CISSP Guide to Security Essentials

  • AUTHOR: Peter H. Gregory
  • ISBN-13: 9781285060422 
  • Grade(s): 9 | 10 | 11 | 12
  • 560 Pages  Paperback 
  • 2nd Edition  |  Previous Editions: 2010
  • ©2015     Published
  • Prices are valid only in the respective region


About The Product

CISSP GUIDE TO SECURITY ESSENTIALS, Second Edition, provides complete, focused coverage to prepare students and professionals alike for success on the Certified Information Systems Security Professional (CISSP) certification exam. The text opens with an overview of the current state of information security, including relevant legislation and standards, before proceeding to explore all ten CISSP domains in great detail, from security architecture and design to access control and cryptography. Each chapter opens with a brief review of relevant theory and concepts, followed by a strong focus on real-world applications and learning tools designed for effective exam preparation, including key terms, chapter summaries, study questions, hands-on exercises, and case projects. Developed by the author of more than 30 books on information securitythe Second Edition of this trusted text has been updated to reflect important new developments in technology and industry practices, providing an accurate guide to the entire CISSP common body of knowledge.


  • Covering the complete CISSP common body of knowledge within a single, comprehensive guide, this trusted text is ideal for anyone pursuing the advanced certification that has become the standard for the global information security industry, as well as the U.S. Department of Defense and National Security Agency.
  • Following an introduction that briefly reviews the current state of information security, the text dedicates individual chapters to each of the ten CISSP domains, enabling users to focus on each one in great depth, and to direct their review and exam preparation efforts where they need the most support.
  • After briefly discussing essential theory and concepts relevant to a specific domain, each chapter features a strong practical focus, emphasizing real-world examples, hands-on exercises, and a variety of learning tools to support exam preparation, including key terms, chapter summaries, and study questions.
  • Developed by the author of more than 30 books on information and business security—the text reflects the invaluable perspective of a security professional with more than 25 years of industry experience.
  • To complement the core chapter content, a premium website features expanded information and resources, including additional exam practice questions.

About the Contributor

  • Peter H. Gregory

    Peter H. Gregory, CISSP, CISA, CRISC, C|CISO, CCSK, QSA, has over 25 years of experience in virtually every role in business IT organizations, including work in government, financial services, non-profit, telecommunications, SAAS, and retail. He is the author of more than 30 books on security and technology, and the technical editor for more than 20 additional books. Gregory sits on the board of advisors and is the lead instructor for the University of Washington certificate program in information systems security, and he is a lecturer at the university's NSA-certified certificate program in information security and risk management. He is also a member of the executive steering board for the SecureWorld Expo Conference, and the board of advisors for PaymentGear. A founding member of the Pacific CISO Forum, Gregory is a graduate of the FBI Citizens' Academy. He studied electrical engineering and computer science at the University of Nevada, Reno, and is the director of strategic services a national consulting firm.

Table of Contents

1. Information Security and Risk Management.
2. Access Controls.
3. Software Development Security.
4. Business Continuity and Disaster Recovery.
5. Cryptography.
6. Legal Regulations, Compliance, and Investigations.
7. Security Operations.
8. Physical and Environmental Security.
9. Security Architecture and Design.
10. Telecommunications and Network Security.
Appendix A: Ten Domains of CISSP.
Appendix B: (ISC)² Code of Ethics.
Appendix C: The CISSP Exam.

New to this Edition

  • The Second Edition includes extensive updates throughout the text to reflect important new industry practices, evolving technology, emerging threats, and effective new means of system and data protection.
  • The author has added new material on cloud systems threats and countermeasures, data jurisdiction, data sovereignty, access control processes, operating systems, software attack objectives, the BCP and DRP life cycles, the security incident response process, root cause analysis, threat modeling, source code scanning, and data leakage prevention systems.
  • Updated study questions across the ten CISSP domains reflect the latest trends, technology, and practices users will need to master to achieve professional success and prepare for the certification exam.
  • New and updated study problems and case projects feature highly relevant examples and real-world scenarios that today's information security professionals are likely to encounter.