Mike Chapple, PhD, CISSP, Security+, CISA, CySA+ is Teaching Professor of IT, Analytics and Operations at the University of Notre Dame. He is a leading expert on cybersecurity certification and runs [...]. Mike is the author of more than 25 books including (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 7th, 8th, and 9th Editions.

David Seidl, CISSP, GPEN, GCIH, CySA+, Pentest+ is the Vice President for Information Technology and CIO at Miami University of Ohio. During his IT career, he has served in a variety of technical and information security roles including serving as the Senior Director for Campus Technology Services at the University of Notre Dame and leading Notre Dame's information security team as Notre Dame's Director of Information Security. David has taught college courses on information security, and writes books on information security and cyberwarfare.

Introduction xi

Chapter 1 Security Operations and Administration (Domain 1) 1

Chapter 2 Access Controls (Domain 2) 21

Chapter 3 Risk Identification, Monitoring, and Analysis (Domain 3) 37

Chapter 4 Incident Response and Recovery (Domain 4) 61

Chapter 5 Cryptography (Domain 5) 79

Chapter 6 Network and Communications Security (Domain 6) 95

Chapter 7 Systems and Application Security (Domain 7) 119

Chapter 8 Practice Test 1 141

Chapter 9 Practice Test 2 169

Appendix Answers to Review Questions 197

Chapter 1: Security Operations and Administration (Domain 1) 198

Chapter 2: Access Controls (Domain 2) 204

Chapter 3: Risk Identification, Monitoring, and Analysis (Domain 3) 212

Chapter 4: Incident Response and Recovery (Domain 4) 221

Chapter 5: Cryptography (Domain 5) 229

Chapter 6: Network and Communications Security (Domain 6) 235

Chapter 7: Systems and Application Security (Domain 7) 246

Chapter 8: Practice Test 1 255

Chapter 9: Practice Test 2 269

Index 283