CISSP最新培训班详细笔记(110页)
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
CISSP 最新学习笔记
此文是我班2014年高分考生袁同学在准备CISSP考试过程中的边看书边整理的一个学习笔记,整理的非常细致到位,特借此供各位备考学员参考。
第1章节到第10章节主要是学习all in one第六版资料时笔记;第11章到18章节主要是在学习完all in one后做cccure网站上面练习题后,补充的知识点;第19章到25章节为学习officeial guide教材后补充的知识点;最后第26章是总复习时作actual练习题时补充的知识点。
在看书3遍all in one后,主要补充学习了pre guide的学习笔记,cccure练习题和official guide进行知识点的补充,最后总复习阶段(1周左右)以本复习笔记为基础,配合actual 练习题进行。
目录
一. Chapter 3:Security management practices (5)
1.1 安全管理 (5)
1.2 风险管理 (6)
1.3 Policies、standards、baselines、guidelines、procedures (7)
1.4 Classification (8)
1.5 employee (9)
二. chapter 4:Access Control (10)
2.1 Identification, Authentication(= Validating), and Authorization(标识、认证、
授权) (10)
2.2 Access Control Models(访问控制模型) (12)
2.3 Access Control Techniques and Technologies(方法和技术) (13)
2.4 Access Control Administration(访问控制管理) (13)
2.5 Access Control Methods(访问控制方法) (14)
2.6 Access Control Type (15)
2.7 access control practices (15)
2.8 Access Control Monitoring (15)
2.9 A few threats to access control (16)
三. Chapter 5:Security Models and Architecture (17)
3.1 Computer Architecture (17)
3.2 Operation System Architecture (20)
3.3 System architecture (20)
3.4 安全模型 (21)
3.5 运行的安全模式security modes of operation (23)
3.6 Systems Evaluation Methods (23)
3.7 A Few Threats to Security Models and Architectures (24)
四. Chapter 6:Physical Security (26)
4.1 Planning process (26)
4.2 Protecting assets (28)
4.3 Internal Support Systems (28)
4.4 Environmental issues (29)
4.5 Perimeter security (31)
五. Chapter 7:T elecommunications and Networking Security (33)
5.1 开放系统模型 (33)
5.2 TCP/IP (34)
5.3 Type of transmission (35)
5.4 LAN Networking (35)
5.5 介质访问技术Media access technology (36)
5.6 LAN Protocols (37)
5.7 Networking Device (37)
5.8 Networking services and protocols (39)
5.9 MAN、WAN (40)
5.10 远程访问remote access (43)
5.11 wireless technologies (44)
六. Chapter 8:Cryptography (47)
6.1 加密方法methods of encryption (48)
6.2 对称算法的类型Type of symmetric methods (49)
6.3 非对称算法的类型 (50)
6.4 Message Integrity hash MD5 SHA (51)
6.5 PKI-Public Key infrastructure (54)
6.6 链路加密和端到端加密 (54)
6.7 E-mail标准 (54)
6.8 Internet security (55)
6.9 Attack (56)
七. Chapter 9:Business Continuity Planning (57)
7.1 Make BCP Part of the Security Policy and Program (58)
7.2 业务连续性计划的需求 (58)
7.3 Recovery Strategies恢复策略 (59)
7.4 Developing Goals for the Plans (61)
7.5 testing and revising the plan测试和修改计划 (61)
八. Chapter 10:Law, investigation and Ethics (63)
8.1 Computer Crime Investigations (64)
九. Chapter 11:Application and system development (66)
9.1 Database Management (66)
9.2 System Development (68)
9.3 Application Development Methodology (71)
9.4 攻击 (72)
十. Chapter 12:Operation Security (74)
10.1 Security Operations and Product Evaluation (74)
10.2 Network and Resource Availability (76)
10.3 Email security (76)
10.4 Hack and Attack Methods (77)
十一. Cccure security management (79)
十二. Cccure AC (80)
十三. Cccure CPU (82)
十四. Cccure AP (84)
十五. Cccure encryption (86)
十六. Cccure telecommunication (88)
十七. Cccure OS运行安全 (89)
十八. Cccure 法律 (91)
十九. official guide 法律 (92)
二十. official guide BCP (93)
二十一. official guide 安全管理 (93)
二十二. official guide AP (94)
二十三. official guide密码 (96)