第1页 / 共231页
第2页 / 共231页
第3页 / 共231页
第4页 / 共231页
第5页 / 共231页
第6页 / 共231页
第7页 / 共231页
第8页 / 共231页
CCSP Official ISC 2 Practice Tests.pdf
fmatter
ch1
ch2
ch3
ch4
ch5
ch6
ch7
ch8
index
CCSP®
Official (ISC)2®
Practice Tests
CCSP®
Official (ISC)2®
Practice Tests
Ben Malisow
Senior Acquisitions Editor: Ken Brown
Development Editor: Kelly Talbot
Technical Editor: Bill Burke, Trevor L. Chandler, Aaron Kraus, Valerie Michelle Nelson, Brian T. O’Hara,
Jordan Pike
Production Manager: Kathleen Wisor
Copy Editor: Judy Flynn
Editorial Manager: Mary Beth Wakefield
Executive Editor: Jim Minatel
Book Designers: Judy Fung and Bill Gibson
Proofreader: Nancy Carrasco
Indexer: John Sleeva
Project Coordinator, Cover: Brent Savage
Cover Designer: Wiley
Cover Image: ©Jeremy Woodhouse/Getty Images, Inc.
Copyright © 2018 by John Wiley & Sons, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-1-119-44922-5
ISBN: 978-1-119-48038-9 (ebk.)
ISBN: 978-1-119-48039-6 (ebk.)
Manufactured in the United States of America
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or
by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit-
ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written
permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the
Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978)
646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department,
John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or
online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or war-
ranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim
all warranties, including without limitation warranties of fitness for a particular purpose. No warranty
may be created or extended by sales or promotional materials. The advice and strategies contained herein
may not be suitable for every situation. This work is sold with the understanding that the publisher is not
engaged in rendering legal, accounting, or other professional services. If professional assistance is required,
the services of a competent professional person should be sought. Neither the publisher nor the author
shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this
work as a citation and/or a potential source of further information does not mean that the author or the
publisher endorses the information the organization or Web site may provide or recommendations it may
make. Further, readers should be aware that Internet Web sites listed in this work may have changed or
disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact
our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or
fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material
included with standard print versions of this book may not be included in e-books or in print-on-demand.
If this book refers to media such as a CD or DVD that is not included in the version you purchased, you
may download this material at http://booksupport.wiley.com. For more information about Wiley
products, visit www.wiley.com.
Library of Congress Control Number: 2017962410
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of
John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used
without written permission. (ISC)2 and CCSP are registered certification marks of (ISC)2, Inc. All other
trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any
product or vendor mentioned in this book.
10 9 8 7 6 5 4 3 2 1
For Robin, again, for making this year possible
Acknowledgments
The author would like to thank various biological entities for their assistance in bringing
this work to completion. First, Jim Minatel, perhaps the best editor anyone could ever
have. Jim has ridiculous thresholds of patience and encouragement, a perfectly dry wit,
and professional experience and knowledge that should make other editors whimper and
hide in the dark places they belong. Kelly Talbot has similar amounts of patience, which
have served to make him the nest of editors. He had to endure completely outrageous
treatment in the form of writer behavior bordering on assault and prose that is perhaps
only as interesting to someone outside the information security realm as paint thinner
(and even paint thinner fumes have arguably medicinal qualities, which this book sorely
lacks).�Judy Flynn is a wickedly sharp editor and may, in fact, be a cyborg programmed
with thesaurus capabilities. The amount of xing she had to do to make this book read-
able is extraordinary, and she cannot be thanked enough. Katie Wisor’s technological
support efforts were unparalled, and her whimsical tolerance for the author’s capricious
attitude toward the editing process cannot be appreciated enough. The technical reviewers
Bill Burke, Trevor Chandler, Aaron Kraus, Valerie Michelle Nelson, Brian O’Hara, and
Jordan Pike were utterly amazing. They caught mistakes and pointed out pitfalls that
caused the author to blush and cringe. More important, they made suggestions that have
improved this work beyond measure, for which the author is humbled and utterly grateful.
Finally, the author’s partner, Robin (getting a doubleplusgood nod to go with the dedi-
cation of this book), for her own efforts to mollify and assuage the author as necessary
during production, and the dog, Jake, who may have often expressed discontent when the
author sat down at the keyboard but was just as pleased to jump up in delight when
the author arose again.
About the Author
Ben Malisow, CISSP, CISM, CCSP, Security+, has been involved in INFOSEC and educa-
tion for more than 20 years. At Carnegie Mellon University, he crafted and delivered the
CISSP prep course for CMU’s CERT/SEU. Malisow was the ISSM for the FBI’s most highly
classied counterterror intelligence-sharing network, served as a United States Air Force
ofcer, and taught grades 6–12 at a reform school in the Las Vegas public school district
(probably his most dangerous employment to date). His latest work has included the CCSP
(ISC)2 Certied Cloud Security Professional Ofcial Study Guide, also from Sybex/Wiley,
and How to Pass Your INFOSEC Certication Test: A Guide to Passing the CISSP, CISA,
CISM, Network+, Security+, and CCSP, available from Amazon Direct. In addition to
other consulting and teaching, Ben is a certied instructor for (ISC)2, delivering CISSP and
CCSP courses. You can reach him at: www.benmalisow.com.
About the Technical Editors
Bill Burke (CISSP, CCSP, CISM, CRISC, CEH, ITIL, Oracle ACE, OCP) is a 25+ year
veteran in Information Technology and Cyber Security. He has worked for numerous
nancial services organizations, one of the most recognized being Visa where he served as
a Chief Enterprise Security Architect. At Oracle, he was a leader in Advanced Technical
Services where he served as a Consulting Technical Director to Oracle’s strategic clients in
Advanced Security Congurations in the RDBMS, RAC, Data Guard, Golden Gate and
other products. During his career, he has served on multiple board-of-directors including
Silicon Valley Chapter - Cloud Security Alliance, Silicon Valley Chapter (ISC)2, Oracle
Development Tools User Group, and the International Oracle Users Group. He has spoken
at local, national and international conferences. He is a published author and technical edi-
tor for both books and journals. Today he is a cloud cyber security consultant and can be
reached at billburke@cloudcybersec.com.
Trevor L. Chandler has been a faculty member in higher education for more than
30 years, providing instruction in various programming languages, virtualization,
networking, Linux System Administration, and cyber security. His experience also
includes many years working in the capacity of UNIX System Administrator, and
Network Administrator. Trevor holds a number of key IT certications: CompTIA’s CASP,
EC-Council’s CEH, and (ISC)2’s coveted CISSP (Certied Information Systems Security
Professional). Among his cloud-related certications are Cloud+, CCSK, and the industry’s
premier cloud security certication, CCSP (Certied Cloud Security Professional). Trevor
has a passion for advancing his knowledge in Information Technology by attending
conferences and webinars.
Aaron Kraus began his career as a security auditor for US Federal Government clients.
From there he moved into security risk management for healthcare and nancial services,
which offered more opportunities to travel, explore, and eat amazing food around the
world. He currently works for a Cyber Risk Insurance startup in San Francisco and spends
his free time dabbling in cooking, cocktail mixology, and photography.
Valerie Michelle Nelson, CISSP, CISM, CCSP, CEH, CSM, CPCU, has worked in
information technology for over 25 years, currently with a large nancial institution on its
journey to the cloud. She has assisted in question workshops with (ISC)2, taught as adjunct
faculty, and generally loves educating friends and family (including her supportive parents,
husband, and two children) on the cloud and the benets and risks yet to be weathered.
xii
About the Technical Editors
Brian T. O’Hara CISA, CISM, CRISC, CCSP, CISSP, Chief Information Security Ofcer
for the National Conference of Guaranty Funds, has been practicing Information Security
for over 20 years specializing in Security, Audit and Risk Management in Healthcare,
Financial Services and Manufacturing. He is a frequent speaker at local and national
conferences such as “RSA”, “SecureWorld”, “Indy Big Data”, and a regular IT Security
and Audit SME contributor to ITProTV. He has published articles in the Indiana Bankers
Journal, and served as Technical Editor of several recent Security and Audit books such
as (ISC)2 CISSP Ofcial Study Guide (Wiley), (ISC)2 SSCP Ofcial Study Guide (Wiley),
as well as co-author of CISA: Certied Information Systems Auditor Study Guide, 4th
Edition (Wiley), and most recently (ISC)2 CCSP Ofcial Study Guide (Wiley). Mr. O’Hara
holds a BA from Indiana University in Public Affairs and an MA in Counseling from the
University of North Dakota. He serves in numerous leadership positions with local and
national InfoSec organizations such as ISACA, ISC2 and the InfraGard Indiana Members
Alliance and was awarded Fellow status by the Information Systems Security Association
(ISSA) in 2013 for his leadership activities. He also currently serves on the Indiana
Executive Cybersecurity Council established by Governor Eric Holcomb. His responsibili-
ties include those of the Financial Services Committee Co-Chair and member of the Public
Awareness and Training Working Group. He can be reached at brian@btohara.com, or
LinkedIn at https://www.linkedin.com/in/brianohara, and can be followed on Twitter
@brian_t_ohara.
Jordan Pike, CISSP, CRISC, CCSP, GCIH, is the director of security operations for
nCino, Inc., which is a leading cloud-based bank operating system built on the Salesforce
platform. When he isn’t in front of a keyboard, he spends his time hiking, volunteering for
a nonprot medical clinic, and reading all of Neal Stephenson’s novels. He was a technical
reviewer for CCSP (ISC)2 Certied Cloud Security Professional Ofcial Study Guide from
Sybex/Wiley. You can reach him at www.jordanpike.com.
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
