Eleventh Hour CISSP: Study Guide, Second Edition

Eleventh Hour CISSP provides you with a study guide keyed directly to the most current version of the CISSP exam. This book is streamlined to include only core certification information and is presented for ease of last minute studying. Main objectives of the exam are covered concisely with key concepts highlighted.

The CISSP certification is the most prestigious, globally recognized, vendor neutral exam for information security professionals. Over 67,000 professionals are certified worldwide with many more joining their ranks. This new Second Edition is aligned to cover all of the material in the most current version of the exam's Common Body of Knowledge. All 10 domains are covered as completely and as concisely as possible, giving you the best possible chance of acing the exam.

• All-new Second Edition updated for the most current version of the exam's Common Body of Knowledge
• The only guide you need for last minute studying
• Answers the toughest questions and highlights core topics
• No fluff - streamlined for maximum efficiency of study - perfect for professionals who are updating their certification or taking the test for the first time

About the Authors

Seth Misenar (CISSP, GIAC GSE, CompTIA CASP, GPEN, GCIH, GCIA, GCFA, GWAPT, GCWN, GSEC, MCSE, and MCDBA) is a Certified Instructor with the SANS Institute and coauthor of the SANS SEC528: SANS Training Program for the CompTIA Advanced Security Practitioner (CASP) Certification. Seth also serves as lead consultant for Jackson, Mississippi-based Context Security. Seth's background includes security research, network and Web application penetration testing, vulnerability assessment, regulatory compliance efforts, security architecture design, and general security consulting. He has previously served as a physical and network security consultant for Fortune 100 companies as well as the HIPAA and information security officer for a state government agency. Seth teaches a variety of courses for the SANS Institute, including Security Essentials, Advanced Web Application Penetration Testing, Hacker Techniques, and the CISSP and CASP courses.

Seth is pursuing a Master of Science degree in information security engineering from the SANS Technology Institute and holds a Bachelor of Science degree from Millsaps College.

Eric Conrad (CISSP, GIAC GSE, GPEN, GCIH, GCIA, GCFA, GAWN, GSEC, GISP, CompTIA CASP, and Security +) is a partner with Backshore Communications, which provides information warfare, penetration testing, incident handling, and intrusion detection consulting services. He is also a Certified Instructor with the SANS Institute and coauthor of SANS Security 528: SANS Training Program for the CompTIA Advanced Security Practitioner (CASP) Certification.

Eric's professional career began in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and healthcare, in roles ranging from systems programmer to security engineer to HIPAA security officer and ISSO. He has taught thousands of students in courses including SANS Management 414: CISSP, Security 560: Network Penetration Testing and Ethical Hacking, Security 504 Hacker Techniques, Exploits and Incident Handling, and others.

Eric is a graduate of the SANS Technology Institute with a Master of Science degree in information security engineering.

Joshua Feldman (CISSP, NSA IAM) has supported the Department of Defense Information Systems Agency (DISA), as a contractor working for SAIC, Inc., since 2002. He is a subject matter expert and training developer for DISA's cyber security mission. During his tenure, he has contributed to the DoD 8500 series, specifically conducting research and authoring sections of the DoD 8570.01-M, also known as the DoD IA Workforce Improvement Program. He is the program manager for DISA's Computer Network Defense training initiative (entitled, "RaD-X") and has instructed well over 1000 students. He also is a subject matter expert for the Web-based Information Assurance awareness training every DoD user is required to take each year as part of their security awareness curriculum. He is a regular presenter and panel member at the Information Assurance Symposium, hosted by both DISA and NSA.

Before joining the support team at DoD/DISA, Joshua spent time as an IT Sec engineer working for the Department of State, Diplomatic Security. There, he traveled to embassies worldwide to conduct Tiger Team assessments of the security of each embassy. Joshua got his start in the IT Security field when he left his position teaching science for Montgomery County Public Schools, Maryland, and went to work for NFR Security Software. At the time, NFR was one of the leading companies producing Network Intrusion Detection systems.