with Sybex thanks to 4-color, illustrated content full of visual prompts, assessment tests that validate and measure exam readiness, objective maps, real-world examples and scenarios, practical exercises, and challenging chapter review questions. Reinforce and remember what you've learned with the Sybex online learning environment and test bank, accessible across multiple devices. Get prepared for the Certified in Cybersecurity exam with Sybex. Coverage of 100% of all exam objectives in this Study Guide means you'll be ready for each of the 5 ISC2 Certified in Cybersecurity domains:

• Security Principles
• Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concept
• Access Controls Concepts
• Network Security

• Security Operations Interactive learning environment Take your exam prep to the next level with Sybex's superior interactive online study tools. To access our learning environment, simply visit www.wiley.com/go/sybextestprep, register your book to receive your unique PIN, and instantly gain one year of FREE access after activation to:

• Interactive test bank with a bonus practice exam to help you identify areas where further review is needed. Get more than 90% of the answers correct, and you're ready to take the certification exam.
• 100 electronic flashcards to reinforce learning and last-minute prep before the exam.
• Comprehensive glossary in PDF format gives you instant access to the key terms so you are fully prepared. ABOUT THE CERTIFIED IN CYBERSECURITY PROGRAM Certified in Cybersecurity demonstrates your knowledge of the foundational skills and abilities required in an entry- or junior-level cybersecurity role. It proves your understanding of fundamental security best practices, policies, and procedures.

Contenu

Introduction xvii Part I Domain 1: Security Principles 1 Chapter 1 Confidentiality, Integrity, Availability, and Non-repudiation 3 The CIA Triad 4 Non-repudiation 7 Chapter 2 Authentication and Authorization 11 Access Control Process 11 Password Policies 13 Authentication Factors 16 Chapter 3 Privacy 23 Privacy 23 Privacy Management Framework 25 Chapter 4 Risk Management 35 Risk Types 35 Risk Identification and Assessment 37 Risk Treatment Strategies 39 Risk Profile and Tolerance 40 Chapter 5 Security Controls 45 What Are Security Controls? 45 Categorizing Security Controls 46 Chapter 6 Ethics 51 Corporate Ethics Codes 51 ISC2 Code of Ethics 52 Ethics Complaint Procedure 54 Chapter 7 Security Governance Processes 59 Security Policies and Procedures 59 Laws and Regulations 61 Chapple213832_ftoc.indd 13 22-11-2023 12:53:06 Part II Domain 2: Business Continuity (bc), Disaster Recovery (dr) & Incident Response (ir) Concepts 65 Chapter 8 Business Continuity 67 Business Continuity Planning 67 Business Continuity Controls 69 High Availability and Fault Tolerance 71 Chapter 9 Disaster Recovery 79 Disaster Recovery Planning 79 Backups 81 Disaster Recovery Sites 83 Testing Disaster Recovery Plans 85 Chapter 10 Incident Response 89 Creating an Incident Response Program 89 Building an Incident Response Team 91 Incident Communications Plan 92 Incident Identification and Response 93 Part III Domain 3: Access Controls Concepts 99 Chapter 11 Physical Access Controls 101 Physical Facilities 101 Designing for Security 104 Visitor Management 106 Physical Security Personnel 106 Chapter 12 Logical Access Controls 111 Authorization 111 Account Types 114 Non- repudiation 115 Part IV Domain 4: Network Security 119 Chapter 13 Computer Networking 121 Network Types 121 TCP/IP Networking 122 IP Addressing 124 Network Ports and Applications 128 Securing Wi- Fi Networks 129 Chapter 14 Network Threats and Attacks 137 Malware 137 Eavesdropping Attacks 139 Denial- of- Service Attacks 140 Side- Channel Attacks 142 Chapter 15 Threat Identification and Prevention 145 Antivirus Software 145 Intrusion Detection and Prevention 146 Firewalls 148 Vulnerability Scanning 149 Chapter 16 Network Security Infrastructure 155 Data Center Protection 156 Network Security Zones 158 Switches, WAPs, and Routers 159 Network Segmentation 161 Virtual Private Networks 162 Network Access Control 163 Internet of Things 165 Chapter 17 Cloud Computing 169 Cloud Computing 169 Cloud Deployment Models 171 Cloud Service Categories 172 Security and the Shared Responsibility Model 174 Automation and Orchestration 174 Vendor Relationships 175 Part V Domain 5: Security Operations 179 Chapter 18 Encryption 181 Cryptography 181 Encryption Algorithms 183 Uses of Encryption 186 Hash Functions 187 Chapter 19 Data Handling 193 Data Life Cycle 193 Data Classification 196 Chapter 20 Logging and Monitoring 201 Logging 201 Log Monitoring 202 Chapter 21 Configuration Management 207 Configuration Management 207 Configuration Vulnerabilities 208 Chapter 22 Best Practice Security Policies 213 Acceptable Use Policy 213 Data Handling Policy 214 Password Policy 214 Bring Your Own Device Policy 214 Privacy Policy 214 Change Management Policy 215 Chapter 23 Security Awareness Training 219 Social Engineering 219 Security Education 221 Index 227