Information security management principles /

Mostrar otras versiones (2)

In today's technology-driven environment, there is an ever-increasing demand for information delivery. A compromise has to be struck between security and availability. This book is a pragmatic guide to information assurance for both business professionals and technical experts. This second edit...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Alexander, David (Information security practitioner)
Otros Autores: Finch, Amanda, Sutton, David (Information security practitioner), Taylor, Andy
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Swindon, U.K. : BCS Learning & Development Ltd., 2013.
Temas:
Computer security > Management.
Data protection.
Sécurité informatique > Gestion.
Protection de l'information (Informatique)
COMPUTERS > Internet > Security.
COMPUTERS > Networking > Security.
COMPUTERS > Security > General.
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Copyright; CONTENTS; LIST OF FIGURES AND TABLES; AUTHORS; ACKNOWLEDGEMENTS; ABBREVIATIONS; PREFACE; 1 INFORMATION SECURITY PRINCIPLES; CONCEPTS AND DEFINITIONS; THE NEED FOR, AND BENEFITS OF, INFORMATION SECURITY; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 2 INFORMATION RISK; THREATS TO, AND VULNERABILITIES OF, INFORMATION SYSTEMS; RISK MANAGEMENT; POINTERS FOR ACTIVITIES IN THIS CHAPTER; 3 INFORMATION SECURITY FRAMEWORK; ORGANISATIONS AND RESPONSIBILITIES; ORGANISATIONAL POLICY, STANDARDS AND PROCEDURES; INFORMATION SECURITY GOVERNANCE; INFORMATION SECURITY IMPLEMENTATION.
  • Security incident managementlegal framework; security standards and procedures; pointers for activities in this chapter; 4 procedural and people security controls; people; user access controls; training and awareness; pointers for activities in this chapter; 5 technical security controls; protection from malicious software; networks and communications; external services; cloud computing; it infrastructure; pointers for activities in this chapter; 6 software development and life cycle; testing, audit and review; systems development and support; pointers for activities in this chapter.
  • 7 physical and environmental securitylearning outcomes; general controls; physical security; technical security; procedural security; protection of equipment; processes to handle intruder alerts; clear screen and desk policy; moving property on and off site; procedures for secure disposal; security requirements in delivery and loading areas; pointers for activities in this chapter; 8 disaster recovery and business continuity management; learning outcomes; dr/bcp, risk assessment and impact analysis; writing and implementing plans; documentation, maintenance and testing.
  • LINKS TO MANAGED SERVICE PROVISION AND OUTSOURCINGSECURE OFF-SITE STORAGE OF VITAL MATERIAL; INVOLVEMENT OF PERSONNEL, SUPPLIERS AND IT SYSTEMS PROVIDERS; SECURITY INCIDENT MANAGEMENT; COMPLIANCE WITH STANDARDS; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; 9 OTHER TECHNICAL ASPECTS; INVESTIGATIONS AND FORENSICS; ROLE OF CRYPTOGRAPHY; POINTERS FOR THE ACTIVITY IN THIS CHAPTER; APPENDIX A; GLOSSARY; INDEX; Back Cover.

Ejemplares similares