Book Details:
Pages: | 896 |
Published: | Apr 03 2013 |
Posted: | Nov 19 2014 |
Language: | English |
Book format: | PDF |
Book size: | 23.59 MB |
Book Description:
Develop and implement an effective end-to-end security program Today's complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security-from concepts to details-this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional. Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You'll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike. Understand security concepts and building blocks Identify vulnerabilities and mitigate risk Optimize authentication and authorization Use IRM and encryption to protect unstructured data Defend storage devices, databases, and software Protect network routers, switches, and firewalls Secure VPN, wireless, VoIP, and PBX infrastructure Design intrusion detection and prevention systems Develop secure Windows, Java, and mobile applications Perform incident response and forensic analysis
Careers in Information Security
The role of an information security (or assurance) auditor is vital for identifying security gaps in an organisation's information systems. This practical book gives an excellent introduction to the role, covering areas such as purpose, required skills, responsibilities, interface and career progression as well as tools, standards and frameworks related to the role. It gives practical guidance to those new to the role or interested in developing a better understanding of what it entails....
Building an Information Security Risk Management Program from the Ground Up
The goal of Security Risk Management is to teach you practical techniques that will be used on a daily basis, while also explaining the fundamentals so you understand the rationale behind these practices. Security professionals often fall into the trap of telling the business that they need to fix something, but they can't explain why. This book will help you to break free from the so-called "best practices" argument by articulating risk exposures in business terms. You will learn techniques for how to perform risk assessments for new IT projects, how to efficiently manage daily risk activities, and how to qualify the current risk level for presentation to executive level management. While other books focus entirely on risk analysis methods...
'It is about time that a book like The New School came along. The age of security as pure technology is long past, and modern practitioners need to understand the social and cognitive aspects of security if they are to be successful. Shostack and Stewart teach readers exactly what they need to know--I just wish I could have had it when I first started out.' --David Mortman, CSO-in-Residence Echelon One, former CSO Siebel Systems Why is information security so dysfunctional? Are you wasting the money you spend on security? This book shows how to spend it more effectively. How can you make more effective security decisions? This book explains why professionals have taken to studying economics, not cryptography--and why you should, too. And why securit...
Strategies, Tactics, Logic and Framework
What do information security and the art of war have in common? The answer, this book argues, is a great deal. Although the authors have an expert technical knowledge of information security, they strongly believe that technical and procedural measures cannot offer a solution on their own. Information security is not painting by numbers. You can tick all the right boxes and acquire the latest technology, and you may fail all the same. This is because information security is ultimately a human problem, not a technical one. In the end, the threats to your information security come from human beings, not from machines. Although one problem you will face is simple human error, the major threat to your business information is from the criminal. Cybercrime...
2007 - 2021 © eBooks-IT.org