undrgrnd Cliquez ici Baby KDP Cloud Drive Photos cliquez_ici Rentrée scolaire Cliquez ici Acheter Fire Shop Kindle cliquez_ici Jeux Vidéo Bijoux Montres Montres boutique Tendance
EUR 75,43
  • Tous les prix incluent la TVA.
Il ne reste plus que 1 exemplaire(s) en stock (d'autres exemplaires sont en cours d'acheminement).
Expédié et vendu par Amazon.
Emballage cadeau disponible.
Quantité :1
Official (ISC)2® Guide to... a été ajouté à votre Panier
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 3 images

Official (ISC)2® Guide to the ISSAP® CBK, Second Edition (Anglais) Relié – 4 octobre 2013

Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
"Veuillez réessayer"
EUR 75,43
EUR 71,22 EUR 73,13

Livres anglais et étrangers
Lisez en version originale. Cliquez ici

Offres spéciales et liens associés

Descriptions du produit

Présentation de l'éditeur

Candidates for the CISSP-ISSAP professional certification need to not only demonstrate a thorough understanding of the six domains of the ISSAP CBK, but also need to have the ability to apply this in-depth knowledge to develop a detailed security architecture.

Supplying an authoritative review of the key concepts and requirements of the ISSAP CBK, the Official (ISC) Guide to the ISSAP® CBK®, Second Edition provides the practical understanding required to implement the latest security protocols to improve productivity, profitability, security, and efficiency. Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptology, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.

Newly Enhanced Design – This Guide Has It All!

  • Only guide endorsed by (ISC)2
  • Most up-to-date CISSP-ISSAP CBK
  • Evolving terminology and changing requirements for security professionals
  • Practical examples that illustrate how to apply concepts in real-life situations
  • Chapter outlines and objectives
  • Review questions and answers
  • References to free study resources

Read It. Study It. Refer to It Often.

Build your knowledge and improve your chance of achieving certification the first time around. Endorsed by (ISC)2 and compiled and reviewed by CISSP-ISSAPs and (ISC)2 members, this book provides unrivaled preparation for the certification exam and is a reference that will serve you well into your career. Earning your ISSAP is a deserving achievement that gives you a competitive advantage and makes you a member of an elite network of professionals worldwide.

Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.

Détails sur le produit

Dans ce livre

(En savoir plus)
Parcourir les pages échantillon
Couverture | Copyright | Table des matières | Extrait | Index | Quatrième de couverture
Rechercher dans ce livre:

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: 10 commentaires
25 internautes sur 26 ont trouvé ce commentaire utile 
Much improved; most of what you need, not all though 4 octobre 2013
Par Lego Guy - Publié sur Amazon.com
Format: Relié Achat vérifié
Three part review below:

1) 2nd ed. vs. 1st ed text comparison. (NOTE - CIB = Candidate Information Bulletin, downloaded 8/13).
2) Opinion on exam prep usefulness, and what I did to actually pass the ISSAP exam.
3) Opinion on usefulness for the Security Architect role. (ISSAP + SABSA = winner).

PART ONE: After purchasing the prior edition and this edition, I'll run through two sections for this review so you can get an idea of text improvements below. Physically speaking - the 2nd edition has much larger font for the majority of the text - but not the tables and figures. Yes, the font got SMALLER in many of the tables and figures (like the attack vectors table). Some of the figures were visually changed - but not the content.
Note - this is a *reference* text designed to provide *essential* coverage of key topics - it will not replace in depth reading. For example - there are several summary / key points pages on the Common Criteria, which is several hundred pages itself as a source doc. Many of the relevant NIST docs are highly summarized as well.

Technical BCP: In particular, the Technical BCP section has expanded/improved (a common criticism of the 1st edition.) There are many footnotes spread throughout the text to augment the text. There is an improved BIA discussion. The BCP section also now includes an "architecture focused" discussion of the domain. One really nice - and useful in real life - section in the 2nd edition is the "walk through of a DR Plan" with emphasis for the Security Architect.

Security Architecture: Based on the ToC, the domain has changed names; content is similar, though (I don't have the prior ISC2 CIB to know). I did notice some additional paragraphs after the `attack vector' table which makes critical points - vector is NOT the same as payload, for example. Some of the attack vectors were also improved, along with a few new ones. The "Common Criteria" support tables discussion has also improved in content, keeping current w/ updates to the CC. The CMM model has improved, along with changes to the figures and expansion of the text. The architectural solutions section has some updated text, but the figure in the 2nd edition (4.6, 4.3 in the 1st) got smaller! The DODAF 2.02 is now current (improved also, assume it had corrections applied - I assume, I've never read the original DODAF). The 1st edition discussed DODAF 2.0.

PART TWO: I've been in the technical security business (engineering, three SIEM implementations, eDiscovery/incident response, policy/procedure, design, architecture) for 10+ years, have taught the CISSP curriculum for SANS, and participated in two update cycles for the ISC2 CISSP material. With all that, here is what I did to pass the exam. If you have breadth and hands on technical depth in your career, TAKE THE EXAM!!!!

A) Read the "Access Control" and "Security Architecture Analysis" sections completely (get their language).
B) Skimmed the Technical BCP section. (like, 15 minutes).
C) Used the 36 page ISSAP mind maps from "expandingsecurity.com". These were a GREAT resource. Use them and this book. Spent hrs. w/ these.
D) Read the Wikipedia articles for CIB topics that weren't in the book ToC (maybe a few hours).
E) Did not read "telecom" and "physical" chapters - I'd skimmed those a while back, when I got the first edition, glanced at the ToC.
Passed exam.

The other thing that REALLY helped was the SABSA Foundation course - many of the thinking/synthesis concepts in that course are highly relevant to the ISSAP discipline (you can see this in the book). I suggest the "Enterprise Security Architecture" blue book as well for your prep.

Will this textbook help you? Sure it will, especially if you are `young in the tooth' when it comes to technical security architecture. It will help you find your weak spots. It aligns with most of the Q2/2013 CIB. It has been refreshed/updated, with more complete CIB coverage. However, if you want 100% coverage of the CIB, you need to look for a few more resources. For example - I could not find "Service Oriented Modeling Framework" or "Supervisory Control And Data Acquisition" in the ToC, the index (on the CIB), or the most likely sections in the text. I double checked, skimmed - not there, as far as I can tell. No comment if these concepts were on the test or not!

PART THREE: As a principle enterprise and security architect of a Fortune 500 healthcare company, I've often wanted to augment my credential set with the ISC2 ISSAP. About two years ago I attended the SABSA course - and while that course and model is the only preparation I've found for the business focused aspects of the "Security Architect" position, the ISSAP, on the other hand, as described in this text, is focused on assessing if someone has breadth and depth in the technical aspects of security architecture. As a consumer of both - the SABSA course and certification and the ISSAP certification - I am happy to have both, although SABSA is more relevant when it comes to working with the business.
11 internautes sur 11 ont trouvé ce commentaire utile 
Scrap it and start over 9 mars 2014
Par David Norman - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
Bottom line: Most of the content covered in the book wasn't in the exam. Even if you find the writing style tolerable, the mis-match between the study guide and exam is what's offensive to me.

It feels to me like the authors were writing the book blind. ISC(2) ought to at least give the "endorsed" authors an NDA and let them browse through the question bank as they're writing. What they wrote in this book somehow managed to cover the topics in a way that didn't help on the exam.

I got sick of reading sentences like "It is important for the security architect to consider..." That phrase or a similar variant appears frequently. The whole first two chapters, as 1/2 of the book, were nothing but some light discourse on topics architects should be aware of. The writing sucks. It's painful to read. I feel like I'm the subject of someone's late night project that they were dreading to write. The authors didn't have fun, they stick to too many academic writing formalities, which bored the authors, and it shows.

Way too many topics are discussed as if the reader is an ignorant fool, like defining what a fingerprint reader is or what authentication is - topics which any CISSP already covered in way more detail before even starting ISSAP studying.

The networking chapter's author seems to only have a tiny knowledge on basic topics like a web DMZ, or thinks that the reader will be too dumb to grasp any real detail about them. There were several mentions of 56k dialup and modems and large swaths of discussion seemed to focus more on giving a history lesson than trying to introduce the reader to details of modern technologies. The reader is warned about "mobile code" defined as JavaScript, VBScript, Java, and ActiveX as that can be malicious and "activated" when clicked. Well duh. I expected to read about mobile devices like phones when I saw the mobile code section heading. The networking chapter author also clearly specializing in Microsoft products at their work.

Cryptography was discussed a bit more nicely than the previous two chapters, but got bogged down in the details of PKI.

The author of Chapter 4 had some fun with the writing and made it more conversational, even though it still talks about email spreading viruses like that's new information. Even without some additional editing, Chapter 4 isn't dreadful to read like the first half of the book.

The end of chapter practice tests are hurriedly-written, don't test meaningful topics, and I think I picked out at least two cases where the "correct" answer is plain wrong.
You have no choice 6 mars 2014
Par Eric Humphries - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
This is essentially the only book on the subject, and it's dry and boring. Have fun slogging through this text.
No PDF provided. I prefer studying via PDF so ... 8 novembre 2014
Par Stephen Kelly - Publié sur Amazon.com
Format: Relié Achat vérifié
No PDF provided. I prefer studying via PDF so I don't need to bring the dead tree around with me all the time.
Four Stars 19 mai 2015
Par Jesse Biddlecome - Publié sur Amazon.com
Format: Relié Achat vérifié
Not as detailed as I'd like but a good book. Seller provide a quick delivery!
Ces commentaires ont-ils été utiles ? Dites-le-nous


Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?