Thursday 12 September 2013
Friday 2 August 2013
CISSP Prep Course
CISSP Prep Course
Prepare for the most important security certification with superior prep materials and test-taking tips.If you're ready to take your security career to the next level, our Information Systems Security Professional (CISSP) Course Exam Preparation Certified help you get there. Get instruction from our experts with real world experience that you cover all the material you need to prepare for the CISSP exam 2 (ISC).
This course is your one source for exam preparation and includes:
• Custom study guide containing summary charts, insightful data, and practice exams
• A free copy of McGraw-Hill's CISSP Certification All-in-One Exam Guide, 6th Edition
• CISSP Exam Cram Sheet
• CISSP certification practice exam
All of these tools can help you prepare for the CISSP exam with confidence and allow for post-class study to pinpoint your weak areas. These tools also serve as a great addition to your reference library.
Certification
(ISC) 2 exam, candidates must have a minimum of five years relevant work experience in two or more of the ten areas, four years of work experience with a college degree or a diploma applicable from the Approved list 2 (ISC).CISSP certification requires passing the CISSP exam (administered by (ISC) 2), which meets the experience requirements. After class, we recommend self-learning to improve weak points before the exam.What You'll Learn In-depth coverage of the ten domains required to pass the CISSP exam:
1. Security Operations
2. Access Control
3. Cryptography
4. Security Architecture and Design
5. Telecommunications and Network Security
6. Disaster Recovery and Business Continuity Planning
7. Legal, Regulations, Compliance, and Investigations
8. Software Development Security
9. Information Security Governance and Risk Management
10. Physical (Environmental) Security
Who Needs to Attend
IT consultants, managers, security policy writers, agents confidentiality, information security officers, network administrators, directors of safety devices, safety engineers, and other security professionals whose positions require CISSP certification.
Prerequisites
• Experience management systems, familiarity with the TCP / IP protocol, and an understanding of UNIX, Linux and Windows. This advanced course also requires medium security concepts of knowledge discussed during our Security + Prep
• Security+ Prep Course (SYO-301)
Follow-On Courses
• CISA Prep Course
• CISM Prep Course
Certification Programs and Certificate Tracks
This course is part of the following programs or tracks:
• CISSP - Certified Information Systems Security Professional
Course Outline
1. Introduction• Course Overview
• CISSP Candidate Requirements
• CISSP Exam Review
2. Security Operations
• Operation Security Principles, Techniques, and Mechanisms
• Principles and Practices of Good Security
• Resource Protection Mechanisms and Techniques
• Attacks and Prevention Methods
3. Access Control
• Authentication
• Authorization
• Accountability
• Threats to Access Control
4. Cryptography
• History of Cryptography
• Symmetric Encryption
• Asymmetric Encryption
• Hashing and Digital Signatures
• Public Key Infrastructure
• Cryptographic Attacks
5. Security Architecture and Design
• Computer Architecture
• Rings of Protection
• Security Models
• System Evaluation
6. Telecommunications and Network Security
• The OSI Model
• The TCP/IP Model
• WAN Protocols
• Routing
• Wireless Systems
• Fault Tolerance
7. Disaster Recovery and Business Continuity Planning
• Disaster Recovery Planning
• Business Impact Analysis
• Business Continuity Planning
• Backup and Off-Site Facilities
• Testing Contingency Plans
8. Legal, Regulations, Compliance, and Investigations
• Laws and Ethics
• Computer Crime
• Incident Response and Forensics
9. Software Development Security
• Database Security
• System Development
• Software Development Methods
• Threats and Vulnerabilities10. Information Security Governance and Risk Management
• Security Management
• Risk Analysis
• Classification Controls
11. Physical (Environmental) Security
• Threats to Physical Security
• Administrative Controls
• Environmental and Safety Controls
• Physical and Technical Controls
12. Test Review and Preparation
• Test Review
• Test Registration
• Test Preparation
• Certification Maintenance
Thursday 25 July 2013
exam dumps
QUESTION NO: 1
Which is NOT a property of a bridge?
A. Operates at Layer 2, the Data Link Layer
B. Operates at Layer 3, the Network Layer
C. Forwards the data to all other segments if the destination is not on the local segment
D. Can create a broadcast storm
Answer: B
QUESTION NO: 2
The definition A mark used in the sale or advertising of services to identify the services of one person and distinguish them from the services of others refers to a:
A. Trade name
B. Trademark
C. Service mark
D. Copyright
Answer: C
Explanation:
For answer "a trademark" is a distinctive mark of authenticity,through which the products of particular manufacturers or the vendible commodities of particular merchants may be distinguished from those of others.
QUESTION NO: 3
Which of the following statements pertaining to firewalls is incorrect?
A. Firewalls should not run NIS (Network Information Systems)
B. Firewalls should mount files systems via NFS
C. All system logs on the firewall should log to a separate host
D. Compilers should be deleted from the firewall
Answer: B
QUESTION NO: 4
Which mechanism complements an IDS?
A. Activating the built in VPN capabilities
B. Configuring built in alerts
C. All of the above
D. None of the above
Answer: B
Explanation:
A network security engineer or other security personal must configure the IDS to detect alerts for specified security events, so the IDS will log the threat event. An IDS can either be a Network or Host based. Both have default settings and allow the administrator to configure triggers for alerts.
QUESTION NO: 5
In configuration management, a configuration item is:
A. A component whose state is to be recorded and against which changes are to be progressed.
B. The version of the operating system that is operating on the workstation that provides information security services.
C. Aseries of files that contains sensitive information.
D. The network architecture used by the organization.
Answer: A
QUESTION NO: 6
Which choices below are most accurate regarding the information needed to define the continuity strategy? Select all that apply.
A. The strategy needs to define personnel roles in implementing continuity.
B. A strategy needs to be defined to preserve computing elements, such as hardware, software, and networking elements.
C. The strategy needs to address facility use during a disruptive event.
D. None of the other alternatives apply.
Answer: A,B,C
QUESTION NO: 7
Why is security an issue when a system is booted into single-user mode?
A. The operating system is started without the security front-end loaded.
B. The users cannot log in to the system, and they will complain.
C. Backup tapes cannot be restored while in single-user mode.
D. Proper forensics cannot be executed while in single-user mode.
Answer: A
Explanation:
The correct answer is "The operating system is started without the security front-end loaded".When the operator boots the system in single-user mode, the user front-end security controls are not loaded. This mode should be used for recovery and maintenance procedures only, and all operations should be logged and audited.
QUESTION NO: 8
Astandard data manipulation and relational database definition language is:
A. OOD
B. SQL
C. Script
D. SLL
Answer: B
Which is NOT a property of a bridge?
A. Operates at Layer 2, the Data Link Layer
B. Operates at Layer 3, the Network Layer
C. Forwards the data to all other segments if the destination is not on the local segment
D. Can create a broadcast storm
Answer: B
QUESTION NO: 2
The definition A mark used in the sale or advertising of services to identify the services of one person and distinguish them from the services of others refers to a:
A. Trade name
B. Trademark
C. Service mark
D. Copyright
Answer: C
Explanation:
For answer "a trademark" is a distinctive mark of authenticity,through which the products of particular manufacturers or the vendible commodities of particular merchants may be distinguished from those of others.
QUESTION NO: 3
Which of the following statements pertaining to firewalls is incorrect?
A. Firewalls should not run NIS (Network Information Systems)
B. Firewalls should mount files systems via NFS
C. All system logs on the firewall should log to a separate host
D. Compilers should be deleted from the firewall
Answer: B
QUESTION NO: 4
Which mechanism complements an IDS?
A. Activating the built in VPN capabilities
B. Configuring built in alerts
C. All of the above
D. None of the above
Answer: B
Explanation:
A network security engineer or other security personal must configure the IDS to detect alerts for specified security events, so the IDS will log the threat event. An IDS can either be a Network or Host based. Both have default settings and allow the administrator to configure triggers for alerts.
QUESTION NO: 5
In configuration management, a configuration item is:
A. A component whose state is to be recorded and against which changes are to be progressed.
B. The version of the operating system that is operating on the workstation that provides information security services.
C. Aseries of files that contains sensitive information.
D. The network architecture used by the organization.
Answer: A
QUESTION NO: 6
Which choices below are most accurate regarding the information needed to define the continuity strategy? Select all that apply.
A. The strategy needs to define personnel roles in implementing continuity.
B. A strategy needs to be defined to preserve computing elements, such as hardware, software, and networking elements.
C. The strategy needs to address facility use during a disruptive event.
D. None of the other alternatives apply.
Answer: A,B,C
QUESTION NO: 7
Why is security an issue when a system is booted into single-user mode?
A. The operating system is started without the security front-end loaded.
B. The users cannot log in to the system, and they will complain.
C. Backup tapes cannot be restored while in single-user mode.
D. Proper forensics cannot be executed while in single-user mode.
Answer: A
Explanation:
The correct answer is "The operating system is started without the security front-end loaded".When the operator boots the system in single-user mode, the user front-end security controls are not loaded. This mode should be used for recovery and maintenance procedures only, and all operations should be logged and audited.
QUESTION NO: 8
Astandard data manipulation and relational database definition language is:
A. OOD
B. SQL
C. Script
D. SLL
Answer: B
Subscribe to:
Posts (Atom)