Sign In

Sign In here to pay AMFs, submit CPEs, update profile settings, review transactions, and more.



Official (ISC)² Textbooks

 CISSP 3D

Official (ISC)²® Guide to the CISSP® CBK®

Recognized as one of the best tools available for studying for the CISSP exam, the Official (ISC)² Guide to the CISSP CBK, Third Edition is both up-to-date and relevant, reflecting the latest developments in this ever-changing field and providing an intuitive approach to the CISSP CBK. It provides a robust and comprehensive study of the 10 domains, and within the sub-topics of these domains, the book discusses the issues facing security professionals today, such as mobile security, cloud computing, risk management and more.   

Hardcover
iTunes
Kindle
 

Hardcover edition

Official (ISC)² Guide to the CISSP CBK, Third Edition [(ISC)² Press]
Publication Date: December 21, 2012
Language: English
Description: Recognized as one of the best tools available for the information security professional and especially for candidates studying for the (ISC)² CISSP examination, the Official (ISC)²® Guide to the CISSP® CBK®, Third Edition has been updated and revised to reflect the latest developments in this ever-changing field. Endorsed by the (ISC)², this book provides unrivaled preparation for the certification exam that is both up to date and authoritative. Compiled and reviewed by CISSPs and (ISC)² members, the text provides an exhaustive review of the 10 current domains of the CBK.

  • An up-to-date and comprehensive review of all ten domains of the CISSP CBK
  • More than 200 review questions to reinforce ideas and test comprehension
  • Material endorsed by the creators of the CISSP CBK - (ISC)²
Coming soon!
 

iBooks are available for purchase as the complete textbook or by individual domains.

Official (ISC)² Guide to the CISSP CBK, Third Edition - All Domains
An up-to-date and comprehensive review of all ten domains of the CISSP CBK. Compiled and reviewed by CISSPs and (ISC)² members. Includes more than 200 review questions to reinforce ideas and test comprehension
Purchase
 

Domain 1: Access Control
Access control is a foundation of information security and assurance. Without access control, the concepts of confidentiality and integrity are a moot point. Recently, access control is at the forefront of privacy debates. Who should have access to an individual's private information and what assurance and accountability surround that access? Expect access control to remain a high priority as cloud computing and mobile devices become the "de facto" standard of computing.
Purchase
 
Domain 2: Telecommunications and Network Security
Never in the history of human civilization has a society been more interconnected through technology and devices than today. Telecommunications and network security are crucial aspects of the modern communications infrastructure which supports unsurpassed communications and collaboration around the world. While communication has become easier than ever, so has the ability to disrupt or eavesdrop sensitive communications. From data to video to voice, telecommunications and network security has never been more significant than today. Ensuring sound and effective communication infrastructures will become the norm for information security professionals.
Purchase
 
Domain 3: Information Security Governance and Risk Management
With the growing role of could computing and outsourcing, governance and risk management will continue to play a crucial role in many organization's strategies.
Purchase
 
Domain 4: Software Development Security
Securely developing software and systems is the best approach to eliminate vulnerabilities in a cost effective manner. Organizations who develop secure software and systems stand to gain a competitive edge over those who don't.
Purchase
 
Domain 5: Cryptography
Cryptography is one of the best tools an information security professional can use. It is multipurpose and has a deep history of changing the tides of war, protecting organizations and enabling amazing commerce. The most complete compendium of industry knowledge compiled by the foremost experts in global security. A must-have for those seeking to attain the Certified Information Systems Security Professional (CISSP) credential.
Purchase
 
Domain 6: Security Architecture and Design
Much like homes or our lives, security requires a plan and a structure to be effective. Security architecture and design determines the most efficient and effective application of security principles at the right cost. The most complete compendium of industry knowledge compiled by the foremost experts in global security. A must-have for those seeking to attain the Certified Information Systems Security Professional (CISSP) credential.
Purchase
 
Domain 7: Operations Security
Security operations reflects the day to day operations of security within the organization. While "routine" may be used to describe security operations, it is anything but as almost all the action of an incident is detected in the operations group!
Purchase
 
Domain 8: Business Continuity and Disaster Recovery Planning
According to the United States Small Business Administration, over 90 per cent of small business struck by a disaster will fail within two years. Failing to plan for business contingency is almost certainly dooming an organization to failure. Information security professionals must understand the mission of an organization and how to ensure it continues.
Purchase
 
Domain 9: Legal, Regulations, Investigations and Compliance
The world of investigations, law and regulations continues to shape the minimum security requirements for many organizations. Today's information security professional must not only understand the technology of the environment but the regulatory, political and legal aspects of well. Additionally given the nature of crime and the increasing use of technology to facilitate crime it is extremely likely the information security professional will be called upon to assist in an investigation.
Purchase
 
Domain 10: Physical (Environmental) Security
Physical security has been with humanity for all history and continues with us today as a primary vector for attackers. As technical controls have gotten better, adversaries have turned their attention to the weaker areas of the facility and people to gain access.
Purchase
 
 

The Kindle version is available for purchase as the complete textbook or by individual domains.

Official (ISC)² Guide to the CISSP CBK, Third Edition - All Domains
An up-to-date and comprehensive review of all ten domains of the CISSP CBK. Compiled and reviewed by CISSPs and (ISC)² members. Includes more than 200 review questions to reinforce ideas and test comprehension
Purchase
 

Domain 1: Access Control
Access control is a foundation of information security and assurance. Without access control, the concepts of confidentiality and integrity are a moot point. Recently, access control is at the forefront of privacy debates. Who should have access to an individual's private information and what assurance and accountability surround that access? Expect access control to remain a high priority as cloud computing and mobile devices become the "de facto" standard of computing.
Purchase
 
Domain 2: Telecommunications and Network Security
Never in the history of human civilization has a society been more interconnected through technology and devices than today. Telecommunications and network security are crucial aspects of the modern communications infrastructure which supports unsurpassed communications and collaboration around the world. While communication has become easier than ever, so has the ability to disrupt or eavesdrop sensitive communications. From data to video to voice, telecommunications and network security has never been more significant than today. Ensuring sound and effective communication infrastructures will become the norm for information security professionals.
Purchase
 
Domain 3: Information Security Governance and Risk Management
With the growing role of could computing and outsourcing, governance and risk management will continue to play a crucial role in many organization's strategies.
Purchase
 
Domain 4: Software Development Security
Securely developing software and systems is the best approach to eliminate vulnerabilities in a cost effective manner. Organizations who develop secure software and systems stand to gain a competitive edge over those who don't.
Purchase
 
Domain 5: Cryptography
Cryptography is one of the best tools an information security professional can use. It is multipurpose and has a deep history of changing the tides of war, protecting organizations and enabling amazing commerce. The most complete compendium of industry knowledge compiled by the foremost experts in global security. A must-have for those seeking to attain the Certified Information Systems Security Professional (CISSP) credential.
Purchase
 
Domain 6: Security Architecture and Design
Much like homes or our lives, security requires a plan and a structure to be effective. Security architecture and design determines the most efficient and effective application of security principles at the right cost. The most complete compendium of industry knowledge compiled by the foremost experts in global security. A must-have for those seeking to attain the Certified Information Systems Security Professional (CISSP) credential.
Purchase
 
Domain 7: Operations Security
Security operations reflects the day to day operations of security within the organization. While "routine" may be used to describe security operations, it is anything but as almost all the action of an incident is detected in the operations group!
Purchase
 
Domain 8: Business Continuity and Disaster Recovery Planning
According to the United States Small Business Administration, over 90 per cent of small business struck by a disaster will fail within two years. Failing to plan for business contingency is almost certainly dooming an organization to failure. Information security professionals must understand the mission of an organization and how to ensure it continues.
Purchase
 
Domain 9: Legal, Regulations, Investigations and Compliance
The world of investigations, law and regulations continues to shape the minimum security requirements for many organizations. Today's information security professional must not only understand the technology of the environment but the regulatory, political and legal aspects of well. Additionally given the nature of crime and the increasing use of technology to facilitate crime it is extremely likely the information security professional will be called upon to assist in an investigation.
Purchase
 
Domain 10: Physical (Environmental) Security
Physical security has been with humanity for all history and continues with us today as a primary vector for attackers. As technical controls have gotten better, adversaries have turned their attention to the weaker areas of the facility and people to gain access.
Purchase
 
 

ISSAP 3D

Official (ISC)²® Guide to the ISSAP® CBK®, Second Edition

Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptography, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.

Hardcover
iTunes
Kindle
 

Hardcover edition

Official (ISC)² Guide to the ISSAP CBK, Second Edition [(ISC)² Press]
Publication Date: August 28, 2012
Language: English
Description: Supplying an authoritative review of the key concepts and requirements of the ISSAP CBK, the Official (ISC)² Guide to the ISSAP CBK, Second Edition provides the practical understanding required to implement the latest security protocols to improve productivity, profitability, security, and efficiency. Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptography, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.

  • Only guide endorsed by (ISC)²
  • Most up-to-date CISSP-ISSAP CBK
  • Evolving terminology and changing requirements for security professionals
  • Practical illustrated examples to apply concepts in real-life situations
  • Chapter outlines and objectives
  • Review questions and answers
  • Only guide endorsed by (ISC)²
  • References to free study resources
Coming soon!
 
 

Purchase the CISSP-ISSAP iBook as the complete textbook

Official (ISC)²® Guide to the ISSAP® CBK®, Second Edition- All Domains

Supplying an authoritative review of the key concepts and requirements of the ISSAP CBK, the Official (ISC)² Guide to the ISSAP CBK, Second Edition provides the practical understanding required to implement the latest security protocols to improve productivity, profitability, security, and efficiency. Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptography, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.Only guide endorsed by (ISC)²

  • Most up-to-date CISSP-ISSAP CBK
  • Evolving terminology and changing requirements for security professionals
  • Practical illustrated examples to apply concepts in real-life situations
  • Chapter outlines and objectives
  • Review questions and answers
  • Only guide endorsed by (ISC)²
  • References to free study resources
Purchase
 

Purchase the Kindle version as the complete textbook

Official (ISC)²® Guide to the ISSAP® CBK®, Second Edition- All Domains

Supplying an authoritative review of the key concepts and requirements of the ISSAP CBK, the Official (ISC)² Guide to the ISSAP CBK, Second Edition provides the practical understanding required to implement the latest security protocols to improve productivity, profitability, security, and efficiency. Encompassing all of the knowledge elements needed to create secure architectures, the text covers the six domains: Access Control Systems and Methodology, Communications and Network Security, Cryptography, Security Architecture Analysis, BCP/DRP, and Physical Security Considerations.Only guide endorsed by (ISC)²

  • Most up-to-date CISSP-ISSAP CBK
  • Evolving terminology and changing requirements for security professionals
  • Practical illustrated examples to apply concepts in real-life situations
  • Chapter outlines and objectives
  • Review questions and answers
  • Only guide endorsed by (ISC)²
  • References to free study resources
Purchase
 

ISSMP 3D

Official (ISC)²® Guide to the ISSMP® CBK®

The Official (ISC)² Guide to the ISSMP CBK supplies a complete overview of the management topics related to information security.

It provides for an expanded enterprise model of security and management that delves into project management, risk management, and continuity planning.

Facilitating the mastery of the five ISSMP domains required for certification, the book includes authoritative coverage of enterprise security management, enterprise-wide system development, compliance of operations security, business continuity planning, disaster recovery planning, as well as legal and ethical considerations.

Coming soon!
 
Hardcover  
 

Hardcover edition

Official (ISC)² Guide to the ISSMP CBK [(ISC)² Press)]
Publication Date: April 30, 2011
Language: English
Description:Compiled and reviewed by CISSP-ISSMPs and (ISC)² members, the Guide includes:

  • An up-to-date and comprehensive review of all five domains of the ISSMP CBK
  • Review questions to reinforce ideas and test comprehension
  • Material endorsed by the creators of the CISSP-ISSMP CBK - (ISC)²

 

Coming soon!
 

CAP 3D

Official (ISC)²® Guide to the CAP® CBK®

Significant developments since the publication of its bestselling predecessor, Building and Implementing a Security Certification and Accreditation Program warrant an updated text as well as an updated title.

Reflecting recent updates to the Certified Authorization Professional (CAP) Common Body of Knowledge (CBK) and NIST SP 800-37, the Official (ISC)² Guide to the CAP CBK, Second Edition provides readers with the tools to effectively secure their IT systems via standard, repeatable processes.

Coming soon!
 
Hardcover  
 

Hardcover edition

Official (ISC)² Guide to the CAP CBK, Second Edition [(ISC)² Press]
Publication Date: July 18, 2012
Language: English
Description: Compiled and reviewed by CAPs, CISSPs and (ISC)² members, the Second Edition includes:

  • An up-to-date and comprehensive review of all domains of the CAP CBK
  • Examines U.S. federal policies, including DITSCAP, NIACAP, CNSS, NIAP, DoD 8500.1 and 8500.2, and NIST FIPS 
  • Review questions to reinforce ideas and test comprehension
  • Material endorsed by the creators of the CAP CBK - (ISC)²
Coming soon!
 

CSSLP

Official (ISC)²® Guide to the CSSLP®

Provides an all-inclusive analysis of the CSSLP CBK. As the first comprehensive guide to the CSSLP CBK, it facilitates the required understanding of the seven CSSLP Domains.

  • Details software security activities that need to be incorporated throughout the SDLC.
  • Provides comprehensive coverage that includes the people, processes, and technology components of software, networks, and host defenses.
  • Supplies a pragmatic approach to implementing software assurance in the real-world.
Coming soon!
 
Hardcover  
 

Hardcover edition

Official (ISC)² Guide to the CSSLP [(ISC)² Press]
Publication Date: June 13, 2011
Language: English
Description: Compiled and reviewed by CSSLPs and (ISC)² members, the Guide includes:

  • An up-to-date and comprehensive review of all seven domains of the CSSLP CBK
  • Review questions to reinforce ideas and test comprehension
  • Material endorsed by the creators of the CSSLP CBK - (ISC)²

 

Coming soon!
 

SSCP 3D

Official (ISC)²® Guide to the SSCP® CBK®

Picking up where the popular first edition left off, the Official (ISC)² Guide to the SSCP CBK, Second Edition brings together leading IT security tacticians from around the world to discuss the critical role that policy, procedures, standards, and guidelines play within the overall information security management infrastructure.

This textbook offers step-by-step guidance through the seven domains of the SSCP CBK and prepares you to join the thousands of practitioners worldwide who have obtained the (ISC)² Systems Security Certified Practitioner (SSCP) certification.

Coming soon!
 
Hardcover
 

Hardcover edition

Official (ISC)² Guide to the SSCP CBK, Second Edition [(ISC)² Press]
Publication Date: December 15, 2010
Language: English
Description:  Compiled and reviewed by SSCPs and (ISC)² members, the Second Edition includes:

  • An up-to-date and comprehensive review of all seven domains of the SSCP CBK
  • Review questions to reinforce ideas and test comprehension
  • Material endorsed by the creators of the SSCP CBK - (ISC)²  
Coming soon!
 

CISO 3D

CISO Leadership: Essential Principles for Success

This book captures years of hard knocks, success stories, and yes, failures. This is not a how-to book or a collection of technical data. It does not cover products or technology or provide a recapitulation of the common body of knowledge.

The book delineates information needed by security leaders and includes from-the-trenches advice on how to have a successful career in the field. Coming soon!

 
Hardcover
 

Hardcover edition

CISO Leadership: Essential Principles for Success [(ISC)² Press]
Publication Date: December 22, 2007
Language: English
Description:Success and failure stories to help provide CISOs with real-life lessons to help them achieve success in their careers.

Coming soon!