All you can learn access for $119.99 a term! Learn more about Cengage Unlimited!

Request for consultation

Thanks for your request. You’ll soon be chatting with a consultant to get the answers you need.
{{formPostErrorMessage.message}} [{{formPostErrorMessage.code}}]
First Name is required. 'First Name' must contain at least 0 characters 'First Name' cannot exceed 0 characters Please enter a valid First Name
Last Name is required. 'Last Name' must contain at least 0 characters 'Last Name' cannot exceed 0 characters Please enter a valid Last Name
Institution is required.
Discipline is required.
Why are you contacting us today? is required. 'Why are you contacting us today?' must contain at least 0 characters 'Why are you contacting us today?' cannot exceed 0 characters Please enter a valid Why are you contacting us today?


CISSP GUIDE TO SECURITY ESSENTIALS, Second Edition, provides complete, focused coverage to prepare students and professionals alike for success on the Certified Information Systems Security Professional (CISSP) certification exam. The text opens with an overview of the current state of information security, including relevant legislation and standards, before proceeding to explore all ten CISSP domains in great detail, from security architecture and design to access control and cryptography. Each chapter opens with a brief review of relevant theory and concepts, followed by a strong focus on real-world applications and learning tools designed for effective exam preparation, including key terms, chapter summaries, study questions, hands-on exercises, and case projects. Developed by the author of more than 30 books on information securitythe Second Edition of this trusted text has been updated to reflect important new developments in technology and industry practices, providing an accurate guide to the entire CISSP common body of knowledge.

Peter H. Gregory,

Peter H. Gregory, CISSP, CISA, CRISC, C|CISO, CCSK, QSA, has over 25 years of experience in virtually every role in business IT organizations, including work in government, financial services, non-profit, telecommunications, SAAS, and retail. He is the author of more than 30 books on security and technology, and the technical editor for more than 20 additional books. Gregory sits on the board of advisors and is the lead instructor for the University of Washington certificate program in information systems security, and he is a lecturer at the university's NSA-certified certificate program in information security and risk management. He is also a member of the executive steering board for the SecureWorld Expo Conference, and the board of advisors for PaymentGear. A founding member of the Pacific CISO Forum, Gregory is a graduate of the FBI Citizens' Academy. He studied electrical engineering and computer science at the University of Nevada, Reno, and is the director of strategic services a national consulting firm.
  • The Second Edition includes extensive updates throughout the text to reflect important new industry practices, evolving technology, emerging threats, and effective new means of system and data protection.
  • The author has added new material on cloud systems threats and countermeasures, data jurisdiction, data sovereignty, access control processes, operating systems, software attack objectives, the BCP and DRP life cycles, the security incident response process, root cause analysis, threat modeling, source code scanning, and data leakage prevention systems.
  • Updated study questions across the ten CISSP domains reflect the latest trends, technology, and practices users will need to master to achieve professional success and prepare for the certification exam.
  • New and updated study problems and case projects feature highly relevant examples and real-world scenarios that today's information security professionals are likely to encounter.
  • Covering the complete CISSP common body of knowledge within a single, comprehensive guide, this trusted text is ideal for anyone pursuing the advanced certification that has become the standard for the global information security industry, as well as the U.S. Department of Defense and National Security Agency.
  • Following an introduction that briefly reviews the current state of information security, the text dedicates individual chapters to each of the ten CISSP domains, enabling users to focus on each one in great depth, and to direct their review and exam preparation efforts where they need the most support.
  • After briefly discussing essential theory and concepts relevant to a specific domain, each chapter features a strong practical focus, emphasizing real-world examples, hands-on exercises, and a variety of learning tools to support exam preparation, including key terms, chapter summaries, and study questions.
  • Developed by the author of more than 30 books on information and business security—the text reflects the invaluable perspective of a security professional with more than 25 years of industry experience.
  • To complement the core chapter content, a premium website features expanded information and resources, including additional exam practice questions.
1. Information Security and Risk Management.
2. Access Controls.
3. Software Development Security.
4. Business Continuity and Disaster Recovery.
5. Cryptography.
6. Legal Regulations, Compliance, and Investigations.
7. Security Operations.
8. Physical and Environmental Security.
9. Security Architecture and Design.
10. Telecommunications and Network Security.
Appendix A: Ten Domains of CISSP.
Appendix B: (ISC)² Code of Ethics.
Appendix C: The CISSP Exam.

Textbook Only Options

Traditional eBook and Print Options

{{collapseContainerClosed['detail_0'] ? 'Show More' : 'Show Less'}}

  • STARTING AT $17.49

  • ISBN-10: 130584601X
  • ISBN-13: 9781305846012
  • STARTING AT $20.99

  • ISBN-10: 1285060423
  • ISBN-13: 9781285060422
  • Bookstore Wholesale Price $84.00
  • RETAIL $111.95

Cengage provides a range of supplements that are updated in coordination with the main title selection. For more information about these supplements, contact your Learning Consultant.


Cengage Learning Testing, powered by Cognero Instant Access

ISBN: 9781305108769
Cengage Learning Testing Powered by Cognero is a flexible, online system that allows you to: author, edit, and manage test bank content from multiple Cengage Learning solutions; create multiple test versions in an instant; deliver tests from your LMS, your classroom or wherever you want. Start right away! Cengage Learning Testing Powered by Cognero works on any operating system or browser. No special installs or downloads needed. Create tests from school, home, the coffee shop – anywhere with Internet access. What will you find? Simplicity at every step. A desktop-inspired interface features drop-down menus and familiar, intuitive tools that take you through content creation and management with ease. Full-featured test generator. Create ideal assessments with your choice of 15 question types (including true/false, multiple choice, opinion scale/likert, and essay). Multi-language support, an equation editor and unlimited metadata help ensure your tests are complete and compliant. Cross-compatible capability. Import and export content into other systems.

All-You-Can-Learn Access with Cengage Unlimited

Cengage Unlimited is the first-of-its-kind digital subscription that gives students total and on-demand access to all the digital learning platforms, ebooks, online homework and study tools Cengage has to offer—in one place, for one price. Students get unlimited access to a library of more than 22,000 products for $119.99 per term.