CISSP Study Guide

IPsec can be used in tunnel mode or transport mode. Tunnel mode provides confidentiality (ESP) and/or authentication (AH) to the entire original packet, including the original IP headers. New IP headers are added (with the source and destination addresses of the IPsec gateways). Transport mode protects the IP data (layers 4-7) only, leaving the ori

More broadly defined, domains are groups of subjects and objects with similar security requirements.

Note that the title of ISO 27002 includes the word “techniques”; ISO 27001 includes the word “requirements.” Simply put, ISO 27002 describes information security best practices (Techniques), and ISO 27001 describes a process for auditing (requirements) those best practices.

Coupling and cohesion are two concepts used to describe objects. A highly coupled object (such as Addy) requires lots of other objects to perform basic jobs, like math. An object with high cohesion is far more independent: it can perform most functions independently. Objects with high coupling have low cohesion, and the reverse is also true: object

Always consider the relative strengths and weaknesses of doors, windows, walls, floors, ceilings, etc. All should be equally strong from a defensive standpoint: attackers will target the “weakest link in the chain” and should not find a weak spot to expose. Examples of “weakest link” design include a concrete wall with a hollow-core door, or a gyps

Water suppresses fire by lowering the temperature below the kindling point (also called the ignition point). Water is the safest of all suppressive agents, and recommended for extinguishing common combustible fires such as burning paper or wood. It is important to cut electrical power when extinguishing a fire with water to reduce the risk of elect

Traditional interface testing within applications is primarily concerned with appropriate functionality being exposed across all the ways users can interact with the application.

Peter DeGrace (of Sashimi fame) described (and named) Scrum in relation to software development. Scrums contain small teams of developers, called the Scrum Team. The Scrum Master, a senior member of the organization who acts like a coach for the team, supports the Scrum Team. Finally, the Product Owner is the voice of the business unit.

Software escrow describes the process of having a third party store an archive of computer software.

Artificial Neural Networks (ANN) simulate neural networks found in humans and animals. The human brain’s neural network has 100 billion neurons, interconnected by thousands or more synapses each. Each neuron may fire based on synaptic input. This multilayer neural network is capable of making a single decision based on thousands or more inputs.