《CISSP最新培训班详细笔记》由会员分享,可在线阅读,更多相关《CISSP最新培训班详细笔记(26页珍藏版)》请在金锄头文库上搜索。
1、CISSP最新培训班详细笔记(110页)CISSP 最新学习笔记此文是我班 2014 年高分考生袁同学在准备 CISSP 考试过程中的 边看书边整理的一个学习笔记,整理的非常细致到位,特借此供各位 备考学员参考。第1章节到第10章节主要是学习all in one第六版资料时笔记; 第11章到18章节主要是在学习完all in one后做cccure网站上面练 习题后,补充的知识点;第19章到 25章节为学习officeial guide教 材后补充的知识点;最后第 26 章是总复习时作 actual 练习题时补充 的知识点。在看书3遍all in one后,主要补充学习了 pre guide的
2、学习笔 记,cccure练习题和official guide进行知识点的补充,最后总复习阶 段(1周左右)以本复习笔记为基础,配合actual练习题进行。目录一. Chapter 3:Security management practices (5)1.1安全管理 (5)1.2风险管理 (6)1.3 Policies、standards、baselines、guidelines、procedures (7)1.4 Classification (8)1.5 employee (9)二. chapter 4:Access Control (10)2.1 Identification, Authe
3、ntication ( = Validating) , and Authorization (标识、认证、授权) (10)2.2 Access Control Models (访问控制模型)(12)2.3 Access Control Techniques and Technologies (方法和技 术) (13)2.4 Access Control Administration (访问控制管理)(13)2.5 Access Control Methods (访问控制方法)(14)2.6 Access Control Type (15)2.7 access control practices
4、 (15)2.8 Access Control Monitoring (15)2.9 A few threats to access control (16)三. Chapter 5:Security Models and Architecture (17)3.1 Computer Architecture (17)3.2 Operation System Architecture (20)3.3 System architecture (20)3.4安全模型 (21)3.5 运行的安全模式 security modes of operation (23)3.6 Systems Evaluat
5、ion Methods (23)3.7 A Few Threats to Security Models and Architectures (24)四. Chapter 6:Physical Security (26)4.1 Planning process (26)4.2 Protecting assets (28)4.3 Internal Support Systems (28)4.4 Environmental issues (29)4.5 Perimeter security (31)五 . Chapter 7 : T elecommunications and Networking
6、 Security (33)5.1开放系统模型 (33)5.2 TCP/IP (34)5.3 Type of transmission (35)5.4 LAN Networking (35)5.5 介质访问技术 Media access technology (36)5.6 LAN Protocols (37)5.7 Networking Device (37)5.8 Networking services and protocols (39)5.9 MAN、WAN (40)5.10 远程访问 remote access (43)5.11 wireless technologies (44)六
7、. Chapter 8:Cryptography (47)6.1 加密方法 methods of encryption (48)6.2 对称算法的类型 Type of symmetric methods (49)6.3非对称算法的类型 (50)6.4 Message Integrity hash MD5 SHA (51)6.5 PKIPublic Key infrastructure (54)6.6链路加密和端到端加密 (54)6.7 E-mail 标准(54)6.8 Internet security (55)6.9 Attack (56)七. Chapter 9:Business Cont
8、inuity Planning (57)7.1 Make BCP Part of the Security Policy and Program (58)7.2业务连续性计划的需求 (58)7.3 Recovery Strategies 恢复策略(59)7.4 Developing Goals for the Plans (61)7.5 testing and revising the plan 测试和修改计划(61)八. Chapter 10:Law, investigation and Ethics (63)8.1 Computer Crime Investigations (64)九.
9、Chapter 11:Application and system development (66)9.1 Database Management (66)9.2 System Development (68)9.3 Application Development Methodology (71)9.4攻击 (72)十. Chapter 12:Operation Security (74)10.1 Security Operations and Product Evaluation (74)10.2 Network and Resource Availability (76)10.3 Emai
10、l security (76)10.4 Hack and Attack Methods (77)十一. Cccure security management (79)十二. Cccure AC (80)十三. Cccure CPU (82)十四. Cccure AP (84)十五. Cccure encryption (86)十六. Cccure telecommunication (88)十七.Cccure OS运行安全(89)十八.Cccure法律(91)十九.official guide 法律(92)二十. official guide BCP (93)二.official guide
11、安全管理(93) 二十二. official guide AP (94)二十三.official guide 密码(96)二十四. official guide Network (97) 二十五. official guide OS (99)25.1 Information Protection Environment (99)二十六. Actual (100)26.1 One day (100)26.2 two (104)26.3 three (108).Chapter 3 : Security management practices 记住几个公式ARO是年发生概率,10年发生一次,则AR
12、O二1*0.1SLE是发生一次造成的损失,如37500 ,那么ALE二0.1*37500二 3750EF (暴露因素)*sset value = SLESLE*ARO=ALE (年损失期望)Data own er等多种角色的职责商业公司和政府的集中分级(4、5)1.1安全管理1.安全管理需要自顶向下(T op-Down approach )的来进行,高层引起足够的重视,提供足够的支持、资金、时间和资源。In contrast, bottom-up approach。2. 安全评估分为定性和定量评估,方法有:人员访谈、问卷调查, 技术评估等等。解决风险的4种办法:降低风险reduce、接受风险a
13、ccept、转嫁风险 transfer、和拒绝风险 reject。3. 安全控制有一个说法是,三种类型的控制,物理、技术和管理 should work in asynergistic manner to protect a companys assets.Physical controh: Facility protection, security guards,locks, mamtoring,cnvironmcntal concrQls, intrusion dcuctiQnTechnical controls: Logical access controlencryptionh secu
14、rity devicesidentification and authentiea-tianAdministrative controls: Po-liciesh standards,.Iproceduguidelines, sc:Boning. personrieLsecurity-awareness trainingCom pa ny iata and iss&ts1) 物理:cd-rom,优盘,警卫,环境,IDS,cctv2) 技术:acl、加密、安全设备、授权与鉴别3) 管理:策略、标准、方针、screening personnel、培训 1.2风险管理4. 弱点、威胁、风险、暴露、对
15、策1) Vulnerability:weakness,have unauthorized access toresources.2) Threat: threat age nt,威胁因素,hacker、worm.3) Risk : threat利用vulnerability造成危害的一种可能性。4) Exposure : instance,一次威胁因素造成loss的实例。5) Countermeasure(safeguard):降低潜在的风险 risk。G wsa nifl ta举例:主机系统没有打上相关的系统补丁( vulnerability ),有 个针对此漏洞最新的蠕虫病毒(threat age nt),网络没有部署边 界安全系统,蠕虫渗透网络引起了风险(risk ),直接导致了主机的性 能降低、死机。这整个过程就是一次exposure。然后安装补丁进行更 新(safeguard )。5. Information Risk Management 风险管理是个过程:是识别风险、评估风险、将之降低到个可接受的程度识别风险级别,运用合适的机制来维持风险在此程度6. Risk An alysis4个主要目标1) 识别
