Introduction xiii Chapter 1 Security and Risk Management (Domain 1) 1 Chapter 2 Asset Security (Domain 2) 25 Chapter 3 Security Architecture and Engineering (Domain 3) 51 Chapter 4 Communication and Network Security (Domain 4) 75 Chapter 5 Identity and Access Management (Domain 5) 99 Chapter 6 Security Assessment and Testing (Domain 6) 123 Chapter 7 Security Operations (Domain 7) 147 Chapter 8 Software Development Security (Domain 8) 171 Chapter 9 Practice Test 1 197 Chapter 10 Practice Test 2 231 Chapter 11 Practice Test 3 257 Chapter 12 Practice Test 4 287 Appendix Answers to Review Questions 315 Index 475

Smarter, faster prep for the CISSP exam The ISC2 CISSP Official Practice Tests, 4th edition provides 1,300 unique questions with detailed answers and explanations to help you solidify your knowledge in advance of taking the CISSP exam. Test your understanding—and your test-taking strategy—with four unique practice exams following the public exam weighting according to the updated April 2024 CISSP Detailed Content Outline. The high-stakes CISSP exam covers all aspects of information security, with in-depth coverage of a diverse set of specialties. These are the only practice exams endorsed by ISC2, and together with the ISC2 CISSP Certified Information Systems Security Professional Official Study Guide, 10th Edition, give you the ultimate resource for complete CISSP exam preparation. Coverage of all April 2024 Detailed Content Outline objectives in these practice tests means you’ll be ready for: Security and Risk ManagementAsset Security Security Architecture and Engineering Communication and Network Security Identity and Access Management (IAM) Security Assessment and Testing Security Operations Software Development Security Interactive learning environment Take your exam prep to the next level with Sybex’s superior interactive online study tools. To access our learning environment, visit www.wiley.com/go/ sybextestprep, register to receive your unique PIN, and instantly gain one year of FREE access to the interactive test bank with four practice exams. 1,300 questions total! ABOUT THE CISSP CERTIFICATION The CISSP is the most globally recognized certification in the information security market. This vendor neutral certification validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization. ISC2 is a global non-profit organization that maintains the Common Body of Knowledge for information security professionals. Candidates must have experience, subscribe to the ISC2 Code of Ethics, and maintain continuing education requirements or recertify every three years. Visit www.isc2.org to learn more.