opexxx/CISSP

## CISSP
Access Control
Is Collection of mechanism that permits managers of system to exercise a directing or restraining influence over the behavior ,use and content of a system.
Access Control Concepts
Access Control Principles
Information Classifi cation
Access Control Requirements
Access Control Categories
Access Control Types
Access Control Strategies
Identity Management
Access Control Technologies
Data Access Controls
Intrusion Detection and Intrusion Prevention Systems
Threats
Software Development Security
Applications Development and Programming Concepts and Protection
Audit and Assurance Mechanisms
Malicious Software (Malware)
The Database and Data Warehousing Environment
Web Application Environment
Business Continuity & Disaster Recovery Planning
Project Initiation and Management
Senior Leadership Support
Hidden Benefi ts of the Planning Process
Defi ning the Scope of the Planning Effort
Company Policy or Standard
Legal and Regulatory Requirements
The Ten Professional Practice Areas
Regulations for Financial Institutions
Legal Standards
Resource Requirements
Understanding the Organization
Business Impact Analysis
Selecting a Recovery Strategy
Documenting the Plan
Managing Recovery Communications
Testing the Plan
Training and Awareness Programs
Update and Maintenance of the Plan
Transitioning from Project to Program
Roles and Responsibilities
Cryptography
Concepts and Definitions
Encryption Systems
Message Integrity Controls
Digital Signatures
Encryption Management
Cryptanalysis and Attacks
Statistical Analysis
Encryption Usage
Information Security Governance & Risk Management
The Business Case for Information Security Management
Information Security Management Governance
Organizational Behavior
Security Awareness, Training, and Education
Risk Management
Ethics
Legal Regulation Investigations and Compliance
Major Legal Systems
Information Technology Laws and Regulations
Incident Response
Security Operations
Key Themes
Maintaining Operational Resilience
Protecting Valuable Assets
Controlling Privileged Accounts
Managing Security Services Effectively
Physical (Environmental) Security
Innovation and Leadership
Site and Facility Design Criteria
Location Threats
Perimeter Security
Gates and Fences
Perimeter Intrusion Detection
Lighting
Access Control
Closed Circuit TV
Guards
Design Requirements
Building and Inside Security
Interior Intrusion Detection Systems
Escort and Visitor Control
Secure Operational Areas
Environmental Controls
Security Architecture & Design
The Basics of Secure Design
Enterprise Security Architecture
System Security Architecture
Telecommunication & Network Security
Layer 1: Physical Layer
Layer 2: Data-Link Layer
Layer 3: Network Layer
Layer 4: Transport Layer
Layer 5: Session Layer
Layer 6: Presentation Layer
Layer 7: Application Layer
	Access Control
	Is Collection of mechanism that permits managers of system to exercise a directing or restraining influence over the behavior ,use and content of a system.
	Access Control Concepts
	Access Control Principles
	Information Classifi cation
	Access Control Requirements
	Access Control Categories
	Access Control Types
	Access Control Strategies
	Identity Management
	Access Control Technologies
	Data Access Controls
	Intrusion Detection and Intrusion Prevention Systems
	Threats
	Software Development Security
	Applications Development and Programming Concepts and Protection
	Audit and Assurance Mechanisms
	Malicious Software (Malware)
	The Database and Data Warehousing Environment
	Web Application Environment
	Business Continuity & Disaster Recovery Planning
	Project Initiation and Management
	Senior Leadership Support
	Hidden Benefi ts of the Planning Process
	Defi ning the Scope of the Planning Effort
	Company Policy or Standard
	Legal and Regulatory Requirements
	The Ten Professional Practice Areas
	Regulations for Financial Institutions
	Legal Standards
	Resource Requirements
	Understanding the Organization
	Business Impact Analysis
	Selecting a Recovery Strategy
	Documenting the Plan
	Managing Recovery Communications
	Testing the Plan
	Training and Awareness Programs
	Update and Maintenance of the Plan
	Transitioning from Project to Program
	Roles and Responsibilities
	Cryptography
	Concepts and Definitions
	Encryption Systems
	Message Integrity Controls
	Digital Signatures
	Encryption Management
	Cryptanalysis and Attacks
	Statistical Analysis
	Encryption Usage
	Information Security Governance & Risk Management
	The Business Case for Information Security Management
	Information Security Management Governance
	Organizational Behavior
	Security Awareness, Training, and Education
	Risk Management
	Ethics
	Legal Regulation Investigations and Compliance
	Major Legal Systems
	Information Technology Laws and Regulations
	Incident Response
	Security Operations
	Key Themes
	Maintaining Operational Resilience
	Protecting Valuable Assets
	Controlling Privileged Accounts
	Managing Security Services Effectively
	Physical (Environmental) Security
	Innovation and Leadership
	Site and Facility Design Criteria
	Location Threats
	Perimeter Security
	Gates and Fences
	Perimeter Intrusion Detection
	Lighting
	Access Control
	Closed Circuit TV
	Guards
	Design Requirements
	Building and Inside Security
	Interior Intrusion Detection Systems
	Escort and Visitor Control
	Secure Operational Areas
	Environmental Controls
	Security Architecture & Design
	The Basics of Secure Design
	Enterprise Security Architecture
	System Security Architecture
	Telecommunication & Network Security
	Layer 1: Physical Layer
	Layer 2: Data-Link Layer
	Layer 3: Network Layer
	Layer 4: Transport Layer
	Layer 5: Session Layer
	Layer 6: Presentation Layer
	Layer 7: Application Layer