Business continuity and disaster recovery for infosec managers
Every year, nearly one in five businesses suffers a major disruption to its data or voice networks or communications systems. Since 9/11 it has become increasingly important for companies to implement a plan for disaster recovery. This comprehensive book addresses the operational and day-to-day secu...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Amsterdam ; Boston :
Elsevier Digital Press
c2005.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009626963506719 |
Tabla de Contenidos:
- Front Cover; Business Continuity and Disaster Recovery for InfoSec Managers; Copyright Page; Contents; Foreword; Foreword by Mr. Paul Kurtz; Introduction; Introduction: Business Security 101; The State of the BCP and Network Disaster Recovery Industry: Where Are We and Why?; Threats to Personal Privacy; Fraud and Theft; Internet Fraud; Employee Sabotage; Infrastructure Attacks; Malicious Hackers; Malicious Coders; Industrial Espionage; Social Engineering; Educate Staff and Security Personnel; Managing Access; Physical Access; Access Control; Access Control Models; Password Management
- Security Management PracticesChapter Summary; Endnotes; Acknowledgments; Chapter 1. Contingency and Continuity Planning; 1.1 Business Continuity Planning; 1.2 BCP Standards and Guidelines; 1.3 BCP Project Organization; 1.4 Chapter Summary; 1.5 Endnotes; Chapter 2. Assessing Risk; 2.1 Determining Threats; 2.2 Risk Management; 2.3 The Risk Manager; 2.4 Risk Assessment; 2.5 Emergency Incident Assessment; 2.6 Business Risk Assessment; 2.7 Business Impact Analysis (BIA); 2.8 Information Security, IT and Communications; 2.9 Chapter Summary; 2.10 Endnotes; Chapter 3. Mitigation Strategies
- 3.1 Preventative Measures for Information Security Managers3.2 Information Security Preventative Controls; 3.3 Other Preventative Controls; 3.4 Summary of Existing Emergency Procedures; 3.5 Key Personnel for Handling Emergency Procedures; 3.6 External Emergency Services; 3.7 Premises Issues; 3.8 Chapter Summary; 3.9 Endnotes; Chapter 4. Preparing for a Possible Emergency; 4.1 Backup and Recovery Procedures; 4.2 IT Systems Recovery; 4.3 Key BCP Personnel and Supplies; 4.4 Key Documents and Procedures; 4.5 Chapter Summary; 4.6 Endnotes; Chapter 5. Disaster Recovery Phase
- 5.1 Disaster Recovery Legal Issues5.2 Planning for Handling the Emergency; 5.3 Disaster Recovery Team Management Actions; 5.4 Notification and Reporting in Disaster Recovery Phase; 5.5 Disaster Recovery Phase Report; 5.6 Chapter Summary; 5.7 Endnotes; Chapter 6. Business Recovery Phase; 6.1 Business Recovery Planning Process; 6.2 Planning Business Recovery Activities; 6.3 Chapter Summary; Chapter 7. Testing, Auditing, and Training; 7.1 Testing the Business Recovery Process; 7.2 Security Testing; 7.3 The Open Source Security Testing Methodology Manual; 7.4 Monitoring and Updating
- 7.5 Hardening Systems7.6 System Patches; 7.7 Auditing Fundamentals; 7.8 Auditor's Role in Developing Security Policies; 7.9 Auditing Standards and Groups; 7.10 Audit Oversight Committee; 7.11 Auditing and Assessment Strategies; 7.12 Basic Audit Methods and Tools; 7.13 General Information Systems (IS) Audit Process; 7.14 Perimeter Audits; 7.15 Using Nmap; 7.16 Mapping the Network with Nmap; 7.17 Analyzing Nmap Scan Results; 7.18 Penetration Testing Using Nessus; 7.19 Training Staff for the Business Recovery Process; 7.20 Chapter Summary; 7.21 Endnotes
- Chapter 8. Maintaining a Business Continuity Plan
