Cargando…
Information assurance handbook : effective computer security and risk management strategies /
"Information Assurance Handbook: Effective Computer Security and Risk Management Strategies discusses the tools and techniques required to prevent, detect, contain, correct, and recover from security breaches and other information assurance failures. This practical resource explains how to inte...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill Education,
©2015.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Title
- Copyright Page
- Dedication
- Contents
- Foreword
- Acknowledgments
- Introduction
- Part I Information Assurance Basics
- Chapter 1 Developing an Information Assurance Strategy
- Comprehensive
- Independent
- Legal and Regulatory Requirements
- Living Document
- Long Life Span
- Customizable and Pragmatic
- Risk-Based Approach
- Organizationally Significant
- Strategic, Tactical, and Operational
- Concise, Well-Structured, and Extensible
- Critical Thinking Exercises
- Chapter 2 The Need for Information Assurance
- Protection of Critical and Sensitive Assets
- Compliance to Regulations and Circulars/Laws
- Meeting Audit and Compliance Requirements
- Providing Competitive Advantage
- Critical Thinking Exercises
- Chapter 3 Information Assurance Principles
- The MSR Model of Information Assurance
- Information Assurance
- Information Security
- Information Protection
- Cybersecurity
- Information Assurance: Business Enabler
- Information Assurance: Protects the Fabric of an Organization's Systems
- Information Assurance: Cost Effective and Cost Beneficial
- Information Assurance: Shared Responsibilities
- Information Assurance: Robust Approach
- Information Assurance: Reassessed Periodically
- Information Assurance: Restricted by Social Obligations
- Implications from Lack of Information Assurance
- Penalties from a Legal/Regulatory Authorities
- Loss of Information Assets
- Operational Losses and Operational Risk Management
- Customer Losses
- Loss of Image and Reputation
- Further Reading
- Critical Thinking Exercises
- Chapter 4 Information Assurance Concepts
- Defense in Depth
- Confidentiality, Integrity, and Availability
- Confidentiality
- Integrity
- Availability
- CIA Balance
- Nonrepudiation and Authentication
- Nonrepudiation
- Identification, Authentication, Authorization, and Accountability
- Identification
- Authentication
- Authorization
- Accountability
- Privacy's Relationship to Information Assurance
- Assets, Threats, Vulnerabilities, Risks, and Controls
- Common Threats
- Vulnerabilities
- Controls
- Cryptology
- Codes and Ciphers
- Further Reading
- Critical Thinking Exercises
- Chapter 5 Organizations Providing Resources for Professionals
- Organizations Providing Resources for Professionals
- (ISC)2 International Information System Security Certification Consortium
- Computing Technology Industry Association
- Information System Audit and Control Association
- Information System Security Association
- SANS Institute
- Disaster Recovery Institute, International
- Business Continuity Institute
- Deciding Among Certifications
- Codes of Ethics
- Further Reading
- Critical Thinking Exercises
- Chapter 6 Information Assurance Management System
- Security Considerations for the Information Asset Life Cycle