The only official, comprehensive reference guide to the CISSP
Thoroughly updated for 2021 and beyond, this is the authoritative common body of knowledge (CBK) from (ISC)2 for information security professionals charged with designing, engineering, implementing, and managing the overall information security program to protect organizations from increasingly sophisticated attacks. Vendor neutral and backed by (ISC)2, the CISSP credential meets the stringent requirements of ISO/IEC Standard 17024.
This CBK covers the current eight domains of CISSP with the necessary depth to apply them to the daily practice of information security. Revised and updated by a team of subject matter experts, this comprehensive reference covers all of the more than 300 CISSP objectives and sub-objectives in a structured format with:
- Common and good practices for each objective
- Common vocabulary and definitions
- References to widely accepted computing standards
- Highlights of successful approaches through case studies
Whether you've earned your CISSP credential or are looking for a valuable resource to help advance your security career, this comprehensive guide offers everything you need to apply the knowledge of the most recognized body of influence in information security.
"The CISSP continues to be a mark of distinction around the world, signifying not only experiential and practical knowledge but also a commitment to lifelong learning and improvement. The CISSP CBK is a living, breathing resource that cybersecurity practitioners and leaders can refer to as they go about the daily mission of inspiring a safe and secure cyber world."
―Clar Rosso, CEO, (ISC)2
Information security professionals play a pivotal role in protecting the essential fabric of business, finance, communications, and virtually all aspects of 21st century daily life. This updated, authoritative Common Body of Knowledge (CBK®) from (ISC)2 provides a resource for IT professionals who are designing, engineering, implementing, and managing information security programs to protect their organizations from increasingly sophisticated attacks.
With exhaustive coverage of all eight domains of CISSP, this book provides a comprehensive guide to applying these principles in everyday practice. The 300+ CISSP objectives and sub-objectives are covered in a format that supplies common practices for each, a common lexicon with definitions, and appropriate references to both widely accepted computing standards and case studies that highlight successful approaches to problems. Written and reviewed by a team of highly knowledgeable CISSPs representing a variety of organizations and roles, it explains and defines all things related to CISSP.
Explored in depth are Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security. From understanding essential security concepts to the exercise of due care, legal compliance, professional ethics, and practical defense against an ever-growing variety of attacks, this book constitutes a vital reference that will serve you well throughout your career.
