Eleventh Hour - Eric Conrad-3rd Edition.pdf

(5334 KB) Pobierz

Eleventh Hour CISSP

Eleventh Hour CISSP

Study Guide

Third Edition

Eric Conrad

Seth Misenar

Joshua Feldman

Bryan Simon, Technical Editor

AMSTERDAM • BOSTON • HEIDELBERG • LONDON

NEW YORK • OXFORD • PARIS • SAN DIEGO

SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO

Syngress is an Imprint of Elsevier

Syngress is an imprint of Elsevier

50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or

mechanical, including photocopying, recording, or any information storage and retrieval system, without

permission in writing from the publisher. Details on how to seek permission, further information about the

Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance

Center and the Copyright Licensing Agency, can be found at our website:

www.elsevier.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the Publisher

(other than as may be noted herein).

Notices

Knowledge and best practice in this field are constantly changing. As new research and experience

broaden our understanding, changes in research methods, professional practices, or medical treatment

may become necessary.

Practitioners and researchers must always rely on their own experience and knowledge in evaluating and

using any information, methods, compounds, or experiments described herein. In using such information

or methods they should be mindful of their own safety and the safety of others, including parties for

whom they have a professional responsibility.

To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any

liability for any injury and/or damage to persons or property as a matter of products liability, negligence

or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in

the material herein.

Library of Congress Cataloging-in-Publication Data

A catalog record for this book is available from the Library of Congress

British Library Cataloguing-in-Publication Data

A catalogue record for this book is available from the British Library

ISBN: 978-0-12-811248-9

For information on all Syngress publications visit our

website at

https://www.elsevier.com/

Acquisition Editor:

Todd Green

Editorial Project Manager:

Anna Valutkevich

Production Project Manager:

Mohana Natarajan

Cover Designer:

Alan Studholme

Typeset by SPi Global, India

Author biography

Eric Conrad

(CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC,

GISP, GCED), is a senior SANS instructor and CTO of Backshore Communications,

which provides information warfare, hunt teaming, penetration testing, incident han-

dling, and intrusion detection consulting services. He started his professional career

in 1991 as a UNIX systems administrator for a small oceanographic communications

company. He gained information security experience in a variety of industries, includ-

ing research, education, power, Internet, and health care, in positions ranging from

systems programmer to security engineer to HIPAA security officer and ISSO. He is

lead author of

MGT414: SANS Training Program for CISSP® Certification,

and co-

author of both

SANS SEC511: Continuous Monitoring and Security Operations

and

SANS SEC542: Web App Penetration Testing and Ethical Hacking.

He graduated

from the SANS Technology Institute with a master of science degree in information

security engineering, and he earned his bachelor of arts in English from Bridgewater

State College. He lives in Peaks Island, Maine, with his family, Melissa, Eric, and

Emma. His website is

http://ericconrad.com.

Joshua Feldman

(CISSP) is a vice president at Moody’s, a bond ratings agency

critical to the security, health, and welfare of the global commerce sector. He drives

M&A, security architecture, design, and integration efforts for IT Risk and InfoSec.

Before taking on this promotion, Feldman was the Enterprise Security Architect

for Corning, Inc., where he helped to deliver numerous security transformations for

Corning and was a key team member focused on maturing the security function.

From 2002 to 2012, he worked as the technical director of a US DoD cybersecurity

services contract. Supporting the DoD, he helped create the current standard used

for assessing cyberthreats and analyzing potential adversaries for impact. During his

tenure, he supported many DoD organizations including the Office of the Secretary

of Defense, DISA, and the Combatant Commands. He got his start in the cybersecu-

rity field when he left his high school science teaching position in 1997 and began

working for Network Flight Recorder (NFR, Inc.), a small Washington, DC-based

startup, making the first generation of network intrusion detection systems (NIDS).

He earned a master of science in cyber operations from National Defense University

and a bachelor of science degree from the University of Maryland. He currently re-

sides in New York, with his two dogs, Jacky and Lily.

Seth Misenar

(CISSP, GIAC GSE, GSEC, GPPA, GCIA, GCIH, GCWN, GCFA,

GWAPT, GPEN) is a cybersecurity expert who serves as a senior instructor with the

SANS Institute and as a principal consultant at Context Security, LLC. He is num-

bered among the few security experts worldwide to have achieved the GIAC GSE

(#28) credential. He teaches a variety of cybersecurity courses for the SANS Institute

including two very popular courses for which he is lead author: the bestselling

xvi

Author biography

SEC511: Continuous Monitoring and Security Operations and SEC542: Web

Application Penetration Testing and Ethical Hacking. He also serves as coauthor

for MGT414: SANS Training Program for CISSP® Certification. His background

includes security research, intrusion analysis, incident response, security architec-

ture design, and network and web application penetration testing. He has previously

served as a security consultant for Fortune 100 companies and as the HIPAA secu-

rity officer for a state government agency. He has a bachelor of science degree in

philosophy from Millsaps College and resides in Jackson, Mississippi, with his wife,

Rachel, and children, Jude, Hazel, and Shepherd.

Bryan Simon,

CISSP is an internationally recognized expert in cybersecurity and

has been working in the information technology and security field since 1991. Over

the course of his career, Bryan has held various technical and managerial positions

in the education, environmental, accounting, and financial services sectors. Bryan

speaks on a regular basis at international conferences and with the press on matters

of cybersecurity. He has instructed individuals from organizations such as the FBI,

NATO, and the UN in matters of cybersecurity, on three continents. Bryan has spe-

cialized expertise in defensive and offensive capabilities. He has received recogni-

tion for his work in IT Security and was most recently profiled by McAfee (part of

Intel Security) as an IT Hero. Bryan holds 11 GIAC Certifications including GSEC,

GCWN, GCIH, GCFA, GPEN, GWAPT, GAWN, GISP, GCIA, GCED, and GCUX.

Bryan’s scholastic achievements have resulted in the honor of him sitting as a current

member of the Advisory Board for the SANS Institute and his acceptance into the

prestigious SANS Cyber Guardian Program. Bryan is a SANS Certified Instructor

for SEC401: Security Essentials Bootcamp Style, SEC501: Advanced Security

Essentials - Enterprise Defender, SEC505: Securing Windows with PowerShell and

the Critical Security Controls, and SEC511: Continuous Monitoring and Security

Operations.

Bryan dedicates this book to his little boy, Jesse. Daddy loves you!!!

Eleventh Hour - Eric Conrad-3rd Edition.pdf

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: