Top of Page
 

CBK Suggested References

This reference list is not intended to be an all-inclusive collection representing the respective certifications Common Body of Knowledge (CBK). Its purpose is to provide candidates a starting point for their studies in domains which need supplementary learning in order to complement their associated level of work and academic experience. Candidates may also consider other references, which are not on this list but adequately cover domain content.

Note: (ISC)² does not endorse any particular text or author and does not imply that any or all references be acquired or consulted. (ISC)² does not imply nor guarantee that the study of these references will result in an examination pass.

 

  • CISSP CISSP
    • Access Control, Authentication, and Public Key Infrastructure (Information Systems Security & Assurance) 1st Edition
      by Bill Ballad, Tricia Ballad, Erin Banks Publisher: Jones & Bartlett Learning; 1 edition (September 24, 2010) ISBN-13: 978-0763791285

    • Applied Cryptography: Protocols, Algorithms, and Source Code in C
      by Schneier, Bruce Publisher: John Wiley & Sons (November 1, 1995) ISBN-13: 978-0471117094

    • Agile Development in the Real World 1st ed. Edition
      by Alan Cline   Publisher: Apress; 1st ed. edition (December 19, 2015) ISBN-13: 978-1484216781

    • Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-wesley Professional Computing Series) 1st Edition
      by John Viega,‎ Gary McGraw Publisher: Addison-Wesley Professional; 1 edition (October 4, 2001) ISBN-13: 978-0321774958

    • Cloud Computing Bible 1st Edition
      by Barrie Sosinsky Publisher: Wiley; 1 edition (January 11, 2011) ISBN-13: 978-0470903568

    • Core Software Security: Security at the Source 1st Edition
      by James Ransome, Anmol Misra    Publisher: Auerbach Publications; 1 edition (December 9, 2013) ISBN-13: 978-1466560956

    • Cryptography and Network Security: Principles and Practice (6th Edition) 6th Edition
      by William Stallings Publisher: Pearson; 6 edition (March 16, 2013) ISBN-13: 978-0133354690

    • Data Stewardship 1st Edition An Actionable Guide to Effective Data Management and Data Governance Write a review Authors: David Plotkin Paperback ISBN: 9780124103894 Imprint: Morgan Kaufmann Published Date: 26th September 2013

    • Designing Network Security, 2nd Edition
      by Merike Kaeo Published Oct 30, 2003 by Cisco Press.  ISBN-13: 978-1-58705-117-3

    • Disaster Recovery, Crisis Response, and Business Continuity: A Management Desk Reference 1st ed. Edition
      by Jamie Watters and‎ Janet Watters Publisher: Apress; 1st ed. edition (December 23, 2013) ISBN-13: 978-1430264064

    • Disaster Recovery Planning: Preparing for the Unthinkable (3rd Edition) 3rd Edition
      by Jon William Toigo Publisher: Prentice Hall; 3 edition (September 6, 2002) ISBN-13: 978-0130462824

    • End-to-End Network Security: Defense-in-Depth 1st Edition
      by Omar Santos Publisher: Cisco Press; 1 edition (September 3, 2007) ISBN-13: 978-1587053320

    • Federated Identity Primer 1st Edition
      by Derrick Rountree Publisher: Syngress; 1 edition (December 24, 2012) ISBN-13: 978-0124071896

    • Handbook of Information Security, 3-Volume Set 1st Edition
      by Hossein Bidgoli (Editor) Publisher: Wiley; 1 edition (December 30, 2005) ISBN-13: 978-0471648338

    • Handbook of Information Security Management 98th Edition
      by Harold F. Tipton   Publisher: Auerbach Publications; 98 edition (December 15, 1997) ISBN-13: 978-0849399473

    • Identity and Access Management: Business Performance Through Connected Intelligence 1st Edition
      by Ertem Osmanoglu Publisher: Syngress; 1 edition (December 10, 2013) ISBN-13: 978-0124081406

    • Identity Management: A Business Perspective
      by Graham Williamson Publisher: Mc Press (February 20, 2017) ISBN-13: 978-1583474990

    • Information Security Management Handbook, Fourth Edition, Volume II 1st Edition
      by Harold F. Tipton (Editor) Publisher: Auerbach Publications; 1 edition (October 20, 2000) ISBN-13: 978-0849308000

    • Information Security Management Handbook, Volume 2 5th Edition
      by Harold F. Tipton (Editor),‎ Micki Krause (Editor)  Publisher: Auerbach Publications; 5 edition (December 28, 2004) ISBN-13: 978-0849332104

    • Information Security Management Handbook, 6th Edition 6th Edition
      by Harold F. Tipton, Micki Krause Publisher: CRC Press; 6 edition (May 14, 2007) ISBN-13: 978-0849374951

    • IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
      by Naganand Doraswamy and Dan Harkins Publisher Prentice Hall Professional, 2003 ISBN 9780130461896

    • (ISC)2 Code of Ethics

    • ISO/IEC 27001:2013 Information technology — Security techniques — Information security   management systems — Requirements  
      2013 ISO/IEC

    • Java Web Services: Up and Running, 2nd Edition A Quick, Practical, and Thorough Introduction
      by Martin Kalin Publisher: O'Reilly Media; 2 edition (September 28, 2013) ISBN-13: 978-1449365110

    • Kali Linux – Assuring Security
      by Penetration Testing Kindle Edition by Lee Allen. Tedi Heriyanto, Shakeel Ali Publisher: Packt Publishing (April 7, 2014)

    • Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals 1st Edition
      by Constantine Photopoulos Publisher: Syngress; 1 edition (April 18, 2008) ISBN-13: 978-1597492393

    • Network Security Assessment, 3rd Edition Know Your Network
      by Chris McNab Publisher: O'Reilly Media Release Date: December 2016

    • Network Security Assessment: From Vulnerability to Patch 1st Edition
      by Steve Manzuik, Andre Gold, Chris Gatford Publisher: Syngress; 1 edition (November 7, 2006) ISBN-13: 978-1597491013

    • NIST SP 800-37 Rev 1 Guide for Applying the Risk Management Framework to Federal Information Systems. Feb 2010 (updated 2014) Joint Task Force. 

    • NIST SP 800-41 Rev 1 Guidelines on Firewalls and Firewall Policy
      by Karen Scarfone, Paul Hoffman September 2009 

    • NIST 800-64 Rev 2 Security Considerations in the System Development Life Cycle
      by Richard Kissel, Kevin Stine, Matthew Scholl, Hart Rossman, Jim Fahlsing, Jessica Gulick October 2008 

    • NIST SP 800-100 Information Security Handbook: A Guide for Managers
      by Pauline Bowen, Joan Hash, Mark Wilson Oct 2006 

    • NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
      by Karen Scarfone, Murugiah Souppaya, Amanda Cody, Angela Orebaugh.  September 2008. 

    • NIST SP 800-137 Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
      by Kelley Dempsey, Nirali Shah Chawla, Arnold Johnson, Ronald Johnston, Alicia Clay Jones, Angela Orebaugh, Matthew Scholl, Kevin Stine   September 2011 

    • Official (ISC)2 Guide to the CISSP CBK / Edition 2
      by Steven Hernandez, CISSP Publisher: Auerbach Publications; 2 edition (December 22, 2009) ISBN-13: 9781439809594

    • Official (ISC)2 Guide to the CISSP CBK, Fourth Edition ((ISC)2 Press) 4th Edition
      by Adam Gordon (Editor) Publisher: Auerbach Publications; 4 edition (March 11, 2015) ISBN-13: 978-1482262759

    • OWASP Application Security Verification Standard 3.0.1
      July 2016 Lead author - Jim Manico  

    • Real Digital Forensics: Computer Security and Incident Response
      by Keith J. Jones, Richard Bejtlich, Curtis W. Rose Publisher: Addison-Wesley Professional (October 3, 2005) ISBN-13: 978-0321240699

    • Security in Computing [3rd Edition]
      by Pfleeger, Charles P., Pfleeger, Shari Lawrence [Prentice Hall PTR,2002] ASIN: B00DU78E9O

    • Security in Computing (5th Edition)
      by Charles P. Pfleeger, Shari Lawrence Pfleeger, Jonathan Margulies Publisher: Prentice Hall; 5 edition (February 5, 2015) ISBN-13: 978-0134085043

    • Security Program and Policies: Principles and Practices (2nd Edition) (Certification/Training) 2nd Edition
      by Sari Greene Publisher: Pearson IT Certification; 2 edition (March 29, 2014) ISBN-13: 978-0789751676

    • Software Engineering New ed. Edition
      by Kassem A. Saleh   Publisher: J. Ross Publishing; New ed. edition (August 11, 2009) ISBN-13: 978-1932159943

    • The Architecture of Privacy: On Engineering Technologies that Can Deliver Trustworthy Safeguards 1st Edition
      by Courtney Bowman, ‎Ari Gesher,‎ John K Grant,‎ Daniel Slate,‎ and Elissa Lerner (Editor) Publisher: O'Reilly Media; 1 edition (September 11, 2015) ISBN-13: 978-1491904015

    • The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics 1st Edition
      by John Sammons Publisher: Syngress; 1 edition (March 9, 2012) ISBN-13: 978-1597496612

    • The Basics of IT Audit: Purposes, Processes, and Practical Information (Basics (Syngress)) 1st Edition
      by Stephen D. Gantz Publisher: Syngress; 1 edition (December 6, 2013) ISBN-13: 978-0124171596

    • The Complete Guide to Physical Security 1st Edition
      by Paul R. Baker and‎ Daniel J. Benny   Publisher: Auerbach Publications; 1 edition (November 19, 2012) ISBN-13: 978-1420099638

    • The InfoSec Handbook: An Introduction to Information Security 1st ed. Edition
      by Umesha Nayak and‎ Umesh R Hodeghatta Publisher: Apress; 1st ed. edition (August 30, 2014) ISBN-13: 978-1430263821

    • Threat Modeling: Designing for Security 1st Edition
      by Adam Shostack   Publisher: Wiley; 1 edition (February 17, 2014) ISBN-13: 978-1118809990

    • Using the Common Criteria for IT Security Evaluation
      Debra S. Herrmann December 27, 2002 by Auerbach Publications ISBN 9780849314049

    • Wireless Security Merritt Maxim Publisher McGraw Hill Professional Apr 29, 2002 ISBN 9780072222869
  • CAP CAP
  • CCSP CCSP
  • SSCP SSCP
    • Applied Cryptography: Protocols, Algorithms, and Source Code in C
      by Schneier, Bruce Publisher: John Wiley & Sons (November 1, 1995) ISBN-13: 978-0471117094

    • Authentication: From Passwords to Public Keys 1st Edition
      by Richard E. Smith Publisher: Addison-Wesley Professional; 1 edition (October 11, 2001) ISBN-13: 978-0201615999

    • Defending Your Digital Assets Against Hackers, Crackers, Spies, and Thieves
      by Randall K. Nichols, Daniel J. Ryan, Julie J. C. H. Ryan McGraw-Hill, 2000 ISBN-13: 978-0072130249

    • Disaster Recovery Planning: Preparing for the Unthinkable (3rd Edition) 3rd Edition
      by Jon William Toigo Publisher: Prentice Hall; 3 edition (September 6, 2002) ISBN-13: 978-0130462824

    • Exploiting Software: How to Break Code 1st Edition
      by Greg Hoglund, Gary McGraw Publisher: Addison-Wesley Professional; 1 edition (February 27, 2004) ISBN-13: 978-0201786958

    • First Responders Guide to Computer Forensics
      by Richard Nolan, Colin O’Sullivan, Jake Branson and Cal Waits March 2005 CERT Training and Education HANDBOOK CMU/SEI-2005-HB-001

    • Fundamentals of Information Systems Security / Edition 3
      by David Kim, Michael G. Solomon ISBN-13: 9781284116458 Publisher: Jones & Bartlett Learning Publication date: 10/26/2016

    • Guide to Computer Viruses: How to avoid them, how to get rid of them, and how to get help 2nd Edition
      by Robert Slade Publisher: Springer; 2nd edition (April 25, 1996) ISBN-13: 978-0387946634

    • Hackproofing Your Wireless Network 1st Edition
      by ‎ Eric Ouellet, Neal O'Farrell and Tony Bautts Publisher: Syngress; 1 edition (February 28, 2002) ISBN-13: 978-1928994596

    • Handbook of Information Security Management 98th Edition
      by Harold F. Tipton Publisher: Auerbach Publications; 98 edition (December 15, 1997) ISBN-13: 978-0849399473

    • Information Security Management Handbook, 6th Edition 6th Edition
      by Harold F. Tipton, Micki Krause Publisher: CRC Press; 6 edition (May 14, 2007) ISBN-13: 978-0849374951

    • Inside Network Perimeter Security 2nd Edition
      by Stephen Northcutt, Lenny Zeltser,‎ Scott Winters, Karen Kent and Ronald W. Ritchey Publisher: Sams Publishing; 2 edition (March 14, 2005) ISBN-13: 978-0672327377

    • Intrusion Detection: Network Security Beyond the Firewall 1st Edition
      by Terry Escamilla Publisher: Wiley; 1 edition (September 17, 1998) ISBN-13: 978-0471290001

    • (ISC)2 Code of Ethics

    • Malware: Fighting Malicious Code
      by Ed Skoudis, Lenny Zeltser Publisher: Prentice Hall (November 17, 2003) ISBN-13: 978-0131014053

    • Managing Risk in Information Systems (Information Systems Security & Assurance) 2nd Edition
      by Darril Gibson Publisher: Jones & Bartlett Learning; 2 edition (July 31, 2014)

      ISBN-13: 978-1284055955


    • Managing Security with Snort & IDS Tools Intrusion Detection with Open Source Tools
      by Kerry Cox, Christopher Gerg Publisher: O'Reilly Media Release Date: February 2009 ISBN-13: 9780596006617

    • Mastering Network Security 2nd Edition
      by Chris Brenton and Cameron Hunt Publisher: Sybex; 2 edition (October 7, 2002) ISBN-13: 978-0782141429

    • Network Security Assessment: From Vulnerability to Patch 1st Edition
      by Steve Manzuik, Andre Gold, Chris Gatford Publisher: Syngress; 1 edition (November 7, 2006) ISBN-13: 978-1597491013

    • Network Security Auditing (Cisco Press Networking Technology Series) 1st Edition
      by Chris Jackson   Publisher: Cisco Press; 1 edition (June 12, 2010) ISBN-13: 978-1587053528

    • NIST SP 800-12 Rev 1 An Introduction to Information Security
      by Michael Nieles, Kelley Dempsey, and Victoria Yan Pillitteri June 2017

    • NIST SP 800-34 Rev 1 Contingency Planning Guide for Federal Information Systems
      by Marianne Swanson, Pauline Bowen, Amy Wohl Phillips, Dean Gallup, David Lynes   May 2010 

    • NIST SP 800-53 Rev 4 Security and Privacy Controls for Federal Information Systems and Organizations.
      Joint Task Force  April 2013

    • SSCP Systems Security Certified Practitioner All-in-One Exam Guide 1st Edition
      by Darril Gibson Publisher: McGraw-Hill Education; 1 edition (December 8, 2011) ISBN-13: 978-0071771566

    • The Official (ISC)2 Guide to the SSCP CBK 4th Edition
      by Adam Gordon, Steven Hernandez Publisher: Sybex; 4 edition (May 16, 2016) ISBN-13: 978-1119278634

    • Viruses Revealed
      by David Harley, Robert Slade, Urs Gattiker, Eugene H. Spafford (Foreword) Publisher: McGraw-Hill Companies ASIN: B007PMOWTQ

    • Web Security, Privacy and Commerce, 2nd Edition 2nd Edition
      by Simson Garfinkel Publisher: O'Reilly Media; 2 edition (January 15, 2002) ISBN-13: 978-0596000455
  • CSSLP CSSLP
    • 19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them (Security One-off) 1st Edition
      by Michael Howard, David LeBlanc, John Viega Publisher: McGraw-Hill Osborne Media; 1 edition (July 26, 2005) ISBN-13: 978-0072260854

    • A Guide to Building Secure Web Applications - The Open Web Application Security Project
      Published Sun Sep 22, 2002 by The Open Web Application Security Project (OWASP).  

    • A Guide to the Project Management Body of Knowledge 4th Edition
      by Project Management Institute Publisher: Project Management Inst; 4th edition (2009) ISBN-13: 978-1933890517

    • Analyzing Computer Security: A Threat / Vulnerability / Countermeasure Approach 1st Edition
      by Charles P. Pfleeger and Shari Lawrence Pfleeger Publisher: Prentice Hall; 1 edition (September 4, 2011) ISBN-13: 978-0132789462

    • Building Secure Software: How to Avoid Security Problems the Right Way (Addison-wesley Professional Computing Series) 1st Edition
      by John Viega, Gary McGraw Publisher: Addison-Wesley Professional; 1 edition (October 4, 2001) ISBN-13: 978-0321774958

    • Core Software Security: Security at the Source 1st Edition
      by James Ransome, Anmol Misra Publisher: Auerbach Publications; 1 edition (December 9, 2013) ISBN-13: 978-1466560956

    • Creating a Data-Driven Organization: Practical Advice from the Trenches 1st Edition
      by Carl Anderson Publisher: O'Reilly Media; 1 edition (August 14, 2015) ISBN-13: 978-1491916919

    • Digital Identity: Unmasking Identity Management Architecture (IMA)
      by Phillip J. Windley Publisher: O'Reilly Media; 1 edition (August 11, 2005) ISBN-13: 978-0596008789

    • Enterprise Software Delivery: Bringing Agility and Efficiency to the Global Software Supply Chain 1st Edition
      by Alan W. Brown Publisher: Addison-Wesley Professional; 1 edition (July 5, 2012) ISBN-13: 978-0321803016

    • Enterprise Software Security: A Confluence of Disciplines
      by Kenneth R. van Wyk (2014-12-17) Publisher: Addison-Wesley Professional (1811) ASIN: B01FJ0LM98

    • Exploiting Software: How to Break Code 1st Edition
      by Greg Hoglund, Gary McGraw Publisher: Addison-Wesley Professional; 1 edition (February 27, 2004) ISBN-13: 978-0201786958

    • Foundations of Security: What Every Programmer Needs to Know (Expert's Voice)
      by Christoph Kern, Anita Kesavan, Neil Daswani   Publisher: Apress; 1st ed. edition (February 15, 2007) ISBN-13: 978-1590597842

    • Getting Results from Software Development Teams 1st Edition
      by Lawrence J. Peters Publisher: Microsoft Press; 1 edition (June 8, 2008) ASIN: B003E7EV0G

    • Global Technology Audit Guide (GTAG) 2: Change and Patch Management Controls: Critical for Organizational Success, 2nd Edition
      March 2012  

    • Information Security Management Handbook, Volume 2 5th Edition
      by Harold F. Tipton (Editor), ‎Micki Krause (Editor) Publisher: Auerbach Publications; 5 edition (December 28, 2004) ISBN-13: 978-0849332104

    • ISO/IEC 15408-1:2009 Preview Information technology -- Security techniques -- Evaluation criteria for IT security -- Part 1: Introduction and general model
      Publication date : 2009-12 

    • TR 19759:2015 Software Engineering -- Guide to the software engineering body of knowledge (SWEBOK)
      Publication date: 2015-10

    • Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals 1st Edition
      by Constantine Photopoulos Publisher: Syngress; 1 edition (April 18, 2008) ISBN-13: 978-1597492393

    • Mastering the Requirements Process: Getting Requirements Right (3rd Edition) 3rd Edition
      by Suzanne Robertson, James Robertson Publisher: Addison-Wesley Professional; 3 edition (August 16, 2012) ISBN-13: 978-0321815743

    • NIST SP 800-30 Rev 1 Guide for Conduction Risk Assessments.  Joint Task Force - Computer Security Division NIST. 
      September 2012  

    • NIST SP 800-100 Information Security Handbook: A Guide for Managers
      by Pauline Bowen, Joan Hash, Mark Wilson Oct 2006   

    • NISTIR 7622 Notional Supply Chain Risk Management Practices for Federal Information Systems
      by Jon Boyens, Celia Paulsen, Nadya Bartol, Rama Moorthy, Stephanie Shankles     October 2012 

    • Role-Based Access Control, Second Edition
      by David F. Ferraiolo Publisher: Artech Print on Demand; 2 edition (January 31, 2007) ISBN-13: 978-1596931138

    • Secure Programming with Static Analysis
      by Brian Chess, Jacob West Pearson Education, Jun 29, 2007 ISBN 9780132702027

    • Security Metrics: Replacing Fear, Uncertainty, and Doubt 1st Edition
      by Andrew Jaquith Publisher: Addison-Wesley Professional; 1 edition (April 5, 2007) ISBN-13: 978-0321349989

    • Security Quality Requirements Engineering (SQUARE) Methodology TECHNICAL REPORT CMU/SEI-2005-TR-009
      by Mead, N.R., Hough, E. & Stehney, T.  Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2005.    

    • SOA Security
      by Ramarao Kanneganti and‎ Prasad A Chodavarapu Publisher: Manning Publications (January 11, 2008) ISBN-13: 978-1932394689

    • Software Security Engineering: A Guide for Project Managers 1st Edition
      by Julia H. Allen, ‎ Sean Barnum,‎ Robert J. Ellison,‎ Gary McGraw  and‎ Nancy R. Mead Publisher: Addison-Wesley Professional; 1 edition (May 11, 2008) ISBN-13: 978-0321509178

    • The Art of Software Security Testing: Identifying Software Security Flaws 1st Edition
      by Chris Wysopal, Lucas Nelson, Dino Dai Zovi, Elfriede Dustin Publisher: Addison-Wesley Professional; 1 edition (November 27, 2006) ISBN-13: 978-0321304865

    • The Complete Book of Data Anonymization: From Planning to Implementation (Infosys Press) 1st Edition
      by Balaji Raghunathan Publisher: Auerbach Publications; 1 edition (May 21, 2013) ISBN-13: 978-1439877302

    • The Executive Guide to Information Security: Threats, Challenges, and Solutions 1st Edition
      by Mark Egan, Tim Mather Publisher: Addison-Wesley Professional; 1 edition (December 10, 2004) ISBN-13: 978-0321304513

    • The Security Development Lifecycle
      by Michael Howard and Steve Lipner Publisher: Microsoft Press (June 28, 2006) ISBN-10: 0735622140 ASIN: B002KE4A9G

    • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
      by Dafydd Stuttard, Marcus Pinto Publisher: Wiley Publication date: 09/27/2011   ISBN-13: 9781118026472

    • Top 10 2007
      Project Lead: Andrew van der Stock (Executive Director, OWASP Foundation) Co-authors: Jeff Williams (Chair, OWASP Foundation), Dave Wichers (Conference Chair, OWASP Foundation)

    • Writing Secure Code, 2nd Edition
      by David LeBlanc, Michael Howard Published 12/4/2002 2nd Edition ISBN: 978-0-7356-1722-3
  • HCISPP HCISPP
  • CISSP-ISSAP CISSP-ISSAP
    1. Application Security in the ISO27001 Environment
      by Vinod Vasudevan, Anoop Mangla, Firosh Ummer, Sachin Shetty, Sangita Pakala, Siddharth Anbalahan   Publisher: IT Governance Publishing (April 10, 2008) ISBN-13: 978-1905356355

    2. Applied Cryptography: Protocols, Algorithms and Source Code in C 1st Edition
      by Bruce Schneier Publisher: Wiley; 1 edition (March 30, 2015) ISBN-13: 978-1119096726

    3. Biometrics for Network Security
      by Paul Reid Publisher: Prentice Hall PTR (December 30, 2003) ISBN-13: 978-0131015494

    4. Cloud Storage Security: A Practical Guide (Computer Science Reviews and Trends) 1st Edition
      by Aaron Wheeler and Michael Winburn Publisher: Elsevier; 1 edition (July 28, 2015) ISBN-13: 978-0128029305

    5. Common Criteria for Information Technology Security Evaluation
      April 2017 Version 3.1 Revision 5 CCMB-2017-04-001

    6. Disaster Recovery and Business Continuity 3rd Edition
      by IT Governance Publishing (Editor) Publisher: It Governance Publishing; 3 edition (January 30, 2014) ISBN-13: 978-1849285384

    7. Handbook of Information Security Management 98th Edition
      by Harold F. Tipton   Publisher: Auerbach Publications; 98 edition (December 15, 1997) ISBN-13: 978-0849399473

    8. Information Assurance and Security Technologies for Risk Assessment and Threat Management: Advances (Premier Reference Source) 1st edition
      by Te-Shun Chou (2011) Publisher: IGI Global; 1 edition (1709) ASIN: B011DBTTBK

    9. Information Security Management Handbook, 6th Edition 6th Edition
      by Harold F. Tipton, Micki Krause Publisher: CRC Press; 6 edition (May 14, 2007) ISBN-13: 978-0849374951

    10. Information Security: Principles and Practice 2nd Edition
      by Mark Stamp Publisher: Wiley; 2 edition (May 3, 2011) ISBN-13: 978-0470626399

    11. Inside Network Perimeter Security (2nd Edition) 2nd Edition
      by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent, Ronald W. Ritchey Publisher: Sams Publishing; 2 edition (March 14, 2005) ISBN-13: 978-0672327377

    12. Introduction to Business Architecture 1st Edition
      by Chris Reynolds   Publisher: Cengage Learning PTR; 1 edition (July 22, 2009) ISBN-13: 978-1435454224

    13. Measuring and Managing Information Risk: A FAIR Approach 1st Edition
      by Jack Freund and Jack Jones Publisher: Butterworth-Heinemann; 1 edition (September 5, 2014) ISBN-13: 978-0124202313

    14. Network Defense and Countermeasures: Principles and Practices, 2nd Edition
      by William (Chuck) Easttom ISBN-13: 978-0-13-338440-6 Published Oct 21, 2013
      by Pearson IT Certification.

    15. NIST SP 800-34 Rev 1 Contingency Planning Guide for Federal Information Systems
      by Marianne Swanson, Pauline Bowen, Amy Wohl Phillips, Dean Gallup, David Lynes   May 2010 

    16. NIST Special Publication 800-41 Revision 1 Guidelines on Firewalls and Firewall Policy
      by Karen Scarfone and Paul Hoffman September 2009

    17. NIST SP 800-64 Rev 2 Security Considerations in the System Development Life Cycle
      by Richard Kissel, Kevin Stine, Matthew Scholl, Hart Rossman, Jim Fahlsing, Jessica Gulick October 2008 

    18. NIST SP 800-95 Guide to Secure Web Services
      by Anoop Singhal, Theodore Winograd, Karen Scarfone August 2007 

    19. NIST SP 800-125 Guide to Security for Full Virtualization Technologies
      by Karen Scarfone, Murugiah Souppaya, and Paul Hoffman January 2011

    20. Practical VoIP Security 1st Edition
      by Thomas Porter, Jan Kanclirz Jr., Brian Baskin  Publisher: Syngress; 1 edition (June 10, 2006) ISBN-13: 978-1597490603
  • CISSP-ISSEP CISSP-ISSEP
  • CISSP-ISSMP CISSP-ISSMP
    • A Guide to the Project Management Body of Knowledge (PMBOK® Guide) 5th Edition
      by Project Management Institute Publisher: Project Management Institute; 5 edition (January 1, 2013) ISBN-13: 978-1935589679

    • A Practical Guide to Security Assessments 1st Edition
      by Sudhanshu Kairab Publisher: Auerbach Publications; 1 edition (September 29, 2004) ISBN-13: 978-0849317064

    • Application Security in the ISO27001 Environment
      by Vinod Vasudevan, Anoop Mangla, Firosh Ummer, Sachin Shetty, Sangita Pakala, Siddharth Anbalahan   Publisher: IT Governance Publishing (April 10, 2008) ISBN-13: 978-1905356355

    • Asset Protection and Security Management Handbook 1st Edition
      by James Walsh (Editor) Publisher: Auerbach Publications; 1 edition (December 27, 2002) ISBN-13: 978-0849316036

    • Business Continuity Management System: A Complete Guide to Implementing ISO 22301
      by Wei Ning Zechariah Wong and Jianping Shi Publisher: Kogan Page (November 28, 2014) ISBN-13: 978-0749469115

    • CISA Certified Information Systems Auditor Study Guide, 4th Edition
      by David L. Cannon with Brian T. O'Hara, Allen Keele Publisher: Sybex; 4 edition (March 14, 2016) ISBN: 978-1-119-05624-9

    • Cloud Security and Privacy an Enterprise Perspective on Risks and Compliance
      by Tim Mather, Subra Kumaraswamy, Shahed Latif Publisher: O'Reilly Media Release Date: September 2009   ISBN-13: 978-0596802769

    • Computer Evidence: Collection and Preservation 2nd Edition
      by Christopher LT Brown Publisher: Cengage Learning; 2 edition (June 17, 2009) ISBN-13: 978-1584506997

    • Handbook of Information Security Management 98th Edition
      by Harold F. Tipton Publisher: Auerbach Publications; 98 edition (December 15, 1997) ISBN-13: 978-0849399473

    • Information Security Management Handbook, 6th Edition 6th Edition
      by Harold F. Tipton, Micki Krause Publisher: CRC Press; 6 edition (May 14, 2007) ISBN-13: 978-0849374951

    • (ISC)2 Code of Ethics

    • Managing Risk in Information Systems (Information Systems Security & Assurance) 2nd Edition
      by Darril Gibson Publisher: Jones & Bartlett Learning; 2 edition (July 31, 2014) ISBN-13: 978-1284055955

    • NIST SP 800-34 Rev 1 Contingency Planning Guide for Federal Information Systems
      by Marianne Swanson, Pauline Bowen, Amy Wohl Phillips, Dean Gallup, David Lynes   May 2010 

    • NIST 800-61 Rev 2 Computer Security Incident Handling Guide
      by Paul Cichonski, Tom Millar, Tim Grance, Karen Scarfone  August 2012

    • Official (ISC)2® Guide to the CISSP®-ISSMP® CBK®, Second Edition ((ISC)2 Press) 2nd Edition
      by (ISC)² Corporate &‎ Joseph Steinberg  (Editor) Publisher: Auerbach Publications; 2 edition (May 14, 2015) ISBN-13: 978-1466578951

    • Security Policies and Implementation Issues (Information Systems Security & Assurance) 1st Edition
      by Robert Johnson and Mark Merkow Publisher: Jones & Bartlett Learning; 1 edition (September 29, 2010) ISBN-13: 978-0763791322

    • Security Risk Management: Building an Information Security Risk Management Program from the Ground Up 1st Edition
      by Evan Wheeler Publisher: Syngress; 1 edition (May 31, 2011) ISBN-13: 978-1597496155

    • Software Configuration Management Handbook, Second Edition 2nd Edition
      by Alexis Leon Publisher: Artech Print on Demand; 2 edition (December 30, 2004) ISBN-13: 978-1580538824

    • System i Disaster Recovery Planning
      by Richard Dolewski Publisher: Mc Press (April 1, 2008) ISBN-13: 978-1583470671

    • The IT / Digital Legal Companion: A Comprehensive Business Guide to Software, IT, Internet, Media and IP Law 1st Edition
      by Gene K. Landy and Amy J. Mastrobattista Publisher: Syngress; 1 edition (June 20, 2008) ISBN-13: 978-1597492560

    • Windows Forensic Analysis
      by Harlan Carvey ISBN: 978-1-59749-156-3 
OK