(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. Mike Chapple
Awareness, and Documentation Testing and Maintenance Summary Exam Essentials Written Lab Review Questions
28 Chapter 19: Investigations and Ethics Investigations Major Categories of Computer Crime Ethics Summary Exam Essentials Written Lab Review Questions
29 Chapter 20: Software Development Security Introducing Systems Development Controls Establishing Databases and Data Warehousing Storage Threats Understanding Knowledge-Based Systems Summary Exam Essentials Written Lab Review Questions
30 Chapter 21: Malicious Code and Application Attacks Malware Malware Prevention Application Attacks Injection Vulnerabilities Exploiting Authorization Vulnerabilities Exploiting Web Application Vulnerabilities Application Security Controls Secure Coding Practices Summary Exam Essentials Written Lab Review Questions
31 Appendix A: Answers to Review Questions Chapter 1: Security Governance Through Principles and Policies Chapter 2: Personnel Security and Risk Management Concepts Chapter 3: Business Continuity Planning Chapter 4: Laws, Regulations, and Compliance Chapter 5: Protecting Security of Assets Chapter 6: Cryptography and Symmetric Key Algorithms Chapter 7: PKI and Cryptographic Applications Chapter 8: Principles of Security Models, Design, and Capabilities Chapter 9: Security Vulnerabilities, Threats, and Countermeasures Chapter 10: Physical Security Requirements Chapter 11: Secure Network Architecture and Components Chapter 12: Secure Communications and Network Attacks Chapter 13: Managing Identity and Authentication Chapter 14: Controlling and Monitoring Access Chapter 15: Security Assessment and Testing Chapter 16: Managing Security Operations Chapter 17: Preventing and Responding to Incidents Chapter 18: Disaster Recovery Planning Chapter 19: Investigations and Ethics Chapter 20: Software Development Security Chapter 21: Malicious Code and Application Attacks
32
Appendix B: Answers to Written Labs
Chapter 1: Security Governance Through Principles and Policies
Chapter 2: Personnel Security and Risk Management Concepts
Chapter 3: Business Continuity Planning
Chapter 4: Laws, Regulations, and Compliance
Chapter 5: Protecting Security of Assets
Chapter 6: Cryptography and Symmetric Key Algorithms
Chapter 7: PKI and Cryptographic Applications
Chapter 8: Principles of Security Models, Design, and Capabilities
Chapter 9: Security Vulnerabilities, Threats, and Countermeasures
Chapter 10: Physical Security Requirements
Chapter 11: Secure Network Architecture and Components
Chapter 12: Secure Communications and Network Attacks
Chapter 13: Managing Identity and Authentication
Chapter 14: Controlling and Monitoring Access
Chapter 15: Security Assessment and