Managing information security
Managing Information Security offers focused coverage of how to protect mission critical systems, and how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerabilit...
| Otros Autores: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Amsterdam ; Boston :
Elsevier/Syngress
2014.
Waltham, MA : 2014. |
| Edición: | 2nd ed |
| Colección: | Gale eBooks
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627668306719 |
Tabla de Contenidos:
- Front Cover; Managing Information Security; Copyright Page; Contents; Acknowledgements; About the Editor; Contributors; Introduction; Organization of this Book; 1. Information Security Essentials for IT Managers; 1. Information Security Essentials for it Managers, Overview; Scope of Information Security Management; CISSP Ten Domains of Information Security; What is a Threat?; Common Attacks; Impact of Security Breaches; 2. Protecting Mission-Critical Systems; Information Assurance; Information Risk Management; Administrative, Technical, and Physical Controls; Risk Analysis; Defense in Depth
- Contingency PlanningAn Incident Response (IR) Plan; Business Continuity Planning (BCP); 3. Information Security from the Ground Up; Physical Security; Facility Requirements; Administrative, Technical, and Physical Controls; Data Security; Data Classification; Access Control Models; Systems and Network Security; Host-Based Security; Network-Based Security; Intrusion Detection; Intrusion Prevention; Business Communications Security; General Rules for Self-Protection; Handling Protection Resources; Rules for Mobile IT Systems; Operation on Open Networks
- Additional Business Communications GuidelinesWireless Security; Access Control; Confidentiality; Integrity; Availability; Enhancing Security Controls; Web and Application Security; Web Security; Application Security; Security Policies and Procedures; Security Employee Training and Awareness; The Ten Commandments of SETA; 4. Security Monitoring and Effectiveness; Security Monitoring Mechanisms; Incidence Response and Forensic Investigations; Validating Security Effectiveness; Vulnerability Assessments and Penetration Tests; 5. Summary; Chapter Review Questions/Exercises; True/False
- Multiple ChoiceExercise; Problem; Hands-On Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem; 2. Security Management Systems; 1. Security Management System Standards; 2. Training Requirements; 3. Principles of Information Security; 4. Roles and Responsibilities of Personnel; 5. Security Policies; 6. Security Controls; 7. Network Access; 8. Risk Assessment; 9. Incident Response; 10. Summary; Chapter Review Questions/Exercises; True/False; Multiple Choice; Exercise; Problem; Hands-On Projects; Project; Case Projects; Problem; Optional Team Case Project; Problem
- 3. Information Technology Security Management1. Information Security Management Standards; Federal Information Security Management Act; International Standards Organization; 2. Other Organizations Involved in Standards; 3. Information Technology Security Aspects; Security Policies and Procedures; Security Organization Structure; End User; Executive Management; Security Officer; Data/Information Owners; Information System Auditor; Information Technology Personnel; Systems Administrator; IT Security Processes; Processes for a Business Continuity Strategy
- Processes for IT Security Governance Planning
