Managing Information Security.Material type: TextSeries: eBooks on DemandPublisher: Burlington : Elsevier Science, 2014Description: 1 online resource (321 p.)ISBN: 9781597495349Subject(s): Computer networks - Security measures | Computer networks -- Security measures | Computer networks | Computer security - Management | Computer security -- Management | Computer securityGenre/Form: Electronic books.Additional physical formats: Print version:: Managing Information SecurityDDC classification: 005.8 LOC classification: QA76.9.A25 M31845 2010Online resources: Click here to view this ebook.
|Item type||Current location||Call number||URL||Status||Date due||Barcode|
|Electronic Book||UT Tyler Online Online||QA76.9.A25 M31845 2010 (Browse shelf)||http://uttyler.eblib.com/patron/FullRecord.aspx?p=535284||Available||EBL535284|
Front Cover; Managing Information Security; Copyright; Dedication; Contents; Foreword; Acknowledgments; About the Editor; Contributors; Introduction; Organization of this Book; Chapter 1: Information Security Essentials for IT Managers: Protecting Mission-Critical Systems; 1. Information Security Essentials for IT Managers, Overview; Scope of Information Security Management; CISSP 10 Domains of Information Security; What Is a Threat?; Common Attacks; Impact of Security Breaches; 2. Protecting Mission-Critical Systems; Information Assurance; Information Risk Management
Administrative, Technical, and Physical ControlsRisk Analysis; Defense in Depth; Contingency Planning; An Incident Response (IR) Plan; Business Continuity Planning (BCP); 3. Information Security from the Ground Up; Physical Security; Facility Requirements; Administrative, Technical, and Physical Controls; Data Security; Data Classification; Access Control Models; Systems and Network Security; Host-Based Security; Network-Based Security; Intrusion Detection; Intrusion Prevention; Business Communications Security; General Rules for Self-Protection; Handling Protection Resources
Rules for Mobile IT SystemsOperation on Open Networks; Additional Business Communications Guidelines; Wireless Security; Access Control; Confidentiality; Integrity; Availability; Enhancing Security Controls; Web and Application Security; Web Security; Application Security; Security Policies and Procedures; Security Employee Training and Awareness; The 10 Commandments of SETA; 4. Security Monitoring and Effectiveness; Security Monitoring Mechanisms; Incidence Response and Forensic Investigations; Validating Security Effectiveness; Vulnerability Assessments and Penetration Tests
Further ReadingReferences; Chapter 2: Security Management Systems; 1. Security Management System Standards; 2. Training Requirements; 3. Principles of Information Security; 4. Roles and Responsibilities of Personnel; 5. Security Policies; 6. Security Controls; 7. Network Access; 8. Risk Assessment; 9. Incident Response; 10. Summary; Chapter 3: Information Technology Security Management; 1. Information Security Management Standards; Federal Information Security Management Act; International Organization for Standardization; Other Organizations Involved in Standards
2. Information Technology Security AspectsSecurity Policies and Procedures; Security Organization Structure; End User; Executive Management; Security Officer; Data/Information Owners; Information System Auditor; Information Technology Personnel; System Administrator; IT Security Processes; Processes for a Business Continuity Strategy; Processes for IT Security Governance Planning; Rules and Regulations; 3. Conclusions; References; Chapter 4: Identity Management; 1. Introduction; 2. Evolution of Identity Management Requirements; Digital Identity Definition; Identity Management Overview
<i>Managing Information Security</i> offers focused coverage of how to protect mission critical systems, how to deploy security management systems, IT security, ID management, intrusion detection and prevention systems, computer forensics, network forensics, firewalls, penetration testing, vulnerability assessment, and more. It offers in-depth coverage of the current technology and practice as it relates to information security management solutions. Individual chapters are authored by leading experts in the field and address the immediate and long-term challenges in the authors' respective ar
Description based upon print version of record.